Despite a looming deadline, over a quarter of federal agencies are still not using basic email security tools. `
As phishing ploys continue to take their toll on businesses, federal agencies have yet to fully protect themselves against such attacks with basic defenses like DMARC. With only months to go before the federal Binding Operational Directive (BOD 18-01) deadline of October 2018, which mandates DMARC usage in federal systems, 28 percent of agencies have still not introduced the safeguards.
“[BOD] is an important step set by the Department of Homeland Security to restore trust to internet-delivered data from federal agencies,” wrote Proofpoint researchers in a study of federal agency adoption of DMARC (Domain-based Message Authentication, Reporting and Conformance) released earlier this month.