COGNITION THERAPEUTICS INC 10-K Cybersecurity GRC - 2024-03-26

Page last updated on July 16, 2024

COGNITION THERAPEUTICS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-26 16:16:12 EDT.

Filings

10-K filed on 2024-03-26

COGNITION THERAPEUTICS INC filed a 10-K at 2024-03-26 16:16:12 EDT
Accession Number: 0001558370-24-003949

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cyber Risk Management and Strategy Cognition Therapeutics, Inc. has implemented and maintains an enterprise risk management program that includes processes designed to identify, assess, and mitigate cybersecurity risks. These processes include the deployment of third-party security solutions and tools designed to monitor, identify, and address cybersecurity risks. We engage a third-party information technology advisor to support our cyber risk management efforts and, periodically, we engage additional third-party consultants for penetration testing and threat simulation exercises. We also maintain processes to assess and review the cybersecurity practices of third-party vendors and service providers prior to onboarding, including through review of System and Organization Controls (SOC) reports provided by potential vendors and inclusion of security requirements in contracts, as appropriate. We, like other companies in our industry, face a number of risks from cybersecurity threats in connection with our business. Although such risks have not materially affected, and we do not believe they are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition, to date, we have, from time to time, experienced threats related to our data and systems, including phishing attacks. For more information about risks from cybersecurity threats, see the risk factor entitled “Significant disruptions of information technology systems and infrastructure, breaches of data security and other incidents could materially adversely affect our business, results of operations and financial condition” included in Item 1A “Risk Factors.” Governance Related to Cybersecurity Risks Our cyber risk management program and related operations and processes are managed by the Chief Financial Officer in consultation with other members of the finance team of the company, who collectively have expertise and experience in accounting, financial reporting and auditing, and law and compliance, including as it relates to the assessment of the adequacy of cybersecurity processes. The Corporate Controller reports to and meets with the Chief Financial Officer periodically to discuss and review risk management processes related to cybersecurity and potential cybersecurity risks, with input from the Company’s third-party information technology advisor as appropriate. The Chief Financial Officer reports on a quarterly basis to the audit committee, which oversees cybersecurity risks pursuant to the audit committee charter. The audit committee is responsible for discussing cybersecurity-related risks with management, including the steps management has taken to monitor and control such risks, including our risk assessment and risk management policies. The Chief Financial Officer and the audit committee periodically report on cybersecurity risk management to the board of directors. The board of directors, as a whole and through its committees, has responsibility for the oversight of risk management. In its risk oversight role, the board of directors has the responsibility to confirm that the risk management processes designed and implemented by management are appropriate and functioning as designed.


Company Information

NameCOGNITION THERAPEUTICS INC
CIK0001455365
SIC DescriptionBiological Products, (No Diagnostic Substances)
TickerCGTX - Nasdaq
Website
CategoryNon-accelerated filer
Smaller reporting company
Emerging growth company
Fiscal Year EndDecember 30