The EU’s NIS 2 Directive is reshaping the cybersecurity landscape by imposing stricter requirements on essential and important sectors to strengthen resilience against cyber threats. Infoblox, underscores why companies need to prioritize DNS to comply with NIS 2 and protect their operations.
Why DNS Matters for NIS 2:
- DNS as a Critical Service: DNS underpins all digital operations, from internal workflows to customer-facing services. The NIS 2 Directive underscores the need for resilient critical services such as DNS to ensure service continuity during cyberattacks or technical failures.
- DNS as a Threat Vector: DNS is a frequent target for attackers who exploit vulnerabilities to execute data exfiltration and use fraudulent lookalike domains to increase the success of their phishing campaigns. Poorly configured external authoritative domains are unfortunately common leading to threat actors hijacking legitimate domains as part of their campaigns. Horrid Hawk is just one example
- DNS as a Cybersecurity Control: Protective DNS services are expected to feature prominently in ENISA’s best practice guidance, as they can block access to malicious domains, detect spoofing attempts, and mitigate the risk of data breaches. With many governments implementing protective DNS services and with the EU’s own DNS4EU project, DNS has now become a foundational element of most cyber security architectures.
Likely Best Practices for DNS Security and ENISA
Infoblox expects ENISA, tasked with defining standards for NIS 2 compliance, to prioritize:
- Resilient DNS Architectures: Building redundancy and fault tolerance into DNS systems.
- Mitigation of exploitation of the DNS protocol: Ensuring DNS systems can prevent data loss over DNS and instituting a robust set of requirements to secure authoritative domains from threat actor exploitation
- Protective DNS Services: Blocking connections to malicious domains and providing visibility into suspicious DNS activity through the use of DNS based threat intelligence on existing DNS platforms.
NIS2’s current guidance references the US Chamber of Commerce’s NIST Special Publication 800-81. This document provides guidance on DNS and DNS security best practices and is being updated in collaboration with global experts. Organizations should prepare to integrate DNS security into their broader cybersecurity strategies in anticipation of the recommendations that will come from ENISA’s best practices guidelines. Stay ahead of the curve by exploring how DNS security can enhance compliance strategies and protect operations.
Mohammed Al-Moneer, Sr. Regional Director, Middle East, Africa & Turkey, Infoblox, said “DNS security always was a critical pillar in safeguarding the digital infrastructure of organizations, particularly in the face of rising cyber threats. As the EU’s NIS 2 Directive sets the standard for resilience, organizations in Middle East, Africa, and Turkey must recognize the criticality of DNS in maintaining continuity and compliance. With increasing reliance on digital services, DNS has become a prime target for cybercriminals, making robust security measures imperative. At Infoblox, we see the growing need for resilient DNS architectures and protective services, which are not just an EU concern but vital for organizations across our region as well. As cyber threats evolve, DNS security will be a foundational element in building the resilience required for NIS 2 compliance and beyond.”
