Innocent insider threats: the growing threat to your company’s cyber security
A recent article by Global Banking and Finance Review highlighted how insider threats are a big weakness in businesses’ cyber security efforts. While the majority of insider threats have no malicious intent, in 2019 they cost organizations $11.45M—up 31% since 2018.
The article’s top three tips to help mitigate insider threats are:
- Use the correct technology to monitor activity and flag unusual requests or system access.
- Create comprehensive use policies, and ensure your employees know them, and are aware of any consequences for not complying.
- Give your employees continual training and education on these policies and processes, and the risks associated with scams.
If you’d like to talk to us about your monitoring programs or setting up use policies, please let your CSC representative know.
More than half of the Forbes Global 2000 Companies still use retail-grade domain registrars
Our 2020 Domain Security Report: Forbes Global 2000 discovered low adoption rates of enterprise-level domain registrars for corporations around the globe—47%, versus 53% of companies using retail domain registrars. Retail registrars, are less secure, as evidenced by past incidences and recent breaches affecting close to 20 million company accounts. The difference between a retail registrar and an enterprise-class registrar lies within the level of technology controls, accreditation, and operations processes that are in place. Read the full report to see our recommendations to implement multi-layered domain security standards.
IN THE NEWS
Amazon Web Services reports largest ever DDoS attack
AWS announced that its security service AWS Shield, blocked a 2.3TB per second attack in February 2020. According to the BBC, the previous record was 1.7Tbps. Read more.
New counterfeit crimes unit for Amazon
Amazon has established a Counterfeit Crimes Unit, which will close down those listing counterfeits on the marketplace. Read more.
General availability for .CYOU
General Availability (GA) for .CYOU opened on June 23, 2020 on a first-come, first-served basis. Its big brother .ICU (“I see you”) tops all new generic top-level domain (gTLD) registrations in the world at nearly 6.7 million. It’s likely that .CYOU will follow the same business model as .ICU. We recommend that retail-facing brands register this new gTLD as a defensive registration of their core brand name(s). For more information, or to discuss registering this new gTLD, please contact your CSC client service partner.
Grandfather registration phase for .MT
The Grandfather phase for registrations for the .MT (the country-code TLD for Malta) closes on November 26, 2020. The low cost and open eligibility criteria means that brands should be mindful of how easy it is to register a .MT domain, and consider undertaking defensive registrations of their core brand name. For more information, contact your CSC client service partner.
The following TLDs have launch phases (pre-General Availability) currently still in progress:
If you’re interested in participating in any of these launches, please contact your CSC client service partner.
If you’d like to receive a weekly update on all extensions, subscribe to our Weekly Launch Guide.
How Brexit raises risks for non-compliant .EU domain names
On June 3, 2020, EURid, the registry for .EU domains, published its timeline and action plan to withdraw and delete .EU domains registered to entities and individuals located in the U.K.
Following the .EU regulations that were published on March 29, 2019, registrations of .EU domain names may be held by EU citizens, citizens of Iceland, Liechtenstein, and Norway, independent of their place of residence—as well as organizations that are established in the EU.
Due to these regulations and subsequently Brexit Day, the day the U.K. formally left the EU, organizations that registered their .EU domains with their U.K. establishments will become non-compliant after the end of the transition period, which is from now until December 31, 2020. Read more here.
Dot Brand Insight Report, June 2020: How .SHARP surged to the top of the Alexa rankings
Despite being founded in 1912, Sharp Corporation does not own sharp.com. The domain was registered in 1994 and by Sharp Healthcare, a not-for-profit health care provider in the U.S.
Securing .SHARP was a strategic move by Sharp Corporation to lay their claim on a succinct and unique TLD name. Its subsidiary, Sharp Electronics still operates from sharpusa.com and sharptvusa.com, but Sharp Corporation has pivoted from sharp.co.jp to jp.sharp. It relies on .SHARP domains such as tw.sharp and id.sharp for other regions.
Sharp Corporation’s pivot in March 2020 to produce surgical masks in response to the COVID-19 pandemic meant traffic for the application site go.jp.sharp/mask had a large uptick, pushing jp.sharp to the top of the .BRAND Alexa chart. Read the full report here.
If you want updates directly in your inbox, sign up to receive our blog here.
Upcoming developments in CSCDomainManager
We expect to release some key enhancements to CSCDomainManager® in the second half of 2020. Firstly, we’re undertaking a complete redesign to manage domain name system (DNS) records on CSC Basic DNS services. New features include simplified single-record edits; common updates across zones in a single action; and the option to add your comments and internal change control ID for historical tracking. Additionally, we/re updating our digital certificate API so you can request, retrieve and manage your CSC-issued certificates.
LIVE: Domain Security Playbook 2020 – July 29
CSC and the .HK domain registry discuss the findings on Hong Kong-based Global 2000 companies, and take a deep dive into domain security. Register here.
LIVE: Asian Platforms in Focus: Protecting your IP on JD.com – July 30
In this webinar, special guest speaker Judy Fan of JD.com will introduce JD.com’s approach to brand protection, and how to protect your intellectual property rights more efficiently. Register here.
LIVE: The Future of Domain Management and Online Security – July 31, 2020 (in Japanese)
In this webinar, .JP domain registry, and JIPDEC, who share domain management and digital certificate best practices, plus recommendations for the future of online security in Japan. Register here.
LIVE: Cyber Security Beyond the Firewall: DNS – August 18
Together with HKIRC, DotAsia, ISOC HK, and guest ICANN’s CTO David Conrad, we’ll cover DNS threats to companies, and key security controls, especially in the Hong Kong internet space. Register here.
LIVE: Online Brand Abuse in APAC – The Landscape and its Solutions – August 19
Join this webinar with CSC and World Trademark Review. We’ll discuss fraud trends, key platforms for brand abuse, and monitoring and enforcement solutions. Register here.
LIVE: How Online Brand Protection Can Help Business Recovery Following COVID-19 – August 20 (in Mandarin)
In this webinar, with CSC and World Trademark Review, we’ll discuss how changing global market trends affect online counterfeiting and infringement, and how online brand protection strategies help promote business recovery and growth. Register here.
On-demand: Complete Brand Monitoring
You can now view our complete brand monitoring webinar on-demand here.