Page last updated on November 22, 2024
IES Holdings, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-11-22 07:50:35 EST.
Filings
10-K filed on 2024-11-22
IES Holdings, Inc. filed a 10-K at 2024-11-22 07:50:35 EST
Accession Number: 0001048268-24-000134
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy As part of the Company’s overall risk management, the Company has adopted processes designed to assess, identify and manage material risks from cybersecurity threats. Our program has been designed and evaluated based on the National Institute of Standards and Technology Cybersecurity Framework ( " NIST CSF " ). This does not imply that we meet any particular technical standards, specifications, or requirements, only that we use NIST CSF as a guide to identify, assess, and manage cybersecurity risks relevant to our business. The cybersecurity risk management program includes, among other things, processes to manage risks associated with third party service providers, regular review and testing of the Company’s cybersecurity practices through audits, internal assessments and tabletop exercises, and mandatory annual cybersecurity awareness training for all employees. In addition, the Company has adopted an incident response plan establishing the processes for responding to any cybersecurity incident. The Company has engaged third party cybersecurity firms to perform maturity assessments of our cybersecurity risk management program, the results of which are reported to the Board. We have experienced cybersecurity attacks and incidents in the past and could in the future experience similar attacks. To date, no cybersecurity incident or attack, or any risk from cybersecurity threats, has materially affected or has been determined to be reasonably likely to materially affect the Company or our business strategy, results of operations, or financial condition. Cybersecurity Governance Our Board oversees the Company’s general risk management processes, and with respect to cybersecurity risks the oversight is performed primarily through the Audit Committee of the Board, which is briefed at least quarterly on cybersecurity threats, the results of periodic assessment and reviews of the Company’s cybersecurity programs, and cybersecurity developments affecting companies generally. Our incident response plan provides for prompt notice to the Board of any material cybersecurity incident. Our cybersecurity program is overseen by our head of cybersecurity, with guidance from our Chief Technical Officer and our Vice President of Information Technology. Our head of cybersecurity has more than ten years of experience managing cybersecurity 21 matters, holds an undergraduate degree in information systems with a focus on information security, and holds numerous certificates across the cybersecurity landscape. Our head of cybersecurity is also responsible for providing the Audit Committee with quarterly updates on cybersecurity risks and developments.
Company Information
| Name | IES Holdings, Inc. |
| CIK | 0001048268 |
| SIC Description | Electrical Work |
| Ticker | IESC - Nasdaq |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | September 29 |