Postal Bulletin highlights Cybersecurity Awareness Month 2020

The United States Postal Service maintains one of the world’s largest information technology networks, which links nearly 1.2 million devices and 66,000 mail processing technology systems. Established in 2014, the Corporate Information Security Office (CISO) safeguards this network — the network that binds the nation together — with enterprise-wide cybersecurity technologies and solutions. This October,…

 Continue reading

USPS OIG Report: Controls Over Purchasing and Maintaining IT Equipment

Objective Our objective was to determine if controls for purchasing and maintaining information technology (IT) equipment, specifically printers, webcams, and [redacted] cameras, are effective in identifying, assessing, and mitigating vulnerabilities and related cybersecurity risks to the U.S. Postal Service’s IT infrastructure. The Postal Service purchases IT equipment, such as webcams and printers, through the eBuy…

 Continue reading

USPS OIG: Cybersecurity Decision Analysis Reports Review

Objective Our objective was to assess whether Decision Analysis Reports (DAR) I and II cybersecurity investments’ stated performance metrics aligned with the Corporate Information Security Office (CISO) strategic and cost objectives. To establish a sound cybersecurity foundation, the Postal Service has made significant investments in information security. In 2015, the Postal Service approved [redacted] million…

 Continue reading

USPS OIG Report: Insider Threat Program

Background An insider threat program helps an organization prevent, detect, and respond to the threat of an employee, contractor, or business partner misusing their trusted access to computer systems and data. Threats to the U.S. Postal Service include the theft and disclosure of sensitive, proprietary, or national security information, and the sabotage of its computer…

 Continue reading

USPS OIG Report: Postal Service Mass Data Compromise Response Plan

Background The U.S. Postal Service has one of the world’s largest computer networks, which enables nationwide communication among more than 32,000 facilities. Over 500,000 employees work at these facilities, processing and delivering almost 155 billion mail pieces annually. In addition, the computer network stores, transmits, and processes financial, employee, contractor, and vendor information. The Mass…

 Continue reading

USPS: Social media security

Think twice before posting inflammatory messages or inappropriate photos online, particularly on social media sites, the Postal Service’s Corporate Information Security Office (CISO) advises. Postings could remain on sites for years and hurt your reputation. “It’s important to remember that once posted and shared on social media sites and the Internet, information is almost impossible…

 Continue reading

USPS: EBay passwords should be changed, CISO says

Employees should change their eBay passwords, the Postal Service’s Corporate Information Security Office (CISO) says. CISO’s advisory follows eBay’s recent disclosure that it experienced a major security breach. The personal information of 145 million eBay customers was exposed, according to the company. In a statement, eBay said it had “no evidence of any unauthorized access…

 Continue reading