PREFORMED LINE PRODUCTS CO 10-K Cybersecurity GRC - 2026-03-05

Page last updated on March 5, 2026

PREFORMED LINE PRODUCTS CO reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-03-05 17:12:59 EST.

Filings

10-K filed on 2026-03-05

PREFORMED LINE PRODUCTS CO filed a 10-K at 2026-03-05 17:12:59 EST
Accession Number: 0000080035-26-000007

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy The Company has implemented information security programs to, among other actions, assess, identify and manage material risks from cybersecurity threats. These programs include periodic risk assessments, company-wide testing initiatives, periodic phishing tests and annual audits. As the Company assesses its risks and determines how to implement risk management programs, the following factors, among others, are considered: likelihood and severity of risk, impact on the Company and others if a risk materializes, feasibility and cost of controls, and impact of controls on operations and others. The Company also utilizes an independent cybersecurity advisor to provide periodic objective assessments of the Company's capabilities and to conduct advanced attack simulations. Further, as part of the Company's overall information security program, the Company conducts a security awareness program, which includes training that reinforces the Company's security management policies, standards, and practices, as well as the expectation that employees comply with these policies, standards and practices, and facilitates identifying potential cybersecurity risks and protecting the Company's resources and information. The Company also annually engages third parties (as well as its internal audit department) to audit the Company's information security programs. The Company uses a variety of processes to address cybersecurity threats related to the use of third-party technology and services, including pre-acquisition diligence, imposition of contractual obligations, and ongoing monitoring. To date, there have not been any previous cybersecurity incidents that have materially affected the Company's business strategy, results of operations or financial condition. See Item 1A. Risk Factors under the heading of "The Company employs information technology systems to support its business, and any material breach, interruption or failure may adversely impact the Company's business." for additional information on cybersecurity threats that could have a material impact on the Company. The Risk Factors section should be read in conjunction with this Item 1C. Cybersecurity Risk Governance and Oversight The Company's Board of Directors maintains an active role in the Company's overall enterprise risk oversight to identify and mitigate broader systemic risks. The Audit Committee is responsible for overseeing and reviewing the Company's information security programs, including cybersecurity. In addition to the Audit Committee's oversight, the full Board of Directors receives periodic updates relating to information security and cybersecurity risks. The Board of Directors receives an annual report from its independent cybersecurity advisor. The Director of Global IT Infrastructure & Security, who manages information security training and awareness program, updates the Audit Committee periodically regarding information security matters. The findings from the Company's annual third-party and internal information security audits also are reported to the Audit Committee. The Company also actively engages with key vendors and industry participants as part of its efforts, which are reported to the Audit Committee. From January 2025 to September 2025, the Director of Global Information Systems had oversight responsibilities for PLP's information systems and cybersecurity. The Director of Global Information Systems reported to the CFO and coordinated with the IT resources across all subsidiary operations to discuss risk management initiatives, testing and training, recent trends and technological developments, and periodic reviews of third-party providers. In September 2025, the Director of Global Information Systems left the Company to pursue other opportunities. During the interim period before a replacement was appointed, the CFO provided more active oversight to address the Director of Global Information System's responsibilities. In December 2025, the Company reorganized its technology functions to align with evolving operational and cybersecurity requirements. As part of this reorganization, the Company established the new role of Director of Global IT Infrastructure & Security which reports to the CFO, and the position was filled on December 1, 2025. This role is responsible for leading the global team that manages and delivers all IT infrastructure services and security protocols, including network operations, servers and storage, database management, data center operations, messaging and collaboration services, service delivery, end-user computing, telephony, and remote site support. The Director, who will provide periodic strategic updates to the Audit Committee, is also charged with developing and implementing strategic and operational initiatives, establishing standards, policies, and procedures, overseeing daily operational activities, and providing direction to IT personnel. The individual appointed to this role brings over 25 years of IT leadership experience, including serving in Director-level and Chief Information Officer positions.
Item 1C. Cybersecurity Risk Governance and Oversight The Company's Board of Directors maintains an active role in the Company's overall enterprise risk oversight to identify and mitigate broader systemic risks. The Audit Committee is responsible for overseeing and reviewing the Company's information security programs, including cybersecurity. In addition to the Audit Committee's oversight, the full Board of Directors receives periodic updates relating to information security and cybersecurity risks. The Board of Directors receives an annual report from its independent cybersecurity advisor. The Director of Global IT Infrastructure & Security, who manages information security training and awareness program, updates the Audit Committee periodically regarding information security matters. The findings from the Company's annual third-party and internal information security audits also are reported to the Audit Committee. The Company also actively engages with key vendors and industry participants as part of its efforts, which are reported to the Audit Committee. From January 2025 to September 2025, the Director of Global Information Systems had oversight responsibilities for PLP's information systems and cybersecurity. The Director of Global Information Systems reported to the CFO and coordinated with the IT resources across all subsidiary operations to discuss risk management initiatives, testing and training, recent trends and technological developments, and periodic reviews of third-party providers. In September 2025, the Director of Global Information Systems left the Company to pursue other opportunities. During the interim period before a replacement was appointed, the CFO provided more active oversight to address the Director of Global Information System's responsibilities. In December 2025, the Company reorganized its technology functions to align with evolving operational and cybersecurity requirements. As part of this reorganization, the Company established the new role of Director of Global IT Infrastructure & Security which reports to the CFO, and the position was filled on December 1, 2025. This role is responsible for leading the global team that manages and delivers all IT infrastructure services and security protocols, including network operations, servers and storage, database management, data center operations, messaging and collaboration services, service delivery, end-user computing, telephony, and remote site support. The Director, who will provide periodic strategic updates to the Audit Committee, is also charged with developing and implementing strategic and operational initiatives, establishing standards, policies, and procedures, overseeing daily operational activities, and providing direction to IT personnel. The individual appointed to this role brings over 25 years of IT leadership experience, including serving in Director-level and Chief Information Officer positions.

Company Information