{"id":285242,"date":"2026-07-03T04:01:00","date_gmt":"2026-07-03T08:01:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/07\/03\/government-and-healthcare-are-the-weakest-links-in-global-email-security\/"},"modified":"2026-07-03T06:35:10","modified_gmt":"2026-07-03T10:35:10","slug":"government-and-healthcare-are-the-weakest-links-in-global-email-security","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/07\/03\/government-and-healthcare-are-the-weakest-links-in-global-email-security\/","title":{"rendered":"Government and Healthcare Are the Weakest Links in Global Email Security"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/194677\/security\/government-and-healthcare-are-the-weakest-links-in-global-email-security.html?amp\">Government and Healthcare Are the Weakest Links in Global Email Security<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/194677\/security\/government-and-healthcare-are-the-weakest-links-in-global-email-security.html?amp\">https:\/\/securityaffairs.com\/194677\/security\/government-and-healthcare-are-the-weakest-links-in-global-email-security.html?amp<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-07-03 04:01:00<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p><h2>Government and Healthcare Are the Weakest Links in Global Email Security<\/h2>\n<\/p>\n<p>\t\t\t\t\t\t\t<span> Pierluigi Paganini<\/span><br \/>\n\t\t\t\t\t\t\t<span><img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> July 03, 2026<\/span><\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-7.png?fit=1022%2C612&#038;ssl=1\" alt=\"\"\/><\/p>\n<h2 class=\"wp-block-heading\">Government and healthcare sectors have weak email security. Many domains lack SPF, DMARC, DKIM, and MTA-STS, leaving them open to phishing attacks.<\/h2>\n<p class=\"wp-block-paragraph\">Comparitech analyzed live DNS records for 5,849 domains across 13 sectors and scored each one out of 8 points based on four standard email authentication protocols: SPF, DMARC, DKIM, and MTA-STS. The results aren\u2019t flattering. More than 8 percent of organizations had zero protection in place, and only 0.6 percent \u2014 33 domains out of 5,849 \u2014 scored full marks. That\u2019s 33 organizations out of nearly 6,000 doing everything right.<\/p>\n<p class=\"wp-block-paragraph\">Government came last, with an average score of 2.73 out of 8.<\/p>\n<p class=\"wp-block-paragraph\">\u201c121 out of the 452 domains we scanned had zero protections in place (27%)\u2013the highest of all sectors.\u201d reads the report published by Comparitech. \u201cNo government domains scored full marks, but three did score 7.5 \u2013 Australia\u2019s national science agency (CSIRO), the\u00a0Mila \u2013 Quebec Artificial Intelligence Institute\u00a0in Canada, and\u00a0The Alan Turing Institute\u00a0in the UK (also dedicated to data science and artificial intelligence).\u201d<\/p>\n<p><img data-recalc-dims=\"1\" fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"241\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-6.png?resize=1024%2C241&#038;ssl=1\" alt=\"\" class=\"wp-image-194682\" srcset=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-6.png?resize=1024%2C241&#038;ssl=1 1024w, https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-6.png?resize=300%2C71&#038;ssl=1 300w, https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-6.png?resize=768%2C181&#038;ssl=1 768w, https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-6.png?w=1027&#038;ssl=1 1027w\" sizes=\"(max-width: 1000px) 100vw, 1000px\"\/><\/p>\n<p class=\"wp-block-paragraph\">China\u2019s government domains averaged just 0.9, with 65 percent having no protection at all. France wasn\u2019t far behind at 1.4 average and 47 percent unprotected. The UK and US were the best performers in the sector, but even 17 percent of US government domains had zero protection \u2014 despite a Department of Homeland Security mandate requiring DMARC on all federal email domains.<\/p>\n<p class=\"wp-block-paragraph\">Healthcare providers ranked second-worst at 3.43. <\/p>\n<p class=\"wp-block-paragraph\">\u201c85 out of the 438 domains we scanned had zero protections in place (19%) \u2014 the second highest of all sectors.\u201d continues the report. \u201cFour domains scored full points. Three of these were part of the UK\u2019s NHS (NHS Blood and Transplant,\u00a0Manchester University NHS&#8230;<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/194677\/security\/government-and-healthcare-are-the-weakest-links-in-global-email-security.html?amp\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Government and Healthcare Are the Weakest Links in Global Email Security https:\/\/securityaffairs.com\/194677\/security\/government-and-healthcare-are-the-weakest-links-in-global-email-security.html?amp Publish Date: 2026-07-03&#8230;<\/p>\n","protected":false},"author":1,"featured_media":285243,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2026\/07\/image-7.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,25],"class_list":["post-285242","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/285242"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=285242"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/285242\/revisions"}],"predecessor-version":[{"id":285244,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/285242\/revisions\/285244"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/285243"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=285242"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=285242"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=285242"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}