Agrify Corp - (AGFY)
10-K Filing Date: April 15, 2024
Risk Management
We have implemented best-practices to assess risks from cybersecurity threats; monitor our information systems for potential vulnerabilities; and test those systems pursuant to our cybersecurity policies, processes, and practices, which are integrated into our overall risk management program (see section “Services Overview” for details on each service we use). To protect our information systems from cybersecurity threats, we rely on various security tools that are designed to help identify, escalate, investigate, resolve, and recover from security incidents in a timely manner. We have chosen Microsoft as our main provider for Cybersecurity and Governance services. Our Technology Risk Management Committee, currently including our Vice President of Information Technology, In-house General Counsel, General Manager, Director of Operations and Vice President of Technical Operations, assesses risks based on probability and potential impact to key business systems and processes. Risks that are considered high are addressed promptly and documented to be incorporated into our overall risk management program. A mitigation plan is developed for each identified high risk, with progress reported to the Technology Risk Management Committee and tracked as part of our overall risk management program overseen by the Audit Committee of our board of directors.
To date, cybersecurity threats, including those resulting from any previous cybersecurity incidents, have not materially affected our Company, including our business strategy, results of operations, or financial condition. We do not believe that cybersecurity threats resulting from any previous cybersecurity incidents of which we are aware are reasonably likely to materially affect our Company.
Governance
Our board of directors oversees our risk management process, including as it pertains to cybersecurity risks, directly and through its committees. The Audit Committee of the board oversees our risk management program, which focuses on the most significant risks we face in the short-, intermediate-, and long-term timeframe. The Audit Committee reviews our cybersecurity risk profile with management on a periodic basis using key performance and/or risk indicators. These key performance indicators are metrics and measurements designed to assess the effectiveness of our cybersecurity program in the prevention, detection, mitigation, and remediation of cybersecurity incidents.
We take a risk-based approach to cybersecurity and have implemented cybersecurity policies throughout our operations that are designed to address cybersecurity threats and incidents.
36
Services Overview
The following section outlines the services we utilize to facilitate Cyber Security Risk Management:
AWS (Amazon Web Services)
Description of Service
AWS, short for Amazon Web Services, is a comprehensive cloud computing platform offered by Amazon. It provides on-demand access to various computing resources like servers, storage, networking, databases, analytics, machine learning, and more. AWS eliminates the need for physical hardware investments and gives organizations flexibility and scalability.
Key Services
Amazon S3 (scalable object storage), Amazon EC2 (virtual servers), Amazon RDS (managed databases), Amazon CloudFront (Content Delivery Network)
Use Case
Hosting websites/applications, scaling infrastructure, storing/analyzing data, deploying machine learning models, managing databases
Microsoft Azure/EntraID
Description of Service
A cloud computing platform offered by Microsoft, delivering a range of services for building, deploying, and managing applications. Azure supports various programming languages, tools, and frameworks for efficient development and scaling of applications.
Key Services
Virtual machines, Storage, Databases, Networking, Analytics, AI/ML, IoT, DevOps tools
Use Case
Scaling applications, hybrid cloud solutions, data analysis, building predictive models, continuous integration and deployment (CI/CD)
Microsoft 365
Description of Service
A suite of productivity and collaboration tools combining familiar Office apps, cloud-based services, and robust security features.
Key Services
Microsoft Office (Word, Excel, PowerPoint, Outlook, OneDrive), SharePoint, Teams
Use Case
Collaboration, email, document creation, cloud storage, security & compliance, mobile productivity, automation (Power Automate)
37
Zendesk
Description of Service
Customer service software centralizing and automating customer support for seamless interactions across email, live chat, social media, and self-service portals. Provides ticketing, reporting, analytics, and integrations.
Key Services
Ticketing system, Knowledge base, Live chat, Reporting & analytics
Use Case
Efficient customer support, tracking support performance, self-service options, improving the overall customer experience
Microsoft Defender & Microsoft Defender for O365
Description of Service
Microsoft Defender ATP (Advanced Threat Protection) is a comprehensive security solution developed by Microsoft to protect businesses against advanced cyber threats. It combines endpoint security capabilities, advanced analytics, and cloud-based intelligence to provide real-time threat detection, prevention, and response.
Key Services
Advanced threat detection, Endpoint visibility, Threat hunting, Incident response, Integrates with security tools
Use Case
Proactive cybersecurity, real-time alerts, endpoint analysis
ConnectWise ScreenConnect
Description of Service
Remote support, access, and meeting software for efficient IT troubleshooting, user assistance, presentations, and collaboration.
Key Features
Secure remote connections, Screen sharing, Remote control, File transfer, Chat, Session recording
Use Case
Streamline IT support, troubleshoot remotely, reduce on-site visits
38
SolidWorks Server
Description of Service
Central storage/collaboration system for managing SolidWorks CAD files within an organization. Provides a secure, scalable, and efficient environment for teams.
Key Features
Centralized storage, Collaboration, Version control, Secure access, Replication, Backup, SolidWorks integration
Use Case
Securely storing design files, efficient collaboration, managing versions/history, streamlining workflows.
Ubiquiti UniFi Dream Machine (UDM)
Description of Service
All-in-one network device for small-to-medium businesses, combining a router, firewall, switch, and wireless access point.
Key Features
UniFi Network Controller (manage network), Wireless connectivity (Wi-Fi 5/6), Firewall & security, Performance optimization, Scalability, Remote management.