Protecting DNS traffic is critical to brand protection

10th December 2018


Simon Whitburn
Senior Vice President Cyber Security Services

In the digital age, trust is everything. If consumers can’t trust you with their data they will happily go elsewhere. Time and again we see instances of huge, household name brands that lose credibility, and subsequently customers, as a result of high-profile data breaches.

As the data lost in these cases is often highly sensitive and/or personal, the emotional impact on customers can be all the higher. The backlash is quick and telling. Take the case of BA, which recently suffered a large-scale data breach: the carrier has seen ten points fall off its YouGov BrandIndex score, which measures whether someone has a positive or negative impression of a brand.

This year the stakes have been raised. Not only is brand value at risk but, thanks to GDPR, businesses that process the personal data of EU citizens now face fines of as much as 4% of global turnover in cases of data-loss. Combined, brand damage and regulatory fines resulting from cyber attacks could well spell the end of even the biggest brands.

A troubling threat environment

That’s why the rapid increase in data attacks makes for such worrying reading. Globally the average number of focused cyber attacks per organisation has more than doubled this year. And according to  Ipsos Mori research, 68% of large and 66% of medium enterprises in the UK experienced data breaches last year. Significantly, organisations with personal data on their systems were more susceptible to threats (51% vs. 46%). It’s little wonder, therefore, that enterprises are ramping up investment in cyber security tools. Indeed, the global cyber security market is booming; forecast to reach $96 billion this year.

Threats you might miss

As organisations build their cyber defences, they need to ensure there are no hidden surprises. One blind spot that cybercriminals are increasingly looking to exploit lies in the Domain Name System (DNS) layer – the part of the network that enables corporate systems to communicate with the public internet. DNS traffic is often overlooked by security administrators who whitelist DNS traffic and thereby create a backdoor into the enterprise for cyber criminals. The scale of the threat is huge: 77% of businesses faced DNS attacks last year, with the average cost per attack increasing 57% year-on-year.

Significantly, 33% of businesses were victims of data theft as a result of DNS attacks. Securing the DNS layer is therefore critical to mitigating risk and protecting the corporate brand and reputation. Firewalls and access management aren’t enough: businesses need to embrace new threat detection tools to identify and shut down attacks the moment they occur.

A new approach to protection

At Nominet, we asked ourselves: could we look at this problem differently? We looked at the field of acoustics and how they address finding anomalies amongst a sea of data and noise. We also turned to data science and data compression technologies to solve the ‘big data’ challenge that comes with analysing DNS traffic in real time. We found that by treating DNS traffic as soundwaves, as opposed to flat data sets, and by developing unique compression algorithms and smart heuristics, we were able to detect and shut down threats – both known and unknown.

Without introducing any network delays, every DNS packet is inspected for any signs of abnormal or suspicious characteristics and flagged for appropriate action. It brings a level of intelligence and automation to network threat detection and response that would have been impossible just a few years ago.

The digital age has brought with it unprecedented opportunities for enterprises – and unprecedented threats.

The old security approaches are no longer enough, and the consequences of catastrophic data breaches are much more severe than in the past. To protect their brands and keep customers on side, firms need to ensure they are investing in the right areas and, for me, that means investing in a capability to inspect and protect the corporate network from the worst of the internet.

DNS threat management is the new frontier of cyber security and will provide organisations that deploy appropriate solutions the highest levels of protection.

Discover more and book a meeting with our Cyber Team at RSA Conference in March.

Like this? Try these...