Dave Piscitello, Dr. Colin Strutt, and Lyman Chapin of the Interisle Consulting Group released a report (click here) on 28 June 2021 looking at the adverse and costly consequences of domain abuse for enterprise brands. They explore how domain names can be incorporated into an enterprise risk management planning and execution lifecycle.
The report states that there is an overemphasis on attack response and underemphasis on pro-active, preventative measures to detect, identify, and mitigate threats before an attack can occur.
This biases decision making and adversely influences enterprise risk management, which is intended to ascribe value to assets, assess threats, estimate the cost to the organisation should the assets be lost, and then identify security measures that can prevent threats from being realised through exploitation and attack.
Brands should start by quantifying the losses or harms stemming from attacks that exploit domain names registration services and the Domain Name System directly, utilising published cyber risk trends analyses prepared by insurers such as Alllianz. The report highlights common issues and highlights that domain security adoption is low; however, it is not clear if this data includes enterprise domain names that are parked or not used vs critical domain name names?
In post posts, brandsec has summarised vulnerabilities and attacks and recommended preventative measures (see here).
Report Recommendations
Interisle recommends that organizations that cannot afford the loss, misuse, or disruption of their domain assets adopt or amend existing asset management practices to include domain names:
1. Identify your domain name portfolio and put all registrations under a common policy and administration.
2. Ascribe values to your domain assets (tangible and intangible).
3. List the ways in which each domain asset value may be threatened (e.g., cost or consequence of loss, theft, misuse).
4. Determine how each threat can be realized: how is each domain name vulnerable to attack or exploitation?
5. Identify the risk that each threat poses and the means to mitigate each risk.
6. Identify the likelihood of the threat being realized through attack or exploitation, then prioritize risk against cost of mitigation.
About brandsec
brandsec is a corporate domain name management and brand protection company that looks after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.
reference: http://interisle.net/DomainSecurity2021.pdf