United States Post Office Faces Cybersecurity Challenges
Cybersecurity has been listed as one of the challenges facing the United States Postal Service (USPS) in a semi-annual report to Congress by the Office of the Inspector General (OIG).
The report, which was released on Monday, outlines the most critical management issues with which the service has had to contend during the six-month period from April 1 to September 30, 2019.
Modernization, IT, and cybersecurity were all flagged as challenges, along with the long-running problem of illegal narcotics being sent through the mail.
In the report, USPS inspector general Tammy Whitcomb wrote: "The use of the mail system to ship illicit narcotics continues to demand our attention both in our audit work and our investigations. While narcotics allegations are rapidly becoming our greatest investigative area of focus, our special agents cover a wide swath of areas: health care fraud (claimant and provider); mail theft; contract fraud; and financial fraud."
During the six-month period covered by the report, the USPS completed 1,362 investigations that led to 436 arrests and nearly $1.48bn in fines, restitutions, and recoveries. Of that total, more than $77m was returned to the Postal Service.
Whitcomb highlighted the difficulties of meeting the demands of the customer base in an increasingly digital world.
Whitcomb wrote: "A modern information technology network with sufficient capacity is critical to the success of the Postal Service. Customers and businesses demand timely, relevant, and accurate information and data as part of their digital experience.
"The network must have the ability to meet these demands as well as the flexibility to continually adjust to the ever-changing business and regulatory environment. As information technology and the cyber-threat landscape evolves, security continues to be an ongoing challenge."
A review of the cybersecurity of the USPS conducted in November 2018 found a lack of long-term planning in which ongoing costs such as software licenses and contractor support had not been considered. This in turn had led to overspending.
In the review, the OIG recommended that the USPS "create and execute a program/administrative budget to adequately plan and administer an ongoing cybersecurity program." The current target implementation date for fulfilling this recommendation is March 2020.
Source: Information Security Magazine