THOUGHT LEADERSHIP FROM CSC
WEBINAR
Mitigate Risk: Automate Your Shorter Digital Certificate Life Cycles
Earlier this year, Google® announced its “Moving Forward, Together” roadmap with intent to reduce the maximum possible validity for public transport layer security (TLS) certificates, also known as secure sockets layer (SSL) certificates.
IN THE NEWS
Ihab Shraim talks with Dave Bittner from The CyberWire Daily Podcast discussing CSC’s 2023 Domain Security report
CyberWire, November 22, 2023
The interview highlights the importance of domain security for global corporations and how mitigating domain and DNS abuse is essential for your overall corporate security posture. The interview starts at 12:30.
IN THE NEWS
Cybercriminals register .AI domains of trusted brands for malicious activity
CSO Online, October 17, 2023
Third parties are registering brands under the .AI domain to launch phishing attacks or other types of brand abuse.
IN THE NEWS
Forbes Global 2000 companies overlook .AI domain security amid AI surge
SiliconANGLE, October 17, 2023
A new report from enterprise domain registrar CSC finds that despite the rapid rise of artificial intelligence, many of the Forbes Global 2000 do not control their .AI domain names or have not registered a .AI domain name for their business.
IN THE NEWS
CSC's 2023 Domain Security Report Finds Many Global 2000 Companies Neglect their .AI Domain Extensions Despite Surge in Popularity for Artificial Intelligence
VMBlog, October 17, 2023
CSC released its 2023 Domain Security Report which found that 43% of Forbes Global 2000 companies do not have control over their branded artificial intelligence (.AI) domain names, and they're actually registered by third parties.
IN THE NEWS
CSC Report Highlights Cybersecurity Threats .AI Domains Pose
Security Boulevard, October 17, 2023
An analysis published by CSC found 43% of Forbes Global 2000 companies do not have control over their branded artificial intelligence (.AI) domain names that have instead been registered by third parties.
IN THE NEWS
CSC Domain Security Report: AI interest affects domain security of globalbrands
SecurityInfoWatch, October 17, 2023
The 2023 Domain Security Report highlights how—despite rising phishing and online fraud—many companies are vastly unaware of the state of their domain name portfolio and overlook foundational domain security measures.
WEBINAR
CSC Domain Security Report 2023: How Many of the Largest Companies in the World have a Domain Security Score of “0”?
This webinar is a review of the 2023 Domain Security Report. How many companies—despite rising phishing attacks—are vastly unaware of the state of their domain name portfolio, and don’t employ foundational external cybersecurity measures, such as registry lock, DMARC, DNSSEC, and DNS redundancy?
WEBINAR
ICANN 78: Insights from the meeting in Hamburg, Germany
Join our upcoming webinar recapping the recent ICANN 78 meeting. This session will share highlights of important industry policy developments that will affect your online domain name, brand protection, and cybersecurity strategies.
WEBINAR
Mitigate Threats: Learn How to Identify Emerging High Risks With Domain Behaviors
In this webinar, subject matter expert Elliott Champion, CSC global product director, and Lan Huang, CSC cybersecurity product manager, will discuss the importance of risk scoring in the global domain name ecosystem using CSC’s DomainSecSM and 3D monitoring.
PRESS RELEASE
CSC's 2023 Domain Security Report Finds Many Global 2000 Companies Neglect Their .AI Domain Extensions Despite Surge in Popularity for Artificial Intelligence
43% of .AI domains are registered to unrelated third parties with research indicating a 350% rise in domain disputes over .AI extensions
REPORT
Domain Security Report 2023
As cybersecurity becomes more AI-powered, attacks continue to rise, making domain security an important part of a company’s highest-level cyber risk assessment.
IN THE NEWS
CyberWire Daily Podcast
The CyberWire, September 8, 2023
Elliott Champion spoke with Dave Bittner from The CyberWire on emerging threats seen coming from the Threads platform. He discusses the lifecycle of platforms and strategies for brand monitoring and enforcement [minute 15:35-22:22].
WEBINAR
.AI Domains and the Impact on Your Overall Domain Strategy and Cybersecurity Posture
The ease of being able to register an .AI domain means it’s attractive to third parties—especially threat actors. Your brand’s .AI domain in the wrong hands could put it at risk of phishing, online fraud, and website redirection.
BLOG POST
Risk vs. Benefit: The Impact of Shorter 90-Day SSL Certificate Life Cycles
While the 90-day SSL certificate life cycle offers improved security, agility, and accountability, it may pose some challenges for organizations, especially those with a large number of web properties.
IN THE NEWS
Why Instagram Threads is a Hotbed of Risks for Businesses
CSO Magazine, September 4, 2023
CSC's recent research on brand abuse and fraud included in CSO's article on the security and compliance risks targeting Threads.
IN THE NEWS
How to Ensure DNS Records Don’t Become a Security Hazard
SC Media, August 31, 2023
Our expert Mark Flegg discusses the risks associated with dangling DNS records, and provides four best practices for mitigating subdomain hijacking attacks.
BEST PRACTICE GUIDE
Secure Best Practices for Your Digital Assets
A checklist to help brand owners understand and get secure against the very real threats that exist.
A checklist to help brand owners understand and get secure against the very real threats that exist.
BLOG POST
The Emergence of .AI
The ease of being able to register a .AI domain means it’s attractive to threat actors. Your brand’s .AI domain in the wrong hands could put it at risk of phishing, online fraud, and website redirection. Register your .AI today!
BLOG POST
The Risks of Using Multiple Registrars as a Global Organization
As a global organization with a worldwide presence, there are several factors to consider when it comes to managing your online presence, including domain registration.
WEBINAR
ICANN 77: Insights from the Meeting in Washington D.C.
This session will share highlights of important industry policy developments that will affect your online domain name, brand protection, and cyber security strategies.
PRESS RELEASE
CSC Launches Groundbreaking DomaincastingSM Digital Blocking Network
Innovative New Domain Security Technology Delivers Visibility for Companies Looking to Mitigate Phishing, Brand Abuse, and Online Fraud
PRESS RELEASE
CSC Wins Hong Kong Internet Registration Corporation’s (HKIRC) Silver Award for Best Registrar in 2022
The Best Registrar awards in gold, silver, and bronze were created by the HKIRC to recognize .hk registrars who excel in promoting the .hk and .香港 domain registration efforts throughout the year.
PRESS RELEASE
New CSC Research Finds One in Five DNS Records are Susceptible to Subdomain Hijacking Due to Insufficient Cyber Hygiene
Company launches first Subdomain Monitoring solution to provide actionable intelligence on dangling DNS records.
WEBINAR
Leading-Edge Innovation for Mitigating Subdomain Hijacking Threats
A subdomain hijack is a cyber threat where attackers exploit forgotten DNS records to point to their own content, leaving the legitimate brand’s customers vulnerable to having their data stolen via re-direction to the attacker’s malware-hosting web servers.
IN THE NEWS
One in Five DNS Records are Susceptible to Subdomain Hijacking
My Tech Decisions, April 18, 2023
CSC’s latest report found that over 21% of DNS records point to content that does not resolve; thus, leaving many companies vulnerable to subdomain hijacking. Additionally, over 63% show error status codes such as “404 not found” or “502 bad gateway.” Digital records accumulate over time, and administrators who may be unaware of each domain’s history are hesitant to delete legacy records in case they’re tied to critical infrastructure. This buildup of inactive zones not pointing to content (dangling DNS) are at risk of subdomain hijacking.
IN THE NEWS
CSC Exposes Subdomain Hijacking Vulnerabilities
The CyberWire, April 18, 2023
CSC released its “Subdomain Hijacking Vulnerabilities Report” in which it shows that over 21% of the 400,000 DNS records it queried were likely vulnerable to subdomain hijacking. Subdomain hijacking occurs when threat actors take over a subdomain and use it to host their malicious content, which could lead to further threats like phishing or hosted malware. The report also showed that 63% of the queried DNS records showed a 404 “not found” or 502 “bad gateway” error.
