Cybersecurity is no longer optional, especially for public organisations. In addition to general measures such as encryption and access control, there are also technical layers of security that often go unnoticed but make a huge difference. Two of those are CSP and DMARC. What do these abbreviations mean? And why are they important? We’ll explain it simply.
What is CSP?
CSP stands for Content Security Policy. It’s a security measure that helps prevent cross-site scripting (XSS) and code injection attacks. These are techniques hackers use to smuggle malicious scripts into your website or platform.
What does CSP actually do?
CSP tells your website: “I only trust content from these specific sources.”
That means, for example, only scripts from your own domain may be executed, not from unknown or external sources.
Result: Even if an attacker manages to insert a piece of malicious code, the browser will block it.
What is DMARC?
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It’s a technique that combats email spoofing – something governments are frequently targeted by.
What does DMARC actually do?
DMARC ensures that emails sent in the name of your domain (e.g. cityname.be) are only accepted if they originate from a legitimate server. All others are rejected or marked as suspicious.
Result: It becomes much harder for scammers to send fake emails “on behalf” of your organisation.
Why are CSP and DMARC important for the public sector?
Public websites and email systems are popular targets. Think of:
- Phishing emails that appear to come from the municipality
- Malicious scripts on an event page
- Forms where personal data is misused
By implementing CSP and DMARC as standard, you can prevent these types of incidents. It’s no coincidence that both techniques are recommended under NIS2 and by authorities such as the Belgian Cyber Security Centre (CCB).
Paddle.be provides CSP and DMARC by default
If you're working with Paddle.be, you don’t have to worry about this. Our websites for public organisations include:
- A secure, customised Content Security Policy
- A properly configured DMARC record, aligned with SPF and DKIM
- Regular checks for updates, vulnerabilities, and misconfigurations
Also read: