NEKTAR THERAPEUTICS 10-K Cybersecurity GRC - 2024-03-05

Page last updated on July 16, 2024

NEKTAR THERAPEUTICS reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-05 17:11:03 EST.

Filings

10-K filed on 2024-03-05

NEKTAR THERAPEUTICS filed a 10-K at 2024-03-05 17:11:03 EST
Accession Number: 0000950170-24-026249

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Cyber Risk Management and Strategy The Company, under the oversight of the audit committee of the board of directors, has implemented and maintains an enterprise risk management process, which includes periodic assessments of various risk categories, including cyber risks, across the Company. Our process for assessing, identifying, and managing risks from cybersecurity threats is informed by industry standards and supported by cybersecurity technologies, including third-party security solutions, monitoring, and alerting tools, designed to monitor, identify, and address cybersecurity risks. We leverage a managed security service provider and also engage with other third-party providers and consultants to support our cyber risk management efforts, including through periodic security testing. We have a process to assess and review the cybersecurity practices of information technology third-party vendors and service providers, including through review of applicable certifications, security reports, and vendor questionnaires and contractual requirements, as appropriate. Governance Related to Cybersecurity Risks Our cyber risk management program and related operations and processes are directed by the Head of IT in consultation with the legal team and our third-party security advisor. Currently, the Head of IT role is held by an individual who has over 20 years of information technology experience. The Head of IT reports to the Chief Legal Officer. The Head of IT meets with the Chief Legal Officer periodically to discuss and review our cybersecurity risk management processes and to address matters related to potential cybersecurity and information technology risks, with input from the Company’s third-party technology providers, as appropriate. In addition, the Head of IT has regular meetings with our managed security service provider to inform our cyber risk management processes and reporting to management. The Head of IT, working with the Chief Legal Officer, provides periodic reports on cybersecurity and information technology matters to the audit committee, which is responsible for reviewing and overseeing the Company’s risk management process, including cybersecurity risks. The Chief Legal Officer and the audit committee periodically report on cybersecurity risk management to the full board of directors. The board of directors, as a whole and through its committees, has responsibility for the periodic review and oversight of information technology risks, including cybersecurity risks. Our enterprise risk management program is overseen by a risk management committee comprised of senior managers across key functional areas that cover cybersecurity and information technology matters. This committee provides periodic reports and updates, as needed, to the board of directors or one of its designated committees. In collecting information on enterprise risk, cybersecurity is included as a designated risk category, and the results of our enterprise risk assessment processes, including risks related to cybersecurity, are also discussed with the audit committee and among senior management on a periodic basis.


Company Information

NameNEKTAR THERAPEUTICS
CIK0000906709
SIC DescriptionPharmaceutical Preparations
TickerNKTR - Nasdaq
Website
CategoryLarge accelerated filer
Fiscal Year EndDecember 30