IN THE NEWS
Four Strategies to Help Reduce the Risk of DNS Tunneling
CSO Magazine, April 13, 2023
DNS tunneling is a pervasive threat that enables hackers to get any data in and out of a company's internal network while bypassing most firewalls. The DNS translates numeric internet protocol addresses that browsers can then use to load web pages — threat actors use tunneling to exploit this process and steal data by hiding it inside DNS traffic. DNS tunneling essentially smuggles hostile traffic through DNS ports, making these attacks difficult to detect and mitigate.
IN THE NEWS
When it Comes to Your Web Domains, Put the Controls Back in Your Hands
Spamhaus, March 29, 2023
Choosing a domain name registrar may seem simple, but considering security risks in the domain and DNS ecosystem is crucial. In this blog post, Vincent D'Angelo, Global Director at CSC, shares insight into the role of domain registrars in domain ecosystem security and reputation. Discover the risks and how to enhance your organization's position proactively.
WEBINAR
Building an Effective Strategy to Bolster Your Domain Security in 2023
When companies are looking to cut back on costs, the domain portfolio can be viewed as an easy target. This short-term fix can lead to longer-term issues – and investments.
REPORT
Subdomain Hijacking Vulnerabilities Report
One in five DNS records are left in a state in which they are vulnerable to subdomain hijacking. Find out more about the current state of subdomain management.
WEBINAR
Insights from the Meeting in Cancún
Join our upcoming webinar, which gives a recap of the recent ICANN 76 Meeting. The session will share highlights of important industry policy developments that will affect your online domain name, brand protection, and cyber security strategies.
WEBINAR
Staying a Step Ahead: Protecting Your Brand From Targeted Attacks
Join our webinar, with CSC global anti-fraud product manager, Fernando Cevallos, who will discuss targeted cyberattacks and how they’re used by bad actors to siphon revenue away from trusted brands.
IN THE NEWS
Why Banking & Financial Services Organizations Must Prioritize Domain Security
Global Banking & Finance Review February 23, 2023
Banking and financial services industries are known for being at the forefront of cyber protection and innovation. Yet they are also among the most targeted by phishing attacks, social engineering, CEO fraud and business email compromise (BEC). According to the Carnegie Endowment International Peace, cyber risks to banking and financial industries have grown in recent years and is becoming more frequent, sophisticated, and destructive. One area of cybersecurity that banking and financial industries continue to struggle with is domain security.
IN THE NEWS
What CISOs Can Do About Brand Impersonation Scam Sites
Dark Reading February 3, 2023
Brand impersonation is a particularly thorny problem for CISOs. Cybercriminals piggyback off a trusted brand to push scam lures through various means to onto unsuspecting customers. Organizations should not only be watching and monitoring the domains they own, but also their domain ecosystem, says Ihab Shraim, CTO of CSC Digital Brand Services. Often larger enterprises manage thousands of domains, which can make it difficult to keep tabs on and effectively manage the entire portfolio.
IN THE NEWS
Why CISOs Should Care About Brand Impersonation Scam Sites
Dark Reading February 1, 2023
Brand impersonation can be a particularly thorny problem for CISOs. Using techniques like website spoofing through typosquatting and lookalike URLs, brand impersonation attacks often don’t attack a company's owned infrastructure — making them difficult for incident responders to detect in a SOC setting using traditional security alert tools. "The external attack surfaces for brand impersonation are built and launched entirely on the Internet," says Ihab Shraim, CTO at CSC. "Therefore, the SOC security teams do not have the specific data feeds [they need to detect impersonations]."
WEBINAR
CSC Study: Threatening Domains are Targeting the Top 10 Most Valuable Brands
CSC recently analyzed domain registration activities of the top 10 most valuable brands. The findings highlight the degree to which trusted brands can be targeted by bad actors, presenting significant threats to their security posture.
IN THE NEWS
CSC 2023 Predictions: Staying Secure in 2023 and Making it the Year of Action
VMBlog January 11, 2023
This past year we saw a shifting cybersecurity threat landscape, security breaches of major organizations, constant geopolitical challenges, repeated spikes in targeted cyber-attacks in the form of phishing and malware (ransomware), brand infringement and counterfeit, and so much more. Organizations' ability to have awareness and visibility into all of it, keep up with it, and make notable adjustments to their overall security posture and cyber risk mitigation strategies has been a constant challenge. Almost every targeted phishing and malware attack campaign begins with domain names. Therefore, part of these strategies must involve online domain security.
IN THE NEWS
Enterprise IT Predictions for 2023
Tech Beacon January 10, 2023
Sitting between what appears to be the tail end of a pandemic and the nose end of a recession, 2023 looks to be what the sports world would call a "rebuilding year" when it comes to tech infrastructure. In the face of these trends, what can IT decision makers expect? We reached out to some of TechBeacon's contributors from the past year to get their takes on what the new year will bring to the world of IT, including CSC’s CTO Ihab Shraim.
IN THE NEWS
Lack of Key Domain Security Measures Leaves Organizations at Risk
HelpNet Security December 16, 2022
In this Help Net Security video, Ihab Shraim, CTO at CSC, talks about how 75% of the Forbes Global 2000 are exposing themselves to significant enterprise risks as third parties maliciously register their brands, and they fail to implement key domain security measures.
IN THE NEWS
Christmas Warning: Threat Actors Impersonate your Favorite Brands to Attack, Finds CSC
InfoSecurity Magazine December 6, 2022
In the run-up to Christmas, one of the busiest times for online shopping and e-commerce, we are likely to see a spike in fraudulent domain name registrations. Domain provider CSC analyzed threatening domains targeting 10 of the biggest brands in the world in a report published on December 6, 2022. These include Amazon, Walmart, McDonald’s, Tencent, Google, Microsoft, Apple and Facebook.
WEBINAR
CSC Domain Security Report '22: What is the Security Maturity Level of the Forbes Global 2000?
Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. An attack on a web domain can lead to the redirection of a company’s website, domain spoofing, phishing attacks, network breaches, and business email compromise (BEC).
WEBINAR
The Latest Threat Trends in the Gaming & Software Industry and How to Prepare for Diverse Attacks
Watch our webinar featuring gaming industry experts who use case studies to introduce fundamental concepts about the challenges facing brands, how organizations address these issues, what strategies they are using, and what they need to do first.
REPORT
Threatening Domains Targeting the Top 10 Most Valuable Brands
In this research report, CSC looked at the top 10 most valuable brands and identified 8,552 unique domain names closely matching those brand names, yet 99% were found to be owned by third parties, or fake.
IN THE NEWS
Many Global 2000 Companies Lack Proper Domain Security
HelpNet Security November 28, 2022
CSC released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures. In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands.
WEBINAR
Emerging Trends and Threats in eCommerce Marketplaces and Social Media
In this webinar, three of CSC’s brand protection experts – David Barnett, Agnes Czolnowska, and Alexandra Midgley – discuss the emerging trends and threats that they’re seeing in their day-to-day work in tackling counterfeiting and IP infringements on the world’s eCommerce and social media channels.
IN THE NEWS
Most Companies on Forbes Global 2000 Yet to Adopt All Domain Security Measures
SC Media November 15, 2022
Domain registrar CSC on Tuesday reported that three out of four Forbes Global 2000 companies have implemented less than half of all domain security measures, exposing them to high security risks. The report also found that lookalike domains are also targeting these top companies, with 75% of homoglyph registrations registered to unrelated third parties. The result: many of the world’s leading brands must contend with maliciously registered domains that look like their brands.
IN THE NEWS
Global 2000 Companies Failing to Adopt Key Domain Security Measures
CSO Magazine November 15, 2022
Forbes Global 2000 companies are failing to adopt key domain security measures, exposing them to significant security risks, according to CSC’s Domain Security Report 2022. The enterprise-class domain registrar and DNS threats mitigator found that 75% of Global 2000s have implemented fewer than half of all domain security measures, with DMARC the only domain security measure with significantly increased adoption since 2020.
