---
title: "Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption | DMARC Report"
description: "Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption from DMARC Report explains practical steps for email authentication, domain."
image: "https://dmarcreport.com/og/blog/senate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption.png"
canonical: "https://dmarcreport.com/blog/senate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption/"
---
Quick Answer
MTA-STS (RFC 8461) enforces TLS encryption on inbound mail delivery. Without MTA-STS, SMTP connections can be downgraded to plaintext by a man-in-the-middle attacker even when both sides support TLS. DMARC Report Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption
Related: [Free DMARC Checker](/tools/dmarc-checker/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fsenate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Senate%20Campaigns%20Unprotected%2C%20Enterprise%20SaaS%20Risks%2C%20US%20launches%20encryption&url=undefined%2Fblog%2Fsenate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fsenate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fsenate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption%2F&title=Senate%20Campaigns%20Unprotected%2C%20Enterprise%20SaaS%20Risks%2C%20US%20launches%20encryption "Share on Reddit") [ ](mailto:?subject=Senate%20Campaigns%20Unprotected%2C%20Enterprise%20SaaS%20Risks%2C%20US%20launches%20encryption&body=Check out this article: undefined%2Fblog%2Fsenate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption%2F "Share via Email")
> DMARC monitoring should be as routine as checking your inbox, says Adam Lundrigan, CTO of DuoCircle. The aggregate reports tell you exactly who sends email from your domain. If you’re not reading them, you’re flying blind on your own email security posture.
MTA-STS ([RFC 8461](https://datatracker.ietf.org/doc/html/rfc8461)) enforces TLS encryption on inbound mail delivery. Without MTA-STS, SMTP connections can be downgraded to plaintext by a man-in-the-middle attacker even when both sides support TLS. DMARC Report
Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-17201” readonly/>
```
```
[Cyber awareness](https://medium.com/@ananthvishnu/cyber-security-awernesscyber-security-awareness-bd4e41035462) is no longer a luxury in today’s time. It does not help you stand out in the crowd but, in fact, enables you to safeguard your \*\*brand, employees, and personal data from threat actors. It is an ultimate necessity to familiarize yourself with the cybersecurity landscape if you wish to stay at par with the sophisticated [cyberattacking attempts](https://www.securitymagazine.com/articles/100335-cyberattack-attempts-increased-104-in-2023).
_That’s exactly why we bring you a set of significant and relevant news snippets every week that will inform, educate, and prepare you to combat threat actors and their sly attempts_.
Without much ado, let’s get started with today’s bulletin!
## 75% of US Senate campaigns lack DMARC protection!
DMARC tools are one of the most efficient tactics for preventing [phishing and spoofing](https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html) attempts. They ensure that emails are sent out from \*\*authenticated domains only. Any email sent from a suspicious, unauthenticated origin is simply [flagged as spam](https://techxplore.com/news/2020-03-facebook-bug-flagging-spam.html). If your website is not utilizing DMARC email protection, it will be exposed to significant [cyberattacks](https://www.firstpost.com/world/us-election-foreign-interference-risk-highest-in-final-48-hours-microsoft-president-tells-senate-panel-13816866.html), putting your [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) at risk.
Now, the biggest cause of concern is that the majority of [US political campaigns](https://www.usatoday.com/story/money/2024/08/13/kamala-harris-article-google-ads/74789965007/) lack **DMARC authentication**, thereby affecting the security of hundreds and thousands of voters and election staff. Every day, multiple emails are sent out to potential voters, staff, donors, and so on. Without DMARC protection , it is impossible to ensure if the recipient is receiving a genuine email or a malicious one intercepted by a [threat actor](https://www.msspalert.com/news/fbi-blocks-chinese-threat-actors-menacing-u-s-critical-infrastructure) during the transmission.
In the absence of [DMARC](https://dmarcreport.com/) email protection, the risk of data compromise increases manifolds. Vital information like donor data, voter details, campaign strategies, etc., can be compromised. This may further hamper the US elections by creating a lack of trust among the public.
Experts believe that it is impossible to steer clear of [domain spoofing](https://www.bleepingcomputer.com/news/security/fbi-warns-of-recently-registered-domains-spoofing-its-sites/) and [phishing attempts](https://www.utilitydive.com/news/utilities-on-high-alert-as-phishing-attempts-cyber-probing-spike-related-t/573698/) without DMARC protection. They have urged authorities to take immediate remedial steps and implement DMARC as soon as possible to \*\*safeguard presidential campaigns as well as the common people and their [sensitive data](https://www.prnewswire.com/news-releases/dig-security-state-of-cloud-data-security-2023-report-finds-exposed-sensitive-data-in-more-than-30-of-cloud-assets-301902104.html).
