UK public sector protected from up to £223 million annual loss by PDNS cyber security solution

9th May 2022

Research finds that Protective DNS helps more than 60 percent of public organisations catch at least two unique threats each week

London – 9 May 2022, Nominet has revealed that the UK economy is protected against up to £223 million worth of loss annually by having a Protective DNS (PDNS) cyber security solution in place to secure vital public services.

Nominet commissioned the independent review – Quantifying the financial savings Protective DNS (PDNS) brings to the UK public sectorfrom the Cyentia Institute to quantify the value of the protection offered by PDNS for the first time.

Nominet delivers PDNS to the UK public sector (including central government, local authorities, devolved administrations and emergency services among others) on behalf of the National Cyber Security Centre[1] (NCSC).

Protective DNS is a sophisticated threat monitoring, detection, prevention and analytics solution. PDNS works by analysing DNS requests, inspecting them against a library of constantly updated ‘known bad’ locations and blocking anything suspected to be malicious. PDNS provides customers with logs and dashboards highlighting critical threats and allowing them to monitor activity and respond appropriately.

The Cyentia Institute’s report provides an analysis of the DNS queries blocked by Protective DNS, finds commonalities among the end users that are protected, and uses a financial model to estimate the value of the threat prevention provided by Protective DNS to the UK economy.[2]

Key findings from the independent review include:

  • Protective DNS typically provides yearly savings of at least £59 million and up to £223 million depending on the scale and intensity of threats encountered in a given year. This is based on financial modelling of the cost implications of general cyber incidents, ransomware attacks and major publicly referenceable breaches.
  • 4005 general incidents and 1400 ransomware incidents are prevented each year by Protective DNS, based on the sample.
  • Over 96% of organisations in the public sector faced interventions by Protective DNS to protect their systems, while there is a 95% chance that an organisation will have at least three threats blocked each month.
  • With over 60% of organisations catching at least two unique threats each week, the need to have a proactive defence in place is evident.

David Carroll, Managing Director of Nominet Cyber, said:

“Protective DNS is a powerful tool for Active Cyber Defence deployed by the UK Government in support of the Government Cyber Security Strategy. PDNS provides value for money by enabling organisations to mitigate cyber security threats at scale. The report from the Cyentia Institute has helped to quantify the financial impact of PDNS for the UK public sector, in combination with the fantastic efforts the UK Government and public sector organisations make to quickly respond to and mitigate incidents.

As this report shows, public sector organisations face a wide variety of threats, with PDNS helping them detect, block and respond to those that are most critical. It saves organisations significant resources by acting as a first line of defence and freeing up analyst time to focus on the threats that most require human intervention. Of course, it is important to acknowledge that this is only possible because of the exhaustive efforts of security professionals and incident responders across the public sector who act on PDNS alerts quickly and decisively. While no individual security control is a cure–all, this report demonstrates that PDNS plays an economically significant role in collective effort to safeguard the UK public sector at scale, helping to prevent avoidable losses through rapid threat intelligence and proactive defence.”

About Nominet

Nominet is driven by a commitment to use technology to improve connectivity, security and inclusivity online. For 25 years, Nominet has run the .UK internet infrastructure, developing an expertise in the Domain Name System (DNS) that now underpins sophisticated threat monitoring, detection, prevention, and analytics that is used by governments to mitigate cyber threats. Our social impact programme aims to improve the lives of one million people, providing support and opportunities to tackle some of the most important digital issues facing young people in the UK today.

Media contacts

Nominet Cyber PR team
Fieldhouse Associates
[email protected]
+44 (0)7841 596 124

Nominet will be attending CYBERUK with the NCSC, where there will be hard copies of the report on hand and the opportunity to further discuss the report.

[1] The report was not endorsed or produced by the UK Government or the National Cyber Security Centre

[2] Cyentia groups the type of threat blocked into three categories; general incidents, ransomware incidents, and major breach incidents. By modelling the financial costs associated with these types of incidents, combined with the number of times they are blocked by Protective DNS, Cyentia estimates the overall value of Protective DNS to the UK economy. This is a conservative estimate, it does not consider any non-monetary costs and the service has grown substantially over the past few years. The Cyentia report covers 185 entities covered by PDNS in September 2020. By 2021 PDNS protected an estimated 900+ organisations, in addition to 1000+ organisations in the Health and Social Care Network (HSCN)