Domain security posture of Forbes Global 2000 companies
In this Help Net Security video, Vincent D’Angelo, Global Director of Corporate Development and Strategic Alliances with CSC, analyzes the domain security of the Forbes Global 2000.
CSC’s 2024 Domain Security Report analyzes the highest and lowest-performing industries based on the adoption of domain security features like registry lock, CAA records, DNS redundancy, type of registrar, DNSSEC, SPF, DKIM, and DMARC. The top five highest-performing industries were Business Services and Supplies, IT Software and Services, Media, Retailing, Hotels, and Technology Hardware and Equipment. The lowest-performing industries were Construction, Food and Drink and Tobacco, Food Markets, Materials, and Oil and Gas Operations.
Key insights from CSC’s research include:
80% of registered web domains that resemble a Global 2000 brand do not belong to that brand. Of the 80% of homoglyph (lookalike fake) domains owned by third parties other than the Global 2000 brand owners, CSC found that 42% have MX records (email exchange records) compared with 40% in 2023. MX records can be used to send phishing emails or to intercept email.
The use of registry lock has grown by 7 percentage points since 2020, but overall adoption is low at 24%. Registry locks enable end-to-end domain name transaction security to mitigate human error and third-party risk. It’s a highly cost-effective means of protecting domain names against accidental or unauthorized modifications or deletions.
107 of the world’s largest public companies have a domain security score of zero. 5% of the Forbes Global 2000 companies do not deploy any of the recommended domain security measures and, therefore, have the highest level of risk. Based on CSC’s analysis of the adoption of key domain security measures, a security score of zero indicates no adoption of any measure, leaving those companies at the highest risk of domain security threats.
Use of DMARC has grown by 82% since 2020. In 2023, the Anti-Phishing Working Group (APWG) reported a record of almost five million logged phishing attacks, making 2023 the worst year for phishing. This rise in attacks helped increase the adoption of DMARC—an email validation system designed to protect a company’s email domain from being used for spoofing and phishing scams.