Business Wire

2022 CSC Domain Security Report Finds Nearly Three Quarters of Global 2000 Companies are at Alarmingly High Risk of Exposure to Security Threats

Share

CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, today released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures.

In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands. The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. Homoglyph domains are just some of the endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.

Additional key takeaways from CSC’s research include:

  • 137 companies (6.8%) had a domain security score of “0”
    Not deploying any of the recommended domain security measures puts these companies at risk for a variety of attacks, including but not limited to domain and DNS hijacking attacks, network and data breaches, phishing and ransomware attacks, and business email compromise (BEC).
  • 45% of companies that use enterprise-class domain registrars also deploy registry lock
    Registry lock is a highly cost-effective means to protect domain names against accidental or unauthorized modifications or deletions. Only 5% of companies that use consumer-grade registrars have registry lock deployed. Additionally, only six organizations within the Global 2000 had the highest overall domain security score, which correlates with their use of an enterprise-class registrar.
  • DMARC is the only domain security measure with significantly increased adoption this year
    Given all the news about phishing attacks—including their increase in volume and complexity—it’s no surprise that domain-based message authentication, reporting, and conformance (DMARC) adoption has increased by 12 percentage points in the last 12 months. However, growth in other domain security measures, such as registry lock, domain name system (DNS) redundancy, DNS security extensions (DNSSEC), and certificate authority authorization (CAA) records saw limited increases year-over-year.

“This report shows that while some progress has been made, a majority of the companies listed in the Forbes Global 2000 are still overlooking full implementation of foundational domain security measures,” says Mark Calandra, president of CSC’s Digital Brand Services. “A focus on securing legitimate domains while monitoring for malicious domains in parallel needs to be a bigger priority for companies that are advocating for a Zero Trust model to stay protected and thwart cyber risk. Otherwise, companies are exposing themselves to significant enterprise risks that can impact their cyber security posture, data protection, intellectual property, supply chains, consumer safety, revenue, and reputation.”

CSC’s report also found that 82% of the third parties registering homoglyph domains are actively masking their identity. This demonstrates the attempt to hide their ownership, showing they may have some nefarious intentions. Additionally, 48% have MX records in 2022, compared to 43%in 2021. MX records can be used to send phishing emails or to intercept email.

To learn more about CSC’s approach to domain security, visit cscdbs.com. Download the Domain Security Report now at cscdbs.com/securityreport.

About CSC

CSC is the trusted security and threat intelligence provider of choice for the ForbesGlobal 2000 and the 100 Best Global Brands® in enterprise domain names, domainname system (DNS), digital certificate management, as well as digital brand andfraud protection. As global companies make significant investments in their securityposture, CSC can help them understand known cybersecurity oversights that exist,and help them secure their online digital assets and brands. By leveraging CSC’sproprietary technology, companies can solidify their security posture to protectagainst cyber threat vectors targeting their online assets and brand reputation,helping them avoid devastating revenue loss, and significant financial penaltiesbecause of policies like the General Data Protection Regulation (GDPR). CSC alsoprovides online brand protection—the combination of online brand monitoring andenforcement activities—taking a holistic approach to digital asset protection, alongwith fraud protection services to combat phishing. Headquartered in Wilmington,Delaware, USA, since 1899, CSC has offices throughout the United States, Canada,Europe, and the Asia-Pacific region. CSC is a global company capable of doingbusiness wherever our clients are—and we accomplish that by employing experts inevery business we serve. Visit cscdbs.com.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

For more information:
Steve Bosk
W2 Communications
CSC@w2comm.com
CSC News Room

About Business Wire

Business Wire
Business Wire
24 Martin Lane
EC4R 0DR London

+44 20 7626 1982http://www.businesswire.co.uk

(c) 2018 Business Wire, Inc., All rights reserved.

Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Datopotamab Deruxtecan Showed Encouraging and Durable Efficacy in Patients with Heavily Pretreated HR Positive, HER2 Low or Negative Metastatic Breast Cancer9.12.2022 00:00:00 CET | Press release

Initial results from the TROPION-PanTumor01 phase 1 trial of datopotamab deruxtecan (Dato-DXd) showed encouraging and durable efficacy in patients with heavily pretreated hormone receptor (HR) positive, HER2 low (immunohistochemistry [IHC] 1+ or IHC 2+/in-situ hybridization [ISH]-) or HER2 negative (IHC 0) unresectable or metastatic breast cancer. Safety data were consistent with previous trials of datopotamab deruxtecan. Results were presented today as a Spotlight Poster Discussion (Abstract #PD13-08) at the 2022 San Antonio Breast Cancer Symposium (#SABCS22). Datopotamab deruxtecan is a specifically engineered TROP2 directed DXd antibody drug conjugate (ADC) being jointly developed by Daiichi Sankyo (TSE: 4568) and AstraZeneca (LSE/STO/Nasdaq: AZN). Approximately 70% of breast cancer tumors are considered HR positive and HER2 low or negative.1 For patients with HR positive, HER2 low or negative metastatic breast cancer that progress on or are not suitable candidates for endocrine the

