Page last updated on July 16, 2024
DMC Global Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-23 16:09:06 EST.
Filings
10-K filed on 2024-02-23
DMC Global Inc. filed a 10-K at 2024-02-23 16:09:06 EST
Accession Number: 0000034067-24-000025
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. Cybersecurity The Board, in coordination with the Risk Committee, oversees the Company’s risk management program, which includes risks arising from cybersecurity threats. DMC’s Chief Information Officer (CIO) manages the Company’s cybersecurity program and is responsible for leading and coordinating cybersecurity activities across the organization. The CIO reports directly to our Chief Executive Officer and has extensive information technology experience. Led by our CIO, we conduct regular assessments to identify potential cybersecurity risks and vulnerabilities, including the evaluation of systems and data assets. We have established internal procedures to stay vigilant against evolving threats by monitoring network traffic and conducting security audits. We also regularly engage independent assessors and external consultants who specialize in cybersecurity to conduct thorough, unbiased evaluations of our systems, policies, and procedures. These assessments help us ensure that our cybersecurity practices are aligned with applicable regulations and standards. To further evaluate our cybersecurity defenses, we periodically commission penetration exercises conducted by specialized firms. These tests simulate real-world attacks and assist in assessing our internal readiness and response capabilities. We are proactively taking steps to enhance our monitoring of third-party service providers’ cybersecurity, including the commencement of a vendor third-party risk management program. This program should better enable the Company to identify and manage material risks from cybersecurity threats related to our third-party service providers. Cybersecurity risk updates are provided quarterly to our senior management team by the CIO as part of our enterprise risk management process. We have established an incident response policy that outlines the process for assessing and responding to cybersecurity incidents. The incident response policy is reviewed at least annually by executive management. The Board also receives quarterly updates on cybersecurity risks. These reports are typically presented by our CIO to the Risk Committee of the Board and include updates to recently completed cybersecurity initiatives, upcoming plans, an overview of current threats, as well as discussion of our overall cybersecurity maturity and readiness. The Board participates in simulated cybersecurity trainings and is kept apprised of changes in cybersecurity regulatory requirements, ensuring that our organization remains in compliance with relevant standards. Cybersecurity risks and threats, including as a result of any previous cybersecurity incidents, have not materially impacted and are not reasonably expected to materially impact us or our operations. However, we recognize the ever-evolving cyber risk landscape and cannot provide any assurances that we will not be subject to a material cybersecurity incident in the future. See Item 1A. Risk Factors “A failure in our information technology systems or those of third parties, including those caused by security breaches, cyber-attacks or data protection failures, could disrupt our business, result in significant legal costs and other losses and damage our reputation” for a discussion of cybersecurity-related risks.
Company Information
| Name | DMC Global Inc. |
| CIK | 0000034067 |
| SIC Description | Miscellaneous Primary Metal Products |
| Ticker | BOOM - Nasdaq |
| Website | |
| Category | Accelerated filer |
| Fiscal Year End | December 30 |