Safeguarding the Integrity of the U.S. Postal Service

Safeguarding the Integrity of the U.S. Postal Service

The U.S. Postal Service operates one of the largest and most complex infrastructures in the world. Every day, we protect more than 6.5 million emails, 12 million visitors to usps.com, more than 50,000 mobile devices and retail terminals, over 900 applications —  each subject to rigorous security controls to protect both internal and customer data — automated machinery, and so much more. Securing this environment isn’t just a technical responsibility, it’s an organization-wide collaboration carried out on an immense scale.

My Corporate Information Security Office team is made up of more than 300 cybersecurity professionals, and we’re at the forefront of this mission. But to succeed, every postal employee, IT expert and partner must play their role. This is not only about defending against large-scale hacking attempts but also about preventing smaller, everyday risks. Simple actions, such as avoiding the use of personal devices on the postal network, are vital to protecting our systems.

Education, training and awareness are critical to our cybersecurity efforts, and we’re constantly encouraging employees at every level and in every department to keep cybersecurity top of mind. In addition to these efforts, we’ve deployed more than 400 volunteer CyberSafe Guardians, employees who champion best practices and serve as our eyes and ears on the ground, to ensure cybersecurity is part of every employee’s everyday routine.

We embed security into every part of our business, from processing and logistics to the retail counter. Guided by a zero-trust model — never trust, always verify — our approach is supported by constant analytics, robust asset inventories, encryption and stringent access controls. This layered strategy allows us to manage risk while enabling USPS to operate efficiently, reliably and at scale.

Continuous vulnerability scanning and rapid remediation are cybersecurity industry standard practices. So, we rely on a dedicated team of our own hackers who continually test our defenses using the tactics of real-world attackers. At the same time, our 24/7 year-round cybersecurity operations and threat-hunting teams work tirelessly to detect and eliminate threats as quickly as possible.

All this work is conducted with the express intent of keeping the Postal Service moving forward, delivering on our public service commitment. The American public depends on the Postal Service to always be available, but in today’s world, accessibility comes with risks. It’s our job to assess those risks and ensure that our services remain both secure and accessible.

One of the many things I value about cybersecurity is that it’s constantly evolving — dealing with current issues while preparing for tomorrow’s threats. That’s why we’re embracing the potential of artificial intelligence and have made significant gains in this area while also evaluating the opportunities and challenges of quantum computing. It’s never a boring day.

Ultimately, cybersecurity at the Postal Service is about safeguarding trust. That means protecting the integrity of our network and ensuring our services remain accessible. We achieve this by uniting every employee, every department and every partner in a culture of vigilance and innovation.

 

Heather Dyer

 

Vice President, Chief Information Security Officer