IT disaster recovery, cloud computing and information security news

Daisy

88 percent of financial services organizations experienced DNS attacks in the past 12 months: survey

The financial services sector is the most targeted industry, according to the EfficientIP sponsored IDC Infobrief 2019 Global DNS Threat Report, with 88 percent of financial services respondents experiencing under-the-radar DNS attacks in the past year.

With 904 respondents from nine countries across North America, Europe and Asia, the report found that financial services organizations experienced an average of ten attacks a year, a 37 percent increase from last year. In addition, 47 percent of financial services organizations were subject to DNS-based phishing scams.

Last year, a single DNS attack cost each financial services organization $924,390. This year the research shows that each FS organization on average spent $1,304,790 to restore services after each DNS attack, the most out of any sector and an increase of 40 percent.

Rising costs is only one of the consequences DNS attacks caused for the financial services sector. The most common impacts included cloud service downtime, experienced by 45 percent of financial organizations, and in-house application downtime (68 percent).

While 65 percent of financial organizations are either already using or planning to incorporate zero trust architecture, they still appear to be behind the curve when it comes to making use of DNS analytics for enhancing overall network security. Just over 67 percent perform no DNS traffic analysis for their internal threat intelligence program, and 43 percent have adopted very little or no automation at all in their network security policy management.

On the positive side, financial services organizations do see real value in using machine learning to bring predictive security into their capabilities. 90 percent of respondents see this as particularly useful for detecting unknown (zero-day) malicious domains.

The research was conducted by IDC from January to April 2019. Respondents included CISOs, CIOs, CTOs, IT managers, security managers and network managers.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.