Gartner recommends DMARC as a High Priority Security Project for 2020-2021
Amid an incomparable shift in the digital security landscape, Gartner has released its list of critical security projects for 2020-2021 with a focus on driving business value and decreasing risk. Recognizing that email continues to be the top threat vector, one of those priorities is DMARC.
Arguably the world’s leading research and advisory company, Gartner provides information, advice and tools for leaders in IT, finance, HR, customer service and support, communications, legal and compliance, marketing, sales, and supply chain functions. They annually release what they consider to be their top 10 security projects, based on their forecasts, and this year they have adjusted for the impact of COVID-19.
Organizations use email as the single source of verification, and users struggle to determine real messages from fakes. DMARC, or domain-based message authentication, reporting and conformance, is an email authentication policy. DMARC is not a total solution for email security, and should be one piece of a holistic security approach. However, it can offer an additional layer of trust and verification with the sender’s domain. DMARC can help domain spoofing but will not address all email security issues.Gartner Top 10 Security Projects for 2020-2021
We view DMARC as a foundational piece of a comprehensive security footprint. With it in place, you can gain a holistic view of how your organization’s email domains are being used across the internet. You’ll be able to identify malicious actors exploiting your domain, as well as shadow IT that can increase exposure to vulnerabilities.
The ability to oversee and control your domains allows for a more layered approach in protecting one of your most important assets: email. The acceleration of the digital transformation from COVID-19 has caused a sharp rise in the remote workforce, which greatly increases the opportunities for phishing exploits such as Business Email Compromise and Vendor Email Compromise.
Before the pandemic, most enterprises designed their risk appetites around the assumption that remote working was the exception, rather than the norm. When that scenario was flipped, risks such as always-on VPNs and bring-your-own-device, which were previously a lower priority for security leaders, suddenly became top of mind. This forced security teams to rapidly reassess their enterprise’s risk landscape and deploy new solutions and policies accordingly.Jonathan Care, Gartner Senior Research Director
If you haven’t begun your DMARC project, sign up for a free trial here.
Want to continue the conversation? Head over to the dmarcian Forum.