Agrify Corp - (AGFY)

10-K Filing Date: April 15, 2024
Item 1C. Cybersecurity

 

Risk Management

 

We have implemented best-practices to assess risks from cybersecurity threats; monitor our information systems for potential vulnerabilities; and test those systems pursuant to our cybersecurity policies, processes, and practices, which are integrated into our overall risk management program (see section “Services Overview” for details on each service we use). To protect our information systems from cybersecurity threats, we rely on various security tools that are designed to help identify, escalate, investigate, resolve, and recover from security incidents in a timely manner. We have chosen Microsoft as our main provider for Cybersecurity and Governance services. Our Technology Risk Management Committee, currently including our Vice President of Information Technology, In-house General Counsel, General Manager, Director of Operations and Vice President of Technical Operations, assesses risks based on probability and potential impact to key business systems and processes. Risks that are considered high are addressed promptly and documented to be incorporated into our overall risk management program. A mitigation plan is developed for each identified high risk, with progress reported to the Technology Risk Management Committee and tracked as part of our overall risk management program overseen by the Audit Committee of our board of directors.

 

To date, cybersecurity threats, including those resulting from any previous cybersecurity incidents, have not materially affected our Company, including our business strategy, results of operations, or financial condition. We do not believe that cybersecurity threats resulting from any previous cybersecurity incidents of which we are aware are reasonably likely to materially affect our Company.

 

Governance

 

Our board of directors oversees our risk management process, including as it pertains to cybersecurity risks, directly and through its committees. The Audit Committee of the board oversees our risk management program, which focuses on the most significant risks we face in the short-, intermediate-, and long-term timeframe. The Audit Committee reviews our cybersecurity risk profile with management on a periodic basis using key performance and/or risk indicators. These key performance indicators are metrics and measurements designed to assess the effectiveness of our cybersecurity program in the prevention, detection, mitigation, and remediation of cybersecurity incidents.

 

We take a risk-based approach to cybersecurity and have implemented cybersecurity policies throughout our operations that are designed to address cybersecurity threats and incidents.

 

36

 

 

Services Overview

 

The following section outlines the services we utilize to facilitate Cyber Security Risk Management:

 

AWS (Amazon Web Services)

 

Description of Service

 

AWS, short for Amazon Web Services, is a comprehensive cloud computing platform offered by Amazon. It provides on-demand access to various computing resources like servers, storage, networking, databases, analytics, machine learning, and more. AWS eliminates the need for physical hardware investments and gives organizations flexibility and scalability.

 

Key Services

 

Amazon S3 (scalable object storage), Amazon EC2 (virtual servers), Amazon RDS (managed databases), Amazon CloudFront (Content Delivery Network)

 

Use Case

 

Hosting websites/applications, scaling infrastructure, storing/analyzing data, deploying machine learning models, managing databases

 

Microsoft Azure/EntraID

 

Description of Service

 

A cloud computing platform offered by Microsoft, delivering a range of services for building, deploying, and managing applications. Azure supports various programming languages, tools, and frameworks for efficient development and scaling of applications.

 

Key Services

 

Virtual machines, Storage, Databases, Networking, Analytics, AI/ML, IoT, DevOps tools

 

Use Case

 

Scaling applications, hybrid cloud solutions, data analysis, building predictive models, continuous integration and deployment (CI/CD)

 

Microsoft 365

 

Description of Service

 

A suite of productivity and collaboration tools combining familiar Office apps, cloud-based services, and robust security features.

 

Key Services

 

Microsoft Office (Word, Excel, PowerPoint, Outlook, OneDrive), SharePoint, Teams

 

Use Case

 

Collaboration, email, document creation, cloud storage, security & compliance, mobile productivity, automation (Power Automate)

 

37

 

 

Zendesk

 

Description of Service

 

Customer service software centralizing and automating customer support for seamless interactions across email, live chat, social media, and self-service portals. Provides ticketing, reporting, analytics, and integrations.

 

Key Services

 

Ticketing system, Knowledge base, Live chat, Reporting & analytics

 

Use Case

 

Efficient customer support, tracking support performance, self-service options, improving the overall customer experience

 

Microsoft Defender & Microsoft Defender for O365

 

Description of Service

 

Microsoft Defender ATP (Advanced Threat Protection) is a comprehensive security solution developed by Microsoft to protect businesses against advanced cyber threats. It combines endpoint security capabilities, advanced analytics, and cloud-based intelligence to provide real-time threat detection, prevention, and response.

 

Key Services

 

Advanced threat detection, Endpoint visibility, Threat hunting, Incident response, Integrates with security tools

 

Use Case

 

Proactive cybersecurity, real-time alerts, endpoint analysis

 

ConnectWise ScreenConnect

 

Description of Service

 

Remote support, access, and meeting software for efficient IT troubleshooting, user assistance, presentations, and collaboration.

 

Key Features

 

Secure remote connections, Screen sharing, Remote control, File transfer, Chat, Session recording

 

Use Case

 

Streamline IT support, troubleshoot remotely, reduce on-site visits

 

38

 

 

SolidWorks Server

 

Description of Service

 

Central storage/collaboration system for managing SolidWorks CAD files within an organization. Provides a secure, scalable, and efficient environment for teams.

 

Key Features

 

Centralized storage, Collaboration, Version control, Secure access, Replication, Backup, SolidWorks integration

 

Use Case

 

Securely storing design files, efficient collaboration, managing versions/history, streamlining workflows.

 

Ubiquiti UniFi Dream Machine (UDM)

 

Description of Service

 

All-in-one network device for small-to-medium businesses, combining a router, firewall, switch, and wireless access point.

 

Key Features

 

UniFi Network Controller (manage network), Wireless connectivity (Wi-Fi 5/6), Firewall & security, Performance optimization, Scalability, Remote management.