Avoiding the own goal in cybersecurity
A 2024 report shows that 68% of breaches involve a non-malicious human element, such as falling victim to social engineering
IN FOOTBALL, nothing stings quite like an “own goal” – when a player accidentally scores for the opposing team instead of defending against them. Having worn the blue shirt of Ipswich Town in the 80s, I felt for Harry Clarke watching his Premier League debut unfold. The young defender endured a day to forget: scoring an own goal, conceding a penalty and receiving a red card in our defeat to Brentford. For Clarke, it was a moment of despair. For the team, it was the turning point that cost us the game.
Like an own goal in football, most cybersecurity breaches frequently stem from internal mistakes. The 2024 Verizon Data Breach Investigations Report showed that 68 per cent of breaches involve a non-malicious human element, such as falling victim to social engineering or making a critical error. Internal security breaches, caused by misconfigurations, accidental clicks or a simple misunderstanding of processes, can give attackers opportunities to cause significant harm.
Targeting all business sizes
It’s a mistake to think that only big companies are targets for cyberattacks. Mid-size businesses are often lucrative targets as they have valuable data worth stealing; or are connected to targeted companies and people but often lack the strong security measures that larger companies have in place. This underscores the need for security that works, regardless of organisation size, even when people make mistakes.
We humans are often the weakest link in cybersecurity, and DNS (domain name system) is the entry point exploited by cybercriminals to gain entry into the organisation’s network. So, when a person accidentally clicks a phishing link, DNS facilitates the lookup to complete these malicious connections. Once this connection is validated, the malware downloads itself into the target device. This highlights DNS’s critical role as both a target for attackers and a key layer for securing network activity.
The attacker can now remotely control the device through command and control (C&C) and carry out other intentions such as data exfiltration. They may also abuse DNS channels to communicate with their C&C servers.
DNS as the foundation of security
Today, cybersecurity approaches tend to adopt a layered approach to defence. In doing so, they often overlook the most fundamental element of all network communications: DNS. This isn’t just another security layer, it’s the foundation that underpins all network activity, making it the most critical aspect of any defence strategy.
The modern network landscape has evolved dramatically from just five years ago. Today’s networks are teeming with billions of operational technology (OT) and IoT (Internet of Things) devices, each one a potential entry point for bad actors. Despite this complexity, they all share one common thread – they rely on IP addresses and DNS. This makes DNS the perfect layer to secure not just traditional IT assets, but the vast number of OT and IoT devices attached to our networks.
Advanced DNS security, such as Protective DNS, delivers critical visibility into your domain activity, and helps to secure user and device interactions. Once deployed, it enables security teams to identify patterns that signal potential threats, whether from an employee accessing a malicious site or an attacker exploiting a misconfiguration. Continuous monitoring detects anomalies, reducing the risk of human errors escalating into major incidents. Automated checks and alerts address vulnerabilities like misconfigurations before they are exploited.
Artificial intelligence-driven capabilities further enhance DNS insights, amplifying human efficiency. By leveraging predictive threat intelligence, advanced DNS solutions can block communication with malicious IPs long before attacks occur. This foresight allows organisations to pre-emptively neutralise threats, preventing malware downloads or data exfiltration attempts before they exploit vulnerabilities.
Paired with robust employee training on phishing, social engineering and password hygiene, DNS security becomes a powerful ally. This dual approach fosters a culture of vigilance, reduces strain on security teams, and stops attacks before they can start – creating a resilient, proactive defence.
Avoiding the own goal
In football, an own goal is a moment of heartbreak, often caused by a lapse in focus, miscommunication or a split-second error. Avoiding it requires more than individual skill – it demands teamwork, strategy and preparation.
The same principles apply to cybersecurity. The greatest threats to an organisation’s defences aren’t always external attacks but internal vulnerabilities, often stemming from inadvertent mistakes.
Ultimately, the aim isn’t just to protect the goal but to dominate the field. With a well-coordinated defence strategy, organisations can move beyond surviving cyber threats to being resilient and ready for any attack. By blending advanced technology with human awareness, businesses can ensure they stay on the winning side, leaving no room for own goals.
The writer is vice-president of Asia Pacific & Japan at Infoblox
Decoding Asia newsletter: your guide to navigating Asia in a new global order. Sign up here to get Decoding Asia newsletter. Delivered to your inbox. Free.
Copyright SPH Media. All rights reserved.
