Page last updated on July 16, 2024
NORTECH SYSTEMS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-20 16:15:53 EDT.
Filings
10-K filed on 2024-03-20
NORTECH SYSTEMS INC filed a 10-K at 2024-03-20 16:15:53 EDT
Accession Number: 0001437749-24-008690
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity We recognize the critical importance of maintaining the safety and security of our systems and data and have a process for overseeing and managing cybersecurity and related risks. This process is supported by both management, as well as our Board of Directors and our Science and Technology Committee. The current chair of our Science and Technology Committee is a NACD certified cybersecurity expert. Our Board of Directors is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in the role of risk oversight. The full Board receives an update on the Company’s risk management process and the risk trends related to cybersecurity at least annually. Our Science and Technology Committee specifically assists the Board in its oversight of risks related to cybersecurity. To help ensure effective oversight, the Science and Technology Committee receives reports on information security and cybersecurity from the Company’s information technology managers at least four times a year. 18 Our approach to cybersecurity risk management includes the following key elements: ● Multi-Layered Defense and Continuous Monitoring - We work to protect our computing environments and products from cybersecurity threats through multi-layered defenses and apply lessons learned from our defense and monitoring efforts to help prevent future attacks. We utilize data analytics to detect anomalies and search for cyber threats. We engage third-party consultants or other advisors to assist in assessing, identifying and/or managing cybersecurity threats. ● Third-Party Risk Assessments - We conduct information security assessments before sharing or allowing the hosting of sensitive data in computing environments managed by third parties. ● Training and Awareness - We provide awareness training to our employees to help identify, avoid and mitigate cybersecurity threats. Our employees with network access participate periodically in required training, including phishing, spear phishing and other security and awareness training. ● Supplier Engagement - We review critical third-party systems at least annually, including the various System and Organizational Controls (“SOC”) reports or perform risk assessments. While we have experienced cybersecurity incidents in the past, to date none have materially affected the Company or our consolidated financial position, results of operations and/or cash flows. We continue to invest in the cybersecurity and resiliency of our networks and to enhance our internal controls and processes, which are designed to help protect our systems and infrastructure, and the information they contain. For more information regarding the risks we face from cybersecurity threats, please see “Risk Factors.”
Company Information
Name | NORTECH SYSTEMS INC |
CIK | 0000722313 |
SIC Description | Electronic Components, NEC |
Ticker | NSYS - Nasdaq |
Website | |
Category | Non-accelerated filer Smaller reporting company |
Fiscal Year End | December 30 |