PLIANT THERAPEUTICS, INC. 10-K Cybersecurity GRC - 2024-02-27

Page last updated on July 16, 2024

PLIANT THERAPEUTICS, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-27 16:14:06 EST.

Filings

10-K filed on 2024-02-27

PLIANT THERAPEUTICS, INC. filed a 10-K at 2024-02-27 16:14:06 EST
Accession Number: 0001746473-24-000043

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Pliant’s Cybersecurity Program is integral to safeguarding our assets, maintaining stakeholder trust, and ensuring the continuity of our operations. The management of our Cybersecurity Program is entrusted to the Cybersecurity Governance Committee (“CSGC”), which includes our Chief Financial Officer, General Counsel, Head of Information Technology and Corporate Controller. The CSGC draws on more than twenty years of experience focused in the areas of corporate governance and implementation and oversight of information technology systems and processes. The Board of Directors has delegated oversight of the Company’s Cybersecurity Program to the Audit Committee, who receives regular reports from the Chief Financial Officer regarding cyber risks and threats, progress of the Company’s projects aimed at strengthening information security systems, assessments of the Cybersecurity Program, and insights into the evolving threat landscape. The Audit Committee provides updates about the Company’s Cybersecurity Program to the Board of Directors at least annually. 72 The CSGC leads the enterprise-wide cybersecurity strategy and policy development to ensure alignment and best practices informed by industry established frameworks. The Cybersecurity Program emphasizes continuous improvement by actively engaging with internal and external stakeholders, striving to stay ahead of emerging threats, adapting to the evolving cybersecurity landscape, and fortifying our defenses against potential risks. The Cybersecurity Program undergoes regular evaluations conducted by both internal and external experts to assess the strength of our Cybersecurity Program. Regular penetration tests are performed as well as simulated cybersecurity events to test our defenses and responses to unmitigated penetrations. The results of these evaluations are reported to the CSGC and Audit Committee of the Board of Directors. We have also deployed an information security training program for our employees that includes training on matters such as phishing and email security best practices as well as required training on data privacy. We have implemented processes designed to minimize the chance of a successful cyberattack and we have also established incident response procedures to address a cyber threat that may occur despite these safeguards. Pliant’s Cybersecurity Incident Response Plan includes engagement with key vendors, industry participants, and intelligence and law enforcement communities which are a fundamental aspect of our strategy. The Response Plan addresses (1) detection, (2) analysis, (3) communication, (4) containment, (5) eradication, (6) recovery and (7) post-incident review. As of the date of this report, we have not identified any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected us, our business strategy, results of operation or financial condition. For more information about the risks we face from cybersecurity incidents, please refer those discussed risk factors starting with " We may incur substantial costs in our efforts to comply with evolving global data protection… " and " Our internal computer systems, or those of our collaborators… " in the section entitled “Risk Factors” included under Part I, Item 1A of this Report.


Company Information

NamePLIANT THERAPEUTICS, INC.
CIK0001746473
SIC DescriptionPharmaceutical Preparations
TickerPLRX - Nasdaq
Website
CategoryLarge accelerated filer
Fiscal Year EndDecember 30