Home / News / DHS Reports Increasing Agency Compliance With Email Security Directive

DHS Reports Increasing Agency Compliance With Email Security Directive

Thomas McDermott, the Department of Homeland Security’s deputy assistant secretary for cyber policy, recently said that more and more federal agencies are complying with the requirements of Binding Operational Directive 18-01, Federal News Network reported Tuesday.

The DHS issued BOD 18-01 on Oct. 16, 2017, requiring government agencies to implement a variety of cybersecurity policies including Domain-Based Message Authentication, Reporting and Conformance, an email security protocol.

DMARC makes it difficult to carry out email spoofing attacks by helping validate the authenticity of an incoming message. The protocol can block messages that fail the validation process and generate reports about such incidences.

An agency is in full compliance with BOD 18-01 if it has set DMARC to automatically block fake emails and has enabled the automatic transmission of reports to the DHS.

McDermott admitted that agencies adopting DMARC would not eliminate email-based attacks or threats.

Nevertheless, taking such steps have “meaningfully reduced exposure and risk to individual agencies, to the federal enterprise, and to the larger ecosystem,” McDermott noted.

Check Also

FCC Opens New Office With Economics, Analytics Focus; Ajit Pai Quoted

The Federal Communications Commission established a new office to apply economic and data analysis on policy formation activities. The agency said Tuesday, its new Office of Economics and Analytics will consist of commission economists, as well as former staff of the now-defunct Office of Strategic Planning and Policy Analysis, OEA's predecessor.