TL;DR: Phishing accounts for 91% of cyberattacks, and SPF, DKIM, DMARC, attachment controls, and gateway-based encryption are now baseline requirements for reducing spoofing, malware delivery, and compliance exposure, according to GlobalSign’s podcast discussion. The governance lesson is that email trust must be treated as layered identity and control assurance, not a single filter decision.
NHIMG editorial — based on content published by GlobalSign: an article on email authentication, phishing resistance, and encryption controls
By the numbers:
- 91% of all cyberattacks begin with a phishing email.
Questions worth separating out
Q: How should security teams implement SPF, DKIM, and DMARC across a large enterprise?
A: Start by mapping every legitimate mail sender, including third-party platforms and application services, then publish aligned SPF, DKIM, and DMARC records for the domain.
Q: Why do phishing emails still succeed even when organisations have security gateways?
A: Security gateways reduce risk, but they do not remove trust exploitation or user action from the attack path.
Q: What do security teams get wrong about email attachment filtering?
A: They often treat attachment filtering as a binary block list instead of a content-risk control.
Practitioner guidance
- Enforce SPF, DKIM and DMARC across every sender Inventory all systems that send mail on behalf of the domain, including SaaS platforms, marketing tools, and transactional services.
- Restrict risky attachments by default Block or transform high-risk file types unless there is a documented business requirement.
- Centralise certificate and encryption management Use gateway-based certificate handling for S/MIME or similar email encryption patterns where possible, especially in BYOD or distributed environments.
What's in the full article
GlobalSign's full article covers the operational detail this post intentionally leaves for the source:
- Specific implementation guidance for SPF, DKIM, and DMARC across sending systems and mail gateways
- Practical examples of attachment filtering and file conversion patterns for common business email workflows
- Gateway-based encryption and certificate handling details for organisations with BYOD or distributed endpoints
- The article's discussion of how major mailbox providers are changing email delivery expectations
👉 Read GlobalSign's article on SPF, DKIM, DMARC, and phishing resilience →
SPF, DKIM and DMARC: are your email controls keeping up?
Explore further
Email authentication is now identity governance, not just mail security. SPF, DKIM, and DMARC are often discussed as transport controls, but the article shows they are really controls over domain trust and sender legitimacy. That matters because spoofing attacks abuse the same trust assumptions that IAM tries to harden elsewhere. Practitioners should treat domain authentication as part of identity assurance across the communication stack.
A question worth separating out:
Q: Who is accountable when spoofed email leads to fraud or data loss?
A: Accountability sits across security, messaging, and business owners because the failure usually spans domain configuration, user trust, and process design. The practical test is whether the organisation can show that sender authentication, message policy, and approval workflows were all enforced before the incident.
👉 Read our full editorial: E-mail authentication gaps are driving phishing risk in enterprises