New insights from CSC’s CISO Outlook 2026 report indicate a changing cybersecurity landscape in which social media impersonation and defamation are identified as leading threats, representing a shift compared with the previous year. Closely following these are concerns around domain and DNS hijacking, DDoS attacks, and cybersquatting.
The report also highlights the rise of employee and executive impersonation, including the use of technologies such as deepfakes. This reflects a broader shift toward identity-based attacks becoming a higher priority for CISOs and senior technology leaders. As attackers increasingly exploit trusted brands and individuals, the scope of cybersecurity focus has expanded.
AI plays a dual role in this environment. It adds complexity to managing impersonation and domain abuse, while many security professionals also view it as more beneficial than harmful overall. Specifically, 86% of respondents identify AI-powered domain generation algorithms as a threat, while 73% view AI primarily as an opportunity rather than a risk.
Concerns also extend to supplier and partner use of AI, with 79% of respondents reporting concern about associated risks. At the same time, only 15% apply risk controls across all suppliers, indicating a gap between perceived risk and implemented controls.
As these issues develop, CISO strategies are expected to continue evolving, with protection of core digital infrastructure such as DNS remaining important. Cybercriminal use of AI to scale and refine attacks further reinforces the need for domain security measures and monitoring systems.
Key findings from the report include:
- 72% of respondents view 2025 cybersecurity threats as “critical” or “very critical.”
- 75% expect a slight increase in incidents in 2026, while 14% anticipate a significant increase.
- 14% report high confidence in their ability to mitigate domain-based attacks.
- Use of AI-based monitoring and enforcement tools has risen to 57%.
- Adoption of AI-based threat detection and fraud prevention tools stands at 44%.
Overall, the report indicates that cybersecurity strategies continue to adapt in response to evolving threats and increasing use of new technologies, with organisations focusing on resilience against a more complex threat environment heading into 2026.
