Page last updated on February 7, 2025
Green Plains Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-02-07 15:20:08 EST.
Filings
10-K filed on 2025-02-07
Green Plains Inc. filed a 10-K at 2025-02-07 15:20:08 EST
Accession Number: 0001309402-25-000008
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Risk Management and Strategy We promote a company-wide culture of cybersecurity risk management to ensure that cybersecurity risk considerations are an integral part of decision-making at all organizational levels. To protect the confidentiality, integrity and availability of our data and information systems, we have implemented cyber defenses and continuously enhance them to address evolving threats. Our information technology (IT) department actively monitors and evaluates our cybersecurity practices to ensure alignment with our business objectives and operational needs. Our cybersecurity program is comprehensive in scope and covers the systems supporting all our business operations. Our program is built on industry-standard frameworks, including the National Institute of Standards and Technology, and the Cybersecurity and Infrastructure Security Agency. We also follow applicable federal and state statutory and regulatory guidance and have adopted internal policies and standards in alignment with these federal and state requirements. Furthermore, we collaborate with external experts, consultants and auditors in routinely evaluating and testing our information systems controls. We also perform an annual pen-testing, cyber table-top exercise to help us test and refine our formal Cyber Incident Response Plan. We maintain a well-documented process to oversee cybersecurity risks associated with our third-party service providers. We evaluate our third parties prior to any engagements and review their System and Organization Controls reports to obtain reasonable assurance that their controls meet our security standards. Our IT policies communicate our expectations for employees and contractors regarding the security of our IT systems. We perform annual cyber security and technology processes training programs and regular third-party phishing campaigns to raise awareness of potential threats. Governance The Audit Committee of the Board of Directors has oversight of management’s efforts with respect to IT systems and cybersecurity. As part of this oversight, the company’s IT leader meets on a quarterly basis with the Audit Committee and on an annual basis with the company’s Board of Directors. During these update meetings, IT provides the Audit Committee and Board of Directors updates regarding any changes around our cyber defenses, ongoing IT initiatives, and emerging threats and plans to pro-actively counter these threats. Management continuously monitors the effectiveness of our cybersecurity defenses. We invest in regular and ongoing cybersecurity training for our IT department and company overall. Our Senior Vice President Business Technology has IT industry certifications and brings over 30 years of IT background spanning all facets of technology, including applications, infrastructure and cybersecurity. Our Director of IT Security has over 20 years of experience in cybersecurity, including duties as an Information Security Officer in the United States Air Force. As of December 31, 2024, we have not identified an indication of a cybersecurity incident that would have a material impact on our business and consolidated financial statements.
Company Information
| Name | Green Plains Inc. |
| CIK | 0001309402 |
| SIC Description | Industrial Organic Chemicals |
| Ticker | GPRE - Nasdaq |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 30 |