Despite exponentially rising email fraud threats, DMARC adoption lags in the largest firms

By CybersecAsia editors | Wednesday, February 26, 2025, 9:17 AM Asia/Singapore

While DMARC can be less effective if set to “monitor” instead of “reject” mode, it still beats not adopting such protocols

In analyzing the Domain-based Message Authentication, Reporting and Conformance (DMARC) data (for year 2024) of Asia Pacific firms listed on the Forbes Global 2000, a cybersecurity and compliance company has sounded the alarm on insufficient corporate vigilance against email fraud.

First, among the world’s largest public companies in the analysis, those in the Asia Pacific region ((APAC) had lower DMARC adoption rates compared to elsewhere. Within the region, the Australian firms in the Global 2000 cohort had the highest adoption rates. The lowest rates in email protection by DMARC were in Japan, South Korea and Thailand.

Second, among Global 2000 firms in the region, seven countries were ranked in order of DMARC security protection adoption: Australia (71%), India (50%), Singapore (46.2%, Thailand (17.6), Japan (7.4%), China (4.2%), and South Korea (1.8%).

Third, since 2023, major email providers have been making moves to mandate organizations to catch up with cybersecurity management and use email authentication protocols (including DMARC) for bulk senders sending emails to their users. However, the DMARC adoption rates analyzed did not seem to align with the mandates.

Fourth, in terms of regulatory pressure, organizations that store consumer payment information must comply with the Payment Card Industry Data Security Standard (PCI-DSS) or risk paying hefty fines for violations. The latest version (v4.0.1) will require firms to use DMARC to protect credit card data by March 31, 2025. Again, the adoption rates analyzed had showed an apparent lack of urgency among the largest firms.

According to George Lee, Senior Vice President (Asia Pacific and Japan), Proofpoint, the firm releasing its data analysis findings, “the rising frequency, sophistication, and cost of cyberattacks make it especially concerning that many (Forbes Global 2000 firms analyzed) remain highly vulnerable, exposing them to significant risks from malicious email-based threats such as phishing. Prioritizing robust cybersecurity measures is essential to safeguard against these threats and protect customers’ valuable data.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

Outgrowing limited perimeter-based security, DAIKYO ascends to zero trust holistic identity security
Besides gaining improved incidence response, the firm and its subsidiaries has reported increased productivity and …Read more
CASE STUDIES: Insider Threat Detection & Response
Insider threats are on the rise, with 60% of data breaches involving insiders. Explore how …Read more
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Read more
Unlock Your Guide to Securing Business Critical Secrets
Is your organization effectively managing access to sensitive secrets like credentials, API keys, and certificates …Read more

Featured

Business resiliency in an AI-driven hybrid-cloud environment

Featured

2025 – The year of AI-powered threats?

Featured