August 3, 2021

43,000 Sites, 630,000 Employees: Lessons in Cybersecurity from the U.S. Postal Service


What if it was your job to protect 1.2 million devices and 100 petabytes of data for one of the world’s largest organizations? How would that challenge change your perspective on cybersecurity?

Find out in our latest podcast, “One Night in Bangkok,” as we get the inside scoop from Greg Crabb, former CISO of the U.S. Postal Service. Hear the story of his three-year investigation of an infamous cyber attacker – which led to his testifying in a Thai court as part of an extradition hearing.

Greg has spent more than 25 years of experience bringing cybercriminals to justice. After the Postal Service experienced a massive data compromise in 2014, Crabb was installed as the agency’s CISO. During his six-year tenure, he grew the organization’s cybersecurity staff from 40 to 600 security professionals. He also pioneered the Executive Cyber Risk Committee, which includes the organization’s CIO, CFO, deputy postmaster general and general counsel.

Embracing a Risk Management Mindset

Now founder and principal of TenEight Cyber LLC, a cybersecurity consultancy, Greg shares lessons learned during his remarkable career. Gain fresh perspectives on how to:

  • Collaborate across organizations to understand cyber incidents and achieve rapid response and remediation.
  • Implement the key components of a mature cybersecurity practice and achieve a 24x7x365 approach to cyber sense and response.
  • Take zero-trust concepts from physical security and apply them to cyber protections.
  • Recognize the value of DevSecOps – development, security and operations – and how the approach can transform your cybersecurity.
  • Accept that social engineering and employee behavior are bigger threats than technology-based attacks.
  • Shift from a focus on technology and cyber threats to risk management and business impact – and establish a robust risk management mindset and practice.
  • Understand why cybersecurity ultimately has less to do with technology and more to do with understanding and responding to the organization’s operational needs.

Plus, learn behind-the-scenes details on why airline passengers can no longer board with open water bottles, how the Postal Service transformed itself to respond to anthrax threats, and how Crabb’s team partnered with the Cybersecurity and Infrastructure Security Agency (CISA) to secure the 2020 election.

The engaging conversation is part of Forcepoint’s To the Point series of informative podcasts on a broad range of cybersecurity topics. Don’t miss these valuable insights!

Greg Crabb,Founder, TenEight Cyber


Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.