It’s a great to see that both the US and Israel recognise the crucial role Domain Name System (DNS) data can play within an organisation’s security framework. The DNS is a goldmine of information with nearly all internet network traffic following through it, and therefore, can be used to aid security teams.
By monitoring DNS traffic, SOC teams can monitor and analyse the security posture of their organisation. The real-time analysis of DNS transactions can support critical infrastructure organisations detect the signs of DNS tunnelling, and ultimately, stop data thefts. For example, 26% of organisations believe that better monitoring and analysis of DNS traffic is the most effective way for preventing data theft from the network.
The push by international governments to include the DNS within security solutions is an important step in increasing the cyber resilience of organisations. However, this message must continue, as 25% of organisations still do not collect or analyse their DNS traffic, potentially allowing threat actors to remain hidden in their network until they cause untold damage.
In order for security teams to ensure that they are monitoring DNS traffic, organisations must implement purpose-built DNS security solutions. Through DNS security, businesses will have a real-time traffic analysis which can detect, and foil cyberattacks hidden in the DNS. Ultimately, DNS data can become a powerful ally for organisations when it comes to identifying threat indicators, understanding risk and preventing future cyberattacks.