AIR INDUSTRIES GROUP 10-K Cybersecurity GRC - 2024-04-15

Page last updated on July 16, 2024

AIR INDUSTRIES GROUP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-15 17:03:08 EDT.

Filings

10-K filed on 2024-04-15

AIR INDUSTRIES GROUP filed a 10-K at 2024-04-15 17:03:08 EDT
Accession Number: 0001213900-24-033018

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY We regularly review our cybersecurity defenses to assess our vulnerability to cybersecurity attacks from viruses, malware and more sophisticated and targeted cyber-related attacks such as hackers looking to demand ransomware or access our systems to obtain information and data, as well as our vulnerability to cybersecurity failures resulting from human error and technological errors. We rely upon internal information technology (“IT”) personnel working in conjunction with specialized outside security consultants on a day-to-day basis to conduct reviews and upgrade our systems when determined to be necessary. Our overall strategy in combatting cybersecurity risks includes a variety of measures, including: ● the use of antivirus software, virtual private networks, email security, as well as other software and system-wide measures such as multi-factor authorization to prevent and detect data intrusions; ● deployment of updates and patches as they become available from our software suppliers and consultants and maintaining the current versions of major software to reduce the exposure to vulnerabilities; ● the use of third-party services to conduct mandatory online training for all employees regarding identifying and avoiding cyber-security risks; ● the review of the security procedures used by third parties that may host or otherwise have access to our systems; ● the deployment of third-party cybersecurity experts to perform penetration testing on our internal and external networks and systems in an effort to identify potential vulnerabilities; and ● consideration of the cybersecurity risks posed by interacting with current and potential third-party service providers, suppliers and customers. We are not aware of any weakness in our systems or malware embedded in our systems that are likely to would materially affect, or are reasonably likely to materially affect, our operations. Day-to day management of cybersecurity threats is conducted by our IT department in conjunction with outside service providers, which is charged with identifying and reporting threats to senior management. On a quarterly basis, cybersecurity is reviewed by our Chief Executive Officer and Chief Financial Officer, who are expected to report to the Audit Committee. Board Oversight The Audit Committee of our Board of Directors, which is composed of all non-employee directors, is responsible for oversight of our efforts to eliminate cybersecurity risks. The Audit Committee meets regularly with our Chief Executive Officer and Chief Financial Officer and, in turn, reports its finding to the Board of Directors. 18


Company Information

NameAIR INDUSTRIES GROUP
CIK0001009891
SIC DescriptionAircraft Parts & Auxiliary Equipment, NEC
TickerAIRI - NYSE
Website
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30