Swiss Post is a logistics company. Does it even need a Head of Information Security? 

Modern logistics cannot function without a robust IT system. Our customers trust us, and that trust entails responsibility. Swiss Post therefore invests in strong information security. And it pays off: every month, Swiss Post successfully fends off around 100 targeted attacks and over ten million phishing attempts.   

In what areas is cybersecurity important for Swiss Post?

Anywhere technology is used is at risk of a cyberattack. Today’s parcel volumes can only be sorted and delivered within deadlines thanks to robust infrastructure and a variety of technological resources. Nowadays, even Postbuses are small moving data centers that we need to protect. Alongside parcel and letter deliveries, Swiss Post also offers a range of digital services such as “My consignments”, digital mailboxes, e-voting and digital health. Since 2022, Swiss Post has done more than just protect its own systems against cyberattacks – it now also offers cybersecurity monitoring and security to various companies and authorities.

How did that come about? 

We do a lot of tasks on the Internet every day. Every time we place an order, book a doctor’s appointment or even fill out our tax declarations online, we are sharing more information about ourselves. We need to protect this against attacks. Swiss Post itself handles sensitive data, be it the bank details of PostFinance customers or the postal addresses of people living in Switzerland. To protect this data properly, Swiss Post has gained considerable expertise in the field of cybersecurity. With the acquisition of Hacknowledge SA in Morges and terreActive Ltd in Aarau, we now offer our customers powerful tools to protect their systems and data. 

Which developments do you think will influence cybersecurity in 2024? 

Thanks to recent innovations such as ChatGPT, artificial intelligence (AI) is the current hot topic. These solutions are useful in every day life, but provide new challenges for cybersecurity. For example, they can be manipulated. If provided with enough false information, they can give you the wrong result. Swiss Post is working with the Dalle Molle Institute for Artificial Intelligence at the Università della Svizzera italiana on the robustness of artificial intelligence systems. Through this partnership, we want to improve the protection offered for AI systems that we use in our logistics network. 2024 will be an exciting year for cryptography. We’re expecting the first encryption algorithms that cannot even be cracked by so-called quantum computers. Our specialists at the cryptography center in Neuchâtel have the important task of testing the new algorithms and accelerating their introduction.  

Will ethical hackers be asked to attack Swiss Post again next year?

Next year, our bug bounty programme will turn five years old. It is among the largest in Europe. In the coming year, we aim to expand the programme so that ethical hackers can attack all applications that operate under *swisspost.ch. By doing so, we want to encourage other companies to recognize the importance of cybersecurity. Because successful cybersecurity means that customers trust online services.