Page last updated on July 16, 2024
CEA Industries Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-29 16:05:54 EDT.
Filings
10-K filed on 2024-03-29
CEA Industries Inc. filed a 10-K at 2024-03-29 16:05:54 EDT
Accession Number: 0001493152-24-011974
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity We have a cybersecurity program to identify, monitor, and mitigate cybersecurity risks. The security program consists of responsibilities for information security and incident response and is overseen by a third-party consultant with guidance from subcontracted cybersecurity vendors that our third-party consultant contracts. We consider cybersecurity risks alongside other company risks and consult with subject matter experts where necessary to identify cybersecurity risks, and evaluate their nature and severity. Management offers cybersecurity updates to the Audit Committee on at least an annual basis, and more frequently if circumstances warrant. These briefings include assessments of risks, the threat landscape, and updates on any incidents. Our third-party consultant provides and assists with implementation on a formal IT Security Policy to provide appropriate governance over information security including control requirements for change management and patching, multifactor authentication, data backup, security monitoring, and mobile device management. Management coordinates with its third-party consultant on security controls and any issues are reported to the Audit Committee. In addition, we carry insurance that provides levels of reimbursement protection against the potential losses arising from a cybersecurity incident; however, the insurance may not cover all the costs that we might incur, and we may suffer direct economic loss. 26 We have not had any reportable cybersecurity breaches, including what we may perceive or recognize as cybersecurity incidents or credible threats during the fiscal year ended December 31, 2023. To date, as a result, there has not been any material adverse effect on our business operations or financial condition. If there is a cybersecurity attack and an infiltration of our files, data, customer data and the like, there would be a material adverse effect on our business, our reputation, our operations and financial condition. For example, our reputation would be damaged in the event of a cybersecurity infiltration. If there were a cybersecurity infiltration, we could lose access to our data which would disrupt our operations, and we even may not be able to operate. Such a loss of access might be temporary or permanent, and it might be localized or general. The level of disruption will depend on our backup systems. Our clients financial and other data could be taken and used against us reputationally or to damage our clients in different ways. In the latter instance, we may be liable for monetary damages to our clients. We may be held for cyber ransom, which would be loss to our financial resources. Our inability to operate, payment of damages, payment of ransom, and the costs of reparation of our systems, consultants and tangential expenses will all result in damage to our business and our financial resources.
Company Information
Name | CEA Industries Inc. |
CIK | 0001482541 |
SIC Description | Agricultural Services |
Ticker | CEAD - NasdaqCEADW - Nasdaq |
Website | |
Category | Non-accelerated filer Smaller reporting company |
Fiscal Year End | December 30 |