WILMINGTON, DE — Security leaders increasingly view artificial intelligence as a cybersecurity asset, but concerns over domain-based attacks, DNS vulnerabilities and third-party AI systems remain widespread, according to new research released by CSC.
The company’s CISO Outlook 2026 report, based on a survey of 300 senior technology and cybersecurity executives conducted during the first quarter of 2026, found that 73% of respondents view AI as more of an opportunity than a risk for cybersecurity operations.
That optimism comes as organizations confront a growing array of AI-enabled threats. Eighty-six percent of respondents identified AI-powered domain generation algorithms, which can be used to create malicious domains at scale, as a cybersecurity threat.
The survey identified domain and DNS hijacking, along with subdomain takeover attacks, as the most significant cybersecurity threat facing organizations in 2025. Cybersquatting and online counterfeiting ranked second, followed by ransomware and malware attacks.
The findings suggest that many organizations remain uncertain about their ability to defend critical internet infrastructure.
Only 14% of respondents reported being “very confident” in their organization’s ability to mitigate domain-based attacks, while roughly one in 10 executives indicated that major organizations are significantly underprotected against DNS outages.
The survey also highlighted growing concerns about the intersection of artificial intelligence and third-party risk management.
Ninety-eight percent of respondents expressed concern about granting AI systems, including large language models, access to corporate data. Seventy-nine percent reported concern over cybersecurity risks stemming from suppliers’ and partners’ use of AI tools.
Despite those concerns, CSC found that 70% of organizations apply AI-related risk controls only to key suppliers rather than across their broader vendor ecosystems.
Looking ahead, respondents identified social media impersonation and defamation as the leading cybersecurity threat for the remainder of 2026, ranking ahead of domain and DNS hijacking, subdomain takeover attacks and cybersquatting.
At the same time, organizations are increasingly deploying AI as part of their own cybersecurity defenses.
Fifty-seven percent of respondents reported using AI-based monitoring and enforcement tools, up from 50% a year earlier. Use of AI for threat detection and fraud prevention increased to 44% from 36% over the same period.
Ihab Shraim, chief technology officer of CSC’s Digital Brand Services division, argued that organizations must place greater emphasis on securing foundational internet infrastructure as AI-driven attacks become more sophisticated.
“Agentic AI could further accelerate this risk by enabling bad actors to automate reconnaissance, impersonation, and domain-based attacks at scale,” Shraim stated. “Making proactive domain security and monitoring more urgent for enterprises.”
The survey included chief information security officers, chief technology officers, chief information officers and other cybersecurity leaders and was conducted during the first quarter of 2026.
For additional information and the full report, visit cscdbs.com/en/resources/ciso-outlook-2026-report/.
Support the local news that supports Chester County. MyChesCo delivers reliable, fact-based reporting and essential community resources—free for everyone. If you value that, click here to become a patron today.