Cybersecurity: Empowering Mail in the...
Transcript of Cybersecurity: Empowering Mail in the...
5/16/2017
1
Cybersecurity: Empowering Mail in the Digital Marketplace
with Greg Crabb USPS Vice President, Chief Information Security Officer
Wednesday, May 24, 2017
start presentation
5/16/2017
2
Evolving Threats
What We Protect
Our StrategyCyberSafe at USPS™
Sharing Our Experience CISO
Industry Trends
Industry Trends
The digital age is changing
the mailing industry and how
customers interact with mail.
To meet customers’ evolving
expectations and grow
business, the Postal Service is
developing new technologies
and offering new services.
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous nextOur Strategy
5/16/2017
3
Evolving Threats
While the digital age creates
many new opportunities and
allows the Postal Service to
innovate and deliver to their
customers, it also creates new
risks. Cyber attacks are on the
rise, dramatically increasing
costs to business and
customers.
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous nextOur Strategy
What We Protect
legitimate emails handled per day
mailpieces processed and delivered each day
devices scanned each month
points of sale terminals maintained nationwide
in online stamp and retail sales at usps.com per day
email messagesblocked monthlydue to viruses
email accounts receiving Postal Service Information per day
address changes processed per day
malware attacks blocked weekly
credit and debit card transactions processed annually
people who visit usps.com per day
11.5M 509M 176K
45K $758,356 1.3M
214k 122,000 1k
381M 4.1M
C I SO S C A L E O F O P E RAT I ON SU S P S S C A L E O F O P E RAT I ON SU S P S NETWORK
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous nextOur Strategy
5/16/2017
4
Our Strategy
CISO
CISO ensures information security is a top priority for the
Postal Service by investing in infrastructure, assets, and
personnel to defend against advanced cyber threats.
Improve Management, Governance, Compliance,
Education, andRisk Management
Protect, Shield, and Defend the enterprise from cyber
threats and Prevent disruptive cyber incidents
Respond to and Recover from incidents, and
Sustain operations when incidents occur
Monitor the internal and external environments, and Detect and Hunt attacks on the network
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous nextOur Strategy
CyberSafe at USPSTM
Our greatest technology solution isn’t about technology.
It’s about people.
I N T EGRAT ING B EHAV I OR C H ANG E T E CHN I QU E S
C Y B E R S A F E F O C U S AR EA S
Create a ‘cybersafe’ culture across the USPS workforce via monthly campaigns, in‐person engagements, and a dedicated website
Focus on meeting employee needs and filling knowledge gaps. Cover a wide range of subject matters, using role‐based andgame‐based learning
Equip employees to identify real‐world threats. Mimiccyberattack techniques like phishing to test employees’ habitsand identify common behavioral weaknesses
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous nextOur Strategy
5/16/2017
5
Sharing Our Experience
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous nextOur Strategy
A Community of Action
Make information security a priorityby incorporating cybersafe practices into your everyday life.
• Use privacy settings, and limit the amount of personal information you post online
• Avoid posting any of your personal information on social media platforms
• Avoid sharing your passwords with others or writing them down
• Limit your personal use of your work devices and e‐mail accounts
• Visit social media pages on your personal devices only
• Avoid connecting personaldevices to work equipmentfor charging or transferringfiles
• Be mindful of scams when checking your email
• Make sure you recognize the sender or the email address before opening an email
• Don’t open links or attachments from unknown or unreliable sources
• Make sure your home network is password protected
• Connect only to secure wireless networks in public places
• Only enter personal information, including social securityand credit card numbers, into authenticated, secure webpages, with the webaddress always beginning with “https”
• Be mindful of scams when checking your email
• Make sure you recognize the sender or the email address before opening an email
• Don’t open links or attachments from unknown or unreliable sources
• Keep an open dialoguewith your family, friends, and colleagues about staying safe online and the importance of information security
Industry Trends
Evolving Threats
What We Protect
CyberSafe at USPSTM
Sharing Our Experience
A Community of Action
previous Our Strategy