IN THE NEWS
Energy Crisis-Related Scams Highlight How Bad Actors Seek to Capitalize on Global Events
World Trademark Review October 17, 2022
Fraudsters can be counted on to be quick to take advantage of those who may be struggling, and the latest example is the cost-of-energy crisis. Our uncovering of related scams in the UK follows numerous previous studies illustrating how real-world events can trigger associated spikes in online infringement activity. Bad actors have instigated a range of phishing campaigns designed to harvest users’ personal information, under the guise of soliciting applications for participation into government schemes to address the cost-of-living and energy crises.
IN THE NEWS
How to Reduce the Risk of Web Domain Attacks
Risk Management Magazine September 29, 2022
As cyber risks continue to increase, organizations and cyber insurers face greater challenges in quantifying them and addressing their capacity for harm. One way that risk managers, compliance officers and other executive leaders can mitigate many of the existing and emerging attacks is to focus on an often-overlooked target in security: web domains. More than seven of 10 organizations have experienced a domain name system (DNS) attack within the last 12 months, with 58% of the impact reaching “significant” levels.
REPORT
Domain Security Report 2022
As Zero Trust models become a top defensive security strategy, 2022 has shown how critical it is to include domain security.
WEBINAR
CSC’s API: Best Practices and Benefits
In this webinar, CSC’s Global Domain Product Manager, Walt Fry is joined by our guest speaker Carlos Reyes, Cyber Security Manager at McDonald's Corporation to discuss API best practices, security benefits, and flexibility, and to share examples of how CSC’s API is being used by a major global corporation.
WEBINAR
Mitigating the Risk of Downtime Amidst an Evolving Attack Landscape
Join us for this webinar where we'll be joined by guest speakers from Neustar Security to explore DNS health and the three critical areas to protect your online presence.
WEBINAR
ICANN 75: Insights from the Kuala Lumpur Meeting
Join our upcoming webinar, which gives a recap of the recent ICANN 75 Meeting. The session will share highlights of important industry policy developments that will affect your online domain name, brand protection, and cyber security strategies.
WEBINAR
Branded Domains: Associated Phishing Trends and Risks
Join us for our monthly webinar, where we spend 30 minutes on the latest news in domain management & security, brand protection, and fraud protection.
IN THE NEWS
Online Brand Abuse is a Cybersecurity Issue
Security Boulevard July 22, 2022
Over the last two years, there has been a huge shift in the way consumers and users engage with businesses, with a significantly heavier emphasis on online activities and presence. Businesses are paying attention to these changes, but so are cybercriminals and other malicious actors, resulting in an understandable increase in internet-based crimes and infringers looking to abuse trusted brands and their reputations. This can lead to consumers losing confidence in these brands and derailing the interactions meant for the trusted organizations, resulting in lost revenue and business opportunities.
IN THE NEWS
Dubious Domain Activity Targets Supply Chain Woes
ISS Source July 18, 2022
In an effort to pounce on the low levels of baby formula issue, data from a global assessment of domain registrations since 2021 show 84 percent of baby formula-related domains were registered by third parties. The rise in fake registrations coincides with the turbulent supply chain issues the industry experienced this year, and registration characteristics appear designed to end up as attack vehicles, according to a report by CSC. CSC’s research shows 95 percent of domains registered in the same time period are tied to third parties. This assessment is part of CSC’s latest report, “Where Domain Security Meets the Supply Chain Crunch.”
WEBINAR
Where Domain Security Meets the Supply Chain Crunch
Watch our webinar, which gives a recap of CSC's recently published report on supply chain attacks.
IN THE NEWS
CSC Reports Spike in Fake Baby Formula, Semiconductor Domains
Security Boulevard July 13, 2022
A report published by CSC revealed a spike in fake domain registrations from entities attempting to leverage the ongoing shortages of baby formula and semiconductors to conduct phishing attacks and perpetrate fraud. The report found an 84% increase in baby formula-related domains registered by third parties since January of 2021 and a 95% increase in similar semiconductor industry-related domains. CSC also reported that of these domains, 26% of baby formula-related and 44% of semiconductor-related domains are configured with MX email records, a mechanism widely used by cybercriminals to disseminate phishing emails.
IN THE NEWS
Three Tips for Sharpening Up DNS Integrity
SC Magazine July 1, 2022
Mark Flegg of CSC offers three tips for helping security teams more effectively manage their DNS infrastructure. Every business depends on a series of suppliers and vendors. These relationships form supply chains that businesses deal with and have become increasingly complex, leaving organizations exposed to more risks. Research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered and confusingly similar domain name, or via email spoofing. The time of purely relying on a secure firewall for protection has receded as cyber criminals have long adjusted their attack strategy.
PRESS RELEASE
CSC’s Research Uncovers Suspicious Domain Registration Surge Amid Baby Formula Supply Chain Crisis
Third parties registering domains are attempting to mask their ownership and identity, suggesting they may have nefarious intentions.
REPORT
Where Domain Security Meets the Supply Chain Crunch
New research from CSC indicates that fraudsters took advantage of the 2022 supply chain shortages to target consumers with fake websites.
WEBINAR
ICANN 74: Insights from The Hague Meeting
Join CSC expert Gretchen Olive who will share the latest insights from the ICANN 74 meeting in The Hague.
WEBINAR
Cyber Risk and Digital Security: The Growing Impact on Today's Businesses
Join us for this webinar where we'll look at cyber risks and threats and how holistic approaches towards digital and domain security can help to mitigate the associated effects.
IN THE NEWS
Four Emerging Threats in the Domain Name Landscape
Security Magazine May 31, 2022
Since the pandemic, businesses have changed their focus, looking to a fully digitized business model. As such, the last two years have transformed nearly every business into a form of digital entity, with digital assets becoming foundational elements of business operations and deemed as important as physical assets. Unfortunately, despite web domains being the foundation of this new digital emergence, they’re often overlooked — which exposes businesses to cyber risks, as domains are a prime starting point for cyberattacks as well as brand-based fraud.
IN THE NEWS
How to Interpret the EU's Guidance on DNS Abuse Worldwide
Dark Reading April 19, 2022
When the European Union introduced General Data Protection Regulation (GDPR) guidance several years ago to address privacy concerns, it became the genesis of a worldwide movement that led to an increased focus on privacy issues. Similarly, the EU recently released guidance on a security issue that still doesn't get the focus that it should — DNS abuse. To date, there is no global consensus on what should be done to prevent or fight DNS abuse. Upholding and preserving a reliable, resilient, and secure DNS is key in maintaining the integrity of the Internet and is essential for its continuous and stable operation.
IN THE NEWS
Creating a Cost-Effective Domain Name Watching Program
World Trademark Review April 15, 2022
Read this article by CSC’s Dr David Barnett to find out why brands need a comprehensive domain monitoring program, and how to set one up cost-effectively.
IN THE NEWS
Going Phishing: Countering Fraudulent Campaigns
World Trademark Review April 15, 2022
Read this article by CSC’s Elliott Champion and Fernando Cevallos to find out more on the current phishing landscape, risks to brands, and how best to combat phishing in the early stages.
WEBINAR
Enterprise Risk Myopia: The Intersection of Security Ratings, Cyber Insurance, and Domain Names
Managing enterprise risk in an organization is as complex as it is strategic - you truly need to understand from where your largest risks originate. Security ratings and progressive cybersecurity insurance providers can help to uncover overlooked risks, such as the importance of domain name security for a company’s risk management strategy. In this webinar, CSC, SecurityScorecard, and Marsh McLennan discuss how to take an active defense posture to enhance your security and build a risk intelligence capability.
WEBINAR
3D Domain Monitoring – What It Can Do For Your Brands
View our on-demand webinar, where we spend 30 minutes on the latest news in domain management & security, brand protection, and fraud protection. In this session, we'll cover 3D domain monitoring and enforcement.
WEBINAR
Setting Up a Digital Certificate Automation Service
Listen to this webinar on demand, which features speakers from CSC and Sectigo discussing why and how to set up automated digital certificate renewals.
WEBINAR
Fraud Protection Best Practices
View our on-demand webinar where we look at the current online fraud and phishing landscape and share best practices and solutions for mitigating these threat vectors.
