USPS OIG: Cybersecurity Decision Analysis Reports Review

Objective Our objective was to assess whether Decision Analysis Reports (DAR) I and II cybersecurity investments’ stated performance metrics aligned with the Corporate Information Security Office (CISO) strategic and cost objectives. To establish a sound cybersecurity foundation, the Postal Service has made significant investments in information security. In 2015, the Postal Service approved [redacted] million…

 Continue reading

USPS OIG Report: Insider Threat Program

Background An insider threat program helps an organization prevent, detect, and respond to the threat of an employee, contractor, or business partner misusing their trusted access to computer systems and data. Threats to the U.S. Postal Service include the theft and disclosure of sensitive, proprietary, or national security information, and the sabotage of its computer…

 Continue reading

USPS OIG Report: Postal Service Mass Data Compromise Response Plan

Background The U.S. Postal Service has one of the world’s largest computer networks, which enables nationwide communication among more than 32,000 facilities. Over 500,000 employees work at these facilities, processing and delivering almost 155 billion mail pieces annually. In addition, the computer network stores, transmits, and processes financial, employee, contractor, and vendor information. The Mass…

 Continue reading

USPS: Social media security

Think twice before posting inflammatory messages or inappropriate photos online, particularly on social media sites, the Postal Service’s Corporate Information Security Office (CISO) advises. Postings could remain on sites for years and hurt your reputation. “It’s important to remember that once posted and shared on social media sites and the Internet, information is almost impossible…

 Continue reading

USPS: EBay passwords should be changed, CISO says

Employees should change their eBay passwords, the Postal Service’s Corporate Information Security Office (CISO) says. CISO’s advisory follows eBay’s recent disclosure that it experienced a major security breach. The personal information of 145 million eBay customers was exposed, according to the company. In a statement, eBay said it had “no evidence of any unauthorized access…

 Continue reading