Forbes Global 2000 companies are failing to adopt key domain security measures, exposing them to significant security risks, according to CSC’s Domain Security Report 2022. The enterprise-class domain registrar and Domain Name System (DNS) threats mitigator found that 75% of Global 2000s have implemented fewer than half of all domain security measures with Domain-based Message Authentication, Reporting, and Conformance (DMARC), the only domain security measure with significantly increased adoption since 2020. The data follows Akamai research from August, which discovered increased malicious domain activity and phishing toolkit reuse based on DNS data.
Adoption of recommended domain security measures by Global 2000 companies has been slow in the last couple years, CSC stated. Measures such as DNS redundancy, registry lock, Certificate Authority Authorization (CAA) records, and DNS Security Extensions (DNSSEC) have seen only very modest growth since 2020. “With the risks of not having domain security in place potentially leading to phishing or ransomware attacks, and many other cyberthreats, we hoped to see a higher implementation of some of these security measures,” the report read.