At CSC, we have long warned that domain and DNS vulnerabilities are often the weak link in enterprise cybersecurity. Now, new data underscores the scale and urgency of the problem. In our recently released CISO Outlook 2025 report, nearly three-quarters (70%) of senior cybersecurity leaders expect threat volumes to rise in the coming year. An overwhelming 98% anticipate this trend will accelerate over the next three.

At the heart of this concern is the evolving nature of threats themselves. Domain generation algorithms (DGAs), deepfakes, and subdomain takeovers—once niche attack vectors—are now becoming mainstream tools in the cybercriminal arsenal, often powered by AI. These attacks increasingly bypass traditional defences, making domain security not just a technical issue, but a board-level imperative.

Domain-Based Risks Take Centre Stage

Commissioned by CSC and based on a global survey of 300 CISOs, CIOs, and IT leaders, the report offers a candid view into the evolving digital threat landscape. Domain-related risks dominate CISO concerns, with cybersquatting, DNS hijacking, and distributed denial-of-service (DDoS) attacks ranked as the top threats. The rise of artificial intelligence has further complicated matters. While AI tools are being used to monitor threats more effectively, they are also being weaponized—used to generate convincing phishing domains, deepfakes, and automated attack campaigns.

Confidence Gaps and Budget Constraints

Worryingly, few security teams feel fully equipped to keep pace. Only 22% of respondents said they had the right tools to address domain-based threats, and just 7% expressed strong confidence in their ability to defend against them. Despite the growing complexity, cybersecurity budgets are increasing only modestly, with just 7% of respondents reporting a significant budget rise between 2024 and 2025.

Internally at CSC, we see this misalignment as both a challenge and an opportunity. As Mark Flegg, our Senior Director of Technology, puts it: “CISOs have built the castle walls. But now they’re discovering adversaries are tunneling underneath.” A reactive posture is no longer enough. What’s required is a strategic shift—toward multi-layered, AI-aware, domain-secure frameworks that scale with the threat environment.

Looking Ahead

The CISO Outlook 2025 offers actionable insight into how organizations can strengthen governance, improve AI oversight, and better protect digital infrastructure. As a trusted partner of leading global brands, CSC remains committed to helping clients stay ahead of threats that move faster and strike deeper than ever before.

To access the full report and explore our latest security insights, download The CISO Outlook 2025.