Page last updated on July 16, 2024
Bright Mountain Media, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-01 17:27:46 EDT.
Filings
10-K filed on 2024-04-01
Bright Mountain Media, Inc. filed a 10-K at 2024-04-01 17:27:46 EDT
Accession Number: 0001628280-24-014146
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY Risk management and strategy Cybersecurity is a critical aspect of our operations, and our board of directors and management prioritize safeguarding our digital assets and ensuring the integrity and confidentiality of sensitive information to protect our assets, customers, and stakeholders. Our cybersecurity program is managed by our Global IT Director and overseen by our executive leadership team and board of directors. It encompasses risk management, a management framework, governance, education and training across the organization, SOC2 compliance, and an incident response protocol. We employ a proactive risk management strategy to identify, assess, track, and mitigate cyber security risks. Our risk assessment process involves continuous monitoring of our IT infrastructure, external vulnerability assessments, and reviews of our third-party relationships. We prioritize risks based on their potential impact on our operations and implement targeted controls and safeguards to mitigate identified threats. Our Cybersecurity management framework is aligned with the Cybersecurity Framework (CSF) developed by the National Institute of Standards and Technology (NIST) and COBIT 2019. This framework provides a structured approach to managing our policies, standards, and processes, improving our cyber security posture. Additionally, we maintain SOC2 compliance, demonstrating our adherence to industry-recognized security standards and best practices. Our board of directors and our executive leadership team, through our Information Security Executive Charter, oversee our risk management program, of which cybersecurity represents an important component. Our Global IT Director is responsible for managing our risk management program, including our cybersecurity strategies and initiatives and the periodic review of our policies, standards, and risks. Our Global IT Director has over 25 years of experience in technology and security. Our executive leadership approves cyber security strategies, initiatives, and investments to ensure alignment with business objectives and risk tolerance. In the event of a cyber security incident, we would follow an incident response protocol that includes procedures for incident tracking, escalation, containment, eradication, and recovery. As part of our incident response process, we would adhere to SEC reporting requirements related to cyber security incidents, providing timely and transparent disclosures as necessary. Cybersecurity threats, and their evolving nature, pose a risk to us and our strategy, results of operations, and financial condition in the future. Our risk factors include further detail about the cybersecurity risks we face. To date, cybersecurity threats or incidents have not materially affected us or our operations. Our focus on risk management, governance, compliance, and incident response is intended to mitigate the potential harm posed by evolving cyber threats and challenges.
Company Information
Name | Bright Mountain Media, Inc. |
CIK | 0001568385 |
SIC Description | Services-Computer Programming Services |
Ticker | BMTM - OTC |
Website | |
Category | Non-accelerated filer Smaller reporting company |
Fiscal Year End | December 30 |