<img src="https://certify.alexametrics.com/atrk.gif?account=kla4t1zDGU20kU" style="display:none" height="1" width="1" alt="">
Contact us
Request demo →
Contact us

Mapping a complex digital footprint - PostNL Use Case

by Sebastiaan Bosman Use case 8 Dec 2020

PostNL is the largest mail order and delivery organisation in the Netherlands, also operating in Belgium and Luxemburg. It has made mail and parcels accessible for over 220 years, growing to become one of the largest private employers in the Netherlands. Over the years, the organisation has grown through expansions, mergers and acquisitions, making its digital footprint rather complex.

Gunther Cleijn, Cyber Security Officer explains how he and his team work to ensure the security and daily productivity of the organisation. 

Gunther, can you tell something about yourself and PostNL?

Gunther Cleijn

Sure! My name is Gunther Cleijn. After a career in the Royal Dutch Army, I turned back to 'civil live' in 2008. Since then, I've been working for several organisations in roles that where focused on securing digital assets. I’ve been working at PostNL as Cybersecurity Officer for almost four years now. Within PostNL, I'm responsible for the security of the digital assets in our IT and OT domain.

PostNL is comprised out of different Business Units. Each BU has their own IT department and IT Director, but all report to the CIO. In total, we have approximately 10,000 staff and between 35,000 and 40,000 colleagues delivering mail and parcels.

I run a very knowledgeable team of full-time and part-time specialists and experts. Together, we take care of the digital risk profile throughout the organisation. We support our colleagues in daily practices by helping them solve complicated security issues. In addition, we act as an advisor for PostNL's Senior Management.

What was the biggest security challenge when you joined PostNL?

To get where we are today, PostNL has had various mergers and acquisitions. Different services and processes have been successfully tied together to create the company we are now, including the digital infrastructures, Operational Technology, and other aspects. Consequently, we are connected to a vast number of external suppliers and third parties.

On top of that, we also provide cross-border solutions, were we route parcels across the world. All of this results in a largely decentralised structure and a huge digital network. The challenge from a security perspective is to keep track of 'what’s happening' in such an environment.

"With the amount of data we were handling ,
we had to manage on exceptions"

To answer this question, I set out to accurately map our digital footprint and then created a reporting structure for all we could see happening with a potential impact on PostNL. So, we did an assessment over all our entities a few years ago to determine our security maturity level. One of the aspects we were focussing on was the digital footprint in its entirety. At the end of this manual exercise we compared our output to the results from Cybersprint’s platform. The conclusion: there really were quite a lot more assets than we thought we had.

What did you do to tackle that challenge?

"This is what it comes down to: no matter what third party or domain we are linked to, it can all be traced back to PostNL. That is what we had to map.

"The best approach to manage our digital footprint was to automate what we were doing by hand. With the amount of data we were handling on a daily basis, we had to manage on exceptions. Whenever the automated solution detects an issue, that is when you can follow-up by hand. I wanted to focus on the actions we had to take based on the data the platform delivered, and develop my security strategy accordingly to move forward even faster. With the automated solution, we are able to see and understand how big our digital footprint actually is, and act proactively to any risk to our brand."

What did you find most helpful?

"With regards to the first outcomes of the platform, it wasn’t like there were any shocking results. We knew there were more assets to find, we just needed the right solution to find them without having to specify where to look. Before, we had more of a gut feeling. Now, we know for sure.

"The strength of the platform is in the combination of many different sources, tools, plugins, etc. and the way they all work together to identify and visualise the necessary insights. Theoretically, we could have gained access to those sources ourselves as well, but that would not have been cost-efficient at all. It would only have cost us time, impeding our own productivity. With Cybersprint’s platform, we had all desired tools in one place and were able to give our security programme a big boost. The platform has quickly become a vital component of the intelligence system we have today.

"With the automated solution, we are able to see and understand how big our digital footprint actually is."

"More importantly, though, I am most pleased with the feeling of trust and peace of mind the solution brings. It really helps to have a professional cybersecurity company lend an eye to monitor the big bad internet with you.

"In addition, I know I can always reach out to my contact in Cybersprint for some tips and tricks when I get a question from somewhere in the business. Now, I’m able to confidently say what is happening in our digital footprint, and present the data to back it up."

Forwarding your call: How do DNS and CNAME records work?

The web is in a continuous state of dynamic development, with websites being created, updated, and deleted every day. These websites are the digital equivalent of a rented property. Similar to physical properties, visitors will need a precise address to visit you.

read more

Digital Footprint explained: What is it & where does it come from?

It's the term we use the most: Digital Footprint. It is the foundation of your organisation’s digital infrastructure. It’s the starting point of your IT security policies, configuration database management, vulnerability mitigation, and much more. In this blog, we’ll shortly describe what drives the need for a Digital Footprint solution, share our definition of the term, and explain how it minimises the risks to your brand.

read more

Swagger API: Discovery of API data and security flaws

APIs (Application Programming Interface) are used by applications to communicate and interact between systems, access data, and much more. It makes sure you get the correct response on a request. However, if someone were to intercept this request-response, they could potentially misuse the data or alter the process. Cyber-criminals scan the internet for unsecured APIs on a daily basis. If not properly secured, this can lead to unauthorised access to internal data or customer information. What’s more, in some cases it allows tampering with data directly from an exposed API. This technical article focuses on mapping and discovering Swagger APIs throughout the EU. We will present how we discovered those APIs and checked for misconfigured examples. We will illustrate each step using screenshots, present the results, and provide defensive recommendations. Research conducted by Soufian El Yadmani, Security Analyst at Cybersprint The interactive map below shows how many Swagger APIs we found, and in which region. You can click, drag and zoom to see how many Swagger APIs were found in your area.    

read more

Do you have a question?

Our experts have the answers

Contact us