Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification, and threat analytics
While 79 percent say their organizations experienced a serious data breach or cyberattack during the past 12 months, only 29 percent are taking significant steps to prevent phishing and email impersonation. However, 65 percent are likely to implement an automated DMARC enforcement solution if it stopped impersonation attacks.
Email fraud is the leading weapon with which hackers infiltrate networks. It’s not just a social engineering problem: There are technical controls, known as email authentication, that can help mitigate the email fraud threat, but only a tiny percentage of domain owners are taking advantage of them.
ValiMail’s analysis of the most popular 1 million global domains shows that most domain owners have not attempted to implement fraud protection through the latest and most complete form of protection, DMARC. Of those that have attempted DMARC, only 23 percent are actually achieving protection from fraud.
ValiMail attributes these shortfalls in adoption to the difficulty that domain owners have in fully implementing and maintaining DMARC and its underlying standards (SPF, DKIM), particularly in complex environments where companies use many different cloud-based email services (often without full knowledge of IT staff).
ValiMail’s 21-page report is the most comprehensive survey of the state of email authentication to date, with exclusive data on the vulnerability to email fraud of the most popular 1 million domains. Plus: Drill-downs into the vulnerability of key sectors, including the NYSE, NASDAQ, Fortune 500, banks, health care, technology, and Crunchbase unicorns.
Paul Myer talks w/Sean Martin during Black Hat 2017, discussing securing OT, Operational Technology
As an industry, we often focus on information technology and information security. And, while the media as a whole covers stories of denial of service attacks and power grid shut-downs, as a general rule, the industry seems to be obsessed with protecting information - protecting the traditional IT systems that manage that data - intellectual property, customer data, financials, and more. However, based on a conversation I had with Paul Myer, CEO of Veracity Industrial Networks, that needs to change - we need more attention paid to the operation technology - or “OT” space. Listen in as I catch up with Paul during Black Hat 2017 - I suspect you’ll look at cybersecurity in a different way after hearing what he has to say.