State of Cybersecurity

BackgroundCybersecurity, a major enterprise risk consideration, is the practice of protecting systems, networks, and programs from cyberattacks. Cyberattacks targeting the critical infrastructure are increasing in frequency and sophistication, making a well-defined, proactive cybersecurity approach critical. To address these threats, the U.S. Postal Service’s Corporate Information Security Office (CISO) focuses on five cybersecurity strategic objectives: protect, monitor, respond, manage, and innovate. What We DidOur objective was to assess the effectiveness of the Postal Service’s state of cybersecurity, specifically evaluating its (1) risk profile and organizational alignment with the cybersecurity strategy, (2) cybersecurity risk management process and vulnerability management program for consistency and appropriateness, and (3) enterprise security architecture processes for alignment with best practices.