24/07/2018 – News / Science & Technology / GDPR / Cybersecurity / IT / Security / Data / DomainTools
Security professionals say GDPR redactions will make the Internet “a safer place for scammers”
DomainTools, a leader in domain name and DNS-based cyber threat intelligence, today announced the results of a survey of 326 security professionals regarding the impact of GDPR on important cybersecurity functions such as network defence, threat hunting and risk assessment. The results of a survey – conducted last month at Infosecurity Europe in London – paint a bleak picture with regards to the effect GDPR is having on the security community, with nearly two-thirds of respondents believing it would make the Internet ‘a safer place for scammers’.
EU regulation GDPR (General Data Protection Regulation), which came into effect in May, has resulted in the redaction of certain PII data available in Whois records. Whois (pronounced as the phrase, ‘who is’) is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource – such as a domain name, IP address block or an autonomous system. It is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.
Such data was invaluable to security researchers in their endeavour to keep global Internet users safe online. Some 86 per cent of the security professionals surveyed at Infosecurity Europe were aware that GDPR has affected Whois data – and 58 per cent said that it would help make the Internet ‘a safer place for scammers’.
Mourning the loss of Whois data
“The results of this survey show that the security community understands just how significant Whois data is to the important work they do,” remarked Tim Chen, CEO of DomainTools. “The Internet is an open network, fundamentally operating on trust. Helping to enforce that trust are systems like Whois that give individual Internet users insight into who is behind a website. Applied at scale, Whois data empowers everyday security capabilities – such as domain and IP risk assessment and spam protection. We will continue to work as hard as we can to make sure security practitioners are included in the law as parties with a legitimate interest in the full Whois data.”
While the impact of the current Whois data redaction is being felt throughout the community, DomainTools said that it “continues to evolve its products to support security customers with other relevant and effective data sets”, including the recent launch of Iris 3.0, adding Guided Pivots, SSL Certificate Profiles and historical reverse Whois support to keep up with the ever-changing threat landscape.