Security News > 2021 > April > Domain Name Security Neglected by U.S. Energy Companies: Report
A majority of the largest energy companies in the United States appear to have neglected the security of their domain names, according to CSC, a firm that specializes in securing online assets.
The data covers the 30 biggest U.S. companies that produce and deliver energy.
Specifically, CSC found that nearly 80% of energy firms don't use registry locks, which can prevent domain name hijacking and unauthorized changes to DNS. More than two-thirds of the analyzed domains are registered with consumer-grade registrars instead of enterprise-grade registrars, which typically provide better security.
The overall findings are in line with data from a global report released last year by CSC. That report showed that only 10% of global energy companies used registry locking, only 2% used DNSSEC, only 19% used a corporate domain registrar, and 41% used DMARC. CSC has also shared some recommendations on what companies should look for when choosing an enterprise-grade registrar.
"To manage a domain name portfolio, company's need to work with a provider that has invested in protecting its own systems," the company said.
"With all of the cyber security threats today, not only does a good domain name registrar need to have the right technology-to protect itself and client companies from a data breach-but it also needs best-in-class operations practices that put security at the forefront of its mission, and in how it engages with its clients."