IN THE NEWS
Marsh McLennan: An Interview with Vivian Wesson
Vanguard Magazine
We’re delighted to share a recent interview with CSC’s client Vivian Wesson, chief intellectual property counsel at Marsh McLennan, by Vanguard Magazine.
IN THE NEWS
New Research Says Domain Registration Fraud Surging in Post-Pandemic Era
SecurityInfoWatch.com February 21, 2022
In the pandemic era, people have grown anxious. And when this happens, they seek out information online. Unfortunately, cybercriminals view this not so much as a crisis, but an opportunity. The massive surge in online activity coupled with the widespread adoption of work from home arrangements has allowed these criminals to plant “hooks” in the form of deceptive, suspicious domain registrations, resulting in the launching of phishing and fraud attack campaigns.
PRESS RELEASE
Introducing 3D Domain Monitoring to keep your business safe from cyber threats.
CSC’s enterprise 3D Domain Monitoring and Enforcement solution provides a multidimensional view of various threat vectors outside your firewall targeting specific domains.
WEBINAR
ICANN 73: Insights from the Virtual Meeting
In this session, we will share highlights of important industry policy developments that will affect your online domain name, brand protection, and cyber security strategies.
WEBINAR
Why a .AU is a Critical Component of Your Domain Security
Today’s phishing protection and ransomware prevention strategies are missing a critical component: domain security. With .AU’s launch, how can organizations stay secure and protected against significant threat vectors that can cripple an organization in terms of revenue loss and reputation damage.
IN THE NEWS
COVID-19 News Fuels Rise in Domain-Related Cybercrime, Preying On Fear Factor
SC Magazine February 9, 2022
Recent CSC research highlights a continued rise in domain name registration activity over the last two years in correlation with ongoing COVID-19 themes. Data confirms that hackers leveraged the global pandemic for financial gain, a particular risk to healthcare entities given brand abuse and patient privacy or misinformation risk. While fraudulent domain registrations are likely a nuisance to other sectors, healthcare entities should be on the alert for these instances, as it could lead to phishing, brand abuse, consumer privacy risks, and other nefarious activities.
WEBINAR
The Impact of COVID-19 on Internet Security and Safety
In our February session, we will take attendees through the findings of CSC’s latest research report on how COVID-19 has affected online security, impacting some of the world’s most recognized brands.
IN THE NEWS
Covid Domain Registrations Soar, Many by Bad Actors
TechNewsWorld January 26, 2022
Nearly half a million Covid-related domains have been created over the last two years, many of them being used by online fraudsters. The pandemic has created an environment in which bad actors make use of a range of Covid-related “hooks” to commit cybercrime and fraud, impacting consumers and brands, explained CSC, a domain registrar that released a study Tuesday of more than 478,000 domain names tied to pandemic keywords.
IN THE NEWS
Cyber Insecurity - Omicron Variant Came With Surge in Suspicious Websites
The Washington Post January 25, 2022
Nearly two years into the pandemic, the Internet is still awash with shady coronavirus-themed websites that could be used as lures to steal people′s information or infect them with malware, according to corporate domain registrar CSC. In the first year of the pandemic, researchers found thousands of virus-themed domains and concluded that it was strikingly easy to register domains with the potential to spread vaccine-related hoaxes.
PRESS RELEASE
CSC Research Finds Third Parties Continue to Lay Groundwork for Malicious Activity Among Thousands of COVID-Related Domains
The report’s findings were gathered using CSC’s newly launched DomainSecSM platform, which delivers a cloud-driven analysis of the global domain ecosystem to identify potential threats to major brands.
REPORT
The Impact of COVID-19 on Internet Security and Safety
This report’s findings were gathered using our newly launched DomainSecSM platform to analyze nearly 500,000 COVID-related web domains for threats to brands and consumers due to their persistent brand infringement patterns and behaviors.
WEBINAR
“The Elephant in the Room” for Online Brand Protection
We delivered the opening keynote at the World Trademark Review’s Brand Strategy China event. Our expert addressed the underlying issue of why we continue to see pervasive brand infringement online, and the paradigm shifts needed to achieve better outcomes.
WEBINAR
Embracing New Tools to Enhancing Protection
Rapid technological development inevitably gives rise to new online threats. However, it also offers solutions, and the canny use of technology can generate greater success in brand protection efforts. Experts will discuss new issues coming from the digital world and how to use cutting-edge tools to counter them.
WEBINAR
To trust the cloud more, you need to trust it less—how to build a better security architecture for using cloud services.
Learn key recommendations presented at the PwC HackaDay to address this paradox.
IN THE NEWS
Increased Focus on Preventative Security Measures Across Forbes Global 2000 Companies including Retail and Insurance Providers
Vmblog.com
December 31, 2021
In 2021, companies and government agencies experienced increased threat vectors targeting corporate and government online domain name portfolios, including ransomware (malware), phishing, online brand abuse, trademark infringements, BEC, and supply chain attacks. In 2022, with domain cyber threats rising, we’ll see companies and government agencies exposed to much higher risks in the coming year.
IN THE NEWS
2022 Threat Predictions: Ransomware, Ransomware, Ransomware
SC Media
December 24, 2021
Ransomware made the leap into the consciousness of the public at large over the last year, thanks to attacks grabbing mainstream headlines and affecting the everyday lives of a significant number of people. “Phishing attacks grow only more prevalent, with ransomware an ultimate goal,” says Ihab Shraim, CTO of CSC DBS, in this article on 2022 cyber threat predictions by SC Media.
IN THE NEWS
Not All Domain Registrars are Created Equal: Consumer-Grade Vs. Enterprise-Class
Help Net Security
December 20, 2021
SecurityScorecard and CSC released comprehensive research detailing the impacts of an organization’s choice in domain registrar on their overall security ratings. The research shows that companies that select enterprise-class registrars (ECR) for domain management have a total score that is on average one-half to one whole letter grade higher than those using a consumer-grade domain registrar (CGR).
IN THE NEWS
The Realities of Domain Security
SecurityInfoWatch.com
December 17, 2021
According to CISA, most cyberattacks, including ransomware and BEC, start with phishing. The losses companies are experiencing due to ransomware are exceeding billions annually. In response, organizations are implementing more sophisticated threat monitoring, detection and mitigation solutions, but are they are routinely failing to implement even basic domain safety measures.
BLOG POST
SAXO Paves the Way for Democratized Trading for All
CSC had the great pleasure to interview Ian Semey, senior global webmaster at Saxo Bank, about their new generic top-level domain (gTLD) application, the implementation process, and how they have been using it successfully. You can read the full article here.
REPORT
The Impact of Enterprise-Class Domain Registrar Use on Overall Security Ratings
Research done by SecurityScorecard shows that a company’s choice in domain registrar is highly correlated to a company’s cyber security rating. Companies that selected enterprise-class registrars for domain management versus consumer-grade domain registrars had a total score that was on average one-half to one letter grade higher.
IN THE NEWS
Domain Registrar Selection: A Key Indicator of Overall Organization Security
SecurityScorecard December 8, 2021
Research done by SecurityScorecard shows that a company that selects an enterprise-class registrar for domain management versus consumer-grade correlates to a higher cyber security rating, with a total score that is on average one-half to one letter grade higher.
WEBINAR
ICANN 72: Insights from the Virtual Meeting
Join us for our final ICANN recap webinar of 2021, where CSC’s Gretchen Olive talks through the latest developments from the most recent ICANN online meeting.
WEBINAR
Let's End Whack-a-Mole
Brands have long gone digital, but so have counterfeiters. Organizations can be inundated with online infringements and find themselves in a constant war with bad actors. Here, experts share their key tactics for fighting back.
BEST PRACTICE GUIDE
Domain Portfolio Governance Policy
Seven steps for creating successful domain portfolio Governance: Using CSC’s seven-step process, you can join the growing ranks of organizations that are in full control of their domains.
WEBINAR
The End of .XXX Blocking Program – Are you Ready?
Join us for this 20-minute webinar where we will be looking at what companies will need to do to manage domains in their portfolio affected by the end of 2011’s .XXX Sunrise B blocking program.
REPORT
Midmarket Businesses - Staying Ahead of Risk for Future Initiatives
Digital IP and cyber security should be part of any organization’s risk management strategy as any disruption can mean an immediate threat to an organizations’ ability to operate normally. Our latest guide offers insight into how to protect a company’s digital assets and secure its online presence against cyber risk.
WEBINAR
CSC Domain Security Report: What’s the Security Posture of the Forbes Global 2000?
With cyber crime on the rise, companies in 2021 have experienced increased ransomware attacks, business email compromise (BEC), phishing attacks, supply chain attacks, and online brand and trademark abuse. Domain security is the first line of defense against these attacks, and a critical component to help mitigate cyber attacks in the early stages.
IN THE NEWS
Domain Security Remains an Underutilized Component to Curb Attacks
HelpNet Security October 5, 2021
Despite the shift to modernize business environments and operations among the Global 2000 companies, web domains remain dangerously under protected, according to CSC.
IN THE NEWS
Top Global Companies Falling Short in Protecting Domain Security
Cybersecurity Dive October 5, 2021
A majority of the world's largest companies fall short in protecting their domain registrations, making them susceptible to phishing attacks, business email compromise or even ransomware, according to a report from CSC. CSC examined the core domain for Forbes Global 2000 companies, applying proprietary tools and publicly available information to inform the report.
IN THE NEWS
Shorter Certificate Cycles Shouldn’t Mean Ignoring Extended Validation
Security Boulevard October 6, 2021
A movement to speed up the secure sockets layer (SSL) certificate cycle, reducing validity periods to roughly 13 months to allow for a one-year period and then a one-month grace window for renewal, while boosting security, also could cause extended validation (EV) to go extinct. CSC’s Mark Flegg explains why this shouldn’t be the case.
IN THE NEWS
Major Companies Lag in Adopting Domain Security
BetaNews September 28, 2021
A majority of companies in the Forbes Global 2000 have been slow to adopt domain security measures that could help prevent them from ransomware attacks.
IN THE NEWS
Domain Security Report Covered on TechCentral.ie
TechCentral.ie September 29, 2021
TechCentral.ie has featured the findings from CSC’s Domain Security Report, which highlights how less than 20% of the world’s largest brands are adopting basic domain security protocols, leaving them vulnerable to phishing, ransomware, and other cyber attacks.
IN THE NEWS
Domain Security Report Covered in ITPro
ITPro September 28, 2021
Highlights from CSC’s Domain Security Report have been featured in ITPro, highlighting that 81% of Forbes Global 2000 brands are vulnerable to cyber attacks by not having key domain security protocols in place.
IN THE NEWS
Study: Half of Forbes 2000 Brands Fail to Use DMARC
MediaPost September 29, 2021
Forbes 2000 brands are dangerously unprotected from phishing and hijacking, with 81% failing to use registry locks for their domains. Only 50% utilize a DMARC record, the standard email authentication method.
IN THE NEWS
Most Large Enterprises Fail to Protect Their Domain Names
Dark Reading September 29, 2021
New research carried out by CSC Digital Brand Services, an online brand security company, has identified 325k domains that conduct malicious activities and enable brand abuse, 68% of which were related to COVID-19 treatment, testing and tracking. Chief technology officer Ihab Shraim tells us what this means for the healthcare sector.
REPORT
Domain Security Report 2021
Forbes Global 2000 companies are still largely unprotected online, especially those using consumer-grade registrars. Find out which industries fare better in their security posture against global adoption benchmarks in our Domain Security Report.
PRESS RELEASE
CSC Finds Majority of World’s Largest Companies Susceptible to Phishing and Brand Abuse Due to Improper Domain Security
CSC released its annual Domain Security Report: Forbes Global 2000 Companies, which found that despite the shift to modernize business environments and operations among the Global 2000 companies, web domains remain dangerously under protected.
WEBINAR
The Day the Internet Broke: Lessons from Recent Cloud Provider Outages
Recently and in a short time span, several large, high-profile, cloud-based providers experienced outages. These incidents shook the internet world—with various media calling it “the day the internet broke”—because it took down online entertainment, eCommerce, logistics, financial services, and more.
PRESS RELEASE
CSC and SecurityScorecard partner to mitigate domain security risks
CSC has announced a strategic alliance with SecurityScorecard, the global leader in security ratings, to provide domain security insights for evaluating enterprise cyber risk to SecurityScorecard platform users. CSC is providing users with visibility into the class of domain registrar they’re using, enabling them to better manage the risk related to their domain name portfolio. This information will help educate companies about the level of advanced security needed to protect against domain and DNS security threats today.
BEST PRACTICE GUIDE
WHEN PEOPLE CHANGE ROLES - Best Practices for Digital Assets
When people leave an organization or change roles, CSC recommends auditing all vendor portals for online assets to ensure user information is updated across all the products and services immediately.
PRESS RELEASE
Holiday shopping warning: simple typos can lead consumers and brands to online fraud, counterfeit goods, and cyber crime
During the holiday shopping season, just one hour of downtime can cost a business over $500,000 in lost revenue. Despite this, many global eCommerce and shopping companies are still lacking basic domain security measures that could prevent this from happening. For instance, only 16% of the top 500 global eCommerce and shopping domains leverage DNS hosting redundancy, which could secure their online presence from DDoS attacks.
REPORT
Cyber Threats & Trends - Securing your Network Pandemic-style
Neustar’s latest report “Cyber Threats and Trends: Securing Your Network Pandemic-Style” takes a hard look at what happened during that tumultuous year so that we can best protect our networks moving forward.
WEBINAR
ICANN 71: Insights from the Virtual Meeting
Join our upcoming webinar, which gives a recap of the recent ICANN 71 Virtual Meeting.
WEBINAR
CSC Security Center — What It Can Do for You
Join us for our Industry Update webinar, where we spend 30 minutes on the latest news in domain management & security, brand protection, and fraud protection.
WEBINAR
Domain and DNS Security Recommendations for the Australian Cyber Security Strategy
Join this webinar where we’ll share our thoughts on the Strategy and give recommendations of how organisations should react.
BEST PRACTICE GUIDE
CSC Security Center
Putting security first for critical online brand assets.
For companies that need to be aware of and mitigate cyber risks not contained by their traditional firewall solutions.
WEBINAR (ITALIAN)
Why Domains are Essential for Cybersecurity
Join our webinar where we will explain why domain names are an integral part of an organization's cybersecurity and what happens when they are compromised.
IN THE NEWS
COVID-19 and the Rise in Online Brand Abuse
Healthcare Global May 18, 2021
New research carried out by CSC Digital Brand Services, an online brand security company, has identified 325k domains that conduct malicious activities and enable brand abuse, 68% of which were related to COVID-19 treatment, testing and tracking. Chief technology officer Ihab Shraim tells us what this means for the healthcare sector.
IN THE NEWS
Return on Investment: Proving that Protection Pays
World Trademark Review May 11, 2021
Read the full article by CSC’s David Barnett to find out how ROI can be calculated to prove benefit to brand owners and how a brand protection program can help your company today.
IN THE NEWS
Internet Threats Go Viral – Companies Must React to Keep Brands Secure
World Trademark Review May 11, 2021
Read the full article by CSC’s Elliott Champion to find out exactly how cyber criminals are targeting brands and consumers during this unusual time—and what can be done to protect brands from all of it.
IN THE NEWS
Avoid Being a Headline: Not all Domain Registrars are Created Equal
InfoSecurity Magazine May 11, 2021
The SolarWinds and Microsoft Exchange cyber-attacks have shown the importance of vetting third-party technology, operational processes and security controls in order to identify and mitigate supply chain risk. Choosing a domain name registrar is such a vital decision because of the many security risks in the domain and DNS ecosystem such as phishing threats or brand infringements.
WEBINAR
Industry Updates – To Block or Not to Block? Best Practices for Domain Blocking Strategies
Join us for our Industry Update webinar, where we spend 30 minutes on the latest news in domain management & security, brand protection, and fraud protection.
