Cytosorbents Corp 10-K Cybersecurity GRC - 2024-03-14

Page last updated on July 16, 2024

Cytosorbents Corp reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-14 17:54:09 EDT.

Filings

10-K filed on 2024-03-14

Cytosorbents Corp filed a 10-K at 2024-03-14 17:54:09 EDT
Accession Number: 0001410578-24-000201

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Risk Management and Strategy We recognize the importance of managing the material risks of cybersecurity threats, and we have implemented processes for identifying and assessing cybersecurity risks and incidents. We have also integrated these processes into our overall risk management system, including senior management’s periodic reviews of cybersecurity risks or threats. Senior management oversees and works closely with our IT department to continuously review and evaluate cybersecurity risks in alignment with our business goals and needs. With respect to cybersecurity risks and threats, we utilize various third-party consultants and advisors to assist us with regular reviews, internal audits and best practices, including threat prevention and detection, security reviews and enhancements, penetration testing and full scope IT audits. CytoSorbents also has strict processes in place for the review of third-party service providers engaged, including thorough security assessments before engagement and annual monitoring of their IT environments and controls. Governance Our Chief Executive Officer and Chief Financial Officer are primarily responsible for timely updating the Board of Directors and the Audit Committee of the Board of Directors (the “Audit Committee”) about any material cybersecurity incidents or threats or any cybersecurity related issues worthy of their attention. Our Board of Directors has designated the Audit Committee as the primary committee responsible for reviewing and managing cybersecurity risks and threats at CytoSorbents. The Audit Committee is comprised of members of the Board of Directors with diverse experience in healthcare, finance and information technology, enabling them to effectively oversee cybersecurity risks and threats. Our management team, with assistance from third-party consultants or advisors as appropriate, provides quarterly updates regarding cybersecurity risks and threats to the Audit Committee and ad hoc updates or communications are provided to the entire Board of Directors as needed. The IT Operations team is primarily responsible for the timely identification, review, severity assessment and management of cybersecurity incidents. In the event of a cybersecurity incident, the IT Department leadership follows the procedures outlined in our Cybersecurity Incident Response Policy and works closely with management to form a Security Incident Response Team comprised of members from the appropriate functional teams. In accordance with this policy, senior management will also communicate the occurrence of any significant cybersecurity incidents to our Board of Directors, Audit Committee and auditors on a timely basis and will keep them informed of the remediation plans and progress.


Company Information

NameCytosorbents Corp
CIK0001175151
SIC DescriptionSurgical & Medical Instruments & Apparatus
TickerCTSO - Nasdaq
Website
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30