Time to Get Strict With DMARC
The adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.
Adoption of new technologies can alter an organisation’s attack surface, requiring security controls, testing, and risk management to change.
Search across headline titles and summaries.
Background for this topic.
Adoption is the extent to which people and organizations begin using a security technology, control, policy, or practice and incorporate it into routine work. In cybersecurity, adoption is more than purchasing or deploying a capability: it includes correct configuration, user participation, and continued use. Examples include enabling multifactor authentication, applying security patches, using secure coding practices, and collecting logs from systems that require monitoring.
Adoption matters because uneven or incomplete use leaves exploitable gaps. A partially deployed authentication control may protect some accounts while others remain exposed; delayed patch adoption can leave known vulnerabilities available to attackers; and missing or poorly configured logging can limit detection and investigation. Practitioners therefore assess coverage, exceptions, configuration quality, and whether controls operate as intended. Training, usable workflows, staged rollout, and measured policy compliance can improve adoption without encouraging insecure workarounds or unnecessary collection of personal data.
The adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.
The FHE Technical Consortium for Hardware (FHETCH) brings together developers, hardware manufacturers and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers.