Cybersecurity 

Swiss Post expands its bug bounty programme

For the past five years, Swiss Post has been using its bug bounty programme, one of Europe’s largest, to identify vulnerabilities in its IT systems. In August 2024, Swiss Post expanded the programme to include all digital applications developed in-house, which can now be put through their paces by ethical hackers from all over the world. The hackers test – without criminal intent – various areas of Swiss Post where technology is used, from parcel delivery and the PostBus timetable to digital services such as “My consignments” and e-voting. And all this is happening time and again because technologies change and security standards must be constantly adapted accordingly.

13
million
phishing and spam e-mails are intercepted by Swiss Post every month.
8,000
virus attacks are combated by Swiss Post every month.
200
phishing waves target Swiss Post customers every month.
20
cyberattacks every month specifically target Swiss Post.

Proactive cybersecurity strategy

The bug bounty programme identifies and closes potential security gaps at an early stage – before they can be exploited. “Trustworthy handling of personal information and protecting it against unauthorized access is part of Swiss Post’s DNA,” says Marcel Zumbühl, Chief Information Security Officer (CISO) at Swiss Post. “That’s why it’s a must for us to continuously invest in a proactive cybersecurity strategy.” The focus is not only on protecting the systems, but above all on maintaining customers’ trust in Swiss Post’s digital services.