WEBINAR
“It’s always DNS!”
“It’s always DNS!” is a popular meme among system administrators. Find out why DNS is the biggest single point of failure in the new norm, and why companies need to reevaluate the concept of cyber security from network security to inter-network security.
IN THE NEWS
Domain Name Security Neglected by U.S. Energy Companies: Report
Security Week April 15, 2021
A majority of the largest energy companies in the United States appear to have neglected the security of their domain names, according to CSC, a firm that specializes in securing online assets. The Biden administration is concerned about potentially damaging cyberattacks aimed at the country’s critical infrastructure, and it’s taking steps to help electric utilities, water treatment plants and other industries protect their systems. Data collected by CSC last week shows that nearly 80 percent of the top U.S. energy organizations are at risk of cyberattacks targeting their DNS and internet domain names.
WEBINAR
Automated Digital Certificate Management - Getting it Right
Join us for this webinar, where CA/B Forum members Nick France and Tim Callan of Sectigo will join CSC product director for security services, Mark Flegg, to discuss the latest updates on digital certificate renewals.
WEBINAR
ICANN 70: Insights from the Virtual Meeting
Join our upcoming webinar, which gives a recap of the recent ICANN 70 Virtual Meeting.
WEBINAR
Online fraud — How to Stay Ahead
Join us for our Industry Update webinar, where we spend 30 minutes on the latest news in domain management & security, brand protection, and fraud protection.
IN THE NEWS
Risks from Spoofed Domains are Different but Still Problematic
Loss Prevention Magazine March 18, 2021
One of the industry’s leaders in the fight against counterfeit products noted a shift in how fake goods are primarily marketed to customers, from misspelled domains to online marketplaces and, increasingly, social media.
WEBINAR
Making the Platform Relationship Win-Win
The relationship between brands and eCommerce platforms is one that can be both combative and collaborative.
WEBINAR
Calculating Your Return on Investment with Brand Protection Solutions
Join us for our Industry Update webinar, where we’ll spend 30 minutes on the latest news in domain management and security, brand protection, and fraud protection.
IN THE NEWS
#SaferInternetDay: How Online Users Can Detect Misinformation
Infosecurity February 9, 2021
Misinformation is an issue that has come firmly to the fore over recent years, fuelled by increased access to the internet throughout the world. Elliott Champion, leader of brand and fraud divisions at CSC, explained: “[Given] the ongoing COVID-19 pandemic, misinformation is being used to take personal credentials and money. Misinformation around COVID-19 treatments, events, related news, (fake) tracking apps, vaccinations, monetary relief schemes, charity drives or donations have become widespread.”
IN THE NEWS
Why Companies Will Need Better Intelligence and Security To Prosper in 2021
APAC CIO Outlook February 8, 2021
As the world continues to grapple with the effects of COVID-19, we predict that companies will continue to find ways to adjust to the situation they are faced with—to explore new channels of revenue, connect with their employees and customers, and address a growing need to tighten on cyber security and online brand protection.
WEBINAR
Why Domain Names are Central to your Cyber Security
Join us for our Industry Update webinar, where we’ll spend 30 minutes on the latest news in domain management and security, brand protection, and fraud protection.
WEBINAR
Protecting your Brand Against the Increasing Threats of Online Fraud
In our first webinar of 2021, we’ll delve into the outcomes of 2020’s marked increase in online fraud from cyber criminals, who took advantage of our increased reliance on the internet due to COVID-19 restrictions.
WEBINAR
Holiday Shopping and eCommerce Digital Threats
In our December session, we’ll be looking at the results of some recent research by CSC on the digital threats to companies and consumers associated with holiday shopping and eCommerce.
BEST PRACTICE GUIDE
CSC Domain Name Lapse Policy: Stop – Review – Action
While many companies spend time reviewing the domain names they wish to lapse, they don’t always have all the information to make a truly informed decision. At CSC, it’s our responsibility to make sure you understand your options and potential security threats.
WEBINAR
ICANN 69 – Insights from the Virtual Meeting
The session will share highlights of important industry policy developments that will affect your online domain name, brand protection, and cyber security strategies in 2020 and beyond.
WEBINAR
Protecting your Company from Social Engineering Attacks
Social engineering scams are some of the trickiest phishing attacks to identify. But what is social engineering, how does it manifest itself, and what are the key characteristics to look out for?
IN THE NEWS
New CSC research finds over 90% of website linked to Donald Trump and Joe Biden campaigns at risk for potential redirection, disinformation, and data theft
Journal of Cyber Policy October 9, 2020
CSC, a world leader in business, legal, tax, and domain security, today released new research from their Digital Brand Services (DBS) division that reveals areas of risk for prominent election-related websites. The research indicates that web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are being targeted for disinformation activities such as domain spoofing, and threats including domain name and domain name system (DNS) hijacking, and phishing.
IN THE NEWS
Over 90% of domains linked to Trump, Biden websites vulnerable to cyberattacks: study
Israel Defense October 12, 2020
The vast majority of web domains closely linked to the presidential campaign websites for Donald Trump and Joe Biden lack basic domain security protocols and are at risk of potential disinformation activities and data theft, according to findings released Thursday. The research by US-based digital asset security company CSC found that over 90% of these web properties are not using registry locks to protect their domains from domain and DNS hijacking that can lead to phishing attacks, network breaches, and email compromise.
IN THE NEWS
Most domains linked to US election vulnerable
Technology Decisions October 12, 2020
Over 90% of web domains associated with the presidential election campaigns of Donald Trump and Joe Biden are not using registry locks to protect their domains from domain and DNS hijacking, research suggests. The research from CSC’s Digital Branch Services division found that web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols.
IN THE NEWS
Presidential candidate domain traffic at risk of phishing scams, highlighting need for brands to review vulnerabilities
World Trademark Review October 8, 2020
Over 90% of domains associated with the U.S. presidential election candidates are at risk of potential redirection, disinformation and data theft reveals new research from domain management service CSC. Both Joe Biden and Donald Trump’s websites were identified as risk centers for outgoing and referral domains that were vulnerable to attack. The findings are a reminder that brand owners need to act quickly to ensure that their domains are truly secure.
IN THE NEWS
US Election-Related Websites Vulnerable to Fraud, Abuse
Dark Reading October 8, 2020
The vast majority of websites that link to joebiden.com and donaldjtrump.com do not use basic DNS security controls, new research shows. In August, CSC's Digital Brand Services division identified 988 outgoing and referral domains that link to the two presidential campaign sites – and found more than 90% of them do not use registry locks, says Mark Calandra, executive vice president of CSC DBS. These type of sites include major U.S. news outlets, political sites, and donation-driven pages.
WEBINAR
Best Practices for Managing Digital Asset Security
Join us for our monthly Industry Update webinar, where we spend 30 minutes on the latest news in Domain Management & Security, Brand Protection, and Fraud Protection.
PRESS RELEASE
New CSC Research Finds Over 90% of Websites Linked to Donald Trump and Joe Biden Campaigns at Risk for Potential Redirection, Disinformation, and Data Theft
Due to the sensitivity and importance of the U.S. election process, domain security remains a major vulnerability for the potential of foreign interference, fraud, and misinformation. Nearly 70% of misspelled domains are configured to send and receive emails, which can be used to lure donors to phishing sites.
REPORT
Dot Brand Insights: October 2020
In our October 2020 Dot Brand Insights Report, we report on a distinct uptick in the activity surrounding .BRANDs, ranging from the manufacturing, pharmaceutical, and internet services, to enterprise products and services sectors—sectors that got a big increase in business activity through Q3 2020 despite the COVID-19 pandemic.
BEST PRACTICE GUIDE
Mergers and Acquisitions: Taking Care of Digital Brands During Entity Consolidation
Your company has acquired another entity or merged with one. Congratulations! This best practice guide will help you understand the challenges of merging digital assets and how to secure them by highlighting important steps to consider and apply.
