While companies are getting better at protecting assets in house or otherwise under their direct supervision, a major gap still exists that too many organizations do not consider: the identity of their domain registrar. Without this knowledge, these companies are often leaving themselves vulnerable to threats like DNS redirection, malware, registrar account takeovers, and various social engineering and phishing attacks. As to how severe this problem might be, a recent review by CPO magazine of the companies that make up the Global 2000 showed that almost three quarters of organizations had implemented less than half of domain security measures. This all points to domain security being a lower priority for most organizations, despite attacks targeting domains becoming more common.
Given how important domains are to a brand’s identity, companies need to be more aggressive with domain security, to ensure their IT, cybersecurity, or other assigned teams are fully aware of both their domain registrars, and fully understanding of who is responsible for which aspects of that domain security. This can take the forms of:
- Visibility and awareness, to identify the registrar and supporting vendors, to better understand the total attack surfaces.
- Monitoring and intelligence, to track online behaviors for faked domains which could be used to launch attacks or otherwise impersonate an organization
- Developing multi-layered defenses, including vetting of all vendors working within your cloud infrastructure
Source:
