FARMERS NATIONAL BANC CORP /OH/ 10-K Cybersecurity GRC - 2024-03-07

Page last updated on July 16, 2024

FARMERS NATIONAL BANC CORP /OH/ reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-07 13:42:56 EST.

Filings

10-K filed on 2024-03-07

FARMERS NATIONAL BANC CORP /OH/ filed a 10-K at 2024-03-07 13:42:56 EST
Accession Number: 0000950170-24-027780

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity The Cyber Incident Reporting for Critical Infrastructure Act, enacted in March 2022, requires certain covered entities to report a covered incident to the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (“CISA”) within 72 hours after a covered entity reasonably believes an incident has occurred. Separate reporting to CISA will also be required within 24 hours if a ransom payment is made as a result of a ransomware attack. The SEC adopted a new rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies in 2023, which applies to all public companies subject to the reporting requirements of the Securities Exchange Act of 1934 and requires disclosure of material cybersecurity incidents in Current Reports on Form 8-K and periodic disclosure of cybersecurity risk management, strategy, and governance in annual reports in Annual Reports on Form 10-K. State regulators have also been increasingly active in implementing privacy and cybersecurity standards and regulations and many states have recently implemented or modified their data breach notification and data privacy requirements. The Company expects this trend of state-level cybersecurity regulatory activity to continue, and continues to monitor these developments. In the ordinary course of its business, the Bank relies on electronic communications and information systems to conduct its operations and to store sensitive data, and employs a variety of preventative and detective tools to monitor, block, and provide alerts regarding suspicious activity, as well as to report on any suspected advanced persistent threats. Notwithstanding these defensive measures, the threat from cybersecurity attacks is severe, attacks are sophisticated and increasing in volume, and attackers respond rapidly to changes in defensive measures. While the Bank has not, to date, detected a significant compromise, significant data loss or any material financial losses related to cybersecurity attacks, the Bank’s systems and those of its customers and third-party service providers are under constant threat and it is possible that we could experience a future significant event. The Bank expects risks and exposures related to cybersecurity attacks to remain high for the foreseeable future. For further discussion of risks related to cybersecurity, see “Item 1A Risk Factors.” See also the Company’s disclosures regarding risk management, strategy, governance and incident disclosure under Item 1C.
Item 1C.


Company Information

NameFARMERS NATIONAL BANC CORP /OH/
CIK0000709337
SIC DescriptionState Commercial Banks
TickerFMNB - Nasdaq
Website
CategoryAccelerated filer
Fiscal Year EndDecember 30