WILMINGTON, DE — A staggering 98% of chief information security officers (CISOs) anticipate a significant surge in cyberattacks over the next three years, according to new research published by CSC, a leading enterprise-class domain and DNS security provider. The study sheds light on the evolving cybersecurity landscape, highlighting domain-based threats and artificial intelligence (AI)-driven risks as critical concerns for organizations globally.
The report, titled “CISO Outlook 2025: Navigating Evolving Domain-Based Threats in an Era of AI and Tightening Regulation,” identifies cybersquatting, DNS hijacking, and distributed denial-of-service (DDoS) attacks as the most pressing threats in 2024. CISOs surveyed also express heightened concern over ransomware and AI-powered domain generation algorithms (DGAs), which 87% of respondents named as a direct threat.
“DNS and domain-related infrastructure are prime targets for cybercriminals,” said Ihab Shraim, chief technology officer for CSC’s Digital Brand Services division. “These attackers conduct extensive reconnaissance to identify vulnerabilities, hijack subdomains, and impersonate brands at a massive scale. With the growing availability of AI-driven tools and off-the-shelf attack kits, these threats are only going to accelerate. A single DNS compromise can take down email, websites, customer portals, and even phone networks. Companies that don’t act quickly may find themselves navigating not just technical fallout, but reputation and regulatory consequences as well.”
The study highlights a worrisome lack of confidence among cybersecurity leaders. Only 7% of CISOs reported being “very confident” in their ability to defend against domain-based attacks, while just 22% believe their organizations have the appropriate tools to mitigate these risks. The findings underscore the urgent need for businesses to strengthen their domain security strategies as threats continue to evolve.
AI-driven domain attacks are becoming increasingly sophisticated, with tools like domain generation algorithms enabling cybercriminals to create endless variations of domain names, making it harder for organizations to track and block malicious activity. Meanwhile, 97% of respondents expressed concerns about the risks posed by granting third-party AI systems access to proprietary data, further highlighting the importance of implementing robust AI governance frameworks.
“The human element continues to be the biggest security vulnerability,” said Nina Hrichak, vice president of CSC’s Digital Brand Services. “As cybercriminals grow more sophisticated, internal education and awareness are falling behind. DNS hijacking and subdomain takeovers have become mainstream concerns, but not every organization possesses the internal expertise to monitor domain activity in real time. That’s where experienced partners can offer vital insights and agility to help organizations stay ahead of the curve.”
CSC’s report emphasizes the need for a proactive approach to domain security, urging organizations to invest in advanced tools, training, and partnerships to safeguard their digital assets. With cyber threats growing in complexity and speed, now is the time for businesses to act decisively to defend against the evolving threat landscape.
For the latest news on everything happening in Chester County and the surrounding area, be sure to follow MyChesCo on Google News and MSN.