Page last updated on December 5, 2024
RGC RESOURCES INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-12-04 22:00:01 EST.
Filings
10-K filed on 2024-12-04
RGC RESOURCES INC filed a 10-K at 2024-12-04 22:00:01 EST
Accession Number: 0001437749-24-036744
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity . Risk Management and Strategy In an effort to mitigate cyber intrusions, the Company has implemented a cybersecurity program intended to protect and preserve the integrity, confidentiality and reliability of data and systems. Cybersecurity risks are a key component of the Company’s overall risk management, is integrated into other corporate processes and goes beyond the Company to certain vendors or suppliers. The Company has instituted certain cybersecurity requirements, interacted with various external organizations including its state regulator, and participated in proprietary briefings by industry experts to maintain an awareness of current cybersecurity threats and vulnerabilities. The Company’s cybersecurity program fundamentally aligns with the COBIT framework. This is reflected in our related policies, practices and procedures. We have multiple layers of security controls as well as a third-party SOC that helps identify, avoid and mitigate cybersecurity threats. The evaluation of risks includes consideration of cybersecurity and privacy risk, including (1) potential impact on the Company’s employees, customers, and other stakeholders, (2) intelligence briefings on notable cyber events impacting the industry and (3) evaluation of external threats. The Company utilizes internal and third-party assessment tools and tests to evaluate its cyber risk policies, practices and procedures as well as to challenge how its defenses are built and deployed. These assessments provide opportunities for critical self-analysis, constructive feedback from third parties, and learnings from industry experts to enhance cyber resilience. Both formal and informal cybersecurity awareness trainings are provided to employees to help identify and avoid cybersecurity threats and to ensure employees understand the Company’s cyber risk management policies along with the key role they play to ensure cyber hygiene. The Company has established a cybersecurity incident response team that includes the CEO, CFO, VP of HR, IT Director and other personnel. The Company has also retained counsel to advise on cybersecurity matters. The Company’s current security posture and regulatory compliance efforts are intended to address evolving and changing cyber threats. During the past three years, the Company has not experienced a cybersecurity incident resulting in a material impact to its business strategy, results of operations, or financial condition. The Company has identified the risk that a hostile cyber intrusion could severely impair the Company’s operations, lead to disclosure of confidential information, damage the Company’s reputation or otherwise have an adverse effect on the Companies’ business as disclosed within Item 1A. Risk Factors. Governance The Company’s Board of Directors, including its Audit Committee, provides oversight of the Company’s risks from cybersecurity threats. Management, including the CEO, CFO and IT personnel, presents formal reports to the Audit Committee and to the full board at least annually, as well as whenever cyber events warrant update.
Company Information
| Name | RGC RESOURCES INC |
| CIK | 0001069533 |
| SIC Description | Natural Gas Transmisison & Distribution |
| Ticker | RGCO - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | September 29 |