Agencies implement DMARC protocol to gain compliance and protection for email threats
Email attacks, including spam and phishing, have long been a favorite target for malicious actors operating on the internet. The volume and sophistication of attacks continue to increase each year. In fact, according to the FBI's Internet Crime Complaint Center (IC3) complaint information and updated statistical data for the time frame October 2013 to May 20181, there have been over 78,617 reported incidents of Business E-mail Compromise (BEC)/E-mail Account Compromise (EAC) and an estimated exposed dollar loss of $12,536,948,299 world wide2 and tactics are continuing to grow and evolve.
Within the Government sector, the threats are significant, and hackers covet having the potential to access sensitive government data, secure intellectual property for financial gain, or even conduct terrorist attacks. In October 2017, the U.S. Department of Homeland Security issued Binding Operational Directive 18-01, which requires the adoption of DMARC by federal civilian domains. DMARC (Domain-based Message Authentication, Reporting and Conformance) is a protocol used for email-validation, policy and reporting. As attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware, it is more important than ever for agencies to implement DMARC protocol and gain compliance and protection against advanced multi-stage threats that exploit email to access IT environments.
This past December, Department of Commerce awarded a $10M contract to four companies to provide DMARC Email Security Software. FCN Inc. has partnered with Forcepoint to enable Department of Commerce to deploy Forcepoint Email Security. FCN, a small woman owned value added reseller, has been working with the Federal Government for almost 30 years. They currently have two active BPAs with Commerce. They also have one for Network Infrastructure called The Strategic Sourcing Initiative (Contract YA 1323-14-BU-0004).
Forcepoint’s Email Security, recently ranked a Top Player for Email Security, checks all inbound email for DMARC validation, has easy to set policies, aggregates failure reports, and manages DKIM signing for outbound email messages helping agencies achieve full compliance with DMARC standards. In addition, advanced defense technologies like real-time behavioral sandboxing, enterprise-class data loss prevention (DLP), pull encryption, and phishing education services prevents leaks of sensitive information. Forcepoint Email Security also supports a range of physical and virtual appliances to leverage existing hardware, cloud deployment, or hybrid environments or can enhance Microsoft Office 365 built-in security capabilities for superior email protection.
DKIM settings in Forcepoint Email Security
To learn more about Forcepoint Email Security or request a demo visit https://www.forcepoint.com/product/email-security or contact:
1 Federal Bureau of Investigation Public Service Announcement (2018, July 12). Business E-mail Compromise the 12 Billion Dollar Scam. Retrieved from https://www.ic3.gov/media/2018/180712.aspx
2 Exposed dollar loss includes actual and attempted loss in United States dollars.