As with comparable organizations in the government and private-sector, cybersecurity isa top priority for the Postal Service, and an essential enabler to meet the organization’s business goals. Cybersecurity at the Postal Service is every employee and contractor’s responsibility. Even one small cybersecurity event could cause significant operational disruption.
A cybersecurity breach shone a light on some major organizational gaps. Refusing to respond with the bare minimum, USPS leadership began an overhaul and whole new approach to cybersecurity within their walls. They knew the right thing to do for their employees and for the public was to build an information security office that could effectively monitor the environment, detect vulnerabilities, respond to threats and protect assets and information.
Key to the future success of the Corporate Information Security Office (CISO) initiatives was instilling a culture of proactivity. Every Postal Service employee both within and outside of the CISO organization needed to understand and believe in their role to keep USPS safe.With more than 250,000 employees accessing USPS networks daily, this was no small feat. The CISO needed to be strategic, consistent committed to the plan—unwavering during what would be a years-long effort to effectively reach full maturity.
USPS engaged Throughline to guide strategic meetings, build a brand, and lead USPS-wide awareness and training efforts, and, ultimately, create enduring culture change.
When CISO leadership first convened to begin early stages of planning, identify priorities and set big goals, Throughline designed and facilitated strategy sessions to leaders the space and direction they needed to collectively move in the right direction. Graphic recording panels from these sessions not only enlivened discussions in real time but served as the centerpiece of the CISOconference room table in the years that followed, reminding everyone of their mission every day. Throughline continued to support high-level CISO efforts throughout the course of our engagement, developing an internal-to-CISO visual identity (known to the CISO staff as the CISO shield), facilitating offsite activities, creating initiatives trackers and presentation materials for leadership, designing new employee onboarding materials and publishing an internal newsletter.
In large enterprises, it can be very easy for information to get lost or ignored. CISO needed a way to make their materials stand out among all the rest, so that people would first pay attention and later recognize and remember. The Throughline team built an entire internal visual identity, including the name and logo that would appear on every communication from the CISO organization to USPS staff: CyberSafe at USPS™. Visual guidelines applied consistently across awareness and training materials captured attention, established credibility and cultivated familiarity.
Over the course of three years, Throughline served as the creative team behind the CISO internal initiative that reached maturity fastest. By finding the right balance of repetition and novelty, Throughline developed the communications and materials that helped employees understand, care about and practice secure behaviors. From posters to videos to intranet pages to one-pagers to screensavers to swag, employees learned about new topics through targeted monthly campaigns and regular reminders about cyber safety.
Each October, Throughline supported a Cyber Fair at USPS headquarters that featured guest speakers, booths for cybersecurity agencies and practitioners, educational games and take-home materials. Throughline created the advance materials to advertise the fair, designed the booths, games and take-home materials and produced swag items that would help remind attendees of the CyberSafe at USPS™ brand in their everyday lives.
As part of the new approach to the organization, CISO leadership focused heavily on training and up skilling. Future leaders were identified from within CISO and sent to a comprehensive 12-week training that would help them to see their potential, increase their cohesion as a team and come out better trained and ready to fulfill their mission. It was challenging for many of these employees to leave their families during the week and remain focused through intensive training, so Throughline took on the task of making the conclusion of the training celebratory and personal. A short live-action video featuring interviews with Academy attendees kicked off a graduation ceremony and highlighted the personal growth and team bonding that underscored their training. In addition to programs and signage for the event, Throughline created personalized peer-nominated awards that aligned to the key components of the CISO motto and delivered swag bags that would enable graduates to wear the CISO shield logo with pride.
"The Throughline team came in during a critical time for USPS and our long-term security. Their empathetic approach to understanding key audiences and their mindsets enabled us to be strategic and successful in our planning, training and communications. USPS is more secure today in part because of this team’s dedication and creativity. “
—Greg Crabb, former CISO, U.S. Postal Service, Founder, 10-8, LLC
Since the establishment of mature practices and processes at USPS, CISO employees are well equipped to detect, prevent and respond to vulnerabilities and threats. As a result of the CyberSafe atUSPS™ awareness and training program, USPS has cultivated a knowledge able workforce, improved resiliency, promoted cybersecure habits and instilled a shared sense of responsibility across the entirety of the enterprise.
We’re a tight-knit team of dreamers, thinkers, doers and leaders who thrive in exploring what’s beyond the box.Join us