Compliance
15 articles about Compliance
NIST DNS update: What this means for your organization
NIST SP 800-81 Revision 3 reframes DNS as an active security layer for the first time since 2013. Here's what changed and why it matters for DMARC, SPF, and DKIM.
Read moreCertificatesPKI ecosystem changes in 2026: what your team needs to know
2026 brings shorter certificate lifetimes, unmanaged private PKI, and looming post-quantum migration. A concise guide to the changes security teams need to plan for.
Read moreDMARC60% of the U.S. Northeast's top organizations are vulnerable to phishing
An analysis of 700 domains across seven Northeast U.S. states found that only 35% have reached full DMARC enforcement, with significant variation between states and industries.
Read moreComplianceActive Cyber Defence: Mail Check and Web Check transition with Ciaran Martin and Rahul Powar
NCSC switched off Mail Check and Web Check on March 31, 2026. Ciaran Martin and Rahul Powar discuss what UK public sector organizations should do next for email security visibility.
Read moreDMARC50% of Boston's top organizations lack full DMARC protection
Red Sift analyzed 99 domains from Boston's largest organizations and found nearly half (49.5%) haven't reached DMARC enforcement, leaving them open to spoofing and BEC.
Read moreDMARC43% of Washington D.C.'s top organizations vulnerable to phishing
Red Sift analyzed 100 domains from Washington D.C.'s largest organizations and found 43% lack DMARC enforcement — right where US cybersecurity policy is made.
Read moreDMARCOver a quarter of New York's top organizations still exposed to email spoofing
Red Sift analyzed 99 domains from New York's largest organizations. While 72.7% have reached DMARC enforcement, 27 domains remain exposed to email spoofing.
Read moreComplianceUK Cyber Action Plan sets the standard that private businesses must match
The UK Government's £210M Cyber Action Plan raises the bar for public sector resilience. CEO Rahul Powar argues private businesses must now mirror this approach.
Read moreDMARC52% of US insurance brokers remain vulnerable to email spoofing
52% of the top 50 US insurance brokers have no effective DMARC protection, leaving them vulnerable to spoofing and phishing in an industry built on client trust.
Read moreComplianceRed Sift on G-Cloud 14: Your trusted partner for the NCSC Web Check transition
NCSC discontinued Web Check on March 31, 2026. Red Sift ASM on G-Cloud 14 provides comprehensive attack surface management as the successor for UK public sector organizations.
Read moreDMARCFinding the right DMARC monitoring tool: A practical guide for security teams
A practical guide for choosing the right DMARC monitoring tool based on your organization's maturity — from basic reporting needs to full enterprise enforcement.
Read moreDMARCTop platforms for enterprise DMARC enforcement: Technical comparison for Security Leaders
A technical comparison of 7 enterprise DMARC platforms, evaluating automation, API integration, and time-to-enforcement. Red Sift OnDMARC leads with 6-8 week enforcement.
Read moreDMARCOver 40% of essential services companies remain vulnerable to phishing
Red Sift's analysis of 840 companies in chemical, energy, and water sectors found 42% lack DMARC protection, leaving critical infrastructure exposed to email threats.
Read moreEmail SecurityGmail's enforcement ramps up: What bulk senders need to know
Gmail is now rejecting emails from bulk senders who lack SPF, DKIM, DMARC, and one-click unsubscribe. Here's what to fix before enforcement hits your deliverability.
Read moreCertificatesHow to build an inventory of certificates for PCI DSS 4.0 Requirement 4.2.1.1
PCI DSS 4.0 Requirement 4.2.1.1 mandates a complete certificate inventory by March 2025. This guide walks through how to build and maintain one using automated discovery.
Read more