This is the third installment in a series of regional explorations into the network threat landscape. After Europe and Asia-Pacific (APAC), we are examining the state of North American DNS security, looking at the results for this region where EfficientIP interviewed 300 different companies, as part of its annual Global DNS Threat Report.
A year of awakening to cyber threats
Cyber attacks from Russia, and high-profile attacks last year forced American and Canadian businesses to up their game. From WannaCry, NotPetya and Bad Rabbit, to Uber covering up a data breach, public and private sector companies are now looking for ways to avoid becoming the next cyber victim. More recently, the Facebook and Cambridge Analytica scandal raised even more awareness on the issue of data confidentiality and the best practice on how businesses protect personal data.
However, from our research cyber security best practices are not well integrated yet, as businesses’ reactions to mitigate attacks could be improved. Business continuity is not as well ensured in the US and Canada as in other regions. North American businesses should follow their European counterparts to reduce cloud service downtime and in-house application downtime.
North American businesses appreciate the importance of DNS
North American businesses’ sense of priorities is in order when it comes to protecting data confidentiality. Most of them have realized adding firewalls is not the best policy and understand the key role played by DNS in protecting their networks. EfficientIP research shows 37% of businesses in the region believe DNS analysis will help ensure data confidentiality in their networks, while 36% believed in securing network endpoints and only 23% in adding firewalls.
Furthermore, an average of 94% of North American businesses say DNS security is critical for their business, higher than Europe (87%) or APAC (91%). This shows businesses in the region understand the importance of DNS in monitoring network security. However, they still have a ways to go in grasping its business operational value.
North American businesses performed slightly better than other regions as they have been subjected to one less attack than other regions in the past twelve months, placing their average at seven attacks. This slight difference is also enhanced by the fact that the cost per cyber attack is lower in North America than in Europe and APAC. In the US, each dns attack cost companies an average of $654,000 in 2018, and that cost is even lower for Canada: $546,000. This compares very favorably to the more expensive global average of $715,000.
Education on best practices to mitigate an attack is needed
While grasping the importance of monitoring DNS is great, they still need to ensure business continuity and properly mitigate the attacks. North American businesses often take the wrong approach, playing right into the attacker’s hand. To mitigate the effects of an attack, an average 43% of North American businesses closed down specific affected processes and connections, which could have been the attacker’s goal all along.
Disabling applications in answer to an attack is another bad habit North American businesses need to shake. 34% of businesses in the region answered disabling some applications was the method they used to mitigate an attack and 26% of companies attempted to “block or throttle DDoS traffic”.
EfficientIP research shows less sensitive customer data (21%) and intellectual property (16%) were stolen from North American organizations compared with other regions. However, the US and Canada are more targeted by phishing attacks, as 38% of North American organizations were vulnerable to this type of attack in the past twelve months. This is much higher than the 33% observable in Europe.
Cloud downtime is a major issue for North American companies, as 44% listed they were impacted by cloud downtime as the result of a DNS-based attack. This is a far sight from the 34% of average cloud downtime in Europe. US and Canadian businesses need to put emphasis on protecting their cloud and other modern IT investments.
North American companies don’t yet seem to have adopted the right adaptive countermeasures to properly mitigate attacks. Business continuity is becoming severely affected, as legitimate users are being blocked, and applications being closed down. Not being able to ensure consumers an optimal experience or protect their data can inflict lasting brand damage and result in significant loss of revenue.
Want to get the facts on DNS security and data protection on a worldwide scale? Download the full 2018 Global DNS Threat report now.2018 Global DNS Threat report