Registrar Influence on the Domain Security Posture of the Forbes Global 2000

Registrar Influence on the Domain Security Posture of the Forbes Global 2000

In our 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning.

On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars.

There’s a 52% adoption of registry locks among companies using enterprise-class registrars versus only 4% among companies using consumer-grade ones.

Across all security controls, we observed greater adoption among companies that use enterprise-class registrars compared to those using consumer-grade. This is especially apparent for the adoption of registry locks, as most consumer-grade registrars do not support such locks.

Furthermore, some industries have found themselves more in the spotlight because of COVID-19. Those industries are healthcare equipment and services, drugs and biotechnology, chemical, and household and personal products. The increased demand on all of these industries over the past year and a half have made them key targets for cyber criminals. So it’s highly concerning that these industries still appear in the middle-to-lower half of the risk mitigation effectiveness scale.

On average, only one in four organizations within these industries adopt registry locks, which prevents domain name hijacking and unauthorized changes to domain name system (DNS). But perhaps the low adoption of these protocols is not surprising, considering 32-48% of companies within these industries are using consumer-grade registrars, which don’t offer DNS security extensions (DNSSEC), registry locks, or certificate authority authorization (CAA) records as standard.

Domain security is the missing link in most cyber security strategies. Using the best-in-class security measures for your domains can help prevent phishing attacks, BEC, and ransomware in their early stages.

Many industry experts have emphasized that it’s very important to maintain strong cyber hygiene. Domain security is a prime example where companies are falling short. All companies in all industries should adopt a multi-layer defense-in-depth approach for domain security, starting with working with an enterprise-class provider.

Get all our recommendations in the 2021 Domain Security Report.