Regulators Strike A Different Cybersecurity Tone
Barracuda Networks, Tuesday, June 3rd, 2025
A directive issued by the Federal Trade Commission (FTC) that requires GoDaddy to improve the security of its hosting services suggests the Federal government is getting more prescriptive about the guidance being provided to the private sector.
After a series of breaches stretching back as far as 2018, the FTC at the beginning of this year accused GoDaddy of violating Section 5 of the FTC Act for failing to implement standard security practices on customers' websites despite touting 'award-winning security.'
The FTC as part of a settlement has now issued an order that specifically requires GoDaddy to designate one person to be in charge of an information security program, adopt a security information event management (SIEM) or some other tool that provides near-real-time analysis of security events, create a system of audit logs, address authentication issues with certificates, private-public key pairs, or similar technologies, and implement multifactor authentication for employees, contractors and third-party affiliates.