URBAN ONE, INC. 10-K Cybersecurity GRC - 2024-06-07

Page last updated on July 16, 2024

URBAN ONE, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-06-07 16:54:58 EDT.

Filings

10-K filed on 2024-06-07

URBAN ONE, INC. filed a 10-K at 2024-06-07 16:54:58 EDT
Accession Number: 0001558370-24-009018

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBER SEC URITY Disclosure Regarding Cybersecurity Risk Management Assessment and Management of Cybersecurity Risks: We have established a robust framework for the assessment, identification, and management of material risks arising from cybersecurity threats. Our approach to cybersecurity risk management includes ongoing assessments of potential threats and vulnerabilities, coupled with the implementation of safeguards and controls to mitigate these risks. We maintain vigilance over the cybersecurity landscape to identify emerging threats, adapting our strategies accordingly. Our cybersecurity risk management process includes: ● Regular risk assessments to systematically identify and prioritize cybersecurity risks; ● Implementation of advanced technical controls, encryption, and intrusion detection systems to safeguard sensitive data; ● Employee training and testing programs designed to enhance awareness about cybersecurity best practices; ● Collaboration with third-party cybersecurity experts for conducting penetration testing; vulnerability assessments and providing support in the triage of any cybersecurity event; and ● Select processes to review and manage the risks associated with third-party service providers. Material Effects of Cybersecurity Threats and Incidents: We acknowledge the potential material impact that cybersecurity threats and incidents can have on our operations, financial condition, and reputation. While we did not experience any significant cybersecurity incidents during the reporting period, we recognize that such incidents could include: ● Disruption of our operations, potentially leading to revenue loss; ● Unauthorized access to or theft of sensitive customer information, resulting in legal and regulatory implications; and ● Damage to our brand and reputation, which could affect customer trust and investor confidence. Board Oversight: Our Board of Directors plays a significant role in overseeing our cybersecurity risk management efforts. The Board receives periodic updates from the Chief Information Officer (“CIO”) on our cybersecurity posture, encompassing reports on potential threats, vulnerabilities, and the efficacy of our risk mitigation measures. These updates are provided based on internal reports from the tools employed and managed by the IT organization and reports generated by a managed security service provider overseen by the Chief Information Security Officer (“CISO”). The Board is committed to ensuring that cybersecurity is a priority for the organization, providing the necessary resources and expertise to address evolving threats effectively. Management’s Role and Expertise: Our management team is actively involved in the assessment and management of cybersecurity risks. We have a CIO overseeing the Company’s technology infrastructure and a designated a CISO responsible for cybersecurity program oversight. The CISO possesses over two decades of comprehensive experience in the information technology landscape, augmented by a robust background in program management. With a portfolio enriched by industry certifications and advanced academic degrees, including an MBA, the CISO stands as a seasoned leader within our corporate information security domain. The CISO collaborates with cross-functional teams to implement and uphold our cybersecurity policies and practices. Our executive leadership team is aligned with our cybersecurity objectives and regularly reviews our cybersecurity-related initiatives.

Company Information