Fintech has become one of the most dynamic arenas for cybersecurity, but it’s also one of the most dangerous. Last year, the International Monetary Fund released a statement warning of the sector’s “unique exposure” to cyber risk, and estimated that financial losses due to cyberattacks in the sector had quadrupled since 2017. The rise of “open banking” and the emergence of an API-first ecosystem has given fintech room to flourish, but it’s not just challengers and tech start-ups feeling the heat. The entire financial services sector, from traditional banks to payment apps, are facing mounting pressure on two fronts: adapting to sophisticated, often AI-driven attacks, and staying compliant amid tightening regulation.
But while the threats are evolving fast and security tools battle to keep up, one of the most effective lines of defense is already embedded in every network: the Domain Name System (DNS). Almost as old as the internet itself, DNS is often overlooked as “internet plumbing” – necessary infrastructure for managing traffic and directing it where it needs to go. But now, decades after its inception, DNS is emerging as a powerful, proactive layer of defense, capable of identifying malicious activity early, before it reaches endpoints or exfiltrates data. And as regulators begin to call out the importance of its role, DNS is finally getting the security spotlight it deserves.
The Maturity Trap
If you want to see a model cybersecurity firm, look no further than fintech. That’s so often been the case. They have large, specialized teams, enterprise-grade tooling, and decades of experience navigating regulation. But maturity doesn’t equal immunity. Even well-defended environments can be blindsided, not due to negligence, but because attackers are always looking for the slightest vulnerability. Technology that allows them to scan for weaknesses means they no longer need to force their way in – they can simply wait for gaps to appear. It’s an asymmetric landscape where attackers only need to succeed once, and that means even seasoned organizations need to constantly reevaluate the fundamentals – including overlooked layers like DNS. With the right visibility, DNS can surface signs of compromise, like malicious domain lookups or command-and-control activity, long before conventional tools raise the alarm.
DNS: Everything, Everywhere
Despite its security potential, DNS is still commonly managed outside of the security function, relegated to networking or infrastructure teams. This split means that threat signals flowing through DNS often go unnoticed by those who need them most. Not because security teams aren’t looking, but because they don’t always know where to look. The result is a missed opportunity. DNS logs are a rich source of telemetry. They can reveal early signs of malware staging, exfiltration attempts, or stealthy techniques like domain generation algorithms (DGAs). Crucially, they do this without the need for invasive endpoint tooling or complex integrations. DNS is already there, in every network. What’s needed is a shift in mindset that sees DNS not just as plumbing, but as a first line of defense.
Changing Narratives
CISOs are increasingly adopting this mindset. Exposure to DNS telemetry in workshops or threat simulations often opens their eyes to just how strategically valuable it can be – not a passive service, but an active battleground. Attackers rely on it as much as defenders do, making it a natural interception point. Regulatory frameworks are also reinforcing this shift in mindset. Where DNS protections were once considered optional, they’re now being formally recognized in guidelines like NIST SP 800-81, which calls out DNS as a key control point within a layered defense strategy – a benchmark for resilience.
That matters in a sector where compliance often guides investment. DNS security offers financial institutions a low-friction way to enhance visibility, detect threats earlier, and align with evolving regulatory expectations, without the overhead of major architectural change. It doesn’t replace other controls, but it complements them, adding a new layer of insight at a time when every signal counts. And in a high-stakes industry where customer trust, uptime, and compliance are non-negotiable, it’s an advantage that’s hard to ignore.
Gary Cox, Senior Technical Manager for UK and Ireland, Infoblox