iBio, Inc. 10-K Cybersecurity GRC - 2024-09-20

Page last updated on September 20, 2024

iBio, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-20 16:14:04 EDT.

Filings

10-K filed on 2024-09-20

iBio, Inc. filed a 10-K at 2024-09-20 16:14:04 EDT
Accession Number: 0001420720-24-000038

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity . We maintain a cyber risk management protocol designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. The underlying processes and controls of our cyber risk management protocol incorporate recognized best practices and standards for cybersecurity and information technology, including the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework (“CSF”). In addition, we maintain policies over areas such as information security, access on/offboarding, and access and account management, to help govern the processes put in place by management designed to protect our IT assets, data, and services from threats and vulnerabilities. We consult with a third-party specialist with regard to our cyber risk management processes and controls. Our management team is responsible for oversight and administration of our cyber risk management protocol, and for informing senior management and other relevant stakeholders regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents. iBio’s management team has prior experience selecting, deploying, and overseeing cybersecurity technologies, initiatives, and processes and relies on threat intelligence as well as other information obtained from governmental, public, or private sources. Our Audit Committee also provides oversight of risks from cybersecurity threats. As part of its review of the adequacy of our system of internal controls over financial reporting and disclosure controls and procedures, the Audit Committee is specifically responsible for reviewing the adequacy of our computerized information system controls and security related thereof. The cybersecurity stakeholders, including member(s) of management assigned with cybersecurity oversight responsibility and/or third-party consultants providing cyber risk services, brief the Audit Committee on cyber vulnerabilities identified through the risk management process, the effectiveness of our cyber risk management program, and the emerging threat landscape and new cyber risks on at least an annual basis. This includes updates on iBio’s processes to prevent, detect, and mitigate cybersecurity incidents. In addition, cybersecurity risks are reviewed by our Board of Directors at least annually, as part of the Company’s corporate risk oversight processes. We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows or reputation. iBio acknowledges that the risk of cyber incidents is prevalent in the current threat landscape and that a future cyber incident may occur in the normal course of its business. To date, we have not had a cybersecurity incident. We proactively seek to detect and investigate unauthorized attempts and attacks against our IT assets, data, and services, and to prevent their occurrence and recurrence where practicable through changes or updates to internal processes and tools and changes or updates to service delivery; however, potential vulnerabilities to known or unknown threats will remain. Further, there is increasing regulation regarding responses to cybersecurity incidents, including reporting to regulators, investors, and additional stakeholders, which could subject us to additional liability and reputational harm. See Item 1A. “Risk Factors” for more information on cybersecurity risks.


Company Information

NameiBio, Inc.
CIK0001420720
SIC DescriptionPharmaceutical Preparations
TickerIBIO - NYSE
Website
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndJune 29