STRATTEC SECURITY CORP 10-K Cybersecurity GRC - 2024-09-05

Page last updated on September 5, 2024

STRATTEC SECURITY CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-05 17:21:25 EDT.

Filings

10-K filed on 2024-09-05

STRATTEC SECURITY CORP filed a 10-K at 2024-09-05 17:21:25 EDT
Accession Number: 0000950170-24-104109

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY We take cybersecurity threats seriously, including regular assessment of cybersecurity risks both internally and with third party assistance and updates to the Board of Directors at least annually. We use the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) as the basis for the information security management system. As we implement new technologies, the NIST CSF is used as the guiding framework. Among other best practices, we use multi-factor authentication wherever possible for external access to systems, assess and update current versions of security solutions, perform regular cybersecurity training and email phishing campaigns for employees, use third parties to perform external penetration testing, and maintain disaster recovery and incident response plans, which include retainer contracts for third party cybersecurity response specialists. We employ a combination of methods to monitor for new or developing cybersecurity risks. The Board regularly receives reports and training from management and third parties on cybersecurity matters. Management is responsible for developing cybersecurity programs, as may be required by applicable law or regulation. Our cybersecurity personnel have the appropriate expertise in IT and cybersecurity, which generally has been gained from a combination of education, including relevant degrees and/or certifications, and prior work experience. Our cybersecurity personnel, along with third parties, monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents as part of the cybersecurity programs described above. Incidents, if any, are escalated to management and the Board according to our incident response policy. There have been no material cybersecurity incidents in the periods presented.


Company Information

NameSTRATTEC SECURITY CORP
CIK0000933034
SIC DescriptionMotor Vehicle Parts & Accessories
TickerSTRT - Nasdaq
Website
CategoryAccelerated filer
Smaller reporting company
Fiscal Year EndJune 29