Email remains one of the most exploited channels for cyberattacks. As cyber threats evolve, so too must the tools we use to protect against them. One of the most powerful standards in email security – DMARC (Domain-based Message Authentication, Reporting, and Conformance) – is undergoing a major evolution. The proposed update, known as DMARCbis, is a revised version of the original DMARC standard (RFC 7489) and is working its way through the IETF standardization process. This deep dive will review the DMARCbis specification from both technical and strategic angles, explain how it improves upon the original DMARC protocol, compare it with other email authentication methods (SPF and DKIM), and discuss what businesses should know as they prepare for this next era of email security.
From PKI to Crypto-Agility: Building a Maturity Model for Digital Trust
Digital transformation has dramatically increased the number of identities organizations must secure - users, devices, applications, APIs, and workloads. At the heart of this trust ecosystem lies Public Key Infrastructure (PKI). But PKI alone is no longer enough. As highlighted in Excedo’s perspective on digital trust, certificate automation has become a business imperative, not just an IT improvement. With certificate lifespans shrinking and threats evolving rapidly, organizations must move beyond managing certificates to becoming crypto-agile. This blog explores what crypto-agility means, why it matters, and how organizations can evolve through a structured maturity journey.
Digital Trust Starts with PKI: Why Certificate Automation Is Now a Business Imperative
Digital trust underpins every modern business interaction, from customer-facing services to internal systems and partner integrations. At the core of this trust lies Public Key Infrastructure (PKI) and the certificates that secure communication and verify identities. Yet, as digital environments grow more complex and certificate lifecycles continue to shrink, many organizations still rely on manual management processes. This creates hidden risks that can lead to unexpected outages, security gaps, and operational disruption. For business leaders, this is no longer just a technical concern - it is a matter of resilience, revenue protection, and maintaining customer trust. Automation is rapidly becoming essential to gaining control, reducing risk, and ensuring continuous digital operations.
Disruption Beats Registration: How £1 UK Companies Enable ASN Abuse at Scale
Cybercrime does not scale because attackers are sophisticated. It scales because the infrastructure they depend on is easy to obtain, cheap to operate, and even easier to replace. The industry has already learned this lesson at the domain level. Weak identity controls enabled large-scale abuse. The response was clear: blocking alone does not work. Real impact comes from disrupting infrastructure at the source. Now the same pattern is repeating itself - one layer deeper. Autonomous System Numbers (ASNs) and IP address allocations are increasingly being used as the foundation for resilient cybercrime infrastructure. And the entry point is not technical, It is administrative.
Disruption beats listing: Why domain takedowns and enforcement stop cybercrime at the source
Phishing and domain-enabled fraud are not “edge cases” in today’s threat landscape - they are a primary entry point. reports that phishing remains the dominant initial intrusion vector in Europe, accounting for 60% of cases in the reporting period covered by the ENISA Threat Landscape 2025. Against that backdrop, most organisations still rely heavily on passive controls: email filtering, URL reputation checks, and third‑party abuse lists. These controls matter - but they do not end the threat. They flag malicious infrastructure; they do not remove it.
Enforcing DMARC with p=reject: A Strategic Imperative for Email Security in the Enterprise and Public Sector
In today’s evolving cyber threat landscape, email remains the most exploited attack vector. Business Email Compromise (BEC), phishing, spoofing, and impersonation attacks continue to surge, targeting enterprises, customers, and supply chains alike. As organizations strengthen their perimeter defence’s, securing the email channel has become not just a compliance requirement - but a critical business enabler. This is where DMARC (Domain-based Message Authentication, Reporting & Conformance) plays a pivotal role.
DMARCbis: The Future of Email Authentication — What You Need to Know
As cyber threats evolve, so too must the tools we use to protect against them. One of the most powerful standards in email security - DMARC (Domain-based Message Authentication, Reporting, and Conformance) - is undergoing a major evolution. The proposed update, known as DMARCbis, is a revised version of the original DMARC standard (RFC 7489), currently working its way through the IETF standardization process.
Strengthening the Email Ecosystem: Outlook’s New Requirements for High-Volume Senders
In today’s digital world, email remains one of the most widely used - and most targeted - communication channels. To combat rising threats like phishing, spoofing, and spam, Microsoft Outlook is rolling out new authentication requirements for high-volume senders (defined as those sending over 5,000 messages per day). These changes aim to create a more trustworthy and secure email ecosystem.
Google makes branded emails more accessible with Common Mark Certificates (CMC)
Google has made email branding more accessible for organisations of all sizes by introducing Common Mark Certificates (CMC) as an alternative to Verified Mark Certificates (VMC) for BIMI implementation. This change allows organisations to display their logo in Gmail inboxes without the need for trademark registration, significantly reducing the cost and complexity of enhanced email security.
Long-Term Email Security: The importance of continuous DMARC Compliance Management
Setting up a DMARC policy is not a one-time task. To stay safe from threats in the long-run, organizations need to continuously manage their DMARC policy to ensure all domains are covered and properly protected. Just as organizations continuously change and evolve, so must DMARC.
What is BIMI and why it's important for your brand
BIMI (Brand Indicators for Message Identification) is a way to quickly show email recipients that emails actually originate from your organization. It allows you to add your brand logo to all outgoing emails so recipients can trust that they come from you and not a malicious third party.
Email Security and NIS2: Why the Public Sector needs DMARC for NIS2 Compliance
The requirements of the NIS2 Directive are extensive and address many different aspects of digital security, including email security. For organizations to meet the email security standards set by NIS2, they need a correctly configured DMARC policy.
Why implementing DMARC for all your domains matters
Implementing a DMARC policy for very small organizations is not too complex. Generally, one just needs to ensure it is implemented correctly for a single domain. However, for larger organizations, with multiple domains and email systems, it is much more complicated.
Making the Internet Safer: Google and Yahoo enhance Email Security
The default settings of most major email providers have for a long time not been enough to stop email threats from reaching inboxes. But that is now changing with Google and Yahoo's new email security requirements, including the mandatory implementation of DMARC.
What is DMARC and why you need it to keep your emails safe
A DMARC (Domain-based Message Authentication, Reporting, and Conformance) policy is a key part of organizational email security. It prevents email threats from reaching your employees and users, and it is now a requirement by major email providers like Gmail and Yahoo.
Corporate Address
Jan Stenbecks torg 17
164 40 KISTA
SWEDEN
Quick Links
Resources
About
