PUBLIX SUPER MARKETS INC 10-K Cybersecurity GRC - 2024-03-01

Page last updated on July 2, 2024

PUBLIX SUPER MARKETS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-01 14:04:59 EST.


10-K filed on 2024-03-01

PUBLIX SUPER MARKETS INC filed an 10-K at 2024-03-01 14:04:59 EST
Accession Number: 0000081061-24-000009

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity The Company’s information technology systems, as well as those of the Company’s third party service providers, are subject to cybersecurity threats. Significant cybersecurity threats, including intrusions into, compromises of or disruptions in the information technology systems of the Company or its third party service providers, could adversely affect the Company’s financial condition and results of operations. The Company maintains and updates its information technology systems to mitigate the risk of cybersecurity threats. The Board of Directors and Audit Committee have oversight responsibility for the Company’s cybersecurity risks. While the Company’s employees play a key role in cybersecurity, the Company’s Chief Information Officer, General Counsel and other members of management have shared responsibility for assessing and managing the Company’s cybersecurity risks. The Company’s management has sufficient knowledge, experience and expertise for assessing and managing the Company’s cybersecurity risks. The Board of Directors and Audit Committee receive updates from management regarding cybersecurity risks, cybersecurity threats that could impact the Company and cybersecurity initiatives to enhance the Company’s cybersecurity practices. The Audit Committee also receives updates on the results of assessments and audits of the Company’s information technology systems and controls. The Company has information technology security practices to protect its information technology systems and data and to monitor for potential cybersecurity threats. These practices are integrated into the Company’s risk management framework and include: - cybersecurity controls embedded in the Company’s information technology systems; - implementation of changes to address potential threats and vulnerabilities of the Company’s information technology systems; - incident response program, including proactive simulations, to identify and manage cybersecurity threats, risks or incidents; - participation in industry forums and collaboration with peers; and - security awareness and data protection training for applicable employees. Additionally, the Company assesses and manages cybersecurity threats associated with its third party service providers’ information technology systems that could compromise the Company’s information security or data. Identified cybersecurity threats are communicated to management for review, response and mitigation as appropriate. The Company assesses cybersecurity risks and changes in the cyber environment and adjusts its practices as deemed appropriate. To date, risks from cybersecurity threats have not materially affected, or are not reasonably likely to materially affect, the Company’s business strategy, financial condition or results of operations. Refer to Item 1A. Risk Factors in this Annual Report for additional information on risks related to the Company’s business, including cybersecurity risks.

Company Information

SIC DescriptionRetail-Grocery Stores
CategoryNon-accelerated filer
Fiscal Year EndDecember 29