Cybersecurity Operations is on the Frontlines of the Cyber World

The United States Postal Service® is a global business that processes and delivers 48 percent of the world’s mail. With such a large operation, USPS® mail delivery relies on a strong technology network to ensure uninterrupted performance.

Protecting this network is the job of the Cybersecurity Operations (CSOC) portfolio (see blue.usps.gov/itweb/ciso/csoc/welcome.htm), led by Lynne Mitchell, Cybersecurity Operations manager (see blue.usps.gov/itweb/ciso/lynne-mitchell-bio.htm).

Under Lynne, this portfolio protects the USPS technology environment by responding quickly to internal and external cyberthreats. Part of this protection comes from two cybersecurity operations centers, or CSOCs, which continuously monitor the USPS network for suspicious activity, and provide stakeholders with situational awareness of cyber events and escalation, as needed. This is the CSOC Threat Detection program, which receives and responds to alerts, calls, and emails from employees and others 24/7, year-round, and addresses malware analysis and forensic requirements from events within the environment.

In addition, the CSOC portfolio keeps the USPS network safe through five additional programs:

n Insider Threat (InTP). Notice an employee or vendor asking questions outside the scope of their duties? The CSOC InTP ensures the protection of all USPS proprietary information, employee personal data, or other assets from being removed or shared outside of the organization where it could be used to inflict harm.

n Incident response. Even the best cyber defense needs a team to respond to cybersecurity events and incidents. The incident response team analyzes and responds to cybersecurity issues that could impact or impair our network, while managing our incident response protocols and communications in the event of an actual cyberattack.

n Threat Intelligence Unit (TIU). In addition to monitoring the network for known types of cyberthreats, the CSOC TIU collaborates with outside partners to ensure awareness of any threats, as well as forecasting, monitoring, detecting, and hunting for internal and external cyberthreats.

n eDiscovery. In an organization as large as the Postal Service™, the obligation to preserve and produce electronic documents in support of litigation and investigations, as well as regulatory and Freedom of Information Act requests, is a massive undertaking. The eDiscovery team lends its expertise to help USPS meet its obligations in a cost-effective, timely, and compliant manner.

n CSOC Center of Excellence Evolution Team (CCEET). CCEET provides crucial, sustained collaboration within CSOC, and with its stakeholders within CISO, CIO, USPS, and our external partners. Through this team’s efforts, improvements are made in CSOC monitoring capabilities and resilience. While pursuing daily operational activities in the other CSOC areas, CCEET focuses on planning, reporting, resilience, and improvements to monitoring.

For more information about Cybersecurity Operations, visit blue.usps.gov/itweb/ciso/csoc/welcome.htm.