Page last updated on July 16, 2024
MARTIN MARIETTA MATERIALS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-23 14:36:46 EST.
Filings
10-K filed on 2024-02-23
MARTIN MARIETTA MATERIALS INC filed a 10-K at 2024-02-23 14:36:46 EST
Accession Number: 0000950170-24-019275
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C - Cybersecurity ITEM 1C - CYBERSECURITY Risk Management and Strategy Martin Marietta prioritizes the management of cybersecurity risk and the protection of information across the enterprise by embedding data protection and cybersecurity risk management in its operations. The Company’s processes for assessing, identifying and managing material risks from cybersecurity threats have been integrated into the Company’s overall risk management system and processes. As a foundation of this approach, the Company has implemented a layered governance structure to help assess, identify and manage cybersecurity risks. Martin Marietta’s cybersecurity policies encompass incident response procedures and information security. In order to help develop these policies and procedures, the Company monitors the privacy and cybersecurity laws, regulations and guidance applicable to, as well as proposed privacy and cybersecurity laws, regulations, guidance and emerging risks. The Company partners with leading cybersecurity companies and organizations, leveraging third-party technology and expertise, to monitor and test the performance and effectiveness of its cybersecurity controls and defenses. As described in Item 1A “Risk Factors” of this Form 10-K, the Company faces risks from cybersecurity threats that could have material adverse effect on its business including its business strategy, results of operations or financial condition. While the Company has experienced attacks on the security of its information technology systems to date, management is not aware that the Company has experienced a material cybersecurity incident during the 2023 fiscal year. Governance As part of its overall risk management approach, the Company prioritizes the identification and management of cybersecurity risk at several levels, including Board oversight, day-to-day executive risk management and employee training. The Audit Committee, comprised of independent directors from the Board, oversees the Board’s responsibilities relating to the operational (including information technology risks, business continuity and data security) risk affairs of the Company. The Audit Committee is informed of such risks through quarterly reports from the Senior Vice President, Chief Information Officer (CIO), who oversees the implementation and compliance of information security standards and mitigation of cybersecurity related risks, assesses and manages the cyber risk management program, informs senior management regarding the prevention, detection, mitigation and remediation of cybersecurity incidents with the support of the cybersecurity incident management team and supervises such efforts. The Company’s cybersecurity incident management team has decades of experience selecting, deploying and operating cybersecurity technologies, initiatives and processes as well as managing enterprise risk. The Incident Response Leadership Committee, which includes senior executives across the Company, is alerted as appropriate to cybersecurity incidents. The CIO communicates to the Audit Committee regarding the activities of the Incident Response Leadership Committee. The Company also holds annual employee trainings on cybersecurity, conducts phishing tests and generally seeks to promote awareness of cybersecurity risk through communication and education of its employees. Form 10-K ♦ Page 28 Part I ♦
ITEM 1C - CYBERSECURITY Risk Management and Strategy Martin Marietta prioritizes the management of cybersecurity risk and the protection of information across the enterprise by embedding data protection and cybersecurity risk management in its operations. The Company’s processes for assessing, identifying and managing material risks from cybersecurity threats have been integrated into the Company’s overall risk management system and processes. As a foundation of this approach, the Company has implemented a layered governance structure to help assess, identify and manage cybersecurity risks. Martin Marietta’s cybersecurity policies encompass incident response procedures and information security. In order to help develop these policies and procedures, the Company monitors the privacy and cybersecurity laws, regulations and guidance applicable to, as well as proposed privacy and cybersecurity laws, regulations, guidance and emerging risks. The Company partners with leading cybersecurity companies and organizations, leveraging third-party technology and expertise, to monitor and test the performance and effectiveness of its cybersecurity controls and defenses. As described in Item 1A “Risk Factors” of this Form 10-K, the Company faces risks from cybersecurity threats that could have material adverse effect on its business including its business strategy, results of operations or financial condition. While the Company has experienced attacks on the security of its information technology systems to date, management is not aware that the Company has experienced a material cybersecurity incident during the 2023 fiscal year. Governance As part of its overall risk management approach, the Company prioritizes the identification and management of cybersecurity risk at several levels, including Board oversight, day-to-day executive risk management and employee training. The Audit Committee, comprised of independent directors from the Board, oversees the Board’s responsibilities relating to the operational (including information technology risks, business continuity and data security) risk affairs of the Company. The Audit Committee is informed of such risks through quarterly reports from the Senior Vice President, Chief Information Officer (CIO), who oversees the implementation and compliance of information security standards and mitigation of cybersecurity related risks, assesses and manages the cyber risk management program, informs senior management regarding the prevention, detection, mitigation and remediation of cybersecurity incidents with the support of the cybersecurity incident management team and supervises such efforts. The Company’s cybersecurity incident management team has decades of experience selecting, deploying and operating cybersecurity technologies, initiatives and processes as well as managing enterprise risk. The Incident Response Leadership Committee, which includes senior executives across the Company, is alerted as appropriate to cybersecurity incidents. The CIO communicates to the Audit Committee regarding the activities of the Incident Response Leadership Committee. The Company also holds annual employee trainings on cybersecurity, conducts phishing tests and generally seeks to promote awareness of cybersecurity risk through communication and education of its employees. Form 10-K ♦ Page 28 Part I ♦ Item 2 - Properties
Company Information
Name | MARTIN MARIETTA MATERIALS INC |
CIK | 0000916076 |
SIC Description | Mining & Quarrying of Nonmetallic Minerals (No Fuels) |
Ticker | MLM - NYSE |
Website | |
Category | Large accelerated filer |
Fiscal Year End | December 30 |