USPS logo LINK — USPS employee news Printable

Risky business

Identifying, addressing cyber vulnerabilities

CISO’s enterprise cybersecurity risk management team helps USPS to identify, assess, prioritize and manage cyber risks.

Life is never without risk.

Just ask the USPS Corporate Information Security Office.

To help mark National Cybersecurity Awareness Month in October, the Postal Service is highlighting this organization — also known as CISO — and its work to protect USPS from cybersecurity threats.

CISO’s enterprise cybersecurity risk management portfolio has several of these responsibilities, including identifying, assessing, prioritizing and managing the cyber risks facing USPS.

The team, led by Bill Jones, discovers potential risks and vulnerabilities through scanning, through the Postal Service’s work with suppliers and through the work of other CISO teams, such as Cybersecurity Operations.

Each risk is assigned a score that ranges in severity and is based on the potential effect on the Postal Service’s operations. The team then notifies everyone that could be affected by the risk and creates a detailed response plan. Once approved by USPS leadership, the team then carries out the plan and evaluates its success.

To help the Postal Service manage its cyber risks, the organization offers employees the following tips:

• Be cautious of unexpected emails and text messages. Cybercriminals are good at creating convincing messages appearing to come from trustworthy organizations, such as banks, schools or even the World Health Organization.

• Browse the internet safely. Cybercriminals are creating malicious websites that appear authentic and offer information related to the coronavirus pandemic, but they’re intended to steal usernames, passwords and other sensitive information.

The National Cybersecurity Awareness Month Blue page and the CyberSafe at USPS Blue and LiteBlue pages have more information about CISO, the enterprise cybersecurity risk management team and related topics.

Share your feedback at uspslink@usps.gov. Your comments could be included in the “Mailbag” column.