Trump administration to order agencies to adopt new email security standards

Jeanette Manfra, Acting Deputy Undersecretary for Cybersecurity at the DHS, testifies about Russian interference in U.S. elections to the Senate Intelligence Committee in Washington, U.S., June 21, 2017.

By Dustin Volz

WASHINGTON (Reuters) – The Trump administration on Monday will order federal agencies to adopt common email security standards in an effort to better protect against hackers, a senior Department of Homeland Security official said.

DHS Assistant Secretary for Cybersecurity Jeanette Manfra, speaking at an event in New York, said the agency would issue a binding directive to require implementation of two cyber security measures, known as DMARC and STARTTLS, intended to guard against email spoofing and phishing attacks.

The new requirements are “discrete steps that have scalable, broad impact” that will improve federal government cyber security, Manfra said.

DMARC, or domain-based message authentication, reporting and conformance, is a popular technical standard that helps detect and block email impersonation, such as when a hacker might try to pose as a government official or agency.

STARTTLS is a form of encryption technology that protects email traveling between servers, making it more difficult for a third-party to intercept.

 

(Reporting by Dustin Volz; Editing by Chizu Nomiyama and Bill Trott)