On Tuesday, administration of the “.gov” top-level domain (TLD) was officially transferred to CISA. Organizations that qualify as a government entity but do not currently use a .gov TLD can be confusing to the public as to whether the website is legitimate. Reasons vary for why some government entities do not use a .gov. Often that reason is due to the cost of registering and maintaining .gov, especially for small municipalities. According to the release, cost is no longer a hinderance as, “.gov domains will be available at no cost for qualifying organizations.” While this action doesn’t guarantee absolute security (nothing does), it is a significant step toward maintaining the integrity of thousands of government services.
If your utility is recognized as a government entity and does not currently use a .gov TLD, consider reviewing the new requirements. Likewise, whether you pursue a .gov TLD or not, DOTGOV has provided a resource highlighting domain security best practices that should be referenced by all for secure domain management. Consider forwarding the domain security best practices to your domain/website administrator. For more on the new requirements and to register, visit DOTGOV.