Is the next round of new Internet extensions already behind us? Not quite. Fourteen years after the 2012 window, the new window opens on April 30 and is set to close on August 12 at 11:59 p.m. UTC. This is a rare event and THE hot topic in the domain name ecosystem at the start of 2026.
At Domain Pulse, the annual event where the national registries of Germany (Denic), Austria (Nic AT), and Switzerland (Switch) meet with players in the domain name industry since 2004, this topic was mainly discussed behind the scenes. The organizers of Domain Pulse, which took place this year in the pretty town of St. Gallen in Switzerland, wanted to focus attention on cyber threats, critical infrastructure, and the role of registries. During the two-day event, the emphasis was on collaboration, early detection of attacks, and digital sovereignty.
The key role of CERTs
Among the key mechanisms of human-centered security design and collaboration, Domain Pulse has focused particular attention on CERTs.
A CERT is defined by the European Union Agency for Cybersecurity (ENISA) as a specialized cybersecurity team responsible for:
- receiving and processing reports related to IT security incidents;
- analyzing incidents and vulnerabilities;
- responding to incidents by assisting victims and coordinating resolution actions;
- providing prevention and alert services, including advice, bulletins, and threat information;
- facilitating coordination between actors (other CERTs, authorities, national and international organizations) for a more effective response.
It was pointed out that the three registries in the DACH region (Germany, Austria, and Switzerland) have been working closely together for a long time and that two of them have a CERT. In this regard, the Switch registry, which organized this 2026 edition, is one of the pioneers, having set up a CERT as early as 1994. The Austrian registry did the same about ten years later. As for Denic, the German registry, Thomas Keller pointed out that Denic is very active in the security of the .de infrastructure and that the registry works closely with other security structures of CTI (Cyber Threats Intelligence) and initiatives.
The most common attacks on these countries
Domain Pulse also provided an opportunity to review the most common attacks on these countries.
For Germany, whose .de domain managed by Denic is the second largest country extension in the world in terms of volume with 17.6 million domain names registered at the end of 2025, ENISA noted that 23.4% of Member States’ compensation claims related to ransomware and data breaches came from Germany in 2025.
In the case of Austria, where the .at registry, Nic AT, represents approximately 1.5 million registered domain names, the CERT operated by the registry noted that phishing and domain abuse for credential harvesting, particularly via pages imitating authentic services, remains the most commonly observed threat.
Finally, in Switzerland, where the Switch registry currently has around 2.5 million domain names under the .ch extension, the Quad 9 foundation and Switch have indicated that the three main threats identified in 2025 are ransomware, malvertising (editor’s note: a technique that involves injecting malicious code into legitimate advertising banners in order to infect Internet users and redirect them to fraudulent sites or steal their data), and malware.
This situation reminds these registries that there is still much to be done to combat malicious use of the DNS.
An international context pushing European sovereignty to the forefront
The current unpredictable geopolitical context, in which threats to the technical infrastructure of states and companies are increasing, was highlighted as a cause for concern. The current context encourages us to rethink “our relationship with technology,” as researcher Daria Höhener pointed out with regard to AI, inviting the audience to rethink our role in the age of AI.
Among the challenges posed by AI, she reiterated that we must ensure that this technology serves humanity, and not the opposite, and that it is therefore necessary for humans to remain its architects rather than becoming AI agents executors, and for trust to “remain the foundation of all connections.” The EU has adopted the “AI Act,” the world’s first legislative framework harmonizing rules on AI. The latter aims to reduce Europe’s regulatory dependence by giving it global influence over how AI is developed and used. The text will be fully applicable from August 2, 2026.
Alongside this legislative arsenal, to which the NIS2 cybersecurity directive currently being transposed in the Member States could be added, the Member States are showing that they finally have a common vision for strengthening the EU’s technological autonomy, competitiveness, and resilience in the face of external dependencies. The signing of the Declaration on European Digital Sovereignty last November in Berlin is an illustration of this.
In terms of European technical solutions that reflect this raising awareness, DNS4EU, the European resolver, was in the spotlight at Domain Pulse. Launched on June 9, 2025, this “sovereign” resolver is co-financed by the EU and supported by ENISA. It is guaranteed to be GDPR-compliant with a 100% European infrastructure. It is aimed at EU decision-makers but also seeks to offer an alternative to decision-makers who are not members of the EU DNS.
A variety of topics that reflect the diversity and richness of the information available, as well as the awareness that the Domain Pulse organizers wanted to instill in both DNS stakeholders and users. An event that reminds us that the Internet is nothing without security, and that security is nothing without collaboration and information sharing.
Nameshield, a sovereign European company, found a particular resonance between the topics covered by the Domain Pulse and its DNA, which places people at the center of its technical solutions for securing brands and DNS, and peer collaboration through its CERT. Although the next round of new extensions was less discussed, we are convinced that the new .brand TLDs that will be available to apply from April 2026 are a real opportunity for companies to equip themselves with a tool that will enhance their security, as they will have an exclusive, closed naming space that is therefore free from malicious domain names. In the context of increasing cyber threats, having a dedicated namespace that is easily identifiable and memorable for users will be a real asset. And this tool can be built with an operational sovereignty strategy with companies such as Nameshield.
Image source : Switch
