Sign in
  • Home
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Support
Request phishing analysis
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Get started for free
  • Support
  • Sign in
Check to see if you’re protected
☰
Check to see if you’re protected
Share this article
Related posts
  • Blog
    Research: Only 22 of the top 100 retailers are protected by DMARC
  • Blog
    DMARC authentication gets you the deliverability you deserve
  • Blog
    How vulnerable are U.S. election operations to email spoofing?
Valimail blog

What’s the real value of DMARC?

Author: Valimail
The real value of dmarc

There are a lot of initiatives that fall on your team’s shoulders, so I’m sure there’s the question in the back of your mind: Is DMARC worth the effort it takes to implement at p=reject? Like many security initiatives, there are risks and costs that come from hypothetical scenarios. But email authentication with DMARC is unique: In addition to closing an attack vector (exact-domain phishing attacks) and reducing hypothetical costs,  DMARC also produces real cost savings and revenue enhancement.

Recent studies by the Global Cyber Alliance and Forrester highlighted some of the cost benefits associated with DMARC at enforcement. It’s the first time we can clearly see some independently verified numbers on the benefit of DMARC.

Check out our full DMARC ROI infographic for the details in an accessible, visual form — and feel free to share this infographic on your own blog or social media posts!

And now, let’s talk about the options for implementing and maintaining a DMARC strategy.

Implementation:

Getting DMARC to a policy of enforcement is notoriously tedious. It’s different for every team, so instead of diving into cost, let’s look at the implementation timeline and risks for various scenarios.

DIY: For implementing DMARC in-house, our research shows that it generally takes 12+ months on average. And that’s with 2-3 dedicated employees. Even with the most talented employees, there are limitations presented by the standards, like the SPF 10-Domain Lookup Limit. Other risks include misidentifying or missing senders (blocking good email) or misconfigured SPF or DKIM records.

Consultative: Working with a consultant or a first-generation (reporting-only) DMARC vendor still leaves the pressure on your team to complete the real work. That generally takes about 9-12 months. Since they have some technology and expertise, the risk associated with the program decreases, but the limitations with the standards do not. That creates an additional maintenance issue for the 1-2 employees it will take to manage the implementation and upkeep.

Automation (this is what Valimail does): A truly automated solution can achieve protection in about 4 months on average. Because of the automated service identification and configuration, not only is the risk eliminated, but it takes less than 20% of a dedicated employee’s time to help confirm which services should or should not be authorized.

Regardless of the path you choose, if you are certain that all senders have been identified and configurations are done and managed correctly, there is very little risk associated with implementing DMARC to a policy of enforcement.

Note: These numbers are based on public DNS records scanned by Valimail. You can find more custom DNS research here.

Assessing the Risks

Business email compromise (BEC) is a very real problem that DMARC at enforcement reduces. The FBI estimatesthat BEC attacks accounted for $12.5 billion in costs worldwide over 5 years.

  • 45-75 BEC attacks/year directed at the average company
  • 5-15 percent of BEC attacks use exact-domain spoofing
  • More than 50 percent of companies saw their domains impersonated in Q3 2018 in order to launch phishing attacks against employees

If you’re unlucky enough to have BEC impact your organization, the associated costs will be significant.

Taking a variety of research sources into account and modeling the risks of BEC, the Global Cyber Alliance estimates that millions are lost annually from BEC attacks. 5% – 15% of these attacks can be stopped by DMARC at enforcement. For a large enterprise, that amounts to $302,000 – $1.3M per year:

  • assuming that only 1% of BEC emails lead to some kind of user action (clicking on a link, dialing a fraudulent phone number, etc.), leads to costs of $302,000/year.
  • If the BEC action rate grows to 5%, the cost for an enterprise is $1.3M/year.

A layered defense to email security is necessary to address the remaining percentage of attacks.

Reputational cost/risk:

Even if the attackers don’t succeed, the reputational damage can impact your revenues.

  • The monetary cost of reputational damage from cybersecurity incidents is $8,000 to $240,000 per incident.
  • Customers are 42% less likely to engage with a brand after being phished

The Value of DMARC at Enforcement

Let’s say your business never get attacked or has a breach. Lucky you! But you are still missing out on the monetary benefits associated with email authentication with DMARC.

  • Forrester estimates that, for a typical large enterprise, DMARC at enforcement leads to savings of $2.4M/year. This benefit comes from:
    • An increased return from customer engagement with outbound emails
    • reduced need for customer support
    • lower cost of cybersecurity insurance
  • The average customer deploying DMARC at enforcement sees a 5 to 10 percent increase in deliverability for marketing emails.
    • With a mail volume of 100,000 messages/month and average deliverability of 80%, that translates into 4,000 – 8,000 more email messages that make it to your prospects’ inboxes every month.

And these are annual, recurring benefits.

Depending on the implementation method you choose, it may take a bit longer to recoup your investment. No matter which method you choose, a longer timeline and employee costs with cut into your ROI. And for every year that you do not have a DMARC enforcement policy, you’re leaving money on the table.

However, If you can get DMARC done quickly and correctly, the value will always outweigh the risk for years to come.

Don’t miss our DMARC ROI infographic that summarizes all this data!

Back to blog
Published January 24, 2019
  • Cybersecurity
  • DMARC
  • Email Authentication
  • Phishing
  • ROI
Author: Valimail
Valimail is the global leader in zero-trust email security. The company’s full line of cloud-native solutions authenticate sender identity to stop phishing, protect brands, and ensure compliance; they are used by organizations ranging from neighborhood shops to some of the world's largest organizations, including Uber, Splunk, Yelp, Fannie Mae, Mercedes Benz USA, and the U.S. Federal Aviation Administration. Valimail is the fastest growing DMARC solution, with the most domains at DMARC enforcement, and is the premier DMARC partner for Microsoft 365 environments. For more information visit www.valimail.com.
Resources
Top retailers remain vulnerable to email brand spoofing
Learn more
Email security with Microsoft and Valimail
Learn more
Election email security
Learn more
Email fraud landscape, Summer 2020
Learn more
Preparing for BIMI: A Marketer’s Guide
Learn more
Latest news
Trump’s refusal to concede the election is creating an opening for cy...
Learn more
2020 General Election Results to Directly Impact Tech Industry
Learn more
Why Email Is Still an Election Day Disinformation Risk
Learn more
US elections are still vulnerable to email spoofing
Learn more
Security Gaps Persist, Report Warns, After U.S. Blames Iran In Election Sch...
Learn more
Press releases
Valimail Triples Customer Base, Becomes Top Global DMARC Provider in 2020
Learn more
Valimail: 2020 election infrastructure still vulnerable to email hackers
Learn more
Valimail Announces Selection by ASG for Anti-Phishing and BEC Protection
Learn more
Valimail DMARC Monitor and Valimail Enforce Now Available in the Microsoft ...
Learn more
Valimail Research Finds More Than 1 Million Domains Using Crucial Email Aut...
Learn more
Follow us
Contact us

P: 888.354.6179
E: info@valimail.com

Headquarters

180 Montgomery Street
20th Floor
San Francisco, CA 94104

Valimail Mountain Office

1550 Larimer Street
Suite 271
Denver, CO 80202

Request a full phishing analysis
© Valimail
  • Terms of use
  • Privacy Policy
  • Website terms of use
  • Do not sell my personal information
  • Phishing Analysis
  • Domain Checker
  • Products
  • Enforce
  • DMARC Monitor
  • Instant SPF
  • Amplify
  • Solutions
  • Anti-phishing
  • Brand protection
  • Compliance
  • Government
  • Marketing
  • Microsoft
  • Shadow IT
  • About
  • News + awards
  • Partners
  • Team
  • Careers
  • Industry leadership
  • Customer support
  • Learn
  • Resources
  • Blog
  • Customers
Subscribe to our newsletter

Get exclusive content on improving email security and deliverability from the experts at Valimail.

  • *
    I understand that I may proactively manage my preferences, or opt-out of Valimail communications at any time using the unsubscribe link provided in Valimail email communication. I confirm that I am over the age of 16. The information that you provide will be used in accordance with the terms of our Privacy Policy.
  • This field is for validation purposes and should be left unchanged.