Weatherford International plc - (WFRD)
10-K Filing Date: February 07, 2024
Item 1C. Cybersecurity.
Cybersecurity Oversight and Governance
Weatherford is committed to protecting its information systems. These efforts are led by the Chief Information Officer (“CIO”). Our program is designed to align with international best practices used in our industry, such as the Cyber Security Framework from the National Institute of Standards and Technology (“NIST”).
Weatherford’s cybersecurity has been developed by the CIO and the information security team, in coordination with our Board and key members of our finance, assurance and legal teams. The information security team, which has years of experience selecting, deploying, and operating cybersecurity technologies and initiatives around the world, uses a risk-based approach in an effort to facilitate protection, detection and rapid response to threats. We seek to validate our approach through NIST Cyber Security Risk Assessments conducted by third parties and tested through penetration tests and tabletop exercises, as well as internal and external audits.
Information security is a key part of the Company’s Enterprise Risk Management (“ERM”) program, which is designed to identify and evaluate potentially material risks, the potential impact of these risks on the enterprise, as well as steps to control and mitigate those risks. The Company has established an ERM Committee that meets regularly to evaluate risks and coordinate a consistent approach to risk mitigation across the enterprise, including risks related to cybersecurity. The ERM Committee is comprised of certain members of our cross-functional executive leadership team.
The CIO reports quarterly to senior management, including the Chief Executive Officer, Chief Financial Officer, Chief Accounting Officer and General Counsel, among others, on the status of company-wide cybersecurity initiatives, risks and other developments. The CIO or key members of the executive leadership team update the audit committee of our Board periodically on the cybersecurity landscape, the status of ongoing initiatives and any threats or other issues. The audit committee has ultimate oversight over the cybersecurity of the organization.
Protection
Employee Awareness and Training
Weatherford offers multilingual training sessions and awareness campaigns to better equip our employees with knowledge and tools to safeguard our information systems. Cybersecurity training occurs during onboarding and refresher courses are taken annually. Weatherford performs simulated phishing campaigns to raise employee awareness and provide guidance on recognizing and reporting potential threats. Employees are encouraged to report on cybersecurity threats, data privacy incidents, or any other concerns.
Weatherford also provides guidance to support employees on acceptable use, remote access, encryption, cloud security, and anti-virus best practices. Weatherford has long included a safety moment at the beginning of major internal meetings, and cyber safety is an occasional topic.
We believe our ongoing training and awareness campaigns reinforce the importance of employees in preventing cybersecurity incidents, and further the goal of continuously promoting Weatherford’s culture of safety, security and compliance.
Protection Systems
Weatherford International plc – 2023 Form 10-K | 21
Item 1B through Item 4 | Unresolved Staff Comments through Mine Safety
Weatherford has made significant investments in cyber protection systems, including by engaging third party service providers to actively search and monitor information systems for vulnerabilities through penetration testing and other means. In addition, multi-factor authentication and strong passwords are used across all major Weatherford systems in an effort to prevent unauthorized access.
Weatherford personnel perform risk assessments on third-party products and platforms through a checklist-based review and interview process that aim to validate security controls. Third parties are often asked to provide additional documentation on security architecture, certifications and results of assessments. Cybersecurity approval is a key factor in approving a new third-party product or platform.
Detection and Response
Weatherford uses multiple internal and external resources to continuously monitor our information systems for evidence of a threat, breach or other incident.
When a threat or other issue is identified, the information security team follows an incident response plan that outlines the process for investigating and addressing the issue. The incident response plan is focused on prompt interdisciplinary communication and coordination between the information security team and key members of the finance, legal, and communication teams, as well as senior management. The information security team also utilizes specific runbooks for various types of threats that are updated and expanded based on lessons learned and emerging best practices. Our incident response plan also provides for consideration of whether an incident is material, requiring disclosure to shareholders in SEC filings. Our team also has a disaster recovery plan, under which recovery testing occurs annually.
Weatherford expects to continually invest in the improvement of cybersecurity infrastructure, as systems and needs evolve and as the threat landscape changes. Because we employ a prevention-based improvement cycle that requires the response team for each threat or incident to consider the root cause of the issue and any lessons learned throughout the response process, we strive to make corrections and improvements in our policies and procedures that are designed to safeguard against future threats.
While we believe our approach to cybersecurity is reasonable, given the rapidly evolving nature of cybersecurity incidents, there can be no assurance that the controls we have designed and implemented will be sufficient in preventing future incidents or attacks. See “Item 1A –Risk Factors – Our business could be negatively affected by cybersecurity incidents and other technology disruptions” for more information about cybersecurity risk.