Hawkeye Systems, Inc. 10-K Cybersecurity GRC - 2024-09-30

Page last updated on October 1, 2024

Hawkeye Systems, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-09-30 17:28:35 EDT.

Filings

10-K filed on 2024-09-30

Hawkeye Systems, Inc. filed a 10-K at 2024-09-30 17:28:35 EDT
Accession Number: 0001477932-24-006059

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Disclosures. We rely upon internally and externally managed information technology systems and networks for the collection and storage of sensitive data and business information. We approach cybersecurity risks with a comprehensive risk management and governance strategy designed to assess, identify, and manage cybersecurity risks to our business. Risk Management and Strategy Our cybersecurity program is designed to detect cybersecurity threats and vulnerabilities, protect our information systems from such threats, and ensure the confidentiality, integrity, and availability of systems and information used, owned or managed by us. Our focus is on protecting sensitive information, such as personal information of our customers and employees, and confidential business information that could be leveraged by a competitor or a malicious actor. Our cybersecurity program has several components, including the adoption of information security protocols, standards, and guidelines consistent with best industry practices; engaging third-party service providers to conduct security assessments and penetration testing; and performing periodic internal audits of our cybersecurity protocols. We employ a risk-based process designed to manage cybersecurity risks presented by third-party vendors that may have access to our sensitive information and/or information technology (“IT”) systems. This process may consider the nature of the services provided, the sensitivity and quantity of information processed, the criticality of any potentially impacted IT systems, and/or the strength of the vendor’s cybersecurity practices. We monitor potential cybersecurity risks through tracking. These key risks are characterized by various factors such as the likelihood of us experiencing a particular type of cybersecurity incident, the speed at which each type of cybersecurity incident could impact the Company, and management’s assessment of the Company’s ability to respond quickly and efficiently. An incident response plan aligned with best practices guidelines governs our response to cybersecurity incidents. The incident response plan outlines how we can detect, analyze, contain, eradicate, recover, and perform post-incident activities in the event of a cybersecurity incident. It also contains an internal, risk-based escalation framework designed to ensure that all relevant individuals are promptly informed of any cybersecurity incident and dictates procedures for determining whether a cybersecurity incident is material without unreasonable delay. Material Effects from Risks of Cybersecurity Threats While we may experience minor data and cybersecurity incidents from time to time, to our knowledge, the risks posed by cybersecurity threats have not materially affected and are not reasonably likely to materially affect our business strategy, results of operations or financial condition. However, there can be no assurance that we will not be materially affected by such risks in the future. A successful cybersecurity attack may expose us to misuse of information or systems, the compromising of confidential information, manipulation or destruction of data, production downtimes, and operations disruptions. Governance Role of Management One of the key functions of our executive officers, in connection with our IT team, is informed oversight of our risk management process, which includes risks from cybersecurity threats. Our executive ooficers monitor and assess strategic risk exposure, and manage the material risks we face. Our executive officers who have experience in IT, work with our board of directors to manage our cybersecurity policies and processes. Together, they stay informed and manage how we identify, address, prevent and resolve cybersecurity issues and related matters. They also track how we prevent, identify, lessen, and address cybersecurity issues. This is done through regular checks of our systems, tests to identify security weaknesses, and maintaining an incident response plan. In addition to such regular system checks, our executive officers, together with the board of directors, regularly discuss active, emerging and potential cybersecurity risks. They keep each other informed about significant changes affecting cybersecurity, and they periodically update management with these changes, as well as our cybersecurity risks, so that management can administer its oversight function as a part of its broader oversight and risk management.

Company Information