As phishing continues to be the top attack method for cyber criminals to infiltrate the networks of healthcare organizations to steal medical data, personal identifiable information and deploy ransomware, the Cybersecurity and Infrastructure Security Agency (CISA) has published a DMARC fact sheet relative to healthcare organizations.
In the publication, CISA recognizes that “DMARC removes guesswork from the receiver’s handling of emails from non-authoritative email servers, reducing the user’s exposure to potentially fraudulent and harmful messages. A DMARC policy allows a sender to indicate that their emails are protected by Sender Policy Framework (SPF) and/or Domain Keys Identified Message (DKIM), both of which are industry-recognized email authentication techniques.”
A recent study illustrates how prone healthcare organizations are to phishing. Researchers studied email practices in healthcare and discovered that one in seven phishing emails were opened by employees. Those odds point to the need for a multifaceted approach to email security, including employee training and utilizing email authentication best practices.
Want to continue the conversation? Head over to the dmarcian Forum