Email Security Blog

Beyond DMARC: What It Really Takes to Ensure Email Security

Ramon Peypoch December 11, 2019 Business Email Compromise, DMARC
DMARC for Email Security

As important as Domain-based Message Authentication, Reporting & Conformance (DMARC) is to the fight against Business Email Compromise (BEC) and other advanced email threats, it’s really just the first piece of the email security puzzle. And it certainly won’t cut it alone.

Don’t get me wrong. We’ve talked a lot about just how vital DMARC is to stopping email-based impersonation attacks. When properly implemented, this standard email authentication protocol ensures only authorized senders can use an organization’s domain name for sending emails.

Without it, cybercrimals are free to spoof or hijack domains for use in phishing attacks targeting an organization’s customers, partners, or other unsuspecting consumers and businesses.

But as imperative as it is, DMARC isn’t enough on its own.

DMARC is Just the Beginning

Just look at the state of email security today.

Despite the wealth of new technologies and attack vectors at cybercriminals’ disposal, email phishing remains one of the most effective tools in the fraudster’s arsenal. Instead of slowing down, BEC scams are on the rise, accounting for more than $26 billion in losses since 2016, according to the FBI.

That’s why it’s imperative for companies in every vertical to have the most robust email security possible. DMARC is certainly part of that equation. But it’s important to note that while DMARC protects an organization from being impersonated in email attacks, it does little if anything to defend against incoming phishing emails that impersonate outside individuals and organizations.

On that score, employee training plays an important role in helping to spot incoming phishing emails. But the sheer volume and velocity of new attacks mean education will only get you so far.

Technical security controls can help flag many suspicious emails, especially those that leverage malicious links or content. But cybercriminals have devised sophisticated approaches to ensure their fraudulent emails bypass those controls with troubling ease.

Needed: Advanced Threat Protection

In the face of these challenges, some organizations are finding they need to take a more modern approach to filling out the rest of the email security puzzle. Particularly promising: advanced threat protection solutions that leverage data science and threat intelligence to stop sham emails from ever reaching employees.

Because they model trusted, authenticated email behaviors between individuals and organizations, this kind of advanced threat protection has been shown to detect incoming email impersonation scams with high efficacy.

Yet even that may not be enough – no security solution is effective 100% of the time. That’s where the next piece of the puzzle—an advanced incident response solution—comes into play.

The Importance of Automated Incident Response

According to the Incident Response Consortium, an incident response plan is crucial to fending off any cyberattack. While you do everything you can to prevent criminals from accessing your data, it’s how you respond to attacks that do successfully evade your defenses that can mean the difference between a minor problem or a costly disaster.

As it stands now, hackers spend an average of 200 days inside breached systems before they’re discovered. Let that one sink in, and you’ll realize why incident response is of the utmost importance.

But it’s crucial that automated incident response solutions employ continuous detection and response technologies that can detect latent threats post-delivery, and instantly recognize and remove emails that match the newly discovered threat indicators from all employee inboxes.

In deployments, these solutions have been shown to dramatically accelerate breach response times and prevent fraudsters from enjoying weeks or even months of unfettered access to valuable corporate data. As a result, security operations centers are able to work more efficiently. And organizations are better able to avoid what is now an average $8.19 million in breach-related losses.

All the Pieces Improve the Picture

The basic point here is that there is no single solution to ensure email security. Yes, DMARC is one important component. But successfully protecting your company from BEC scams, phishing attacks, and other advanced email threats takes a multi-pronged approach.

By implementing advanced email threat protection to keep the bad guys out, and an incident response solution to quickly deal with the few who do get through, a growing number of organizations are solving the email security puzzle.

To learn more about going beyond DMARC with advanced threat protection and automated incident response, visit

Agari Blog Image

April 27, 2022 Monica Delyani

5 Big Myths about DMARC, Debunked

With email attacks contributing to billions of lost dollars each year, a growing number of…

Computer Showing Secure Email Server

March 9, 2022 John Wilson

Securing Your Email with DMARC

Understanding the What, How, and Why of DMARC You probably already know this, but it…

Agari Blog Image

December 16, 2021 John Wilson

Common Phishing Email Attacks | Examples & Descriptions

What does a phishing email look like? We've compiled phishing email examples to help show…

Agari Blog Image

December 8, 2021 John Wilson

What Is Email Phishing? [How to Protect Your Enterprise]

Phishing emails can steal sensitive data and cost companies' reputation. However, protecting a company from…

Envelope with skull and cross-bones

December 1, 2021 John Wilson

Identifying and Mitigating Email Threats

Email  threats are ever evolving, and it’s important to stay up to date. Here are…

mobile image