Curbing Email Threats & Spear Phishing The Promise & Results with DMARC



Similar documents
2015 Online Trust Audit & Honor Roll Practices Deep Dive July 7, All rights reserved. Online Trust Alliance (OTA) Slide 1

THE DMARC GUIDE. Understanding DMARC for Securing

Protect your brand from phishing s by implementing DMARC 1

Migrating to.bank A step-by-step roadmap for migrating to.bank

Internet Standards. Sam Silberman, Constant Contact

Protect Outbound Mail with DMARC

A New Way For ers To Defend Themselves Against Fraud

DMARC and your.bank Domain. September 2015 v

THE SECURITY EXECUTIVE S GUIDE TO A SECURE INBOX. How to create a thriving business through trust

This user guide provides guidelines and recommendations for setting up your business s domain authentication to improve your deliverability rating.

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Authentication Policy and Deployment Strategy for Financial Services Firms

DomainKeys Identified Mail (DKIM) Murray Kucherawy The Trusted Domain Project

SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015

Overview An Evolution. Improving Trust, Confidence & Safety working together to fight the beast. Microsoft's online safety strategy

SCORECARD MARKETING. Find Out How Much You Are Really Getting Out of Your Marketing

Security - DMARC ed Encryption

DMA s Authentication Requirement: FAQs and Best Practices

Evaluating DMARC Effectiveness for the Financial Services Industry

DMARC. How. is Saving . The New Authentication Standard Putting an End to Abuse

AntiSpam. Administrator Guide and Spam Manager Deployment Guide

Sender Authentication Technology Deployment and Authentication Identifiers

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Malicious Mitigation Strategy Guide

BitSight Insights Global View. Revealing Security Performance Metrics Across Major World Economies

Marketing Workshop

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Spear Phishing. October 12, 2015 TLP: WHITE.

The What, Why, and How of Authentication

Threat Spotlight: Angler Lurking in the Domain Shadows

Marketing 201. How a SPAM Filter Works. Craig Stouffer Pinpointe On-Demand cstouffer@pinpointe.com (408) x125

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

The Anti-Phishing/Anti-Spoofing Guide: What Every Marketer Should Know About Brand Protection and Securing the Channel GET MORE INFO

Using Security to Protect Against Phishing, Spam, and Targeted Attacks: Combining Features for Higher Education

How To Secure A Website With A Password Protected Login Process (

DST . Product FAQs. Thank you for using our products. DST UK

Secure Your Mobile Workplace

FY15 Quarter 1 Chief Information Officer Federal Information Security Management Act Reporting Metrics V1.0

DKIM Enabled Two Factor Authenticated Secure Mail Client

MDaemon Vs. Microsoft Exchange Server 2013 Standard

I N T E L L I G E N C E A S S E S S M E N T

DomainKeys Identified Mail DKIM authenticates senders, message content

BITS SECURITY TOOLKIT:

Reputation Metrics Troubleshooter. Share it!

How To Prevent Hacker Attacks With Network Behavior Analysis

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

DRAFT NIST Special Publication Trustworthy

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Cyber Security for your Connected Health Device

2011 Forrester Research, Inc. Reproduction Prohibited

CSUF Tech Day Security Awareness Overview Dale Coddington, Information Security Office

Migration Project Plan for Cisco Cloud Security

How to Build an Effective Mail Server Defense

How To Protect Your Organization From Insider Threats

Protecting Your Organisation from Targeted Cyber Intrusion

. Daniel Zappala. CS 460 Computer Networking Brigham Young University

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION

IronPort Authentication

Information Security Field Guide to Identifying Phishing and Scams

Deliverability Counts

Do not forget the basics!!!!!

DNS Firewalls with BIND: ISC RPZ and the IID Approach. Tuesday, 26 June 2012

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Jim Bray, Cyber Security Adviser InfoSight, Inc.

