Page last updated on July 16, 2024
STAR EQUITY HOLDINGS, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-22 16:23:17 EDT.
Filings
10-K filed on 2024-03-22
STAR EQUITY HOLDINGS, INC. filed a 10-K at 2024-03-22 16:23:17 EDT
Accession Number: 0000707388-24-000025
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY Risk Management and Strategy We identify and address cybersecurity threats and risks related to our business using an interdisciplinary approach that includes assessments primarily by our management, IT team and legal department. To defend against, detect and respond to cybersecurity incidents, we employ a multi-layered approach that has been integrated into our overall risk management systems and processes which includes, among other things: conducting proactive privacy and cybersecurity reviews of systems and applications, auditing applicable data policies, conducting employee training, monitoring emerging laws and regulations related to data protection and information security and continuously improving controls and implementing appropriate changes. The cybersecurity-control principles that form the basis of our cybersecurity program are informed by the National Institute of Standards and Technology Cybersecurity Framework. Our management performs an annual review of third-party service providers’ SOC reports to verify appropriate controls are in place. In 2023, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. However, despite our ongoing efforts, we cannot eliminate all risks from cybersecurity threats, or provide assurances that we have not experienced undetected cybersecurity incidents. Please refer to the risk factor titled “We rely on information technology in our operations, and any material failure, inadequacy, interruption or security failure of that technology could materially harm our business.” in “Risk Factors” in Part I, Item 1A of this Form 10-K for more information on the risks posed to us by cybersecurity threats. Cybersecurity Governance Cybersecurity is an important part of our risk management processes and is an area of focus for our board of directors and management. Our board of directors, as a whole, has oversight responsibility for our strategic and operational risks, and ensures that appropriate risk mitigation strategies are implemented by management. Our audit committee assists the board of directors with this responsibility by periodically reviewing and discussing our risk assessment and risk management practices, including cybersecurity risks, with members of our management team, which is responsible for the assessment and management of cybersecurity risks. In addition, we have retained an external consultant to serve as our internal audit function and to support our cybersecurity risk management and governance practices. Our consultant has substantial experience in cybersecurity risk management and information technology, including security, compliance, systems and programming and reports to our audit committee and our board of directors on any appropriate items.
Company Information
Name | STAR EQUITY HOLDINGS, INC. |
CIK | 0000707388 |
SIC Description | Electromedical & Electrotherapeutic Apparatus |
Ticker | STRR - NasdaqSTRRP - Nasdaq |
Website | |
Category | Non-accelerated filer Smaller reporting company |
Fiscal Year End | December 30 |