Page last updated on July 16, 2024
PINTEREST, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-08 16:16:02 EST.
Filings
10-K filed on 2024-02-08
PINTEREST, INC. filed a 10-K at 2024-02-08 16:16:02 EST
Accession Number: 0001506293-24-000018
Item 1C. Cybersecurity.
In the ordinary course of our business, we receive, process, use, store, and share digitally large amounts of data, including user data as well as confidential, sensitive, proprietary, and personal information. Maintaining the integrity and availability of our information technology systems and this information, as well as appropriate limitations on access and confidentiality of such information, is important to our operations and business strategy. To this end, we have implemented a program designed to assess, identify, and manage risks from potential unauthorized occurrences on or through our information technology systems that may result in adverse effects on the confidentiality, integrity, and availability of these systems and the data residing in them.
The program is managed and monitored by a dedicated security team, which is led by our Chief Security Officer and includes mechanisms, controls, technologies, systems, policies and other processes designed to prevent or mitigate data loss, theft, misuse, or other security incidents or vulnerabilities affecting the systems and data residing in them. For example, we conduct risk-based penetration and vulnerability testing and ongoing risk assessments, including due diligence on our key technology vendors and other contractors and suppliers. We also conduct employee trainings on cyber and information security, among other topics. In addition, we consult with outside advisors and experts to assist with assessing, identifying, and managing cybersecurity risks, including to anticipate future threats and trends, and their impact on the Company’s risk environment.
Our Chief Security Officer, who reports directly to the Chief Technology Officer and has over 25 years of experience managing information technology and cybersecurity matters, including more than five years at Pinterest, together with our Privacy and Data Protection Team, are responsible for assessing and managing cybersecurity risks. We consider cybersecurity, along with other significant risks that we face, within our overall enterprise risk management framework. In the last fiscal year, we have not identified any prior cybersecurity incidents that have materially affected us, but we face certain ongoing risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us. Additional information on cybersecurity risks we face is discussed in Part I, Item 1A, “Risk Factors,” under the heading “Risks related to Data, Security and Privacy.”
The Board of Directors, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Audit and Risk Committee, which is comprised solely of independent directors, has been designated by our Board to oversee cybersecurity risks. The Audit and Risk Committee receives regular updates on cybersecurity and information technology matters and related risk exposures from our Chief Security Officer as well as other members of the senior leadership team. The Board also receives periodic updates from management and the Audit and Risk Committee on cybersecurity risks.
Company Information
Name | PINTEREST, INC. |
CIK | 0001506293 |
SIC Description | Services-Computer Programming, Data Processing, Etc. |
Ticker | PINS - NYSE |
Website | |
Category | Large accelerated filer |
Fiscal Year End | December 30 |