Page last updated on September 27, 2024
ESPEY MFG & ELECTRONICS CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-27 16:02:00 EDT.
Filings
10-K filed on 2024-09-27
ESPEY MFG & ELECTRONICS CORP filed a 10-K at 2024-09-27 16:02:00 EDT
Accession Number: 0001174947-24-001099
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity Robust cybersecurity is an essential component of our strategic vision. We face a variety of complex cybersecurity threats as a defense contractor. Among the risks are computer malware, ransomware, phishing attacks, Denial of Service attacks and Advanced Persistent Threats. Our security team, comprised of members from senior management, IT, human resources and program management, performs routine risk assessments in accordance with NIST 800-30, using input from observed risks and threats, advisories, federal agencies and local law enforcement. The Audit Committee of the Board of Directors is responsible for oversight of our risk management processes. The Audit Committee is briefed by senior management on cybersecurity posture, initiatives and incidents. We allocate significant resources to mitigate these risks. We are required to adhere to rigorous regulations, such as those outlined in the Defense Federal Acquisition Regulation Supplement (DFARS), which govern the protection of controlled unclassified information (CUI) and the mandatory reporting of cybersecurity incidents to the Department of Defense (DoD). All DFARS requirements are flowed down to our sub-contractors, who are required to self-report their compliance to the U.S. Government. In addition to the processes and systems that we use to identify and mitigate risks, we utilize third party services to conduct valuations of our security controls, including penetration testing and independent audits. Despite our efforts to uphold the highest cybersecurity standards, we may still experience a cybersecurity incident that has a material effect on business strategy, results of operation or financial condition. It is also possible that additional regulations could affect our supply chain and increase costs. Prior cyberattacks directed at us have not had a material impact on our financial results nor restricted us from being awarded contracts from other defense companies or directly from the United States Department of Defense. However, we can provide no assurance that the occurrence of any future event would not adversely affect our internal operations, our reputation and competitive advantage, and our future financial results.
Company Information
| Name | ESPEY MFG & ELECTRONICS CORP |
| CIK | 0000033533 |
| SIC Description | Electronic Components, NEC |
| Ticker | ESP - NYSE |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | June 29 |