DMARC Adoption among Top 100 Breweries
To kick off the new year in our DMARC adoption research, we’re taking a second look at the world’s most lucrative breweries.
We first studied this cohort in 2022 and are taking another look to see how DMARC adoption and policy disposition is shaping up since the control has become necessary for big senders to reach inboxes. Spoiler alert: It is indeed shaping up.
Following are the changes we discovered among the top breweries in the last four years:
- 81% decrease in domains with no DMARC record
- 286% increase in p=none DMARC policies
- 257% increase in p=quarantine policies
- 1,400% increase in p=reject policies
With 30% of these parent domains reaching the optimal policy state of p=reject, that leaves 70% yet to take full advantage of the enforcement level needed to block phishing and spoofing. While most of the breweries now have a DMARC policy, over a quarter of them are at the monitoring policy of p=none, which provides no enforcement on emails that fail SPF or DKIM.
Need a primer on DMARC policies?
Take a look at our easy-to-understand guide.
On the bright side, the percentage decreases and increases noted above are encouraging and illustrate a substantial shift in the adoption and enforcement of DMARC email security policies since 2022.
As we’ve discussed in other adoption stories, DMARC adoption is increasing worldwide for domain owners large and small because of the following reasons:
- Stops brand impersonation – DMARC gives domain owners visibility into how a domain is used and prevents unauthorized senders from sending email on behalf of your domain.
- Makes email reliable – The foundation for dependable email delivery, DMARC with aligned SPF and DKIM is a signal to mailbox providers that an email is valid and not a hoax.
- Meets regulatory and standards guidance – DMARC is a mandatory sender requirement for major email providers and a key component of government and industry security standards.
Cyberattacks in the Brewing Industry
The history of breweries being attacked shows that these organizations are in the crosshairs of cyber criminals, especially when considering that the global beer market was valued at an estimated $881.9 billion USD in 2025.
In 2021, Lion, the owner of New Belgium, Bell’s and others, was hit with a ransomware attack that halted operations and production. That same year, Molson Coors experienced an attack that interrupted operations, production and shipping and Damm’s production at the main brewery near Barcelona dried up after a cyber attack.
In 2025, Japan’s beverage giant Asahi reported a ransomware attack that leaked the PII of over 1.5 million customers; luckily, stored payment card details were not included in the breach, according to Asahi.
“The impact to manufacturing businesses like brewers can be significantly higher as ransomware can accidentally or intentionally disrupt process controls, which is much harder to recover from than just doing a backup of the IT systems,” Phil Kernick, CSO of CyberCX, said.
Small craft breweries face the same cybersecurity landscape as larger ones, and small shops typically don’t have an internal IT security staff to keep an eye on risks. But like massive breweries, small ones are more connected than ever and online business is booming during the pandemic. Like any other organization, a data breach can cause production and delivery downtime, revenue loss and brand erosion.
After Google and Yahoo’s announced a DMARC requirement for bulk senders, Yahoo Japan announced a similar mandate.
DMARC Challenges Facing Breweries
In our research on brewery parent domains, we found that 22% lack an SPF record; another 47% suffer from faulty DMARC records, leaving a majority of domains open to email authentication failures. When we break down SPF record issues, we find that 16% have errors, 11% exceed the DNS lookup limit and 4% have invalid syntax.
How dmarcian can help
With a team of email security experts and a mission of making email and the internet more trustworthy through domain security, dmarcian can help you assess your domain catalog, deploy DMARC and manage domain security for the long haul. With our expertise and mission of DMARC for All, we can help you
- Progress safely from monitoring to enforcement with our expert guidance.
- Understand how SPF, DKIM and DMARC work, and why they are essential.
- Configure these protocols to ensure seamless email delivery.
- Monitor authentication reports to identify and resolve any issues promptly.
Want to continue the conversation? Head over to the dmarcian Forum.
