Our comprehensive approach to securing our data and business systems
Published 01-21-25
Submitted by WESCO International
Read the 2024 Wesco Sustainability Report here
Cybersecurity and Data Protection
Cybersecurity and data protection is an enterprise wide priority and is reflected in engagements with our customers and suppliers. Our comprehensive approach to securing our data and business systems from attack, compromise, or loss includes a combination of leading technologies, policies and procedures and a 24/7 cybersecurity operations team monitoring our environment for signs of attack and responding in real time.
We conduct mandatory information security awareness training for our employees at least annually and enhanced training for specialized personnel. We have instituted regular attack or malicious activity simulations for employees to enhance awareness and responsiveness to such possible threats, and we also employ third parties to perform penetration and vulnerability tests.
Our security policies are evaluated and updated annually to address changes in the regulatory and threat landscapes and evolving best practices. We identify potential cybersecurity risks using internal measures and external resources. Identified risks are captured and prioritized on our risk register. Results are regularly reported back to a cross-functional, executive cybersecurity risk committee which then validates risks. While we focus heavily on prevention and detection, response and recovery plans, service agreements and partner engagements are in place should there be a need for us to respond to an attack. We have adopted a security incident response plan that provides controls and procedures for timely and accurate reporting of material cybersecurity incidents. We also maintain cyber liability insurance coverage.
To more effectively prevent, detect and respond to information security threats, we have a dedicated Chief Information Security Officer whose team is responsible for leading enterprise-wide information security strategy, policy, standards, architecture and processes. As part of its oversight of cybersecurity risk, the Audit Committee of our Board of Directors meets at least quarterly with our Chief Information Security Officer, Chief Information and Digital Officer and other senior leaders to receive updates on cybersecurity risks and threats, the status of initiatives to strengthen our information security systems and management’s assessments of our security program. Wesco has achieved ISO 27001 certification for its Information Security Management System.
With these security measures in place, we did not experience any material data breaches in 2023. We also finalized our planned three-year infrastructure and security integration between Wesco and Anixter, making significant progress in Zero Trust configuration and data loss prevention implementation.
To learn more, download the 2024 Wesco Sustainability Report here.
About This Report
Unless otherwise stated, this report covers activities, data and initiatives from our fiscal year 2023.
ESG Disclosure and Framework Alignment
The topics covered in this report include those that we have determined to be material for our business and stakeholders as noted on page 12. Wesco aligns with several ESG frameworks and disclosures in support of our commitment to transparency and our fulfillment of stakeholder needs and expectations. We leverage the following frameworks and standards to provide robust ESG information disclosure:
We also regularly engage with our investors, employees, customers, regulators, ratings agencies and others on ESG and business issues. Additional information about Wesco can be found in our public financial filings—including our annual report and proxy filings—as well as on the Security and Exchange Commission’s website at www.sec.gov or on the Investors page of our website at Wesco.com.
Wesco plans to continue to report annually as we monitor, measure, and deepen our ESG initiatives and disclosures.
Wesco endorses the United Nations Sustainable Development Goals (SDGs), which are a call to action to end poverty, protect the planet, and ensure that all people enjoy peace and prosperity.
More information about our SDG aligned initiatives is included throughout this report.
Assurance
We did not seek third-party assurance for this report; however, we will consider doing so for future reporting. The information and data contained in this report was vetted by internal subject matter experts on the various ESG topics included in this report.
Contact Us
We appreciate and welcome feedback on our ESG initiatives and reporting and invite you to contact us directly via email at Sustainability@Wesco.com.
About Wesco
Wesco International (NYSE: WCC) builds, connects, powers and protects the world. Headquartered in Pittsburgh, Pennsylvania, Wesco is a FORTUNE 500® company with more than $18 billion in annual sales and a leading provider of business-to-business distribution, logistics services and supply chain solutions. Wesco offers a best-in-class product and services portfolio of Electrical and Electronic Solutions, Communications and Security Solutions, and Utility and Broadband Solutions. The Company employs approximately 18,000 people, partners with the industry’s premier suppliers, and serves thousands of customers around the world, including more than 90% of FORTUNE 100® companies. With nearly 1,500,000 products, end-to-end supply chain services, and leading digital capabilities, Wesco provides innovative solutions to meet customer needs across commercial and industrial businesses, contractors, government agencies, institutions, telecommunications providers, and utilities. Wesco operates approximately 800 branches, warehouses and sales offices in more than 50 countries, providing a local presence for customers and a global network to serve multi-location businesses and multi-national corporations.
More from WESCO International