Lack of functional ownership over domain and external DNS security, combined with a lack of unified control systems to enforce DNS security policies are the top factors that expose your company and customers to external DNS vulnerabilities. In this paper we discuss:
- Introduction: DNS Threat Vectors
- Domain & External DNS Network Management Risk
- Why Your Enterprise is Exposed | What will Happen
- Business and Customer Impacts and Costs
- DNS Research: Frequency & Business Impacts
- CONCLUSION | THE CISO DIRECTIVE
Introduction: DNS Threat Vectors
First let’s clarify the focus of this brief. DNS threat vectors exist in two primary buckets.
Inbound DNS Threats to Internal Networks
Threats related to inbound DNS traffic are designed to attack the business through data exfiltration, establish command and control, compromise systems or make DNS inoperable.
These threats can be addressed by various types of blocking and traffic analysis services to identify abnormal traffic patterns in the DNS and then prevent traffic from penetrating and
compromising internal systems.
External DNS Network Threats and Causes
Threats related to an organization’s external DNS network can include DNS hijacking, social engineering, or phishing as first strike vectors to execute any sequence of subsequent cybercrimes.
These threats exist due to management gaps in DNS system change controls and security policy enforcement. It persists due to a lack of visibility, controls, and automation to ensure
DNS hygiene. These threats can be mitigated by service providers who provide control systems to empower IT to Get and Keep control
In this brief, we discuss the external DNS Network threats and causes that will impact the
enterprise, supporting third party research and a conclusion summary with a recommended
CISO Directive to keep your company and customers safe.
Domain and External DNS Network Management Risk
Two factors over all others place the enterprise and its customers at risk.
Lack of Ownership
When domains and DNS zone files are ungoverned without end to-end ownership and enforced security policies, you are likely exposed. Functional teams may all be stakeholders; however,
domains and DNS are often managed in silos without clear oversight and ownership. Since the DNS underpins the entire digital footprint and service delivery network, it is critical to have
clear ownership inside the organization.
Lack of Digital Control Systems
Where domains and DNS zones are not managed under a centralized control system, your business is likely exposed. DNS network security exposure and change management compliance gaps are generally unaddressed. This is recognized by security experts as a material risk, necessitating action to Get and Keep control over the long-term.
Lack of clear internal ownership and digital control systems combine to represent a material risk to the enterprise. At the same time, exploits targeting enterprise external DNS are escalating.
Exposures: Why Your Enterprise is Exposed | What Will Happen
The exposures below are based on real-life DNS audit data Authentic Web has audited on
large enterprise external DNS networks. To learn more about the audit findings, watch the
webinar: Enterprise DNS Audit Results Revealed
Why Exposed
Lack of clear internal ownership, governance, and digital control systems.
What Will happen
DIGITAL OUTAGE | BRAND IMPERSONATION | RANSOMWARE | THEFT OF PERSONAL IDENTIFIABLE | INFORMATION | CREDENTIAL THEFT | DDOS