PACCAR FINANCIAL CORP 10-K Cybersecurity GRC - 2024-02-21

Page last updated on July 16, 2024

PACCAR FINANCIAL CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-21 16:10:26 EST.

Filings

10-K filed on 2024-02-21

PACCAR FINANCIAL CORP filed a 10-K at 2024-02-21 16:10:26 EST
Accession Number: 0000950170-24-017921

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. C YBERSECURITY PACCAR maintains a comprehensive cybersecurity management and governance program, which includes the Company. The Company’s information security management system is based upon the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). The Company engages internal and third-party auditors and other professional parties when necessary, as part of its cybersecurity management program. The Company conducts penetration and compromise assessment tests, implements detection and prevention tools, monitors cyber events and has active disaster recovery plans. For third-party IT services, the Company conducts an architectural, privacy and security analysis of their solution. If any gaps are identified, the third-party remediates or mitigates the risk to an acceptable level. The Company simulates potential cyber-attacks and performs incident responses to test preparedness. These exercises are used to train and update the Company’s Incident Response plan, including any gaps identified. The Company conducts yearly information security training for employees and conducts ongoing phishing tests. PACCAR’s Security Risk Council, which includes the Company’s Management and PACCAR’s Chief Information Security Officer, meets regularly to cover risks, plans and updates to the security program. It briefs the PACCAR Board of Directors and/or the Audit Committee of the Board of Directors on technology and information security matters. Management and the PACCAR Board of 11 PACCAR Financial Corp. (Millions of Dollars) Directors also receive periodic updates on the status of cybersecurity investments to guard against such events. In the event of a security breach, the PACCAR’s Security Risk Council evaluates its significance and briefs the PACCAR Board on the event. The Company has not experienced any notable security incidents that would have a material impact on the results of operations and financial condition of the Company. Certain PACCAR dealers and suppliers have reported they have experienced cyberattacks and those have not caused any material impact to PACCAR or the Company.


Company Information

NamePACCAR FINANCIAL CORP
CIK0000731288
SIC DescriptionShort-Term Business Credit Institutions
Ticker
Website
CategoryNon-accelerated filer
Fiscal Year EndDecember 30