Metalert, Inc. 10-K Cybersecurity GRC - 2024-05-24

Page last updated on July 16, 2024

Metalert, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-05-24 16:34:39 EDT.

Filings

10-K filed on 2024-05-24

Metalert, Inc. filed a 10-K at 2024-05-24 16:34:39 EDT
Accession Number: 0001493152-24-021380

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C . CYBERSECURITY At MetAlert, we recognize the critical importance of maintaining the trust and confidence of our customers, partners, and employees. Our operations utilize multiple information systems, including accounting software, multiple selling platforms (SHOPIFY, AMAZON) and banking platforms. In the ordinary course of our business, we collect, DO NOT collect, process, transmit, disclose, and retain personal information regarding our employees, vendors, contractors, and customers (which can include social security numbers, social insurance numbers, banking and tax identification information, health care information for employees, and credit card information). To protect the information that we gather and the availability of our information systems from cybersecurity threats, we have an ongoing cybersecurity risk mitigation program, which includes maintaining up-to-date detection, prevention and monitoring systems. We define a cybersecurity threat as any potential unauthorized occurrence on or conducted through our information systems or information systems of a third party that we utilize in our business that may result in adverse effects on the confidentiality, integrity or availability of our information systems or any information residing therein. We comply with the annual PCI DSS survey report. We have filed and maintained our compliance for the past ten years. The Payment Card Industry Data Security Standard ( PCI DSS ) is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council, and its use is mandated by the card brands. It was created to better control cardholder data and reduce credit card fraud. Validation of compliance is performed annually or quarterly with a method suited to the volume of transactions: [1] ● Self-assessment questionnaire (SAQ) ● Firm-specific Internal Security Assessor (ISA) ● External Qualified Security Assessor (QSA) 25 Our cybersecurity risk management program includes: - Risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment and; - Company leadership managing our cybersecurity security controls, and response to cybersecurity incidents. The Audit Committee reports to the full board of directors regarding its activities, including those related to cybersecurity. Our management team is responsible for assessing and managing our material risks from cybersecurity threats. The team has primary responsibility for our overall cybersecurity risk management program. We have not encountered any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to affect us, including our business strategy, results of operations or financial condition. Notwithstanding the extensive approach we take to cybersecurity, we may not be successful in preventing or mitigating a cybersecurity incident that could have a material adverse effect on us cybersecurity laws and regulations could cause us to face litigation and penalties that could adversely affect our business, financial conditions, and results of operations.").

Company Information