Aircastle LTD 10-K Cybersecurity GRC - 2024-04-25

Page last updated on July 16, 2024

Aircastle LTD reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-25 14:39:23 EDT.


10-K filed on 2024-04-25

Aircastle LTD filed a 10-K at 2024-04-25 14:39:23 EDT
Accession Number: 0001628280-24-018039

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Our cybersecurity program includes the assessment, identification and management of material risks from cybersecurity threats (as defined in Item 106(a) of Regulation S-K). To identify and assess material risks from cybersecurity threats, our annual enterprise risk management assessment considers risks from cybersecurity threats alongside other risks as part of our overall risk assessment process. In addition, we engage with consultants, internal and external auditors and other third parties to gather certain insights designed to identify and assess material risks from cybersecurity threats, their severity and potential mitigations. We also employ a range of tools and services, depending on the environment, including network and endpoint monitoring, malware detection, vulnerability assessments, cloud penetration testing, threat hunting and incident responsiveness, as well as tabletop exercises, to inform our cybersecurity risk identification and assessment. As part of our cybersecurity program, we maintain an incident response plan that includes processes to assess the severity of, escalate, contain, investigate and remediate cybersecurity incidents. We also have risk management processes to oversee and help identify risks from cybersecurity threats associated with our use of third-party service providers. Our Board of Directors has delegated oversight of our cybersecurity program, which includes oversight of cybersecurity threats, to the Risk and Governance Committee. Throughout the year, at each quarterly Risk and Governance Committee meeting, or as needed, the committee is updated on IT security by senior management, including industry IT breaches, cybersecurity incidents and employee cybersecurity training. Our Head of Information Technology is a Certified Information Systems Security Professional and is responsible for day-to-day assessment and management of our information systems and cybersecurity program. Our Head of Information Technology reports directly to our Chief Financial Officer. To date, cybersecurity threats, including as a result of any previous cybersecurity incidents, have not materially affected and, we believe, are not reasonably likely to materially affect the Company, including its business strategy, results of operations or financial condition. For additional description of risks from cybersecurity threats and potential related impacts on the Company, see our risk factors under Part 1. Item 1A. Risk Factors in this Annual Report on Form 10-K, including “We are dependent upon information technology systems, which are subject to disruption, damage, failure and risks associated with implementation and integration.”

Company Information

NameAircastle LTD
SIC DescriptionServices-Equipment Rental & Leasing, NEC
CategoryNon-accelerated filer
Fiscal Year EndFebruary 27