Table of Contents. Introduction. Audience. At Course Completion

Quick Heal Exchange Protection 4.0

Configuration Information

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

SIP Security Controllers. Product Overview

Gain a New Level of Trust with Extended Validation SSL Certificates

Security 8.0 Administrator s Guide

Dell SonicWALL Hosted Security. Administration Guide

Instructions for Configuring Microsoft Exchange 2007/2010 for smarshencrypt

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Transcription:

SESSION ID: TECH-W03 Curbing Email Threats & Spear Phishing The Promise & Results with DMARC MODERATOR: Craig Spiezle Executive Director & President Online Trust Alliance @otalliance PANELISTS: Pat Peterson Chief Executive Officer, Agari J. Trent Adams Sr. Internet Security Advisor, PayPal John Scarrow General Manager, Online Security Services Microsoft Corporation

Overview Problem & challenge Email as a threat vector Email Authentication Overview All Published RFC s SPF Authorizing the servers DKIM Authenticating the message DMARC Policy and Reporting Case Studies; Where Are we Today? Apply What You have Learned 2

Problem 3

Attack Impact Anthem Data Breach 80M Consumer Records Compromised THE 1-2 PUNCH 18% success rate of phishing 14.5 Million Victims 25 th February - ATTORNEY GENERALS ISSUES WARNING IN 10 STATES 400 Brands, 50% New Targeted by Malicious Email Every Quarter 4

What is DMARC? Domain-based Message Authentication, Reporting & Conformance Specification to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols. Standardizes how email receivers perform email authentication using the well-known SPF and DKIM mechanisms 5

6 Email Authentication Overview SPF DKIM Authenticates Message Path Authorized senders in DNS Authenticates Message Content Public encryption keys in DNS DMARC Consistency A method to leverage the best of SPF and DKIM Policy Senders can declare how to process unauthenticate d email Visibility Reports on how receivers process received email Aggregated Insights Telemetry into your mail streams (RUA) Failure & Spoofed email reports (RUF)

DMARC Who should care 83% CISO CMO 42% of CISO s that agree brand protection is their responsibility. Secure Protect Respond Acquire Retain Monetize of consumers less likely to do business with you following an email attack Cloudmark Study CSO magazine's annual State of the CSO survey Loyal Brand Advocate

DMARC Solving the problem Success criteria reduce hijacked accounts Reject policies on 35 active and 3000+ defensive domains Rejected 30M emails within days the majority of them having Cryptolocker

Activity Case Study These truths are self-evident: Email must be protected as a trusted channel of communication. Email protection extends beyond our direct control. No single solution to protect email. Failing to protect email results in measurable losses. Activity Drops After Phishing Incident Incident Time

Proof Points PayPal noticed 70% drop in reported phishing within the US following the publication of the DMARC specification. 1 DMARC drove a 14% reduction in detected phishing in 2014 vs. 2013 as measured against organizations within the Financial Sector. 2 DMARC effectively protects ~80% of PayPal customers from spoofed domain email. 3 1. PayPal data for 2012-2014 2. Kaspersky Lab Report: http://bit.ly/kaspersky-financial_cyberthreats_2014 3. PayPal data as of March, 2015

Where Are We Today? 2013 2014 2015 DMARC R/Q DMARC R/Q DMARC R/Q FDIC 100 13.0% 2.0% 21.0% 2.0% 24.0% 6.0% IR 500 3.0% 0.1% 6.2% 2.0% 9.4% 2.4% Federal 50 4.0% 0.0% 6.0% 0.0% 12.0% 2.0% Social 50 22.0% 14.0% 36.0% 18.0% 46.0% 26.0% Source: OTA Analysis as of April 9, 2015. IR 500 (Internet Retailer Top 500, Social (gaming, social, dating, storage and other top visited sites excluding content, banking and commerce) sites. DNS validator tool https://otalliance.org/resources/spf-dmarc-record-validator R/Q Reject or quarantine policy Lists updated as of April 9, 2015 based on current rankings. See https://otalliance.org/honorroll for details. 11

But DMARC Coverage Varies DMARC protection requires mailbox provider adoption to be effective. Coverage varies by region, driven by the top 5 regional mailbox providers. US coverage is the strongest: ~85% Global average: ~63% Germany has the lowest: ~30%

Apply What You Have Learned Today Within 1 week Publish a DMARC p=none Policy (aka. monitor only ) Within 30 days Compete a audit of all domains Evaluate Email Flows + Threats Lock Down Defensive & Parked Domains Pressure MTA / enterprise vendors to support email authentication Within 90 days Implement SPF & DKIM on all domains and subdomains SPF -all Record Move to DMARC p=reject if / when necessary

Resources Email Security & Integrity Resources https://otalliance.org/resources/email-security https://otalliance.org/dmarc Agari http://agari.com/ Online Trust Audit & Honor Roll https://otalliance.org/honorroll Symantec http://www.symantec.com/email-security-cloud/?fid=symantec-cloud

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information