2022 Domain Name Security Report Analysis

According to the latest 2022 Domain Name Security Report, three-quarters of the Global 2000 companies are facing alarming security threat risks. According to statistics, these companies have implemented less than half of the domain name security measures.
The report groups the importance of eight major security measures based on an organization's domain security risk level and calculates an average score for each organization. This average score constitutes the security score of the enterprise. The higher the score, the more solid the security status, which means that the risk of these enterprises suffering from domain name security threats is lower.

The best-performing industries are: IT software and services, business services and supplies, hotels, media, aerospace and defense. Among the six best-performing companies, four are from the United States.
The worst-performing sectors were: consumer durables, trading companies, food markets, materials and construction. Companies in these industries face the highest risk of cyberattacks due to a lack of domain name portfolio security measures.
For all three industries, due to supply chain issues, companies are already entangled in a variety of countermeasures to deal with various materials, labor and distribution issues, adding to the complexity.
Notably, among the five worst-performing sectors, consumer durables also made it to the list, which includes various automobile companies.

However, as Internet of Things (IoT) technology now becomes the latest personalization feature for automakers, these companies' cybersecurity postures have become more robust, but they still have a lot to pay attention to in terms of avoiding more potential threats.
It is worth noting that there are still 137 companies with a score of zero, and these companies are mainly located in the Asia-Pacific region, accounting for 82% of the zero-rated companies.
Additionally, of the 75% of homograph (fake) domain names owned by third parties other than Global 2000 brand owners, 82% used privacy protections to obscure their WHOIS or owner details in 2022 , indicating that more and more companies are using privacy protection measures.
However, it can also mean that some people are trying to cover up or hide their ownership and identity, suggesting that they may have some nefarious intentions.

Of these third-party domain names, 46% pointed to ads, pay-per-click ads, or were used for domain parking, 41% had inactive websites, and 5% pointed to malicious content. This harmful content can jeopardize brand reputation and erode customer confidence. The risk is that users may be exposed to websites that contain malicious content or attempt to steal sensitive information. And 8% of the analytics were active websites that had nothing to do with the brand holder.
Among them, banks are the industry most affected by fake domain names, accounting for 10% of the top threats from fake domain names.

In addition, the report also analyzes the domain name security measures of domain name registrars used by the world's top 2000 companies.
Consumer-level registrars specialize in domain name services, website and email services for personal use, entrepreneurs and small startups.
Enterprise registrars specialize in working with businesses and brand owners to provide them with the advanced business practices, capabilities, and expertise they need in domain name and DNS management, as well as security, brand and fraud protection, data governance, and cybersecurity. and support staff.

The report found that companies with greater reliance on enterprise-level registrars had higher rates of adoption of domain name security measures.
For enterprises, failure to take domain name security measures can have unimaginable consequences. Unprotected domain names pose significant threats to cybersecurity posture, data protection measures, consumer safety, intellectual property, supply chains, revenue and reputation.

We can expect that public awareness of these issues will increase and enterprise-level domain name registrars will be more assured of the quality and rigor of their domain name defense strategies and methods.
Each enterprise needs to establish a layered security model within the zero trust framework to build a robust enterprise security form and minimize the risks faced by the business.

During this process, it is recommended to cooperate with enterprise-level registrars and use the domain name locks, domain name monitoring systems, security resolution and other tools they provide to enhance the visibility and security of exposed surfaces (including domain names and DNS). These tools can help enterprises promptly discover and respond to threats that target the enterprise's online exposure, thereby protecting the enterprise's online security. At the same time, it is recommended that enterprises conduct regular security audits of domain names and DNS to promptly discover and resolve potential security issues. #domain name#