FRANKLIN ELECTRIC CO INC - (FELE)

10-K Filing Date: February 23, 2024
ITEM 1C. CYBERSECURITY

Data and information systems are a key part of how the Company delivers value to its customers, employees and stakeholders, and the Company’s cybersecurity program is committed to protecting its customers, employees, partners, infrastructure and systems. The Company’s cybersecurity program and approach is overseen by its Board of Directors, in coordination with the Audit Committee, and Senior Leadership, along with its Senior Director of Global Information Technology Operations and Infrastructure who has expertise around global cybersecurity matters. The Board of Directors receives annual reports from Senior Leadership on the Company’s cybersecurity risks. In addition, Senior Leadership updates the Board of Directors, as necessary, regarding any significant cybersecurity incidents. The Board of Directors and Senior Leadership review the strategy, tools, metrics and latest trends affecting cybersecurity and utilizes the National Institute of Standards and Technology (NIST) Cybersecurity Framework as the foundation for its cybersecurity strategy and approach. Third parties are engaged to assess the Company’s cybersecurity posture and adherence to the NIST Cybersecurity Framework, and the Company evaluates cybersecurity risks as part of its annual risk assessment process. Cybersecurity risk mitigation strategies and initiatives are developed based on these assessments. Any incident assessed as potentially being or potentially becoming material is immediately escalated for further assessment, and then reported to designated members of Senior Leadership.

A key area for the Cybersecurity Program is employee cybersecurity education. The Company’s employees play a key role in cybersecurity and receive mandatory cybersecurity training, phishing attack simulations, educational events, and news bulletins. The Company’s data protection and privacy program is designed to adhere to and adapt to global privacy and data protection laws.

The Company’s business strategy, results of operations and financial condition have not been materially affected and are not reasonably likely to be affected by risks from cybersecurity threats, including as a result of previously identified cybersecurity incidents, but it cannot provide assurance that they will not be materially affected in the future by such risks or any future material incidents. For more information on the Company’s information technology related risks, see Item 1A Risk Factors of this Annual Report on Form 10-K.
10