Shauli Zacks
Published on: July 28, 2025
Domain names are no longer just digital real estate—they’re critical infrastructure. And as threat actors increasingly target DNS, subdomains, and SSL gaps, security leaders are beginning to treat domain management as a frontline cybersecurity issue. Mark Flegg, a 30-year IT veteran and longtime executive at CSC, has seen that shift firsthand.
In this interview with SafetyDetectives, Flegg explains why CSC approaches domain protection with a security-first mindset, what today’s CISOs are missing when it comes to DNS hygiene, and how emerging threats like AI-powered domain generation and lax registrar practices are reshaping the digital risk landscape.
Let’s start with a bit about you. Can you tell us about your role at CSC and your background in cybersecurity and domain protection?
I’ve worked in IT for 30 years and have been with CSC for 20 years. When I first started, I was a consultant for a software company, implementing systems all over Europe. Eventually, I joined CSC and was a self-starter in transitioning to cybersecurity and to a domain protection focus.
CSC is known for protecting the digital assets of some of the world’s biggest brands. For readers who might not be familiar, what makes CSC’s approach to domain security unique in today’s threat landscape?
CSC is the only provider that approaches domain management through a cybersecurity lens—treating domains not just as brand assets, but as critical infrastructure. While many providers focus on trademark protection or basic registration services, CSC offers a full-spectrum solution that addresses both owned and third-party domain risks.
We combine traditional brand protection—monitoring cybersquatters, infringers, and spoofed domains—with deep expertise in securing the domains enterprises already own. That means evaluating DNS and SSL providers for enterprise-grade resilience, locking vital domains to prevent hijacking and identifying gaps in domain security.
What sets CSC apart is the depth and breadth of our services. Competitors may offer one piece of the puzzle, but we deliver an integrated, security-first domain strategy—at scale. We’re also the largest registrar whose clients use advanced locking protocols across their portfolios. And we’ve implemented global programs that default to security best practices, even when it’s not the path of least resistance.
In short, CSC aligns with how our enterprise clients operate—by putting policy, enforcement and infrastructure first, and helping them treat domain security as intelligence, not insurance.
According to your latest report, domain and DNS hijacking, cybersquatting, and DDoS attacks top the list of concerns for CISOs. Why are these threats so prevalent, and what’s changed in the past year to bring them to the forefront?
These threats aren’t new—but what’s changed is the level of impact organizations are feeling from them. As cybercriminals find traditional attack surfaces better protected, they’re shifting their focus to overlooked entry points like DNS infrastructure, subdomains, and poorly managed domains. Attacks such as DNS hijacking or subdomain takeover exploit gaps in what we call cyber hygiene—and those gaps have become more visible as incidents increase.
The business risk is real. A DDoS attack, for example, can cripple operations without warning—and unless a company has dual DNS infrastructure (which few do), there’s no failover plan. During a recent CSC event, only one person in a room of nearly 30 said they had DNS redundancy in place.
Part of the problem is historical. Domain management started as a technical function in IT, expanded into marketing and legal as brand and trademark issues emerged, and is now moving up the organization—into the CISO, CIO, and CTO’s purview. As enterprises become more dependent on online services, email and web infrastructure, domain and DNS security have become business-critical.
It’s taken time, but security leaders are now recognizing that domain infrastructure is not just operational—it’s strategic. And for many, that realization is long overdue.
The report highlights AI-powered domain generation algorithms (DGAs) as an emerging risk. How do these work, and what challenges do they present for enterprise cybersecurity teams?
DGAs intelligently generate domain names and alternatives at scale, which can be used in phishing campaigns and other malicious attacks. The speed and effectiveness of these spoofed domain names can create an overwhelming wave of disruption.
To mitigate this risk, a combination of AI-powered detection and human review is needed to be vigilant of third-party domain registrations. And enforcement is key to combatting the attacks, which translates to takedowns, cease and desists and other measures.
Nearly every CISO surveyed expressed concern about domain registrars not enforcing KYC policies. Why is registrar-level identity verification such a critical issue—and how can companies vet their providers more effectively?
Know Your Customer (KYC) policies are foundational to domain security—and unfortunately, many registrars don’t enforce them. In a space where anyone can register a domain in seconds, lax identity checks allow bad actors to anonymously set up phishing sites, distribute malware or impersonate legitimate brands with minimal friction.
We focus exclusively on corporate clients and take KYC seriously. We thoroughly vet who we do business with and verify the owners of a domain as a part of ongoing operations. Our contracts explicitly prohibit illegal activity across domains and DNS services we support. This level of diligence helps ensure our customers—and their infrastructure—aren’t unintentionally enabling abuse.
Effective registrar vetting starts with asking the right questions. Companies should request security questionnaires, review enforcement policies and evaluate whether a registrar behaves more like a retail provider or an enterprise partner. Look for registrars that proactively help clients stay compliant with regulations across jurisdictions—whether that means geolocation controls for regulated industries or technical safeguards against misuse.
Ultimately, registrar trust is about more than just managing domains—it’s about being a responsible steward of global digital infrastructure.
Only 22% of CISOs feel they have the right tools to fight domain-linked threats. What are the most important steps organizations can take today to better defend their digital assets, especially as generative AI continues to reshape the threat landscape?
Today’s CISOs face growing pressure and an expanding attack surface. It’s no longer just about endpoints and firewalls; domains, DNS, SSL, and brand assets are now high-value targets. But with limited time and competing priorities, many security leaders struggle to keep up with evolving threats, let alone research every available tool. That’s where the right partners matter.
There are solutions for nearly every domain-linked risk—if organizations know where to look. Tools like CSC’s DomainSec platform help security leaders quickly assess their domain security posture, flag vulnerabilities and take recommended actions. AI may be accelerating attacks, but it can also be harnessed defensively—if paired with strong human oversight.
Ultimately, this comes down to education and decision-making. Not every company has the same risk appetite, but every company should have clarity. We don’t expect CISOs to become DNS or SSL experts—that’s our role. But we do expect them to make informed decisions. What we want to avoid is hearing, “Why didn’t anyone tell us?” after the damage is done.
