National cyber resilience strategies will only deliver for citizens if we connect high-level ambitions with the gritty realities of local councils, health boards and agencies – and that bridge starts at the DNS layer. 

From strategy soundbites to servicedesk problems 

Across Scotland and the wider UK, public bodies have no shortage of strategy. National cyber resilience roadmaps talk about protecting essential services, strengthening supply chains and raising the security baseline across government, health and critical infrastructure. 

Step inside a real organisation, though, and the view changes fast. An overstretched council ICT team might be wrestling with ageing Windows DNS servers, half-maintained IP spreadsheets and a sudden explosion of building management systems and IoT devices that no one remembers approving.  

So CISOs keep asking the same question: where do we start when budgets are tight, skills are thinner, and the clock’s ticking? And, crucially, how do we prove progress to those national scorekeepers? 

The pragmatic starting point: DDI 

Every strategy assumes one thing: systems must be reachable, resolvable, observable. That’s DNS, DHCP, and IP address management—DDI if you like acronyms. Think of them as the nervous system of public services. They see every user, every device, every workload trying to talk to the outside world. 

Flip the script: treat DDI not as invisible plumbing but as a strategic control point. DNS-driven visibility is often the quickest, cheapest and a vendor agnostic way to close that gap and meet the requirements set out by the likes of NIS2.  

Equally important is the need to secure critical network services and there are few more critical than DNS. To pre-empt requirements from the Cyber Security and Resilience Bill and other policies, organizations cannot take DNS for granted. As recent outages with Microsoft Azure and Amazon AWS prove. When DNS fails, the network and the applications it supports fails. No cyber resilience conversation can happen without ensuring the availability and integrity of DNS. 

Over a 12–18-month horizon, four foundational moves stand out. 

  1. Secure your core 

Re-evaluate your DNS and DHCP infrastructure to ensure it is robust, resilient and deployed as a highly available infrastructure. DNS running on multi purpose platforms are an availability and vulnerability risk. Consider right sizing and deployment based on a resilient network design. 

  1. Ensure system integrity 

Assess the integrity of your DNS infrastructure. Do you really have a solid understanding of the domain assets you own, and can your users and consumers securely access those services in confidence? DNS is the front door to your online presence but without a secure domain, threat actors can abuse your services for phishing and other attacks. Consider evaluating your deployment against the best practices established in the NIST 800-81 Secure DNS best practices. 

  1. See what you’re defending with DDI 

Get DNS-centric visibility across hybrid networks, rogue devices, and cloud workloads. Consolidate IP data and feed telemetry into SOC and SIEM tools. For a Scottish council, this turns “you can’t secure what you can’t see” from a tired excuse into an action plan. DNS queries expose shadow IT, orphaned servers, and vulnerable IoT endpoints – stuff traditional inventories miss. 

  1. Block attacker infrastructure early with Protective DNS 

Protective DNS (PDNS) enforces strategy where every digital handshake begins: the DNS lookup. Apply threat intel to block or redirect malicious domains before they can ever hit endpoints. In addition, rich DNS logs make incident reporting easier, helping CISOs meet statutory obligations.  

Securing public services from the inside out 

Decisions made at the DNS layer ripple upwards into continuity of care, citizen trust and board level assurance – especially as attackers increasingly exploit third-party and supply chain routes. 

For Scottish and UK public sector leaders, the call to action is clear: revisit where DNS and DDI sit in your resilience plans. Elevate them from background utilities to strategic levers – the place where national ambition meets operational reality, and where cyber resilience by design can genuinely start from the inside out.