July 22, 2021 The Postal Service has updated Handbook AS-805, Information Security, which details the organizationâs security policies for technology assets and information resources. The updates include several new topics, including: The Executive Cyber Risk Committee, which evaluates and monitors cyber risk management activities and their alignment with the overall corporate risk profile; Contractual security…
Objective Our objective was to assess the U.S. Postal Serviceâs social media and digital channel security posture. We also assessed whether policies are in place to protect the integrity of the Postal Serviceâs official social media and digital channel presence. The Postal Service uses social media to promote its brand, products, and services and to…
The United States Postal Service maintains one of the worldâs largest information technology networks, which links nearly 1.2 million devices and 66,000 mail processing technology systems. Established in 2014, the Corporate Information Security Office (CISO) safeguards this network â the network that binds the nation together â with enterprise-wide cybersecurity technologies and solutions. This October,…
Objective Our objective was to determine if controls for purchasing and maintaining information technology (IT) equipment, specifically printers, webcams, and [redacted] cameras, are effective in identifying, assessing, and mitigating vulnerabilities and related cybersecurity risks to the U.S. Postal Serviceâs IT infrastructure. The Postal Service purchases IT equipment, such as webcams and printers, through the eBuy…
Objective Our objective was to assess whether Decision Analysis Reports (DAR) I and II cybersecurity investmentsâ stated performance metrics aligned with the Corporate Information Security Office (CISO) strategic and cost objectives. To establish a sound cybersecurity foundation, the Postal Service has made significant investments in information security. In 2015, the Postal Service approved [redacted] million…
Background An insider threat program helps an organization prevent, detect, and respond to the threat of an employee, contractor, or business partner misusing their trusted access to computer systems and data. Threats to the U.S. Postal Service include the theft and disclosure of sensitive, proprietary, or national security information, and the sabotage of its computer…
Background The U.S. Postal Service has one of the worldâs largest computer networks, which enables nationwide communication among more than 32,000 facilities. Over 500,000 employees work at these facilities, processing and delivering almost 155 billion mail pieces annually. In addition, the computer network stores, transmits, and processes financial, employee, contractor, and vendor information. The Mass…
Think twice before posting inflammatory messages or inappropriate photos online, particularly on social media sites, the Postal Serviceâs Corporate Information Security Office (CISO) advises. Postings could remain on sites for years and hurt your reputation. âItâs important to remember that once posted and shared on social media sites and the Internet, information is almost impossible…
