Page last updated on July 16, 2024
LATTICE SEMICONDUCTOR CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-16 14:56:42 EST.
Filings
10-K filed on 2024-02-16
LATTICE SEMICONDUCTOR CORP filed a 10-K at 2024-02-16 14:56:42 EST
Accession Number: 0001437749-24-004522
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity Our cybersecurity risk management process is a component of our overall enterprise risk management process, through which our Chief Executive Officer and other members of senior management assess, identify, and manage material risks from cybersecurity threats we face. Our cybersecurity process seeks to protect our information systems by managing and reducing material risks from cybersecurity threats and by responding to and mitigating cybersecurity incidents. The Board of Directors (the “Board”), and the Audit Committee of the Board (the “Audit Committee”), provide oversight of our cybersecurity risk management process. The Audit Committee reviews our cybersecurity program and cybersecurity risk management process quarterly, and our Board reviews our cybersecurity program annually. Our cybersecurity program is directly managed by the Chief Information Officer (“CIO”), who is experienced in information systems and cybersecurity and whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. The CIO provides periodic updates to our Board and Audit Committee, as well as our Chief Executive Officer and other members of our senior management. These updates cover the Company’s material cybersecurity threats, the status of projects to strengthen our cybersecurity posture, and assessments of the cybersecurity program. Our cybersecurity risk management process is evaluated by internal and external cybersecurity experts, and the material results of those reviews are reported to senior management and the Board and Audit Committee as part of their oversight role. We also engage with third-party service providers deemed to have subject matter expertise in cybersecurity matters, industry participants, and law enforcement communities as part of our continuing efforts to evaluate and enhance the effectiveness of our cybersecurity policies and processes. We require each third-party service provider to certify that they implement and maintain appropriate security measures in connection with their work with us, and to promptly report any suspected breach of its security measures that may affect us. We use various tools and methodologies to manage cybersecurity risk and to prevent, detect, and mitigate cybersecurity incidents. Our tools and methodologies are tested regularly, including vulnerability scans, red-teaming exercises and other penetration testing, and review of cybersecurity threat intelligence feeds. We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows or reputation. We have experienced, and will continue to experience, cybersecurity incidents in the normal course of our business. However, prior cybersecurity incidents have not had a material adverse effect on our business, financial condition, results of operations, or cash flows. See “Risk Factors - Factors Related to Overall Business & Operations - Our business depends on the use of information technology systems. A failure of these systems, cybersecurity incidents, or cyber-fraud may cause business disruptions, compromise our intellectual property or other sensitive information, or result in losses.”
Company Information
Name | LATTICE SEMICONDUCTOR CORP |
CIK | 0000855658 |
SIC Description | Semiconductors & Related Devices |
Ticker | LSCC - Nasdaq |
Website | |
Category | Large accelerated filer |
Fiscal Year End | December 29 |