## 49% Of Enterprises are unaware of the lurking SaaS risks!
The [SaaS industry](https://www.fintechfutures.com/2024/05/new-us-paytech-fractal-launches-with-aim-to-become-saas-companies-preferred-payment-method/) is booming right now. From large corporate sectors to small businesses, SaaS is prevalent everywhere. But, with the advent of SaaS, the chances of cyberattacks have increased to a great extent. Business enterprises can easily choose multiple \*\*SaaS tools to enhance their productivity, output, and efficiency. However, there are SaaS risks that these organizations must always keep in mind.
While contending for **speed and excellence**, these enterprises often put \*\*cyber safety on the back burner. The in-house [cybersecurity](https://dmarcreport.com/blog/major-cybersecurity-trends-that-will-reign-in-2024/) teams don’t really get a say in choosing the right SaaS tools based on the level of vulnerability . Also, they keep grappling with the ever-changing shifts from one software to another. The leadership often considers security as something that hinders or slows down a company’s growth. _On the other hand, the struggle faced by the in-house security department and the lack of budget often create a sense of chaos and confusion, leading to poor cybersecurity mechanisms_.
Many organizations don’t realize that frequently changing and deploying SaaS tools without consulting [cybersecurity experts](https://www.abcactionnews.com/news/local-news/cybersecurity-expert-urges-consumers-to-take-precautions-after-massive-data-breach) can leave the whole company **vulnerable to major threats**.
Around 31% of organizations suffer [data breaches](https://securityintelligence.com/news/national-public-data-breach-publishes-private-data-billions-us-citizens/), and the majority of these attacks are because of SaaS security. The lack of \*\*two-factor authentication caused the notorious [Snowflake breach](https://www.darkreading.com/threat-intelligence/snowflake-account-attacks-driven-by-exposed-legitimate-credentials). On the other hand, the [Sisense supply chain breach](https://cyberscoop.com/sisense-supply-chain-breach/) was also caused by insecure [SaaS ecosystems](https://www.techtarget.com/esg-global/research-report/securing-saas-ecosystems/).
Addressing SaaS security is the need of the hour. This requires leveraging SSPM solutions\*\*, instilling a proactive mindset, setting out clear policies, and spreading cyber awareness.
## US launches 3 much-awaited encryption algorithms to heighten cyber protection!
A \*\*US-based government lab has launched three much-awaited [encryption algorithms](https://www.geeksforgeeks.org/encryption-its-algorithms-and-its-future/) to tackle cyberattacks. _The encryption standards were released to combat the increasing risk of cyberattacks due to the development of quantum mechanics_.
As per the experts, quantum technology can help with major **scientific and economic opportunities**. But at the same time, it enhances the risk of [cyber threats](https://www.ncsc.gov.uk/news/five-eyes-cyber-leaders-provide-threat-briefing-at-major-us-conference). The rapid development of quantum mechanics can even eradicate the current encryption tools. The [National Institute of Standards and Technology](https://www.techopedia.com/definition/4509/national-institute-of-standards-and-technology-nist) (NIST) has warned against quantum computing devices that can break encryptions in the future and threaten the privacy and security of organizations, brands, individuals, and even nations.
The \*\*NIST has requested cybersecurity firms to adopt the three newly launched encryption standards as soon as possible. All three encryption have been approved by the [Federal Information Processing Standards](https://utimaco.com/service/knowledge-base/americas-compliance/what-are-federal-information-processing-standards-fips). The fourth standardized encryption algorithm will be launched later.
_Quantum mechanics, if managed tactfully, can open up an entirely new world of beaming opportunities_. The only thing one should be mindful of is **quantum-safe solutions**. To secure your data and money, you need to play it safe and cautiously when it comes to [quantum mechanics](https://en.wikipedia.org/wiki/Quantum%5Fmechanics).
## Topics
[ DMARC ](/tags/dmarc/)[ email security ](/tags/email-security/)[ News ](/tags/news/)
[ Brad Slavin ](/authors/brad-slavin/)
General Manager
Founder and General Manager of DuoCircle. Product strategy and commercial lead for DMARC Report's 2,000+ customer base.
[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[ Foundational 4m Alternatives to DMARCLY's Blog Section for Learning About Email Authentication and DMARC Nov 6, 2023 ](/blog/alternatives-to-dmarclys-blog-section-for-learning-about-email-authentication-and-dmarc/)[ Foundational 4m Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[ Foundational 4m Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested Jul 18, 2024 ](/blog/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption","description":"Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption from DMARC Report explains practical steps for email authentication, domain.","url":"https://dmarcreport.com/blog/senate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption/","datePublished":"2024-10-24T11:56:45.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-10-24T11:56:45.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://dmarcreport.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/senate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption/"},"articleSection":"foundational","keywords":"DMARC, email security, News","wordCount":1083,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Senate Campaigns Unprotected, Enterprise SaaS Risks, US launches encryption","item":"https://dmarcreport.com/blog/senate-campaigns-unprotected-enterprise-saas-risks-us-launches-encryption/"}]}
```