Cybersecurity is on everybody’s mind these days, and people are beginning to realize that traditional security is simply not enough.
It appears as though people are beginning to think outside the box for different ways to protect themselves, including the experts who are searching far and wide for the right solution. At our recent visit to Gartner Security and Risk Management Summit 2018, we gained some key insights into how the approach to cybersecurity is evolving:
Nothing is a cure-all
The concept of a multi-layered cybersecurity strategy isn’t new, but there’s an air of “status quo” coming from too many companies’ multi-layered strategies lately. It’s why, when vulnerabilities like Meltdown and Spectre were discovered, a world’s worth of cybersecurity professionals entered a state of alarm. Deep down, everyone knew despite their many expensive layers of cybersecurity, there were – and still are – holes.
At Gartner, organizations showed they’re now approaching security in a more thorough way than the previous “as secure as the other guy” mentality. As Ozzie Nelson, BlueCat’s VP of Government Sales put it,
“Pretty much everyone we spoke to already had a layered security strategy but they all seemed to be looking to understand where there could be gaps, or find complementary solutions to what they already had.”
It’s why BlueCat’s DNS Edge product was so popular at the event. A favorite feature about Edge with our customers is that it enables cybersecurity teams to monitor entire corporate networks, to quicker detect anomalous activity. It also distils what is typically an unusable amount of DNS activity logs into useable, actionable information for not only incident response teams but for anyone invested in keeping internal data safe.
(P.S. You can learn how DNS Edge works here.)
Leaders are re-evaluating their security stack
No organization is perfect, but doing nothing about it means you’re a sitting duck in a virtual pond. Cybersecurity executives know this, and it’s why we saw many attendees at Gartner revising the strategic elements of their multi-layered security stack. It’s a sign enterprises are actively looking to fortify their cybersecurity postures.
Now, while helping organizations take fuller stock of their cybersecurity arsenal at GartnerSec, we found many leave their DNS an unmonitored hallway for threats to wander freely and undetected. That said, the questions that we were asked this week give us a lot of hope for the direction in which cybersecurity attitudes are heading. According to another BlueCat in attendance, Darren McPhee, Director Product Marketing,
“People seemed to get the idea of the value of DNS from a security perspective, but when you show them the granularity of visibility and the level of control we can provide, you could see some lightbulb moments.”
It’s very encouraging to see the shift in thinking towards leveraging DNS to help fortify cybersecurity posture; a proper, well-rounded approach will be the ideal defense against a magnitude of threats.
Even the best and brightest still have a lot to learn, but no time to learn it
Given that security evolves so darn fast, even cybersecurity’s best and brightest are finding themselves hanging on the edge of their seats (no pun intended). We had many incredibly qualified security experts stopping by our booth, prepared with questions that dug into the details of how DNS Edge helps with cybersecurity. Everyone that visited was ready to jump right into a Q&A about everything DNS, and we were there to deliver.
We often found ourselves explaining, and creating even more lightbulb moments as a result, that Edge gives organizations the control to reduce their attack surface by giving IT Ops and Security Architects the ability to enforce specific policies to control access to sensitive data. To further that, Edge’s smart analytics detect data exfiltration on networks, which it’s able to block before that data gets out. Should a breach occur, Edge’s full-network visibility also helps reduce response time by tracking a threat’s spread to other clients and data sources that need to be immediately be looked into.
So, what did we learn?
Overall, it’s pretty clear the intersection of DNS with cybersecurity was a hot topic at Gartner 2018 – and we think this is an awesome pathway towards the future. Organizations are aware of their need to get ahead of breaches and limit access to their network, and they’re now seeing the potential of using DNS data to investigate a breach. DNS is able to provide the answers to what’s going on both internally and externally on the network, while also reducing the amount of time it takes to remediate a breach. If you want to learn more about DNS Security, please take a look at BlueCat DNS Edge.
NSA and CISA: Protective DNS key to network defense
U.S. cyber agencies now point to protective DNS as a defense strategy, confirming what BlueCat already knew: DNS is critical to detecting network threats.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.
January 21, 2021: Learn more about how the SUNBURST/Solorigate malware exploited DNS to execute its attack.
Customer situation brief on SUNBURST/Solorigate
Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.