event

DNS Security Forum 2026

 

The Universal Postal Union (UPU), a UN specialized agency, in collaboration with the Internet Corporation for Assigned Names and Numbers (ICANN), will host the inaugural DNS Security Forum at the UPU headquarters in Bern.
 

  • Time: 8:30 – 17:00 CEST

  • Venue: Hybrid format via Zoom with in-person participation at the UPU International Bureau (Weltpoststrasse 4, 3015 Bern, Switzerland).

  • Register now here.

  • ​Access speakers' biographies here.

Jun
23

Tuesday, 23 June 2026, 8:30 - 17:00
Hybrid format via Zoom and in-person at the UPU International Bureau

The modern postal and e-commerce logistics sector relies heavily on secure, resilient digital infrastructure. This forum aims to raise awareness of DNS security threats, promote best practices such as DNSSEC and email authentication (DMARC/DKIM/SPF), and foster collaborative cyber resilience among UPU member states and the wider postal and logistics ecosystem.

The event will culminate in the official launch of the POST-ISAC (Information Sharing and Analysis Center) initiative, establishing a dedicated cyber threat-sharing hub for the global postal and logistics sector.


Who should attend?

  • UPU Member States & Designated Operators (DOs): National postal executives and IT/Security directors.

  • .POST Registrants & Groups: Entities operating within the authenticated .POST top-level domain.

  • Wider Postal Sector Players (WPSPs): any private or public entity other than a Designated Operator which has an interest in supporting the mission and objectives of the UPU, including without limitation e-retailers, courier companies, logistics service providers, financial service providers, airlines, railways and other transport companies, customs organizations, manufacturers of postal and postal industry-related solutions, customer associations, unions and postal worker associations.

  • Technical engineers/architects and non-technical policymakers/international affairs specialists/executives, with a likely bias toward technical operations.


Topics covered:

  • The threat landscape in logistics: Phishing, domain hijacking, and DNS abuse targeting the postal and e-commerce delivery chain.

  • Protecting digital assets & brand trust: The strategic value of the .POST sponsored Top-Level Domain (sTLD) as a secure and trusted digital space.

  • DNSSEC implementation: Practical benefits, deployment strategies, and overcoming common hurdles for postal and logistics stakeholders.

  • Email security & deliverability: Preventing executive spoofing and phishing campaigns using DMARC, DKIM, and SPF.

  • Collaborative cyber resilience: The role of Information Sharing and Analysis Centers (ISACs) in preempting supply chain cyberattacks.


[For any questions] hello [at] trust [dot] post

[Provisional Programme]

Learn more about the speakers here.
Register now here.

Morning session: Strategic insights, DNS and e-mail security

8.30–9.30: Registration and welcome coffee

9.30–10.10: Opening session: A unified front for digital trust

9.30–9.40: Opening keynote

  • Masahiko Metoki – Director General, UPU, International Bureau

9.40–9.50: Welcome remarks

  • Chris Mondini – Managing Director, Europe & Vice President, Stakeholder Engagement, Internet Corporation for Assigned Names and Numbers (ICANN)

9.50–10.00: Opening remarks

  • Massimiliano Aschi – Cybersecurity Lead, Poste Italiane, and Chair of the UPU Cyber Resilience Expert Team

10.10–10.40: Expert talks : The state of DNS security in global e-commerce and logistics

  • 10.10–10.20: Serge Droz – Director, Forum of Incident Response and Security Teams (FIRST), and Senior Technical Cybersecurity Advisor, Swiss Federal Department of Foreign Affairs

  • 10.20–10.30: Ulrich Wisser – Technical Engagement Manager (Europe), Office of the Chief Technology Officer (OCTO), ICANN

  • 10.30–10.40: Massimiliano Aschi – Cybersecurity Lead, Poste Italiane, and Chair of the UPU Cyber Resilience Expert Team

10.40–10.50: Coffee break

10.50–12.00:
Panel discussion 1: Combating DNS abuse and protecting brand integrity

Moderator:

  • Gabriella Schittek – Stakeholder Engagement Director, Nordic & Central Europe, ICANN

Panellists:

  • Michael Hausding – Competence Lead, DNS and Domain Abuse, Switch, and Director, FIRST

  • Prudence Malinki – Head of Global Industry Relations, Markmonitor

  • Jacob Gholson – Postal Security Programme Manager, UPU

  • Matt Carroll – Supervisor, Cyber Crimes Unit, United States Postal Inspection Service

12.00–12.15:
Presentation: From theory to practice – DNSSEC for postal operators

High-level technical briefing on why Domain Name System Security Extensions (DNSSEC) are critical for authenticating digital postal service

  • Ulrich Wisser – Technical Engagement Manager (Europe), OCTO, ICANN

12.15–13.30:
Panel discussion 2: Collaborative cyber resilience and threat intelligence

Moderator:

  • Tracy Hackshaw – Head of the .POST Business Management Unit, UPU

Panellists:

  • Marcel Zumbühl – Chief Information Security Officer, Swiss Post Group

  • Ariane Weik – Legal, Compliance and Information Security, INWX

  • Nick Mayencourt – CEO/Founder, Dreamlab Technologies, and Board Member, Institute for Security and Open Methodologies (ISECOM)

  • Orhan Osmani – Head of Cybersecurity, Telecommunication Development Sector, International Telecommunication Union

  • Jacob Gholson – Postal Security Programme Manager, UPU

  • Matt Carroll – Supervisor, Cyber Crimes Unit, United States Postal Inspection Service

13.30–14.00: Networking lunch break

Afternoon session

14.00–14.30:
Presentation: Securing postal communications – the DMARC, DKIM and SPF trifecta? What about BIMI?

  • Lars Sandbergen – Director, DMARC Advisor

  • Dawley Stuvel – Solutions Consultant, PostNL

Overview: How postal operators can lock down their e-mail domains to prevent spoofing, ensure high deliverability of legitimate customer notifications (such as tracking updates) and protect brand reputation from phishing campaigns.

14.30–16.00
Expert-led training: Applied DNS and e-mail security (split/tiered approach)

Trainers:

  • Ulrich Wisser – Technical Engagement Manager (Europe), OCTO, ICANN
  • Lars Sandbergen – Director, DMARC Advisor
  • Dawley Stuvel – Solutions Consultant, PostNL

Part 1 (14.30–15.15):

Foundation (tech and non-tech) – under­standing DNS vulnerabilities, managing domain portfolios securely, and the basics of e-mail authentication policy for­mulation

Part 2 (15.15–16.00):

  • Operational deep dive (tech bias) – prac­tical session on configuring DNSSEC, generating DKIM keys, enforcing strict DMARC policies, and monitoring DNS traffic for anomalies


16.00–16.20: Greetings from UPU Cybersecurity Partners

16.00–16.10: Partnership Remarks

  • Alejandro Fernández-Cernuda Díaz  Director of Engagement, Internet Integrity Program, Global Cyber Alliance

16.10–16.20: Partnership Remarks

  • Aimee Kirkpatrick  President, STOP. THINK. CONNECT. Campaign

16.20–16.30:
Transition to HVS Lounge for the Official Launch of POST-ISAC

16.30–16.40: Remarks

  • Tracy Hackshaw  Head, .POST Business Management Unit, UPU

16.40–16.50: Official launch of the POST-ISAC initiative

  • Masahiko Metoki  Director General, UPU, International Bureau
16.50–17.00: Wrap-up

 
  • Register now here.