Home / Industry

TLD Security, Spec 11 and Business Implications

After successfully securing your new TLD, launching it, and executing on your meticulously devised marketing plan, the only other concern you face is Security.

Unfortunately, predicting exactly when and to what degree a security threat will occur can be difficult but you can take steps to make your new TLD a source of legitimacy and credibility.

You may ask: Why security? One obvious reason: Specification 11. As part of the ICANN Registry Agreement, registry operators are required to analyze and report on the security threats posed to their TLDs. To satisfy the requirement, you need to detect whether domains in your namespace are being used to perpetrate security threats.

Beyond Spec 11, there are substantial business reasons to make your TLD a safer neighborhood on the net. Abusive registrations and compromised domains hurt the reputation of your brand.

Your TLD is your brand. Malware and phishing are threats to its reputation, and abusive registrations and compromised domains hurt its value. As part of your brand, all the more reason to make it a safe and secure haven — and a trusted destination — for your customers.

Abuse can harm the growth of your business. Often brands site the damage to customer trust and their brand as the prevailing outcome of a security incident.

Making your TLD more secure sends a positive message. Taking action to protect the businesses and consumers within your namespace is a strong and positive message that resonates in today's business climate.

"Managing abuse in your namespace and meeting Specification 11 requirements is a valuable way for registry operators to distinguish their TLD," said Sean Baseri, a TLD security expert and registry security program manager for Neustar. "We've seen just how critical it is to include the detection of threats in our TLD services, which is why we offer it to our customers at no charge."

Bill Doshier, President of dotStrategy who runs .BUZZ, immediately realized the importance of leveraging automated tools and security investigators to identify and investigate malicious activity.

"Delivering a clean namespace and protecting our customers as well as the .BUZZ brand is of utmost importance to us," states Bill Doshier. "I know I can rely on our registry partner to conduct the technical analysis to assess security threats in accordance with ICANN Specification 11," he adds.

How do you make your namespace more secure from phishing sites, or sites that distribute malware or bots? Baseri suggests an ongoing effort that includes detection of security threats.

Detection. Reports from your customers and affected companies are a valuable source of intelligence. To gain better visibility, you can also actively monitor available sources of information about security threats, such as information from private security organizations and Internet, and external security data feeds from the information security community.

Investigation. After you've identified a site that may be a source of a security threat, you should verify it before taking any action. If a site is involved in a security threat, keep in mind that the site's owner may not be participating. A skilled attacker can compromise a legitimate website without the owner even knowing it. Often, notifying the registrar, who can contact the registrant, is a good next step.

Finally, make sure you document the actions and steps you took in order to create the necessary reports for ICANN, should they request them.

The only thing tougher than getting a new TLD is everything after. Neustar can help with everything after. Learn More


About Neustar – Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. Learn More

Related topics: Cybersecurity, Domain Names, ICANN, Malware, Registry Services, Top-Level Domains


Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper

DNS Security

Sponsored by Afilias

IP Addressing

Sponsored by Avenue4 LLC


Sponsored by Verisign

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Promoted Posts

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell blocks as small as /20s. more»

Industry Updates – Sponsored Posts

Radix's .TECH, .STORE, .ONLINE and .FUN Get Approval from the Chinese Government

Join Neustar's Town Hall Meeting and Help Shape the Future Of .US

Domain Registrations Reach 331.9 Million, 6.7 Million Growth Year over Year

.brands Spotlight: Banking and Finance Industries

Google Buys Business.Site Domain for 'Google My Business'

Radix Announces Global Web Design Contest, F3.space

Global Domain Name Registrations Reach 330.6 Million, 1.3 Million Growth in First Quarter of 2017

.TECH Gets Its Big Hollywood Break

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

UDRP: Better Late than Never - ICA Applauds WIPO for Removing Misguided 'Retroactive Bad Faith'

The Rise and Fall of the UDRP Theory of 'Retroactive Bad Faith'

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years