These Countries Take Gold, Silver and Bronze In Email Authentication 

Given the world is currently competing for gold, silver and bronze, Red Sift has taken a similar approach to see how certain countries compete when it comes to levels of email authentication. 

The Competition 

This year’s Summer Games have cybersecurity teams across the world on high alert, as threat actors leverage phishing, hacktivism, malware and exploitation to wreak havoc. While cyber defenders prepare for a wide variety of attacks, two strategic plays exist to fortify their cyber resilience strategies: DMARC and BIMI. 

“The 2024 Summer Games in Paris presents prime opportunities for the gamut of threat actors seeking profit, fame, or national advantage. Competing teams as well as cyber defenders must understand the pressing threats to maintain resilience during the games. Defenders need to be prepared for a wide range of attacks, from low-level scams and DDoS attacks to doxxing against athletes and ransomware targeting critical infrastructure. It’s the Summer Games of cyber defense,” says Sean Costigan PhD, Managing Director of Resilience Strategy, Red Sift.

The Warmup 

DMARC stands for Domain-based Message Authentication, Reporting & Conformance. It’s an outbound email security protocol that allows domain owners to take back control of their email identity by telling receiving inboxes to reject spoofed emails.

DMARC allows domain owners to obtain visibility to email services that are sending on their behalf, and to block unauthorized senders. DMARC stops impersonation, by telling recipient servers not to accept any emails which aren’t authenticated to have come from you. So, bad actors cannot use your domain to send phishing emails and carry out Business Email Compromise (BEC).

BIMI (Brand Indicators for Message Identification) was introduced in 2021 and allows businesses to show their brand logo in the avatar slot of emails they send. BIMI can only be implemented and honored for organizations that have a DMARC enforcement policy of quarantine or reject at the root level and for all subdomains.

To completely take advantage of the benefits of BIMI logo display in email clients, companies must obtain a Verified Mark Certificate (VMC) from an approved certificate authority such as Entrust for their primary/corporate domain. This is the last mile, so to speak, and rewarded gold amongst the judges. 

The Games

For our purposes, the competing teams will be large public companies by country, as measured by the Fortune 500, (i.e. large public companies in France), and the events will be varying levels of email authentication – DMARC Reporting, BIMI Ready, and BIMI with VMC.  

  • DMARC Reporting:  These domains have started their DMARC implementation but have not yet progressed to a policy that is secure enough to qualify for BIMI.
  • BIMI Ready:  These domains have the DMARC policy required to deploy BIMI
  • BIMI with VMC: These market leaders have completed all the steps above and have obtained a Verified Mark Certificate for their registered trademarks.

Using proprietary data from Red Sift’s BIMI Radar, based on an analysis of 2,380 domains, Red Sift has unveiled the readiness of countries globally to see who is best prepared to combat the cyber threats carried out at the Summer Games. 

DMARC Reporting 🥉

  • Gold – Japan 50%
  • Silver – Italy 46.15%
  • Bronze – Turkey 39.18%

BIMI Ready 🥈

  • Gold – Netherlands 64.36%
  • Silver – UK 62.5% 
  • Bronze – Australia 59.8% 

BIMI with VMC 🥇

  • Gold – US 11.96%
  • Silver –  India 10.47%
  • Bronze – Canada 6.19%

*Red Sift is not affiliated, associated, authorized, endorsed by or in any way officially connected to the 2024 Summer Games.

PUBLISHED BY

Red Sift

7 Aug. 2024

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Winter wins: Red Sift OnDMARC wraps up 2024 as a G2 DMARC…

Francesca Rünger-Field

The season of giving has brought us another reason to celebrate! Red Sift OnDMARC continues its winning streak in G2’s Winter 2025 report, earning Leader status in the DMARC category for another consecutive season. This recognition reflects our strong market presence and the unwavering satisfaction of our customers. Cheers to wrapping up 2024 on…

Read more
AI

Text classification in the age of LLMs

Phong Nguyen

As natural language processing (NLP) advances, text classification remains a foundational task with applications in spam detection, sentiment analysis, topic categorization, and more. Traditionally, this task depended on rule-based systems and classical machine learning algorithms. However, the emergence of deep learning, transformer architectures, and Large Language Models (LLMs) has transformed text classification, allowing for…

Read more
Security

How to drive cybersecurity as a top business priority

Jack Lilley

Everyone has a role to play in protecting the enterprise. Whether you’re shaping strategy or implementing solutions, aligning efforts to mitigate critical risks ensures a stronger, more resilient enterprise. If you missed Red Sift’s recent webinar on “From Data to Buy-In: Driving Cybersecurity as a Top Business Priority” we’ve got you covered. The session…

Read more
DMARC

BreakSPF: How to mitigate the attack

Red Sift

BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like…

Read more