Metagenomi, Inc. 10-K Cybersecurity GRC - 2024-03-27

Page last updated on October 1, 2024

Metagenomi, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-27 08:44:41 EDT.

Filings

10-K filed on 2024-03-27

Metagenomi, Inc. filed a 10-K at 2024-03-27 08:44:41 EDT
Accession Number: 0000950170-24-036838

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Cybersecurity Risk Management and Strategy We have implemented a cybersecurity program in accordance with our risk profile and business size that is informed by recognized industry standards, including elements of the National Institute of Standards and Technology Cybersecurity Framework. We leverage the cybersecurity services of third-party vendors, including virtual chief information security officer services, to support out cybersecurity risk management program. Our cybersecurity risk management program is comprised of a number of components, including but not limited to a risk assessment incorporating elements of industry standard frameworks, penetration testing, endpoint detection and response, and system monitoring. We have an employee training program that includes annual cybersecurity awareness training that is reinforced by approximately monthly phishing campaigns. We also maintain an incident response plan and related processes to help guide our response to cybersecurity incidents. As part of our cybersecurity risk management program, we take a risk-based approach to the evaluation of third-party vendors, and apply mitigations and processes based on our evaluation of the sensitivity of the data accessed by the vendor and the maturity of the vendor’s programs. Our current vendor evaluation procedures include, as appropriate, a review of certain vendors’ security standards. We have not identified any cybersecurity incidents or threats that have materially affected us or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. However, like other companies in our industry, we and our third-party vendors have experienced threats relating to our and our third-party vendors’ information systems. For more information, please see “Item 1A, Risk Factors.” Governance Related to Cybersecurity Risks Our Head of Information Technology (“Head of IT”) is responsible for the strategic leadership and direction of the Company’s information technology organization. Our current Head of IT has over thirty years of experience leading information technology teams 135 in the life sciences industry. The Head of IT reviews threat intelligence, and receives updates from the Company’s third-party providers, to help identify risks from cybersecurity threats. The Head of IT reports to the Chief Financial Officer (CFO) , and attends regular meetings with the CFO to discuss updates relating to the Company’s cybersecurity program. The Head of IT also provides cybersecurity updates on a quarterly basis to the Company’s executive team. The Board of Directors has delegated oversight of cybersecurity risk management to the Audit Committee. The Audit Committee reviews the Company’s major cybersecurity risk exposures and the steps that the Company’s management has taken to monitor and control such exposures. Specifically, the Audit Committee reviews reports on data management, security initiatives, and significant existing and emerging cybersecurity risks, including material cybersecurity incidents, the impact on the Company and its stakeholders of any significant cybersecurity incident, and any disclosure obligations arising from any such incidents.


Company Information

NameMetagenomi, Inc.
CIK0001785279
SIC DescriptionBiological Products, (No Diagnostic Substances)
TickerMGX - Nasdaq
Website
Category
Emerging growth company
Fiscal Year EndDecember 30