CARLISLE COMPANIES INC 10-K Cybersecurity GRC - 2024-02-16

Page last updated on July 16, 2024

CARLISLE COMPANIES INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-16 14:06:56 EST.

Filings

10-K filed on 2024-02-16

CARLISLE COMPANIES INC filed a 10-K at 2024-02-16 14:06:56 EST
Accession Number: 0000790051-24-000058

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. The Company’s processes to assess, identify, and manage material cybersecurity risks are included as part of the Company’s overall risk management program and include documented procedures and protocols to identify and monitor material cybersecurity risks, provide cybersecurity training and awareness, implement protective controls, and established incident response procedures. The Company also engages third-party professional cybersecurity consultants to assist with its cybersecurity processes, including conducting periodic tabletop exercises and system penetration testing. The Company maintains processes to oversee and identify certain risks from cybersecurity threats associated with its use of these third-party service providers and maintains protections in its vendor risk management process. Risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have not materially affected, nor are reasonably likely to materially affect, the Company, including its business strategy, results of operations, or financial condition. The Audit Committee of the Company’s Board of Directors oversees the assessment and management of the Company’s major financial risk exposures, including cybersecurity risk, and reviews the steps management has taken to monitor, control and mitigate such exposures. No less than annually, the Director of Information Security attends an Audit Committee meeting and presents for review and discussion the Company’s processes to assess, identify, manage and mitigate material cybersecurity risks. The Audit Committee subsequently reports on the presentation to the full Board of Directors. The Company’s cybersecurity processes are managed by a dedicated department led by the Director of Information Security. The Director of Information Security has 10 years of cybersecurity work experience and carries a number of cybersecurity and security-related certifications. The dedicated department is responsible for developing and implementing the strategies, policies and procedures to manage and mitigate cybersecurity risks. The dedicated department utilizes documented incident response procedures to become informed of and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents. The dedicated department is comprised of a nine-person staff, several of whose members carry multiple cybersecurity and other security-related certifications. The Company’s internal audit department also provides support to the Company’s cybersecurity processes.


Company Information

NameCARLISLE COMPANIES INC
CIK0000790051
SIC DescriptionFabricated Rubber Products, NEC
TickerCSL - NYSE
Website
CategoryLarge accelerated filer
Fiscal Year EndDecember 30