New CSC Report Illustrates How AI is Affecting Enterprise Security Leaders

WILMINGTON, Del.— CSC, an enterprise-class domain registrar and world leader in mitigating brand, fraud, domain, and domain name system (DNS) threats, today released new research on how chief information security officers (CISOs) are adapting to an evolving artificial intelligence (AI) ecosystem while managing traditional cyber threats, such as DNS outages. According to CSC’s CISO Outlook 2026 report, 73% of respondents say AI presents more of an opportunity than a risk for cybersecurity. However, these security leaders continue to face challenges in addressing attacks, including AI-powered domain generation algorithms (DGAs), which 86% of respondents cite as a threat.

To thoroughly understand the CISO perspective on today’s cybersecurity landscape, CSC surveyed 300 senior executives—including CISOs, chief technology officers (CTOs), chief information officers (CIOs), and heads of cybersecurity—in Q1 2026.

Key findings from the CISO Outlook 2026 report include:

• Respondents ranked the top three threats in 2025 as: 1) domain/DNS hijacking and subdomain takeover attacks; 2) cybersquatting, including typosquatting and online counterfeits; and 3) ransomware and malware

• Only 14% of respondents say they are “very confident” in their company’s ability to mitigate domain attacks, with one in 10 respondents believing that major businesses and organizations are “significantly underprotected” against DNS outages

• Ninety-eight percent of respondents are concerned about the risks of giving third-party AI-based systems—including large language models (LLMs)—access to company data

• Seventy-nine percent say they are “concerned” or “very concerned” that suppliers’ and partners’ AI tool use poses a cybersecurity risk to their organization, yet almost three-quarters (70%) of respondents say their organizations apply risk controls only to key suppliers

• Looking to the rest of 2026 and beyond, respondents expect social media impersonation and defamation to pose the greatest cybersecurity threat, ahead of domain and DNS hijacking, subdomain takeover attacks, and cybersquatting

Many CISOs are putting their positive AI outlook into practice, leveraging new tools to take on the proliferation of cyber threats. More than half (57%) of survey respondents confirmed that they use AI-based monitoring and enforcement solutions, and 44% use AI-based solutions for threat detection and fraud prevention. Both these figures increased from last year, when 50% used AI-based monitoring and enforcement and 36% used AI for threat detection and fraud, demonstrating that the technology is playing an increasingly positive role in managing threats internally.

“As cybercriminals continue to leverage AI in new ways to launch targeted and widespread attacks, including those that specifically exploit domains, CISO strategies for domain risk need to evolve to keep pace with the increasing complexity of these threats,” states Ihab Shraim, chief technology officer of CSC’s Digital Brand Services. “In 2026, CISOs and security leaders must prioritize securing fundamental digital building blocks for their enterprises, like DNS, which are now considered critical infrastructure but have often been overlooked. Agentic AI could further accelerate this risk by enabling bad actors to automate reconnaissance, impersonation, and domain-based attacks at scale, making proactive domain security and monitoring more urgent for enterprises.”

To learn more about CISOs’ top concerns and priorities for 2026 and to download the full report, visit cscdbs.com/en/resources/ciso-outlook-2026-report/. For more information on how CSC supports CISOs and security teams with domain security and management, visit cscdbs.com.

About CSC

CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands (Interbrand^®) with focus areas in domain security and management, along with digital brand and fraud protection. As global companies make significant investments in their security posture, our DomainSec^SM platform can help them understand cybersecurity oversights that exist and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss. CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—with a multidimensional view of various threats outside the firewall targeting specific domains. Fraud protection services that combat phishing in the early stages of attack round out our solutions. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.