CSC Report Finds CISOs Embrace AI While Warning of Rising Domain-Based Cyber Threats
CSC has released new research showing that chief information security officers (CISOs) are increasingly embracing artificial intelligence as a cybersecurity tool while continuing to face growing concerns over AI-enabled cyber threats and weaknesses in domain security.
The company's CISO Outlook 2026 report found that 73% of surveyed security leaders believe AI presents more opportunity than risk for cybersecurity. At the same time, 86% identified AI-powered domain generation algorithms (DGAs) as a cybersecurity threat.
CSC surveyed 300 senior executives during the first quarter of 2026, including CISOs, chief technology officers (CTOs), chief information officers (CIOs) and heads of cybersecurity, to assess how organizations are adapting to the changing threat landscape.
According to the report, respondents ranked domain and DNS hijacking along with subdomain takeover attacks as the leading cybersecurity threat in 2025. Cybersquatting, including typosquatting and online counterfeits, ranked second followed by ransomware and malware.
The research also highlighted a lack of confidence in organizations' ability to defend against domain attacks. Only 14% of respondents said they were "very confident" in their company's ability to mitigate domain attacks while one in 10 believe major businesses and organizations are "significantly underprotected" against DNS outages.
AI-related concerns extended beyond cybercriminals. Nearly all respondents (98%) said they are concerned about giving third-party AI systems, including large language models (LLMs), access to company data. Additionally, 79% said they are concerned or very concerned that suppliers' and partners' use of AI tools poses a cybersecurity risk. Despite those concerns, 70% reported that their organizations apply AI-related risk controls only to key suppliers.
Looking ahead through the remainder of 2026 and beyond, respondents expect social media impersonation and defamation to become the greatest cybersecurity threat, ahead of domain and DNS hijacking, subdomain takeover attacks and cybersquatting.
The report also found organizations are increasingly adopting AI-powered security tools. Fifty-seven percent of respondents said they use AI-based monitoring and enforcement solutions while 44% use AI for threat detection and fraud prevention. Both figures increased from last year's survey, when 50% reported using AI-based monitoring and enforcement and 36% used AI for threat detection and fraud prevention.
"As cybercriminals continue to leverage AI in new ways to launch targeted and widespread attacks, including those that specifically exploit domains, CISO strategies for domain risk need to evolve to keep pace with the increasing complexity of these threats," said Ihab Shraim, chief technology officer of CSC's Digital Brand Services.
Shraim added that organizations should prioritize securing foundational digital infrastructure such as DNS, warning that agentic AI could enable attackers to automate reconnaissance, impersonation and domain-based attacks at scale, making proactive domain security and monitoring increasingly important.