Page last updated on July 16, 2024
CALERES INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-02 16:29:21 EDT.
Filings
10-K filed on 2024-04-02
CALERES INC filed a 10-K at 2024-04-02 16:29:21 EDT
Accession Number: 0000014707-24-000012
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C CYBERSECURITY Risk Management and Strategy We are committed to protecting our customer and employee data. We employ a defense-in-depth cybersecurity strategy leveraging industry frameworks that feature a prioritized set of robust controls that encompass people, processes and technologies. Our Chief Information Officer (“CIO”) is responsible for the execution of our cybersecurity strategy. Our CIO has over 25 years of retail industry experience developing and implementing information technology strategies and leading cybersecurity programs. The CIO is supported by a team of highly qualified professionals, many of which hold cybersecurity certifications. The Company’s cybersecurity policies, standards and processes are integrated into the Company’s overall risk management program, and cybersecurity risks are regularly evaluated in the context of material risks to the Company. We regularly engage with outside experts to assess the maturity of our organizational security program and to inform our short- and long-term cybersecurity strategy. We routinely test and improve our information systems through security and risk and compliance reviews and user education campaigns and other strategies. We also subscribe to various threat intelligence feeds and are active in the information security community. We maintain an Information Security Policy, which details the acceptable processes and practices our associates must follow to protect the interests of the Company, our customers and other parties. Key components of the Information Security Program include: ● Acknowledgement of the Information Security Policy upon hire and annually thereafter; ● Access controls, including identification, authentication, logging and authorization; ● Endpoint detection and response; ● Data classification and labeling; ● Privileged Identity Management ● Security Awareness training and a Cybersecurity Ambassador Program; and ● A Cybersecurity Incident Response Plan, including procedures for responding to cybersecurity incidents and a framework for evaluating the materiality of the incident for disclosure and reporting purposes. Governance The Audit Committee of our Board of Directors is responsible for oversight of our cybersecurity program. In addition, the Technology and Digital Commerce Committee, which was established in 2022, assists the Board of Directors with its oversight responsibilities regarding the role of technology, data, digital commerce and the Company’s ability to understand and connect with its consumers in executing the Company’s strategies, business plans and operational requirements. On a quarterly basis, our CIO updates the Audit Committee on the Company’s cybersecurity program, including, among other items, actual events or incidents, results of vulnerability assessments and penetration testing. We continue to invest in cybersecurity and adapt our internal controls and processes to respond to cybersecurity risks. Cybersecurity threats, including those as a result of any previous cybersecurity incidents, have not materially affected our business strategy, results of operations or financial condition. For a discussion of how cybersecurity risks have affected or are reasonably likely to materially affect the Company, refer to Item 1A, Risk Factors .
Company Information
Name | CALERES INC |
CIK | 0000014707 |
SIC Description | Footwear, (No Rubber) |
Ticker | CAL - NYSE |
Website | |
Category | Large accelerated filer |
Fiscal Year End | February 2 |