editor ’ s question
WHAT ARE THE CHALLENGES AND PITFALLS CIOS
MAKE WHEN DESIGNING THEIR NETWORK SECURITY ?
? etwork security
N management may involve a wide variety of security tools for both hardware and software . Network security becomes more important as networks become more complex and enterprises become more reliant on their networks and data to conduct business . Methods for enforcing security should strive to evolve as networks and attack methods do so , and aim to prevent breaches by limiting risk on the network .
EfficientIP , a leading provider of network security and automation solutions specializing in DDI ( DNS- DHCP-IPAM ), recently announced the results of its 2021 Global DNS Threat Report . The annual research , which was conducted in collaboration with leading market intelligence firm , International Data Corporation ( IDC ), sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic .
In the UK , the damages stemming from each attack saw a marked decrease by 27 % from the year prior ; damages in 2021 were £ 530,659 (€ 596,083 ), while damages in 2020 were an average of £ 729,131 (€ 819,024 ). This was the strongest decrease globally . The UK companies in the survey reported an average of 5.78 attacks in the last year , which is also the lowest average reported ( the highest number was 7.74 in Canada ).
In terms of regional damage from DNS attacks , Europe suffered an average of £ 662,271 (€ 743,920 ) per attack . This is a slight increase by 3 % from the year prior .
Globally , nearly 90 % of organisations ( 87 %) experienced DNS attacks , with the average cost of each attack around £ 693,507 (€ 779,008 ). The report shows that organisations across all industries suffered an average 7.6 attacks this past year . These figures illustrate the pivotal role of DNS for network security , both as a threat vector and security objective .
The 2021 DNS Threat Report has found that throughout the past year during the pandemic , attackers have increasingly targeted the cloud , profiting from the reliance on off-premise working and cloud infrastructures . Around a quarter of companies have suffered a DNS attack abusing cloud misconfiguration , with almost half of companies ( 47 %) suffering cloud service downtime as a result of DNS attacks .
Although the cost and variety of attacks remains high , there is a growing awareness of DNS security and how to combat these attacks .
76 % of respondents in the report deemed DNS security a critical component of their network architecture . Additionally , the report found Zero Trust is evolving as a tool to protect networks in the remote era . 75 % of companies are planning , implementing or running Zero Trust initiatives and 43 % of companies believe DNS domain deny and allow lists are highly valuable for Zero Trust for improving control over access to apps .
The DNS Threat Report finds solutions considered most effective by organisations for preventing theft includes : securing network endpoints ( 31 %) and better monitoring threat and analysis of DNS traffic ( 26 %).
“ While it is positive that companies want to use DNS to protect their increasingly remote workforces , organisations are continuing to suffer the costly impacts of DNS attacks ,” said Romain Fouchereau , Research Manager European Security at IDC . “ As threat actors seek to diversify their toolkits , businesses must continue to be aware of the variety of threats posed , ensuring DNS security is a key priority to preventing these .” www . intelligentciso . com
27