The cyber threat landscape is constantly changing. As malicious actors elevate their tactics, cybersecurity leaders must be prepared to keep pace with the rapidly shifting landscape. 

Here, Security magazine talks with Dr. Renée Burton, VP of Threat Intelligence, about how organizations can avoid falling victim to evolving cyberattacks. 

Security magazine: Tell us about your background and career.

Dr. Burton: I started as a mathematician hoping to go into academia, but after the dismantling of the Soviet Union there was a huge influx of mathematicians from the former Eastern block, saturating the job market and making it hard to find stable positions. A friend recommended the National Security Agency (NSA); I started there in 1995. At the NSA, I was fortunate to have a wide range of opportunities and explore several career areas, from traditional mathematics to strategic planning. I went in and out of management several times. My final project at NSA was a large-scale DNS analytics program to understand how threats manifested in DNS records.  I joined Infoblox to help them grow their ability to detect threats within DNS and protect their global customer base through what is now often called protective DNS. I run a global threat research team where we try to find bad guys on the internet and figure out ways to track the domains they use for scams, malware, and other malicious purposes.

Security: Many say that threat actors are increasing the sophistication of their techniques. What are some key ways you’ve seen this happening?

Dr. Burton: Threat actors are ingenious and always evolving. We see them taking advantage of misconfigurations in DNS and elsewhere, which have allowed them to run operations under the radar for years. They also have become cleverer in domain name registrations, choosing domain names that can fool users and machines, but also registering large volumes of domains automatically. An increasing number of threats utilize adtech to hide their operations through what are called traffic distribution systems (TDS); awareness of this is only beginning to really take hold.  

Security: What do individuals and organizations need to be aware of in order to avoid falling victim to these increasing threats?

Dr. Burton: Vigilance is key, along with education. We have attempted to increase awareness of malicious TDS for the last few years and are gaining traction in that space. As users and organizations become more aware of the ability to hide bad activity in a way that can be difficult to recreate, they can take measures to protect themselves by being skeptical and putting security elements in place.

Security: The threat landscape is shifting rapidly. How can organizations stay on top of evolving and emerging threats?

Dr. Burton: For me, protecting enterprises and global users via protective DNS is a no-brainer. When done well, it will reduce risks significantly — we see numbers around 75-78% reduction in threats when stopped at the DNS resolver. It is also easy and ubiquitous. Protective DNS can be deployed on a laptop, in an office, or at an ISP to protect users at home or on the go. It is also able to protect users before the actor has fully deployed their attack or before the security industry is aware of the mechanism. When paired with other elements of the security stack, everyone will be more protected with less overall cost.