After a year of historic and high-profile cyber attacks, cyber security, including DNS, is top of mind for most business leaders.
Remote work has made DNS security more important than ever before and the DNS security market will only continue to expand as businesses build long-term solutions for work from anywhere and remote access to services post-covid amid increased security threats.
Going into 2022 and beyond, these five trends will have the most impact on the DNS Security market:
- DNS security will be particularly essential in healthcare as telehealth continues to grow post-covid and as privacy and security concerns increase
EfficientIP’s 2021 Global DNS Threat Report found that the healthcare sector is more vulnerable than other industries as it is the most likely industry to suffer application downtime, has the highest rate of compromised websites at 44% and the highest rate of brand damage at 31%. In addition, a quarter of healthcare organisations (23%) reported having sensitive information stolen as a result of DNS abuse.
Healthcare is an especially attractive sector for hackers, since patient and insurance data in circulation is highly sensitive. In addition, hospitals and medical facilities have large numbers of connected devices (IoT) in use, which for instance are used to monitor heart rates, dispense medication or perform diagnostics. These devices add a complexity to facilities networks which allows hackers to enter the network and damage the IT system more easily.
In 2022 the digitisation of the healthcare sector will continue to generate network complexity. In order to ensure the wellbeing of patients by avoiding disruption of sensitive workflows and protecting sensitive data, facilities will enhance countermeasures taken against any kind of attack, rather than just shutting down infrastructure or disabling the affected apps. Focus on Zero Trust strategy, of which smart DNS security plays a key role, will continue to grow. Filtering DNS requests more thoroughly early on in the traffic flow is an effective way to prevent unauthorized access from users or connected devices.
- Awareness of the criticality of DNS for business will continue to grow as a result of high profile attacks
The Facebook outage in early October 2021 expanded DNS security awareness across the globe as people sought to understand what could have caused the outage. Hundreds of articles and blogs written about the event highlighted the fact that any problem with DNS results in users not being able to access critical apps, services or websites which can seriously affect their ability to work or connect with each other.
This year, 87% of all companies surveyed in the Threat Report fell victim to DNS attacks underlining the central importance DNS should play in every cybersecurity strategy, regardless of an organisation’s size.
The criticality of DNS for business makes it an obvious target for cybercriminals. Impacts can be devastating, so more high-profile attacks are likely in 2022. Companies of all sizes across industries such as telco, retail and finance will continue investing in measures such as Zero Trust, threat intelligence and DNS traffic analysis. This will offer improved network and cloud security and a security architecture that mitigates attacks more quickly.
- Increased use of DNS security solutions as first line of defense against data exfiltration
Data exfiltration is a serious and growing threat to organisations that can directly impact a company’s reputation. In 2021, 26% of all companies surveyed by IDC reported instances of stolen customer information as a result of DNS attacks compared to only 16% in 2020.
Exfiltration can be implicated in many types of cybersecurity incidents such as DNS based ransomware attacks making it very common. It nearly always goes unnoticed by firewalls as they are incapable of performing the necessary context-aware analysis of traffic. This creates a growing demand for powerful security solutions.
In 2022, businesses will therefore increasingly use DNS as their first line of defence, allowing them to monitor IP traffic and better identify and prevent potential data theft. This way, companies will be able to close some of the significant security gaps that had been revealed in the course of the Covid-19 pandemic protecting their and their customers’ data.
- Challenges from hybrid working will create a need for improved multicloud management
In the transition to the hybrid working model, companies have needed to invest in multiple cloud platforms to support the increased need for data storage, online communication and collaboration, both in the office and remotely.
At the same time, many businesses are struggling with their multicloud projects, experiencing network misconfigurations and a general loss of control as they try to cope with multiple data silos, multiple access points, varied cloud APIs and skills shortages. Challenges arising from this include a lack of unified management, inconsistent or inaccurate configuration data, and an inability to drive one security policy across different cloud providers.
EfficientIP’s DNS Threat Report found that instances of cloud instance misconfiguration abuse increased by 77% from last year. In addition, DNS and IP address provisioning often lags behind compute and storage processes when rolling out compute cloud services, leading to delays in the rollout of applications and inconsistency of network policies.
As networks complexify, operational efficiency becomes increasingly dependent on cloud orchestration. For correct deployment, running and retirement of software-defined infrastructures components, the IP network is key, together with accurate consolidated data on IP resources. In 2022, businesses will rely more heavily on this “source of truth” data lake for bringing global visibility, centralized management and driving automation. This will in turn improve control and avoid application downtime and security risks associated with having multiple public and private clouds.
- Zero Trust strategies using Whitelisting will help reduce IoT security risks
In 2021, connected IoT devices have secured their place as a routine part of our lives, both in our homes and offices. These devices are required to be identified, inventoried, screened, managed and secured in order not to cause any problems to the rest of the IT ecosystem, or to the users or the organisation itself. Enforcing security via NAC (Network Access Control) is sometimes not an option as it can be complex and costly.
Security holes in IoT devices can be exploited by threat actors using them as attack vectors for DNS attacks. Therefore, Denial-of-service (DoS) attacks or DNS cache poisoning are commonplace creating a need for organisations to strictly control which parts of an enterprise’s infrastructure they are allowed to access.
As a result, organisations will likely make stronger use of Zero Trust approaches for their connected devices to ensure that IoT devices do not put the overall network security at risk. To ensure that businesses are able to manage the growing security threat posed by IoT devices in the future, they will increase usage of whitelisting, such as by leveraging smart DNS security solutions which offer strict filtering based on an “allow list” (whitelist): any DNS request will have to be for an explicitly known domain in order to be resolved. All other requests will be denied, offering stronger access control and an early security barrier.