Best Buy Fiscal Year 2022 ESG Report | 90 Data privacy and security . Securing customer information and honoring our privacy promises are core employee obligations at Best Buy, as highlighted in our Code of Ethics. Our customers entrust us with their information, and we seek to honor that trust through our cybersecurity and privacy practices. Cybersecurity. We recognize the importance of ensuring the ongoing safety and security of our data, systems and technology. To effectively address information security risk, we have established a dedicated information security team to assess, monitor and maintain our assets, while also responding to cyber-related incidents. Our information security program, led by our Chief Information Security Officer (CISO), is designed around the industry-standard National Institute of Standards and Technology’s Cyber Security Framework (NIST-CSF). We engage with outside expertise periodically to assist in the ongoing development of this program and are audited annually for compliance with Payment Card Industry Data Security Standards (PCI-DSS). The CISO updates our Board of Directors’ Audit Committee no less frequently than quarterly on our program and cybersecurity matters. We have established a dedicated cyber threat intelligence team to ensure that we stay abreast of new and evolving cyber threats. Our teams are constantly evaluating our cyber risk and performing technical assessments against our systems to ensure our resilience. Our teams also monitor for newly released vulnerabilities, working quickly to understand applicability to our systems and performing mitigation where necessary. We operate a suite of technical information security capabilities designed to protect our organization from and detect attempted attacks. Our cyber security operations and response teams are continuously monitoring for and responding to threats to keep our systems secure. We have a detailed and exercised response plan prepared to guide our response to major information security events. We did not experience any material cyber incidents affecting Best Buy in FY22.