March 15, 2019

Agencies implement DMARC protocol to gain compliance and protection for email threats

Jill Bradshaw

Email attacks, including spam and phishing, have long been a favorite target for malicious actors operating on the internet. The volume and sophistication of attacks continue to increase each year.  In fact, according to the FBI's Internet Crime Complaint Center (IC3) complaint information and updated statistical data for the time frame October 2013 to May 20181, there have been over 78,617 reported incidents of Business E-mail Compromise (BEC)/E-mail Account Compromise (EAC) and an estimated exposed dollar loss of $12,536,948,299 world wide2 and tactics are continuing to grow and evolve.

Within the Government sector, the threats are significant, and hackers covet having the potential to access sensitive government data, secure intellectual property for financial gain, or even conduct terrorist attacks.  In October 2017, the U.S. Department of Homeland Security issued Binding Operational Directive 18-01, which requires the adoption of DMARC by federal civilian domains. DMARC (Domain-based Message Authentication, Reporting and Conformance) is a protocol used for email-validation, policy and reporting. As attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware, it is more important than ever for agencies to implement DMARC protocol and gain compliance and protection against advanced multi-stage threats that exploit email to access IT environments.

This past December, Department of Commerce awarded a $10M contract to four companies to provide DMARC Email Security Software.  FCN Inc. has partnered with Forcepoint to enable Department of Commerce to deploy Forcepoint Email Security. FCN, a small woman owned value added reseller, has been working with the Federal Government for almost 30 years. They currently have two active BPAs with Commerce. They also have one for Network Infrastructure called The Strategic Sourcing Initiative (Contract YA 1323-14-BU-0004).

Forcepoint’s Email Security, recently ranked a Top Player for Email Security, checks all inbound email for DMARC validation, has easy to set policies, aggregates failure reports, and manages DKIM signing for outbound email messages helping agencies achieve full compliance with DMARC standards.  In addition, advanced defense technologies like real-time behavioral sandboxing, enterprise-class data loss prevention (DLP), pull encryption, and phishing education services prevents leaks of sensitive information. Forcepoint Email Security also supports a range of physical and virtual appliances to leverage existing hardware, cloud deployment, or hybrid environments or can enhance Microsoft Office 365 built-in security capabilities for superior email protection.

DKIM settings in Forcepoint Email Security


To learn more about Forcepoint Email Security or request a demo visit or contact:


Melinda Muller




Brad Graham

FCN, Inc.



1 Federal Bureau of Investigation Public Service Announcement (2018, July 12). Business E-mail Compromise the 12 Billion Dollar Scam.  Retrieved from

2 Exposed dollar loss includes actual and attempted loss in United States dollars.


Jill Bradshaw

Jill Bradshaw is a Senior Product Marketing Manager with Forcepoint’s Global Government & Critical Infrastructure team. She has more than 15 years of experience in technology industry with focus on security and networks, the majority of that time focusing on solutions for global government...

Read more articles by Jill Bradshaw

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.