ThreadStone Investigates the Security of Domain Names in the EU
ThreadStone has measured more than 18 million domain names of organisations in Europe on a number of basic security aspects. The company publishes the report with the results today.
Public sources on the internet searched for vulnerabilities in relation to the domain names of the organisations concerned. This approach does not require explicit prior permission from the company: after all, it concerns public information. The aim of the research is to create a qualitative picture of the cyber security of Europe, in which countries are compared in relation to each other.
Aspects that have been measured include whether the website does not spread malware or spam and whether visitors are sufficiently protected. With a reliability of 99% (an overall margin of error of less than 1%), the measurement shows that organisations in Belgium, Slovakia, the Netherlands, the Czech Republic, Denmark and Sweden score higher than the average of the 27 Member States. They score the best overall anyway. Organisations in the remaining 21 Member States score below average. The five countries that score the worst are Bulgaria, Italy, France, Greece and Croatia.
The results give cause for concern, also for the countries that score above average. An example is the measurement on the security of e-mail. More than 85% of organisations have not set up the e-mail protocols correctly, which can eventually lead to so-called spoofing (forgery / misuse of e-mail).
ThreadStone wants to repeat this measurement annually in order to gain insight into the development of digital resilience and cyber security at a European level. In addition, the results will be broken down per country and it is intended that more explanation can also be given, for example what the reason is that certain countries score better.
René van Etten, managing director of ThreadStone: 'Every organisation in Europe should receive a measurement with a report, in which its own vulnerabilities are made transparent. This, supported by understandable communication from a reliable, appealing source and any help to really remove identified vulnerabilities, can get entrepreneurs moving. With this first measurement and the resulting report, ThreadStone hopes that there will be better cooperation, especially with organisations that can reach and mobilise their members at sector level, country level or European level.'
ThreadStone is already working with a number of industry associations and Security Delta to offer sector-specific reports to entrepreneurs. The most important thing is that the reports do not have a commercial approach and should only serve to make the entrepreneur aware and to offer action perspective.
- - - - - - -
The full report (in Dutch) can be read via www.threadstone.eu/documents/Meting-van-de-beveiliging-van-domeinnamen-in-de-EU-221017.pdf