DUBAI, UAE, 4th March, 2025: The EU’s NIS 2 Directive is reshaping the cybersecurity
landscape by imposing stricter requirements on essential and important sectors to
strengthen resilience against cyber threats. A critical but often overlooked component of
compliance? DNS security. Infoblox, a global leader in DNS management and security,
underscores why companies need to prioritize DNS to comply with NIS 2 and protect their
operations.
Why DNS Matters for NIS 2:
• DNS as a Critical Service: DNS underpins all digital operations, from internal
workflows to customer-facing services. The NIS 2 Directive underscores the need for
resilient critical services such as DNS to ensure service continuity during
cyberattacks or technical failures.
• DNS as a Threat Vector: DNS is a frequent target for attackers who exploit
vulnerabilities to execute data exfiltration and use fraudulent lookalike domains to
increase the success of their phishing campaigns. Poorly configured external
authoritative domains are unfortunately common leading to threat actors hijacking
legitimate domains as part of their campaigns. Horrid Hawk is just one example
• DNS as a Cybersecurity Control: Protective DNS services are expected to feature
prominently in ENISA’s best practice guidance, as they can block access to
malicious domains, detect spoofing attempts, and mitigate the risk of data
breaches. With many governments implementing protective DNS services and with
the EU’s own DNS4EU project, DNS has now become a foundational element of
most cyber security architectures.
Likely Best Practices for DNS Security and ENISA
Infoblox expects ENISA, tasked with defining standards for NIS 2 compliance, to prioritize:
• Resilient DNS Architectures: Building redundancy and fault tolerance into DNS
systems.
• Mitigation of exploitation of the DNS protocol: Ensuring DNS systems can prevent
data loss over DNS and instituting a robust set of requirements to secure
authoritative domains from threat actor exploitation
• Protective DNS Services: Blocking connections to malicious domains and
providing visibility into suspicious DNS activity through the use of DNS based threat
intelligence on existing DNS platforms.
NIS2’s current guidance references the US Chamber of Commerce’s NIST Special
Publication 800-81. This document provides guidance on DNS and DNS security best
practices and is being updated in collaboration with global experts. Organizations should
prepare to integrate DNS security into their broader cybersecurity strategies in anticipation
of the recommendations that will come from ENISA’s best practices guidelines.
Stay ahead of the curve by exploring how DNS security can enhance compliance strategies
and protect operations.
Quote
“DNS security always was a critical pillar in safeguarding the digital infrastructure of
organizations, particularly in the face of rising cyber threats. As the EU’s NIS 2 Directive sets
the standard for resilience, organizations in Middle East, Africa, and Turkey must recognize
the criticality of DNS in maintaining continuity and compliance. With increasing reliance on
digital services, DNS has become a prime target for cybercriminals, making robust security
measures imperative. At Infoblox, we see the growing need for resilient DNS architectures
and protective services, which are not just an EU concern but vital for organizations across
our region as well. As cyber threats evolve, DNS security will be a foundational element in
building the resilience required for NIS 2 compliance and beyond.”
– Mohammed Al-Moneer, Sr. Regional Director, Middle East, Africa &
Turkey, Infoblox
-Ends-
Photo Caption: Mohammed Al-Moneer, Senior Regional Director, META at Infoblox
About Infoblox
Infoblox unites networking and security to deliver unmatched performance and protection. Trusted
by Fortune 100 companies and emerging innovators, we provide real-time visibility and control
over who and what connects to your network, so your organization runs faster and stops threats
earlier. Visit Infoblox.com, or follow-us on LinkedIn or X.
