SOLITRON DEVICES INC 10-K Cybersecurity GRC - 2024-07-12

Page last updated on July 16, 2024

SOLITRON DEVICES INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-07-12 17:15:54 EDT.

Filings

10-K filed on 2024-07-12

SOLITRON DEVICES INC filed a 10-K at 2024-07-12 17:15:54 EDT
Accession Number: 0001654954-24-008904

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY . Like all companies that utilize technology, we are subject to threats of breaches of our technology systems. To mitigate the threat to our business, we take a comprehensive approach to cybersecurity risk management. Our Board and our management actively oversee our risk management program, including the management of cybersecurity risks. We have established policies, standards, processes and practices for assessing, identifying, and managing material risks from cybersecurity threats, including those discussed in our Risk Factors. We have devoted resources to implement and maintain security measures to meet regulatory requirements and shareholder expectations, and we intend to continue to make investments to maintain the security of our data and cybersecurity infrastructure. While there can be no guarantee that our policies and procedures will be properly followed in every instance or that those policies and procedures will be effective, we believe that the Company’s sustained investment in these efforts and technologies have put the Company in a position to protect against potential compromises, and we do not believe that risks from prior cybersecurity threats have materially affected our business to date. We can provide no assurance that there will not be incidents in the future or that past or future attacks will not materially affect us, including our business strategy, results of operations, or financial condition . Risk Management and Strategy: At a high level, the key objectives for the Company’s cybersecurity program are to implement and sustain effective security controls to stop intrusion attempts and to maintain and continuously improve its ability to respond to attacks and incidents. Success in achieving these objectives relies upon using quality technology solutions, cultivating and maintaining a team of skilled professionals, and improving processes continuously. Our cybersecurity program in particular focuses on the following key areas: Risk Assessment: At least annually, we conduct a cybersecurity risk assessment that takes into account information from our employees, known information security vulnerabilities, and information from external sources, including reported security incidents that have impacted other companies, industry trends, and evaluations by third parties and consultants. The results of the assessment are used to develop initiatives to enhance our security controls, make recommendations to improve processes, and inform a broader Company-wide risk assessment that are then reported to our Board and members of management. Technical Safeguards: We regularly assess and deploy technical safeguards designed to protect our information systems from cybersecurity threats. Such safeguards are regularly evaluated and improved based on vulnerability assessments, cybersecurity threat intelligence and incident response experience. Incident Response and Recovery Planning: We have established comprehensive incident response and recovery plans that guide our response in the event of a cybersecurity incident. We continuously test and evaluate the effectiveness of those plans.

Company Information