WEBINAR
Domain Security Best Practices for Australian Corporations
Australia is now in a heightened state of cybersecurity. Together with our guest speakers Bruce Tonkin, COO of .AU Domain Administration Limited (auDA), and Ram Mohan, COO of Afilias, we’ll discuss domain security—the cornerstone of preventing cyber threats, such as domain name system (DNS) hijacking.
IN THE NEWS
Safe domain: How to protect your enterprise from DNS hijacking
Help Net Security September 1, 2020
In August 2019, cybersecurity researchers revealed that a hacker group known as Sea Turtle targeted 40 telecoms, internet service providers, domain registrars and government organizations in the Middle East and North Africa. The attackers hijacked the domain names of ministries of foreign affairs, intelligence/military agencies and energy-related groups in those regions. As a result, Sea Turtle was able to intercept all internet data – including email and web traffic – sent to the victims.
IN THE NEWS
Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack
Inc. June 25, 2020
A recent study shows that companies can't defend against potentially catastrophic domain name hijacks. The study, released earlier this month by international business firm CSC, found that 83 percent of organizations surveyed haven't implemented baseline security measures like domain name registry locks, which help prevent domain name hijacking and/or unauthorized transfers..
IN THE NEWS
83% of Global Enterprises Do Not Have Basic Domain Security Measures
CISO Magazine June 19, 2020
Latest research from domain security provider CSC revealed that security gaps in enterprise domain security procedures expose organizations’ networks to cyber risks and vulnerabilities such as domain name system (DNS) hijacking, data fraud, and phishing attacks.
IN THE NEWS
83% of Forbes 2000 Companies' Web Domains Are Poorly Protected
Help Net Security June 18, 2020
There are significant shortfalls in enterprise domain security practices, putting organizations' internet-facing digital assets at risk to threats, including domain name and DNS hijacking, phishing, and other fraudulent activity.
IN THE NEWS
Most Forbes Global 2000 Companies Lack Basic Domain Security
Security Boulevard June 18, 2020
Most Forbes Global 2000 organizations don’t have even basic domain security in place, leaving them open to attacks with potentially devastating consequences, according to a report from CSC Digital Brand Services (DBS). Forbes Global 2000 companies don’t take domain security seriously, and proof is in the 2020 Domain Security Report: Forbes Global 2000 Companies underlines just how big a problem it actually is.
IN THE NEWS
World's Largest Public Companies Lack Basic Domain Security Protections, Report
MSSP Alert June 17, 2020
Over 80% of the world’s largest public companies failed to adopt basic domain security measures.
IN THE NEWS
83% of Forbes 2000 Companies' Web Domains Are Poorly Protected
Dark Reading June 16, 2020
Only a handful have controls against domain-name hijacking, DNS modifications, and other threats, a new CSC study finds.
WEBINAR
Cyber Security Beyond the Firewall – DNS
What is the domain name system (DNS) ecosystem and what are its vulnerabilities? How can companies mitigate threats to DNS? Keynote speaker, David Conrad, CTO of ICANN, and speakers from the industry discuss DNS hijacking, and how to evaluate current security measures against these kinds of attacks.
IN THE NEWS
How to protect your organization's domain from security threats
Tech Republic June 16, 2020
Your organization's public-facing domain is often as important and critical a resource as are your internal files, data, and network. And just as you protect your internal infrastructure from cyberthreats, so too do you need to protect your domain.
BLOG POST
CSC on The CyberWire Daily Podcast
This week, CSC’s executive vice president, Mark Calandra, featured in The CyberWire Daily Podcast with David Bittner, speaks about insights from our 2020 Domain Security Report.
WEBINAR
Online Brand Abuse in APAC: The Landscape and Its Solutions
The Asia-Pacific region is an important market, but it’s fraught with problems for brand owners. Learn about fraud trends in APAC markets, key platforms of brand abuse, and how monitoring and enforcing trademarks can help.
PRESS RELEASE
CSC Becomes First Foreign-Owned Company to Receive Domain Registrar License in China
Accreditation enables organization to provide domain registration and management services to local and global companies doing business in China.
REPORT
Dot Brand Insights: June 2020
In our June 2020 Dot Brand Insights Report, we look into the increase in .BRAND domains being used by brand owners to communicate important messaging to their customers, investors, and employees in light of the COVID-19 global pandemic.
PRESS RELEASE
Domain Security Blind Spots Put Global Enterprises at Serious Risk According to New Research from CSC’s Digital Brand Services Division
New research shows information technology and media and entertainment sectors take the most sophisticated approach to domain security while materials and real estate industries are most susceptible to attacks.
BEST PRACTICE GUIDE
Domain Security Checklist
While companies are making significant investments to improve their security posture and reduce risk, many are still exposed to security blind spots when it comes to proactively and securely managing some of the most fundamental internet assets that allow them to conduct business—unsecure domain names, DNS, and digital certificates.
BEST PRACTICE GUIDE
Digital Asset Security: Back to Basics
Worldwide, cyber attacks and data breaches are coming from all directions. They're on the rise, making it harder to secure an online brand.
So how can you manage today's risks? Get back to the basics of digital asset security.
BEST PRACTICE GUIDE
6 Ways to Strengthen DNS Security
At the inception of the internet and domain name system—aka, DNS—only education organizations and government bodies were online. Back then, trust was assumed and security wasn't even a thought. But today with the world online, DNS is one of the most regular targets of cyber criminals.
BEST PRACTICE GUIDE
The Case for a Secondary DNS Service
Enterprise security was previously focused on protecting the online perimeter (i.e., the network border). Blocking malware and bad agents from entering the network meant protecting your data and your business.
WEBINAR
DNS Hijacking: Recent Events and Recommendations
Businesses have invested in security solutions at an exponential rate to protect their organizations from cyber threats. Yet, many companies remain exposed to what security experts are now referring to as critically important security blind spots.
REPORT
Dot Brand Insights: February 2020
In our February 2020 Dot Brand Insights Report, our experts look at the increase in the number of .BRAND domain name registrations and the steady climb of domains under management (DUM)—including what industry is responsible for a 200% DUM count.
BEST PRACTICE GUIDE
Beyond the Firewall: Implementing DNS Defenses to Mitigate Online Vulnerabilities and Threats
DNS forms the underlying infrastructure for how the internet works, serving as a directory to point users to the right web content. When DNS goes down, websites, email, voice-over IP, and remote employee login goes down with it.
IN THE NEWS
The 3 Most Detrimental Cyber Attacks and How to Stop Them
Cyber attacks. They happen every day and affect everyone from companies down to consumers. Many companies aren't yet doing enough to protect their brand and their customers—and it's easier than you think. Putting a few key security measures in place can help with cyber attack prevention. Sometimes, even before they hit the inbox.
In this report, we talked to our chief information security officer, Scott Plichta, to get the inside scoop on the three most detrimental cyber attacks and how to stop them.
BEST PRACTICE GUIDE
10 Steps to Tackling Online Counterfeiting
In an interactive guide, we've identified 10 best practices that can help you tackle online counterfeiting. From understanding your critical business drivers—like revenue and reputation—to identifying what channels to monitor, and choosing your targets.
REPORT
Cyber Security Report: October 2019
In our October 2019 edition of the CSC Cyber Security Report, we take an in-depth look at the contractors of public actors in the defense industry globally and the waves of attacks that are hitting these agencies and causing security breaches. affecting national security and the well-being of citizens.
REPORT
Cyber Security Report: June 2019
Securing a company's digital infrastructure has become a major concern to corporations worldwide.
Recent CSC research focuses on the media industry, revealing that 78% of global media brands use a corporate domain registrar, yet only 37% of those have a registry lock to protect their DNS from hijacking.
BEST PRACTICE GUIDE
Developing and Launching a New Brand
Launching a new brand or redeveloping an existing concept requires painstaking attention to detail from the initial idea to completion of the project. During the process, a business might ask questions about how their brand or product will be received, who the target audience is, and the strategy behind the change.
It's pertinent to remember your digital brand and how your launch will be viewed online. There are several best practices to keep in mind, including how monetize your online presence, and the security measures you need to keep your brand safe.