TreviPay Acquires Apruve8.12.2022 23:45:00 CET | Press release

TreviPay, a leader in global B2B payments and invoicing solutions, today announced the signing of a definitive agreement to acquire payment platform Apruve. Apruve offers a robust suite of payment solutions for global enterprises that will complement and expand on TreviPay’s existing order-to-cash technology offerings, merchant invoicing solutions, and the geographical reach of TreviPay’s existing B2B networks. TreviPay has experienced unprecedented demand from global enterprise buyers and sellers resulting in 30% organic growth in 2022, and this acquisition furthers TreviPay's plans to expand its order-to-cash technology offerings and B2B payment network. This acquisition builds on TreviPay’s recent purchase of Baton Financial Services. “TreviPay provides payment and invoicing solutions for a number of leading manufacturers and OEMs; the acquisition of Apruve will accelerate our advancement in the technology manufacturing vertical and expand our geographic reach into key Asian markets

Ipsen Provides Update On Phase III CONTACT-01 Trial Evaluating Cabozantinib in Combination With Atezolizumab in Patients With Metastatic Non-small Cell Lung Cancer Previously Treated With Immunotherapy and Chemotherapy8.12.2022 22:05:00 CET | Press release

Regulatory News: Ipsen (Euronext: IPN; ADR: IPSEY) announced today that the CONTACT-01 study did not meet its primary endpoint of overall survival (OS) at the final analysis. CONTACT-01 is a phase III clinical trial evaluating Cabometyx® (cabozantinib) in combination with atezolizumab (Tecentriq®) versus docetaxel in patients with unmutated metastatic non-small cell lung cancer (NSCLC) who experienced disease progression on or after treatment with an immune checkpoint inhibitor and platinum-containing chemotherapy. Howard Mayer, M.D., Executive Vice President, Head of Research and Development at Ipsen, said: “The results from the CONTACT-01 clinical trial have shown the challenge of treating NSCLC patients after prior lines of treatment have failed. While the findings of the study have not met the primary endpoint in this setting, we remain confident in the clinical efficacy of cabozantinib alone and in combination with another treatment in existing indications in difficult-to-treat tu

Verisign Reports Internet Has 349.9 Million Domain Name Registrations at the End of the Third Quarter of 20228.12.2022 21:57:00 CET | Press release

VeriSign, Inc. (NASDAQ: VRSN), a global provider of domain name registry services and internet infrastructure, today announced that the third quarter of 2022 closed with 349.9 million domain name registrations across all top-level domains, a decrease of 1.6 million domain name registrations, or 0.4%, compared to the second quarter of 2022.1,2 Domain name registrations have increased by 11.5 million, or 3.4%, year over year.1,2 The .com and .net TLDs had a combined total of 174.2 million domain name registrations in the domain name base3 at the end of the third quarter of 2022, a decrease of 0.2 million domain name registrations, or 0.1%, compared to the second quarter of 2022. The .com and .net TLDs had a combined increase of 2.1 million domain name registrations, or 1.2%, year over year. As of Sept. 30, 2022, the .com domain name base totaled 160.9 million domain name registrations, and the .net domain name base totaled 13.2 million domain name registrations. New .com and .net domain

Citi Global Wealth Investments Releases Outlook 2023: Roadmap to Recovery: Portfolios to Anticipate Opportunities8.12.2022 20:07:00 CET | Press release

Citi Global Wealth Investments (CGWI) today released its Wealth Outlook 2023 (Outlook) report, titled Roadmap to Recovery: Portfolios to Anticipate Opportunities. Published twice yearly, Outlook provides in-depth insights into the global economy and financial markets for the year ahead and beyond. The latest edition’s title reflects the investing journey that CGWI envisions and the steps that investors should consider diversifying their portfolios. In 2023, CGWI predicts the weakest annual global economic growth in forty years outside of the Global Financial Crisis and the COVID shutdowns. The year ahead is likely to see: A shallow US recession and worse in some other places such as the Eurozone A recovery in Chinese growth, by contrast, as pandemic restrictions are relaxed US inflation continuing to ease, ending 2023 at around 3.5% The US Federal Reserve to start cutting interest rates by the second half of the year A 10% drop in global earnings per share Just as 2022’s global market