Defensive Strategies and Conclusion

Canadian businesses recognize the value of defence in depth 

Canadian businesses, both large and small, recognize the value of layered cybersecurity protection and are investing in a variety of IT security solutions to protect themselves—a concept called defence in depth. The term defence in depth has its origins in the military, where layers of defense—each with different capabilities—protect each other, and the core. In the case of a DNS firewall, it exists as a first layer of protection outside the organization and might be compared to air cover over a battlefield. It has a unique perspective, vital early threat detection capabilities, and can respond to a potential compromise before it even reaches your network.  

At the individual device level, small businesses report they are using several different types of solutions for protection. Eighty-four per cent report using antivirus software, while 61 per cent say they are using traditional hardware-based firewalls and 54 per cent reporting using software-based firewall solutions. Other systems small businesses are deploying include password managers (42 per cent), email encryption (26 per cent) and cloud-based systems, which block malicious queries such as malware and phishing links (29 per cent). 

A majority of larger organizations indicate that they are using security solutions that block malicious queries at the DNS level with 60 per cent of those surveyed say they are providing malware and phishing protection using this method. Of these, a surprising 55 per cent say that they are blocking content (also called web filtering) using this method as well. We expect that this type of blocking is done by a combination of on-site recursive servers, traditional firewalls and cloud-based DNS firewalls.

Defence-in-depth layers protecting the information at the core

Layers shown include: application, host, network, perimeter, and DNS.


Our first Cybersecurity survey of .CA registrants that have business-type domain name registrations shows that Canada is not immune to the cyber threats facing organizations in other countries. They are very concerned about the risk and are investing in several different solutions to help mitigate it. Despite this, they survey shows that the bad guys keep breaking-in and so continual improvement in security is critical to any organization that relies on technology for their business.

CIRA can help you discover malware you didn’t know you had with D-Zone DNS Firewall

CIRA offers a Canadian solution to help with the growing malware problem. With nodes located inside Canada and data privacy and sovereignty built-in, it provides a simple yet effective layer of protection for Canadian organizations. The results have shocked even us, with almost every new customer discovering malware they didn’t know they had as it tried to call out to its command-and-control servers. Try D-Zone DNS Firewall today and see what you have been missing.

Learn more and try today by visiting: