With a month left on a deadline for federal government domains to implement a key email security policy, cybersecurity company Proofpoint says agencies have made significant progress, but is doubtful that each one will actually make it in time. The Department of Homeland Security issued a binding operational directive (BOD) last year ordering all agencies to have the highest level of DMARC (Domain-based Message Authentication, Reporting and Conformance) within a year. DMARC protects domains from being spoofed via email. Without it, malicious actors can send messages that appear to be, for example, a .gov website. As part of the directive, agencies are required to have a DMARC policy of “reject” — the highest of three levels — by Oct. 16. In a report published Monday, Proofpoint notes 51.9 percent of agency domains are compliant at this point. However, that’s roughly the same assessment Agari, an email security company, put out […]
The post Proofpoint: One month out from deadline, half of agency domains are DMARC compliant appeared first on Cyberscoop.
Continue reading Proofpoint: One month out from deadline, half of agency domains are DMARC compliant→