With the government making it clear that it is eyeing to further enhance the speed and availability of Internet connectivity, a top executive of an network security believes that the requirement to secure the general population becomes even greater today.
“Everything that we do in the DDI (DNS, DHCP, and IPAM) space is secure by its definition, and it has to be because these are the ‘keys to the kingdom’ for most organizations. Everything we do is firstly secure in of itself, but additionally, it provides security for the organizations that leverage our technology,” said newly appointed Infoblox VP for sales Paul Wilcox during a media briefing.
Since the launch of its first DNS (domain name system) appliance product, Infoblox has expanded into firewalls, threat intelligence, DDoS protection, and more recently, the BloxOne Threat Defense – a combination of DNS security, network security, and cloud security to protect against a range of cyber threats.
According to Wilcox, 80% of the major breaches that have taken place have exploited weaknesses in DNS security, either using it as a method to redirect people to malicious platforms, or as a transport mechanism to exfiltrate information from organizations.
“It’s really easy to do, and the reason why it’s easy is not because it’s technically easy, but because people don’t check it. People don’t analyze the traffic that’s going back and forth. It’s ‘just DNS,’ it’s just a thing that tells people where to go in the internet. We stopped that, we analyzed that traffic because of that knowledge, because of what we understand, and because of that, we effectively stop those major breaches very quickly,” he explained.
Ensuring the security of domain name systems (DNS) is critical to mitigating a range of security risks and preserving the availability and integrity of DNS services, this involves keeping DNS software updated, managing authorized users with administrative privileges, monitoring and controlling server traffic, implementing robust security protocols, and blocking access to malicious domain names.
“It’s still a little bit behind (PH’s maturity on DDI security versus regional peers), to be honest. I say that from a community perspective, not from a government perspective, the work that the government here in the Philippines is doing is actually ahead than most in the region,” he admitted.
Since DNS is a critical component of the internet infrastructure, the market for security solutions dedicated to this area is driven by the increasing number of cyberattacks that leverage DNS vulnerabilities, such as DNS cache poisoning, DNS hijacking, and DNS amplification attacks. As organizations become more aware of the risks associated with DNS attacks, they are investing in DNS security solutions to protect their infrastructure.
“Two things are really important to the Philippine government and community – increasing internet access and speed, and then securing that. Unfortunately, when you’ve got slow internet access, bad things happen. It does bring some new challenges, but I think the government’s in front of that, I think they’re already thinking about what challenges that brings. The more Internet we’ve got, the more we expose our vulnerabilities,” Wilcox continued.
A MarketsandMarkets study shows that the global DNS security market is expected to grow from $248.8 million in 2020 to $1.9 billion by 2025, at a compound annual growth rate (CAGR) of 50.2% during the forecast period.
The growth is primarily attributed to the increasing adoption of cloud-based DNS services, the growing number of internet-connected devices, and the rise of advanced persistent threats (APTs) that target DNS infrastructure.
Regarded by industry analysts such as Gartner and IDC as a leader in the DNS security market, Infoblox can deploy DNS security solutions whether on-premises, in the cloud, or in hybrid environments, providing organizations with the flexibility to secure their DNS infrastructure wherever it is located.
“Across the industry, here in the Philippines and in fact across all of Asia Pacific, there’s an apathy towards that vector (deployed via DNS) of attack, they don’t necessarily look at it as being concerning because it’s ‘just’ DNS. That’s the challenge that we’ve got,” he concluded.