Red Sift Study: Europe’s Cyber Security Firms Fail Email Security Basics
By TDE News Desk - June 6, 2018
74% of this year’s Infosecurity Europe exhibitors aren’t protecting their own email domains from being spoofed
London, UK: At this year’s Infosecurity Europe (June 5 to 7) event in London, Red Sift, a data-driven cyber security platform, released its research analysis uncovering the disconcerting reality that three quarters of the industry leaders at the conference are falling short on essential email authentication measures, leaving their trusted brands open to email spoofing.
Red Sift conducted an analysis of the 372 companies exhibiting at Infosecurity Europe 2018 mid-May, and studied the DMARC records for exhibitors’ primary email domains. The analysis found that of the 372 security solutions vendors busily advising users on cyber security best practices, 74% aren’t taking the right steps to implement government-backed email defence, DMARC (Domain-based Message Authentication, Reporting and Conformance) to protect their own domains from email fraud. This ‘oversight’ is made all the more pertinent given recent research from Cofense (who, for the record, holds valid DMARC records) revealed 91% of cyber attacks start with email impersonation.
DMARC is an essential protocol that has been lauded by the National Cyber Security Centre as the most effective defence against email impersonation and therefore phishing. Red Sift used the annual Infosec event to look for evidence of DMARC implementation amongst attendees, however the research painted a faintly embarrassing picture:
Fail: 74% of exhibitors do not have DMARC in place
Must try harder: 9 organizations have tried to implement DMARC, but have been unsuccessful
Valiant effort: 17% have implemented DMARC at the monitoring level – fraudulent emails will still make it to the inbox
Almost there: 4% have implemented DMARC at the quarantine level – fraudulent emails will still make it to the Spam / Junk folder
Hooray!: 5% have implemented DMARC at the reject level – fraudulent emails are stopped at the gateway
“Infosecurity Europe is one of the highlights of the cyber security calendar. We’re star struck to be in such prestigious company, which is why our DMARC discovery feels like one of those moments you learn your all-time-hero thinks The Matrix is a documentary!” said Rahul Powar, CEO, Red Sift. “These events are timely reminders for firms to get their own houses in order. Global DMARC adoption is fairly low, which is why we’re here at the event to raise awareness and hopefully inspire more organizations to stamp out this vulnerability.”
London-based SaaS startup, Red Sift is a data-driven cyber security platform that uses machine learning to help organizations of all sizes and sectors address day-to-day security challenges, future-proofing businesses for the digital age. Its platform analyzes and synthesizes data from core business processes like email to provide a dashboard of cyber security tools that help users to better manage their online security, thus delivering actionable cyber security insights to its global customers.
