GOLUB CAPITAL BDC, Inc. 10-K Cybersecurity GRC - 2024-11-19

Page last updated on November 19, 2024

GOLUB CAPITAL BDC, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-11-19 16:05:57 EST.

Filings

10-K filed on 2024-11-19

GOLUB CAPITAL BDC, Inc. filed a 10-K at 2024-11-19 16:05:57 EST
Accession Number: 0001476765-24-000132

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity . The Company has processes in place to assess, identify, and manage material risks from cybersecurity threats. The Company’s business is dependent on the communications and information systems of GC Advisors and other third-party service providers. GC Advisors manages the Company’s day-to-day operations and has implemented a cybersecurity program that applies to the Company and its operations. Cybersecurity Program Overview GC Advisors has instituted a cybersecurity program designed to identify, assess, and manage cyber risks applicable to the Company. GC Advisors’ cyber risk management program involves risk assessments, implementation of security measures, and ongoing monitoring of systems and networks, including networks on which the Company relies. GC Advisors actively monitors the current threat landscape in an effort to identify material risks arising from new and evolving cybersecurity threats, including material risks faced by the Company. The Company relies on GC Advisors to engage external experts, including cybersecurity assessors, consultants, and auditors to evaluate cybersecurity measures and risk management processes, including those applicable to the Company. The Company relies on GC Advisors’ risk management program and processes, which include cyber risk assessments. 85 TABLE OF CONTENTS The Company depends on and engages various third parties, including suppliers, vendors, and service providers, to operate its business. The Company relies on the expertise of risk management, legal, information technology, and compliance personnel of GC Advisors when identifying and overseeing risks from cybersecurity threats associated with the Company’s use of such entities. Board Oversight of Cybersecurity Risks The Board provides strategic oversight on cybersecurity matters, including risks associated with cybersecurity threats. The Board receives periodic updates from the Company’s Chief Financial Officer (“CFO”) and Chief Compliance Officer (“CCO”) regarding the overall state of GC Advisors’ cybersecurity program, information on the current threat landscape, and risks from cybersecurity threats and cybersecurity incidents impacting the Company. Management’s Role in Cybersecurity Risk Management GC Advisors’ internal cybersecurity team, headed by GC Advisors’ Chief Information Officer (“CIO”), are responsible for the cybersecurity program applicable to the Company (including enterprise-wide cybersecurity strategy, policies, standards, engineering, architecture, and processes), and along with the Company’s CCO and a Disclosure Committee that is headed by the Company’s CFO (the “Disclosure Committee”), are responsible for assessing and managing material risks from cybersecurity threats that impact the Company. The CFO and CCO of the Company oversee the Company’s oversight function generally and rely on GC Advisors’ CIO and cybersecurity team to assist with assessing and managing material risks from cybersecurity threats. The Company’s CFO has been responsible for this oversight function as CFO to the Company for over three years and has worked in the financial services industry for more than eighteen years, during which time the CFO has gained expertise in assessing and managing risk applicable to the Company. The Company’s CCO has been responsible for this oversight function as CCO to the Company for thirteen years and has worked in the financial services industry for more than twenty years, during which time the CCO has gained expertise in assessing and managing risk applicable to the Company. The Advisors’ CIO has been responsible for her function for over four years and has worked in the financial services industry for more than fifteen years, during which time the CIO has gained expertise in assessing and managing risk applicable to the Company. Management of the Company, including the CCO and the Company’s Disclosure Committee, is informed about and monitors the prevention, detection, mitigation, and remediation of cybersecurity incidents impacting the Company, including through the receipt of notifications from service providers and reliance on communications with risk management, legal, information technology, and/or compliance personnel of GC Advisors. Assessment of Cybersecurity Risk The potential impact of risks from cybersecurity threats on the Company are assessed on a regular basis, and how such risks could materially affect the Company’s business strategy, operational results, and financial condition are regularly evaluated. During the reporting period, the Company has not identified any risks from cybersecurity threats, including as a result of previous cybersecurity incidents, that the Company believes have materially affected, or are reasonably likely to materially affect, the Company, including its business strategy, operational results, and financial condition.

Company Information