ENCORE WIRE CORP 10-K Cybersecurity GRC - 2024-02-16

Page last updated on April 11, 2024

ENCORE WIRE CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-16 15:16:04 EST.

Filings

10-K filed on 2024-02-16

ENCORE WIRE CORP filed an 10-K at 2024-02-16 15:16:04 EST
Accession Number: 0000850460-24-000017

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Cybersecurity Risk Management and Strategy We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program is aligned to the Company’s business strategy. It shares common methodologies, reporting channels and governance processes that apply to the other areas of enterprise risk, including legal, compliance, strategic, operational, and financial risk. Key elements of our cybersecurity risk management program include: risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise information technology environment; a security team principally responsible for managing our cybersecurity risk assessment processes and our response to cybersecurity incidents; the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security procedures; training and awareness programs for team members that include periodic and ongoing assessments to drive adoption and awareness of cybersecurity processes and procedures; a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and a third-party risk management process for service providers, suppliers, and vendors. In the last three fiscal years, the Company has not experienced any material cybersecurity incidents. For a discussion of whether and how any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition, refer to Item 1A. Risk Factors - “Cybersecurity Breaches and other Disruptions to our Information Technology Systems”, which is incorporated by reference into this Item 1C. Cybersecurity Governance The Board regularly receives reports from our executive officers and third parties on cybersecurity matters. In addition, the Board receives reports addressing cybersecurity as part of our overall enterprise risk management program and to the extent cybersecurity matters are addressed in regular business updates. Management is responsible for developing cybersecurity programs, including as may be required by applicable law or regulation. These individuals’ expertise in IT and cybersecurity generally has been gained from a combination of education, including relevant degrees and/or certifications, and prior work experience. They are informed by their respective cybersecurity teams about, and monitor, the prevention, detection, mitigation and remediation of cybersecurity incidents as part of the cybersecurity programs described above.
Item 1C. Cybersecurity Governance The Board regularly receives reports from our executive officers and third parties on cybersecurity matters. In addition, the Board receives reports addressing cybersecurity as part of our overall enterprise risk management program and to the extent cybersecurity matters are addressed in regular business updates. Management is responsible for developing cybersecurity programs, including as may be required by applicable law or regulation. These individuals’ expertise in IT and cybersecurity generally has been gained from a combination of education, including relevant degrees and/or certifications, and prior work experience. They are informed by their respective cybersecurity teams about, and monitor, the prevention, detection, mitigation and remediation of cybersecurity incidents as part of the cybersecurity programs described above.

Company Information