INTELLIGENT BIO SOLUTIONS INC. 10-K Cybersecurity GRC - 2024-09-18

Page last updated on September 18, 2024

INTELLIGENT BIO SOLUTIONS INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-18 09:18:33 EDT.

Filings

10-K filed on 2024-09-18

INTELLIGENT BIO SOLUTIONS INC. filed a 10-K at 2024-09-18 09:18:33 EDT
Accession Number: 0001493152-24-036953

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. There have been an increasing number of cyberattacks on companies around the world, which have caused operational failures, compromised sensitive corporate or customer data, and/or resulted in significant financial damages. These attacks have occurred over the internet, through malware, viruses or attachments to e-mails, or through inside actors with access to systems within the organization. Risk Management and Strategy We have recently implemented additional security measures as part of an evolving cybersecurity posture and will continue to devote resources to address security vulnerabilities in an effort to prevent cyberattacks and mitigate the damage that could result from such an attack. All employees have recently (subsequent to June 30, 2024) begun receiving cybersecurity training and other education regarding their use of computers, information technology, and sensitive data including specifically how to recognize common attack strategies. As many of our applications are developed and managed by third parties, we are dependent on these providers for many functions including disaster recovery during a disaster or cyber incident. Our goal is to only utilize the most secure and trusted providers for our IT needs. To this end, we are currently reviewing the security credentials and certifications of our key application providers. Our business continuity plans are evaluated against evolving security and service level standards, which includes evaluating those cybersecurity threats associated with our use of key third party service providers. Our current cybersecurity management strategy consists of utilizing a combination of employee education, preventative controls, detective controls, and periodic cybersecurity testing. Our process and cybersecurity posture will continue to be refined based on the results of periodic cybersecurity assessments conducted internally and with our IT consultants and service providers, as needed. We have recently begun reporting on cybersecurity in reports to the Board of Directors and will continue to do so. Governance The Board of Directors is responsible for oversight of cybersecurity risk. Our Chief Financial Officer and Chief Executive Officer are the members of management responsible for managing and assessing our cybersecurity practices and have recently (subsequent to June 30, 2024) commenced reporting on such practices and risks. The plan for the future is that they will continue to report to the Board on cybersecurity at least quarterly. Should any cybersecurity threat or incident be detected, our senior management team would timely report such threat or incident to the Board of Directors and provide regular communications and updates throughout the incident and any subsequent investigation, in order that the impact, materiality, and reporting requirements of such incident are appropriately identified and assessed for further necessary or appropriate action to be taken. We believe we are appropriately staffed (as supported by IT consultants and service providers, as needed) to support a healthy cybersecurity posture given our size and scope. Our Chief Financial Officer, who reports to the Chief Executive Officer, is directly responsible for IT functions and has extensive experience as a chief financial officer, chief operating officer and special projects lead, with expertise in accounting, taxation, business advisory, business risks identification and management and business systems designs across many industries, including the application of IFRS and US GAAP for the life science industry. To date, there have been no risks identified from cybersecurity threats or previous cybersecurity incidents that have materially affected or are reasonably likely to materially affect the company. However, despite all of the above aforementioned efforts, a cyberattack, if it occurred, could cause system operational problems, compromise important data or systems or result in an unintended release of confidential information. See “Item 1A. Risk Factors” for additional discussion of cybersecurity risks impacting our Company.

Company Information