Element Solutions Inc - (ESI)
10-K Filing Date: February 21, 2024
Item 1C. Cybersecurity
Cybersecurity is a part of our risk management framework, and we have established policies and processes designed to manage cybersecurity defenses, controls and programs, including ISO 27001 compliant security procedures. Our processes are evaluated by expert cybersecurity firms through various security assessments and audits, which help us identify and mitigate cyber-related risks to our businesses. We also engage with providers of information systems as part of our continuing efforts to enhance the effectiveness of our security measures. Our vendor risk management (VRM) program, through which we screen external providers, helps us identify and evaluate known risks associated with these third parties.
Our information security program is led by our Chief Information Security Officer (CISO) who manages a global information security team responsible for assessing and mitigating cyber-related threats. The cybersecurity expertise of our CISO and his team includes information security management roles, hands-on cyber incident response experience, forensic and network intrusion investigations and security risk assessments.
Our CISO regularly reports to senior management on cybersecurity risks and incidents, including the nature of threats, the state of our defense and detection capabilities, incident response plans and employee training activities, as applicable. In addition, as part of the Board’s oversight of the Company’s risk management program, our CISO provides periodic updates to the Board on the state of our cybersecurity management program in addition to, when needed, ad hoc information about any significant cybersecurity matters and/or strategic risk management decisions.