WEBINAR
DNS Hijacking: Security Learnings from the Latest Incidents
Waves of DNS hijacking affecting government and telecommunications domains, as well as internet infrastructure entities across the globe, has resulted in increased efforts—even emergency directives—to protect domains from further attacks.
The U.S. Department of Homeland Security (DHS) has quickly implemented new procedures to further protect federal domains. And other governments—including the U.K. and France—are following suit.
In this recorded webinar, CSC global product director of Security Services, Mark Flegg, discusses recent events, learnings gained, the most relevant developments around digital asset security, and how it all impacts your company in the fight against cyber threats.
REPORT
Dot Brand Insights: October 2019
In our October 2019 Dot Brand Insights Report, our experts look at the increase in the number of activated .BRANDs—meaning .BRANDs that have registered five or more domain names within their branded domain.
Companies can create the level of security they want within their .BRAND ecosystem, building trust with their audience, including ensuring every .BRAND site employs DNSSEC, digital certificates, and DMARC. Inside, we share what six .BRANDs have to say about their domains, and what they use their .BRANDs to communicate to employees and the world.
REPORT
Companies are Using their New Dot Brands
CSC expert analysis shows that through the first quarter of 2019, .BRAND domain registrations increased by 5%. Simultaneously, there was a 4% increase in the total of active (live) domains—meaning, companies are using their new .BRANDs. The major contributors are customizing their websites for employees as well as customer- and country-specific initiatives.
REPORT
Banks, Cars, or Insurance: Which Industry Takes the Lead in Dot Brand Use?
In this edition of our Dot Brand Insights Report, our experts dissect the increasing domains under management (DUM)—including revealing what industry is responsible for the 200% lead in DUM count—and look at the increase in .BRAND registrations.
You'll also read about how Google® came to be, and read a delightful story about how they decided to use its new generic top-level domain.
WEBINAR
The EU GDPR: One Year On
On May 25, 2018, the GDPR became enforceable. While the primary purpose of the GDPR is to protect the personal data of EU residents, its real impact has been far broader in geography and scope.
In this recorded webinar, Gretchen Olive, CSC's director of policy and industry affairs, explores how the GDPR has changed much more than the rules around data privacy.
BEST PRACTICE GUIDE
Five Steps to UDRP Success
Cybersquatting is on the rise, with a noted uptick over the past several years. Closely linked to problems such as brand abuse, traffic diversion, counterfeit goods, trademark dilution, phishing attacks, and malware distribution, cybersquatting can be very costly to brands.
IN THE NEWS
GDPR: Cyber Security Issues Abound
CSC's Mark Flegg, global product director of Security Services, gives insight into the General Data Protection Regulation (GDPR), what this means in terms of cyber security, and how to protect yourself and your business from cyber criminals.
IN THE NEWS
Going Phishing: Countering Fraudulent Campaigns
Phishing remains the most used vehicle for corporate data breaches, credit card fraud, and identity theft. Malicious links are clicked and corporate passwords are given up, leaving companies and consumers vulnerable.
In the World Trademark Review article, Going Phishing: Countering Fraudulent Campaigns, we share why securing digital assets is a MUST—especially considering the October 2017 U.S. Department of Homeland Security Domain-based Message Authentication, Reporting, and Conformance policy and the European Union's General Data Protection Regulation (2016/679) that went into effect May 25, 2018.
BEST PRACTICE GUIDE
The Online Counterfeit Economy: Apparel and Accessories
As the digital world continues to expand and become a bigger part of our daily lives, counterfeiters are finding ways to take advantage of our reliance on apparel and accessories.
This guide is a snapshot of the apparel and accessories counterfeit market; here, we outline four key steps to protect your brand from these threats.
BEST PRACTICE GUIDE
The Online Counterfeit Economy: Consumer Electronics
As the digital world continues to expand and become a bigger part of our daily lives, counterfeiters around the world are taking advantage of our reliance on consumer electronics.
This guide takes a snapshot of the counterfeiting landscape in the consumer electronics market, and maps out four key steps to protect your brand from threats.
BEST PRACTICE GUIDE
Security Tool Kit
Equip your employees and protect your company from cyber threats.
BLOG POST
What's the Point of Domain Name Registrar Security, Controls, and Processes?
The missing links in most cyber security risk postures.
WEBINAR
Domain Name Strategy 2020: Blocks, WHOIS, Cyber Criminals and Other Challenges
As domain name policies, data privacy, cyber security regulations, and the global threat landscape continue to rapidly evolve, so must your domain name strategy. In this recorded webinar, CSC's Gretchen Olive delves into emerging issues not to be overlooked in formulating your 2020 domain name strategy.
WEBINAR
What You Need to Know About Online Marketplaces in Asia: New Trends and Emerging Marketplaces
Combatting counterfeiting in online marketplaces with an effective enforcement strategy is now a key part of many successful online brand protection programs. Have you considered your strategy for online marketplaces in Asia?
WEBINAR
China's Revised Web Policies
In late 2017, the Ministry of Industry and Information Technology (MIIT) of the People's Republic of China updated their domain name registration and web hosting policy.
This will impact global companies with a web presence in China—affecting not just .CN domains and Chinese international domain names, but any domain or top-level domain that is web hosted in China, including .COM and .NET, and more.
WEBINAR
ICANN 64 Kobe Insights
Enjoy a look back on the ICANN 64 policy forum in Kobe, Japan, including the discussions on internet policy development, outreach, and community networking.
WEBINAR
ICANN 63 Barcelona Insights
"Meet" us in the metropolis of the Mediterranean Sea, where we take you back to Barcelona's discussions on internet policy development, outreach, and community networking.
WEBINAR
Insights from ICANN 62 in Panama City
The second of three ICANN meetings will take place in Panama City, Panama on June 25. The four-day Policy Forum will focus on current policy development work, outreach, and daily opportunities to network with the community, including CSC experts.
WEBINAR
Internet Insights from the Walled City
The three-legged stretch of 2018 ICANN meetings begins March 10 in San Juan, Puerto Rico, and CSC's experts will be there to report on the many internet-related to be discussed, including increasing competition on the web and the latest domain name and brand protection developments. Gretchen Olive, CSC director of Policy and Industry Affairs, and Ben Anderson, head of New gTLD Services for CSC, will then present their findings from ICANN 61 via a live webinar.
IN THE NEWS
The Life Cycle of Digital Certificates Reduces Again
In 2015, the CA/B Forum reduced the certificate lifetime of organization validation (OV) and domain validation (DV) certificates from four to three years.
Again in March 2018, the lifetimes were further reduced to two years, in line with extended validation (EV) certificates that were already at two years, maximum
IN THE NEWS
6 Ways to Strengthen DNS Security
The domain name system (DNS) grew to prominence during the initial, innocent days of the internet.
During that time, early internet users tended to work for government or education organizations where trust was assumed, and security was not even a consideration.
IN THE NEWS
Why Domain Name Security Matters Most?
Cyber criminals are taking advantage of this risk and have been doing so for quite some time.
Throughout 2019, Cisco Talos warned about the state-sponsored Sea Turtle attack taking control of DNS systems and stated, "the actor ultimately intended to steal credentials to gain access to networks and systems of interest."
And just this week, Reuters reported in "Exclusive: Hackers acting in Turkey's interests believed to be behind recent cyberattacks – sources” that another group of hackers alleged to be working for the Turkish government's interests attacked government organizations and companies via DNS hijacking.
IN THE NEWS
DNS, Domain Names, and Certificates: The Missing Links in Most Cyber Security Risk Postures
Do you know who your domain name registrar is (the domain name management company that holds the keys to the kingdom)?
What do you know about your domain name registrar's controls, security, policies and processes?
IN THE NEWS
Does Your Domain Have a Registry Lock?
According to data provided by digital brand protection firm CSC, while domains created in the top three most registered top-level domains (.COM, .JP and .CN) are eligible for registry locks, just 22% of domain names tracked in Forbes' list of the World's Largest Public Companies have secured registry locks.