Agrify Corp 10-K Cybersecurity GRC - 2024-04-15

Page last updated on April 15, 2024

Agrify Corp reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-15 17:28:43 EDT.

Filings

10-K filed on 2024-04-15

Agrify Corp filed an 10-K at 2024-04-15 17:28:43 EDT
Accession Number: 0001213900-24-033048

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management We have implemented best-practices to assess risks from cybersecurity threats monitor our information systems for potential vulnerabilities and test those systems pursuant to our cybersecurity policies, processes, and practices, which are integrated into our overall risk management program (see section Services Overview for details on each service we use). To protect our information systems from cybersecurity threats, we rely on various security tools that are designed to help identify, escalate, investigate, resolve, and recover from security incidents in a timely manner. We have chosen Microsoft as our main provider for Cybersecurity and Governance services. Our Technology Risk Management Committee, currently including our Vice President of Information Technology, In-house General Counsel, General Manager, Director of Operations and Vice President of Technical Operations, assesses risks based on probability and potential impact to key business systems and processes. Risks that are considered high are addressed promptly and documented to be incorporated into our overall risk management program. A mitigation plan is developed for each identified high risk, with progress reported to the Technology Risk Management Committee and tracked as part of our overall risk management program overseen by the Audit Committee of our board of directors. To date, cybersecurity threats, including those resulting from any previous cybersecurity incidents, have not materially affected our Company, including our business strategy, results of operations, or financial condition. We do not believe that cybersecurity threats resulting from any previous cybersecurity incidents of which we are aware are reasonably likely to materially affect our Company. Governance Our board of directors oversees our risk management process, including as it pertains to cybersecurity risks, directly and through its committees. The Audit Committee of the board oversees our risk management program, which focuses on the most significant risks we face in the short-, intermediate-, and long-term timeframe. The Audit Committee reviews our cybersecurity risk profile with management on a periodic basis using key performance and/or risk indicators. These key performance indicators are metrics and measurements designed to assess the effectiveness of our cybersecurity program in the prevention, detection, mitigation, and remediation of cybersecurity incidents. We take a risk-based approach to cybersecurity and have implemented cybersecurity policies throughout our operations that are designed to address cybersecurity threats and incidents. 36 Services Overview The following section outlines the services we utilize to facilitate Cyber Security Risk Management: AWS (Amazon Web Services) Description of Service AWS, short for Amazon Web Services, is a comprehensive cloud computing platform offered by Amazon. It provides on-demand access to various computing resources like servers, storage, networking, databases, analytics, machine learning, and more. AWS eliminates the need for physical hardware investments and gives organizations flexibility and scalability. Key Services Amazon S3 (scalable object storage), Amazon EC2 (virtual servers), Amazon RDS (managed databases), Amazon CloudFront (Content Delivery Network) Use Case Hosting websites/applications, scaling infrastructure, storing/analyzing data, deploying machine learning models, managing databases Microsoft Azure/EntraID Description of Service A cloud computing platform offered by Microsoft, delivering a range of services for building, deploying, and managing applications. Azure supports various programming languages, tools, and frameworks for efficient development and scaling of applications. Key Services Virtual machines, Storage, Databases, Networking, Analytics, AI/ML, IoT, DevOps tools Use Case Scaling applications, hybrid cloud solutions, data analysis, building predictive models, continuous integration and deployment (CI/CD) Microsoft 365 Description of Service A suite of productivity and collaboration tools combining familiar Office apps, cloud-based services, and robust security features. Key Services Microsoft Office (Word, Excel, PowerPoint, Outlook, OneDrive), SharePoint, Teams Use Case Collaboration, email, document creation, cloud storage, security & compliance, mobile productivity, automation (Power Automate) 37 Zendesk Description of Service Customer service software centralizing and automating customer support for seamless interactions across email, live chat, social media, and self-service portals. Provides ticketing, reporting, analytics, and integrations. Key Services Ticketing system, Knowledge base, Live chat, Reporting & analytics Use Case Efficient customer support, tracking support performance, self-service options, improving the overall customer experience Microsoft Defender & Microsoft Defender for O365 Description of Service Microsoft Defender ATP (Advanced Threat Protection) is a comprehensive security solution developed by Microsoft to protect businesses against advanced cyber threats. It combines endpoint security capabilities, advanced analytics, and cloud-based intelligence to provide real-time threat detection, prevention, and response. Key Services Advanced threat detection, Endpoint visibility, Threat hunting, Incident response, Integrates with security tools Use Case Proactive cybersecurity, real-time alerts, endpoint analysis ConnectWise ScreenConnect Description of Service Remote support, access, and meeting software for efficient IT troubleshooting, user assistance, presentations, and collaboration. Key Features Secure remote connections, Screen sharing, Remote control, File transfer, Chat, Session recording Use Case Streamline IT support, troubleshoot remotely, reduce on-site visits 38 SolidWorks Server Description of Service Central storage/collaboration system for managing SolidWorks CAD files within an organization. Provides a secure, scalable, and efficient environment for teams. Key Features Centralized storage, Collaboration, Version control, Secure access, Replication, Backup, SolidWorks integration Use Case Securely storing design files, efficient collaboration, managing versions/history, streamlining workflows. Ubiquiti UniFi Dream Machine (UDM) Description of Service All-in-one network device for small-to-medium businesses, combining a router, firewall, switch, and wireless access point. Key Features UniFi Network Controller (manage network), Wireless connectivity (Wi-Fi 5/6), Firewall & security, Performance optimization, Scalability, Remote management.

Company Information