保护我们的信息系统和技术优势

随着全球网络安全威胁和德文郡的数字技术的使用既增加,我们都专注于保护我们的网络,系统以及我们用于运营业务的大量数据。德文郡(Devon)投资于最先进的工具和流程,以保护我们的技术优势,安全可靠地运营我们的业务,管理风险并提供结果。

Our highly skilled and trained digital security professionals apply artificial intelligence, process automation, data analytics and other techniques in the field and office. We require and pay for each member of our security operations team to earn SANS Institute certifications for security essentials and incident handling.

Each week, the cybersecurity team meets to discuss cyberthreats, incidents and effective prevention measures. The team proactively develops, uses and shares information on cyberthreats to enhance our knowledge with appropriate levels and layers of automation. Our digital security professionals collaborate with Devon operations, information technology, corporate security and other teams to strengthen our cybersecurity controls and capabilities.

We provide regular quarterly updates to our board and its Audit Committee regarding our information security program. Devon’s management team routinely updates the committee on our major cybersecurity plans and initiatives, benchmarking assessments and current events that could impact cybersecurity for our company and industry. Three of our directors have technology or cybersecurity experience that enhances the board’s risk oversight role.

Mitigating cybersecurity risk

Our corporate information security policy and program are aligned with the federal NIST Cybersecurity Framework for risk management. To further mitigate cybersecurity risk, our policy and program are assessed by third-party experts, and we maintain specialized insurance for possible liability resulting from a cyberattack on our assets. We also internally exercise and test our incident response and disaster recovery plans as part of Devon’s corporate emergency preparedness program. In 2021 and 2022, we have been building on our disaster recovery capabilities with field and business unit exercises and security training.

一种预防和合规性的文化增强了我们的数字安全性。所有员工在入职和通过年度复习培训期间接受网络安全意识培训。可以访问敏感数据的团队接受特定的培训,如果员工帮助我们避免网络安全事件,他们会获得认可。我们的商业行为守则和道德规范,信息系统一般使用政策和相关政策为我们的信息系统提供了指导。

Devon continues to develop our own patented technologies, deploy mobile apps in the field and commercialize and scale technology solutions in partnership with innovators. As part of its role to protect data and technology appropriately, our digital security team evaluates technologies that we build, buy and deploy and makes recommendations to the business owners.

The COVID-19 pandemic, 2021 Colonial Pipeline ransomware attack and the war in Ukraine have highlighted the need to secure our information and infrastructure. We continue to reassess internal controls, follow federal government recommendations and take other precautions, while enabling employees to work efficiently and effectively from any location. Through ongoing efforts to educate employees to recognize increasingly sophisticated threats like malware, ransomware and phishing attempts, we are heightening digital security awareness in our workforce.