Pangaea Logistics Solutions Ltd. 10-K Cybersecurity GRC - 2024-03-14

Page last updated on July 16, 2024

Pangaea Logistics Solutions Ltd. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-14 17:00:50 EDT.

Filings

10-K filed on 2024-03-14

Pangaea Logistics Solutions Ltd. filed a 10-K at 2024-03-14 17:00:50 EDT
Accession Number: 0001606909-24-000043

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Our Board of Directors oversees our risk management process, including risks from cybersecurity threats. Our Board of Directors reviews strategic risk exposure, and members of our management are responsible for addressing the material risks we face on a day-to-day basis. Our Board of Directors administers its cybersecurity risk oversight function directly as a whole as well as through our Audit Committee. Our Board and our Audit Committee receive updates from time to time from our management as appropriate on cybersecurity. 57 Our Chief Financial Officer and our Information Technology department are primarily responsible to assess and manage material risks from cybersecurity threats and oversee key cybersecurity policies and processes. They are informed about policies and processes to monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. Our Global IT Director has 20 years of experience in the design, implementation, and support of information technology infrastructures. Network and information systems and other technologies play an important role in our business activities. We also obtain certain confidential, proprietary and personal information about our charterers, personnel, and vendors. To protect our data, we have employed cybersecurity protocols which are designed to work in tandem with internal controls to safeguard our information technology environment. Our information technology infrastructure is designed with commercial flexibility, data integrity, and safety in mind. We utilize a layered approach of systems and policies intended to provide a secure operating environment and promote business continuity. Our hardware and software systems are equipped with technology intended to offer access and intrusion protection, software and communications systems protections, and mitigate cybersecurity threats. We have established policies and processes for assessing, identifying, and managing material risk from cybersecurity threats, and have integrated these processes into our overall risk management systems and processes. We routinely assess material risks from cybersecurity threats, including any potential unauthorized occurrence on or conducted through our information systems that may result in adverse effects on the confidentiality, integrity, or availability of our information systems or any information maintained in them. We utilize industry standard software packages such as RSA and Cisco Firepower to secure our networks. We conduct regular risk assessments to identify cybersecurity threats. These risk assessments include identifying reasonably foreseeable potential internal and external risks, the likelihood of occurrence and any potential damage that could result from such risks, and the sufficiency of existing policies, procedures, systems, controls, and other safeguards in place to manage such risks. As part of our risk management process, we may engage third party experts to help identify and assess risks from cybersecurity threats. For example, we perform penetration tests, data recovery testing, security audits and risk assessments throughout the year. We hold online cybersecurity training for our employees. Our risk management process also encompasses cybersecurity risks associated with our use of third-party service providers. Following these risk assessments, we design, implement, and maintain safeguards intended to minimize the identified risks; address any identified gaps in existing safeguards; update existing safeguards as necessary; and monitor the effectiveness of our safeguards. While we develop and maintain protocols, controls, and systems, that seek to prevent cybersecurity incidents from occurring, we must constantly monitor and update these protocols, controls, and systems in the face of sophisticated and rapidly evolving attempts to overcome them. The occurrence of cybersecurity incidents could cause a variety of material adverse impacts on our business, although no such incident has had any such impact to date. For additional information regarding whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect our company, including our business strategy, results of operations, or financial condition, please refer to Item 1A, “Risk Factors,” in this report, including the risk factor entitled “Security breaches and other disruptions to our information technology infrastructure could interfere with our operations and expose us to liability.” and Item 1, “Business - Environmental and Other Regulations - Safety Management System Requirements” in this report.


Company Information

NamePangaea Logistics Solutions Ltd.
CIK0001606909
SIC DescriptionDeep Sea Foreign Transportation of Freight
TickerPANL - Nasdaq
Website
CategoryAccelerated filer
Smaller reporting company
Fiscal Year EndDecember 30