Postal experts and cybersecurity consultants addressed escalating cybersecurity challenges faced by the postal sector worldwide during the UPU’s Cybersecurity Forum on 25 April 2024.
In his opening remarks to the forum, UPU Director General Masahiko Metoki highlighted posts’ expanding digital infrastructure, emphasizing the sector’s increased need to secure this infrastructure in the same way it has secured its physical network.“With the rise of cyber threats targeting postal services globally, it is imperative that we come together to assess the risks, share best practices, and explore innovative solutions to safeguard the integrity and resilience of our postal networks,” he said.
Cybercrime, espionage and security, Internet policy and infrastructure expert and President of Hathaway Global Strategies LLC, Melissa Hathaway, set the scene for the discussions with a global overview of the current cybersecurity landscape.
Stating that the digital economy accounted for as much as 15% of the global economy and that 8.4 trillion USD had already been lost to cybercrime activities, Hathaway urged posts to include cybersecurity as part of their overall operational and business strategies. She said this was especially important considering the interoperability of the global postal network.
An investment in staff training and retraining would be key to mitigate cybersecurity breaches – 88% of which are caused by human error, she said.
She also encouraged UPU member countries and their designated postal operators to look to existing guidance on cybersecurity, including those offered by the United States’ National Institute for Standards and Technology and the United Kingdom’s National Cyber Security Centre.
Postal perspectives
Panelists from affected posts, the cybersecurity industry and the UPU’s own Postal Technology Center (PTC) dove deeper into the common threats facing the sector, highlighting best practices for mitigation and potential avenues for collaboration.
In particular, they noted that ransomware was a threat to all postal operators, indicating that they should have a robust plan to prepare, prevent and protect digital infrastructure to enhance their resilience, maintain customer trust and safeguard revenues. They examined the possibility of creating an information sharing and analysis center (ISAC) within the UPU to support designated operators in enhancing their resilience and exchanging information regularly.
PTC Director Lati Matata highlighted a number of frameworks, regulations, technical solutions, standards, training and partnership opportunities the UPU already offers to ensure global postal data is secured through its network.
Closing the proceedings, UPU Deputy Director General Marjan Osvald underscored the need to view cybersecurity as a business priority rather than an IT issue, with appropriate budget allocated towards planning. He noted that a significant portion of the UPU’s recent budget increase would fund the organization’s cybersecurity initiatives.
“Let us leverage the insights gained and the connections forged to drive meaningful change within our organizations and across the postal sector,” he said.
The forum was held at the UPU’s Berne, Switzerland, headquarters under the auspices of the Postal Operations Council (POC), an operational and technical body of the UPU. Some 320 people participated on site and online, with 80 UPU member countries represented.