How can DNS stop data exfiltration and the spread of malware?

Today, data exfiltration remains a top concern for many CISOs, but how can the use of Domain Name System (DNS) mitigate this threat?

How can DNS stop data exfiltration and malware spread?

According to a recent IDC report, worldwide spending on security-related hardware will reach $119.9 billion by 2021. Nevertheless, this overall increase in spending has not diminished the number of significant breaches reported almost every day.

As a result, IDC expects that the lost business from such attacks will become a more “tangible factor” over time. It is therefore integral that companies now focus on detecting threats early to diminish data exfiltration.

The challenge

Today, malware continues to infiltrate networks which results in organisations losing significant amounts of data. As the report notes, “ransomware attacks have proven to be extremely successful against large and small organisations alike.”

Companies now expect their security devices to “interoperate with each other” and ultimately share threat data. Security solutions must therefore be able to provide “correlation and context across a wider variety of vendors and environments.”

Although many companies have updated their security tools over the past few years, few are taking advantage of advanced technologies. While Domain Name System (DNS) remains a “core piece” of infrastructure, the vast majority of organisations frequently overlook its “ability to play a proactive part” in security.

The value of DNS

Although many companies use traditional approaches to detect data theft, pattern matching is inadequate when faced with modern attackers. However, more vendors are now realising the potential for DNS to provide “greater visibility into the network and to help in the early detection of malware.”

Unlike other security solutions like firewalls or SIEM, DNS security adds an additional layer of protection. In fact, implementing a secure DNS platform enables enterprises to detect malware activity before it spreads, block DNS data exfiltration, and keep sensitive data secure.

A DNS platform also uses data from core network services to help the security team prioritise its subsequent response. These core services thus provide data that, “when properly analysed and correlated with threat intelligence, will show evidence of an attack.”

Leaders in security Infoblox provide secure and resilient DNS, which allows enterprises to manage and automate all aspects of DNS using a purpose-built platform. The company’s secure DNS solutions therefore enables companies to “mitigate security challenges that arise from DNS-based threats.”

How important is AI in cybersecurity? Listen to our podcast with the Head of AI at Avast Security Rajarshi Gupta to find out