NANOVIRICIDES, INC. 10-K Cybersecurity GRC - 2024-09-27

Page last updated on September 27, 2024

NANOVIRICIDES, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-27 16:15:38 EDT.

Filings

10-K filed on 2024-09-27

NANOVIRICIDES, INC. filed a 10-K at 2024-09-27 16:15:38 EDT
Accession Number: 0001410578-24-001650

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C: CYBERSECURITY Cybersecurity Risk Management and Strategy We are a clinical stage biotechnology company focused on developing and commercializing new treatments for viral diseases. We and our third-party service providers, collect, process, transmit, and store sensitive data on our systems, including intellectual property, proprietary or confidential business information, and a variety of personal data. We rely on third parties, including cloud vendors, for various business functions. We select key third-party service providers based on several factors, including the type of data processed and the nature of services offered, and we oversee such key third-party service providers by conducting vendor diligence upon onboarding and ongoing monitoring, including a review of SOC-1 reports on an annual basis, where applicable. We have adopted processes designed to identify, assess and manage material risks from cybersecurity threats. Those processes include response to and an assessment of internal and external threats to the security, confidentiality, integrity and availability of our data and information systems, along with other material risks to our operations. In addition, we have implemented procedures over certain areas such as access on/offboarding and account management to help govern the processes put in place by management designed to protect our IT assets, data, and services from threats and vulnerabilities. Governance Management is responsible for the day-to-day management of the risks we face, while our board of directors has responsibility for the oversight of risk management, including risks from cybersecurity threats. The audit committee has primary responsibility for oversight of cybersecurity and is briefed on cybersecurity risks at least once a year and following any material cybersecurity incidents. Our board of directors receives periodic updates from our audit committee regarding matters of cybersecurity. Our board members also engage in ad hoc conversations with management on cybersecurity-related news events and discuss any significant updates to our cybersecurity risk management and initiatives. As of the date of this Annual Report on Form 10-K, we have not experienced a cybersecurity incident that resulted in a material effect on our business strategy, results of operations, or financial condition.

Company Information