Stop the Bleed: U.S. Companies Hemorrhage Costs When It Comes to DNS Security

U.S. businesses need a tourniquet. Fast.

According to our annual Global DNS Threat Report, which looks at the cause and effect of DNS attacks on businesses across the world, companies continue to fall down on DNS security, suffering countless attacks that ultimately are costing millions. At this rate, organizations are literally bleeding out – losing money, data, time, reputation and more.

The most recent study, which is in its fifth year and was conducted in partnership with IDC, revealed that worst trends in the report’s history. In particular, the average cost of a DNS attack in the U.S. tops out at over $1.27 million, the second-highest worldwide. Almost half (48%) lose over $500K and close to ten percent lose over five million – every single time they experience a breach. In today’s cut-throat world of digital transformation and profit and revenue squeezes, can any business can afford this?

The shocking part, besides financial loss, is the damage caused before a repair is made. The majority of U.S. organizations took over one day to resolve a DNS attack. Can you imagine part of your business being offline for over eight hours?

In most instances, in-house applications (65% of the time) were the most affected, crippling businesses when it comes to conducting day to day transactions. For example, if a large manufacturing company loses access to supply chain management application, a chain reaction is set into motion set off that can affect an entire company – its suppliers, and customers. Or, imagine a state’s Department of Corrections, it may have a set of proprietary applications that safety control doors. Public safety could be at risk if these fail.

The survey also revealed breakdowns in other business-critical services, too. In 41% of cases in the U.S., cloud services became unavailable and in 44% of cases, attacks compromised a company’s website. A loss of business and brand damage both occurred in over one-quarter of the cases and in 13% of the time, sensitive customer information or intellectual property was stolen.

While attacks don’t discriminate by industry, some are worse than others. In particular, financial services, healthcare, and retail topped the list of most targeted sectors, which is likely due to the type of customer data these organizations house – personal and financial information. Globally, government organizations reported the largest amount of sensitive information stolen and took the longest to fix the issue, with nearly one-third reporting it took almost an entire workday (eight hours) or more to resolve the attack, and 70% took two days or more to install a security patch. That’s hours and hours of extreme vulnerability.

So why are businesses continuing to fall down on DNS security? First, an astounding number of organizations in the U.S. (over one third according to the report) think that protecting DNS is only of moderate importance, but the reality is that DNS is critical to service continuity and security. The bottom line is that when the DNS is impacted, so is your entire network, including access to all of the applications that run your business.

Secondly, internal threat intelligence based on real-time analysis of DNS transactions isn’t properly in place. Perimeter network security isn’t enough, everyone inside and outside the organization must be seen as a risk, so this is where adopting a zero-trust strategy is critical. While research indicates that 48% of businesses are planning to implement a zero-trust architecture and a similar proportion are utilizing predictive analytics, there is a lot of room for improvement. In particular, only 13% of U.S. companies have adopted automation for their network security policy management. Automating is one of the only ways companies can keep their security policies up to date in a constant evolving cybersecurity landscape.

The U.S. economy is already on shaky ground with recent tariff-driven trade wars and slowed growth rates. Businesses can’t afford to hemorrhage money when their financial future could be uncertain. Awareness of the critical importance of DNS security is a place to start, followed by a move to a more proactive approach versus reactive. The wounds are already deep, but closing them up with measures involving automation, policy control and enhanced threat intelligence at the DNS level will help keep companies solvent in the future. Otherwise, the bleeding will continue.