Domain-based cyber threats aren’t going anywhere, and cybersecurity professionals across the globe are concerned about the increase in complexity and frequency of this type of cyber threat, which is becoming a major problem for the enterprise.
Indeed, a new report, “CISO Outlook 2025,” published has released a harsh reality: 98% of CISOs believe there will be an increase in cyberattacks during the next three years with domain-based threats the highest of all of their worries.
The report underscores a concerning trend as cybercriminals become more adept at attacking domain and DNS infrastructure using methods such as DNS hijacking, cybersquatting, and subdomain takeovers.
These techniques leverage core components of the internet, which is why they are so powerful. “Demand for domain-targeted attacks will continue to expand, with bad actors leaning on AI to create more credible and more dangerous incursions,” said Ihab Shraim, CTO of CSC’s Digital Brand Services, adding that the increasing accessibility of AI-enable tools and off-the-shelf attack kits is bolstering these threats.
87% believe that AI-fuelled Domain Generation Algorithms (DGAs) which can generate thousands of fake domains for use in phishing, or other types of attacks, are a direct threat. This advancement has led to the fact that favourably sounding and in terms of grammar correct malicious messages are the tongue of preference.
Even as risks rise, they continue to feel far from prepared, with just 7% of CISOs feeling ‘very confident’ in the domain attack defenses they have in place and only 22% believe they have the right tools. This lack of faith highlights an important preparation divide, and in many cases is because organisations do not see domain and DNS security as a core security focus.
For CISOs trying to find their way through this dangerous territory, an aggressive multi-tiered defense is a necessity. Key strategies include:
Strong Email Authentication: Employing SPF, DKIM and DMARC protocols to validate emails and keep domain-spoofing at bay.
Ongoing Domain Monitoring: Using services to monitor for domain lookalike, typosquatting and dubious registrations.
Improved DNS Security: Proactively signing your DNS records with DNSSEC to guarantee genuine and secure information.
Employee Training: Ongoing, in-depth security awareness training including AI-contextLive simulated attack scenarios and spotlighting on vigilant against advanced phishing.
A Zero Trust Approach: The principles of least-privilege access and continual verification should be applied—particularly with third-party integrations and internal use of machine learning for security operations—in order to reduce the potential attack surface.
Strategic Partnerships: Partnering with skilled cybersecurity partners for actionable intelligence and real-time agility to monitor/respond to threats.
The human element is still a very weak point, so good education is a necessity. With the threat landscape in constant flux due to the influence of AI, CISOs need to shift their defense strategy to protect not just their networks but the very digital identities of their organizations.
