Crucial Innovations, Corp. 10-K Cybersecurity GRC - 2024-12-10

Page last updated on December 10, 2024

Crucial Innovations, Corp. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-12-10 08:58:06 EST.

Filings

10-K filed on 2024-12-10

Crucial Innovations, Corp. filed a 10-K at 2024-12-10 08:58:06 EST
Accession Number: 0001712543-24-000074

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Our operations and other aspects of our business rely heavily on various information technology systems which are largely managed by third parties. We face significant cybersecurity threats, which are continuously increasing in sophistication, including computer viruses, internal and external security breaches, and other cyber-attacks. These threats could disrupt our operations, lead to the loss of confidential information, and hinder our ability to accurately report our financial results in a timely manner. We have adopted a Cybersecurity Policy to create effective administrative, technical, electronic, and physical protections to safeguard the personal information of Company personnel, confidential information concerning our operations and the integrity of the Company’s information systems. We have created an Information Security Team to implement and administer our Cybersecurity Policy. Among the duties and responsibility of our Information Security Team are the following: · Ensuring that all CINV personnel are aware of the Cybersecurity Policy and agree to adhere to its requirements; · Establishing that information concerning the Company is stored on encrypted cloud-based servers accessible only by authorized CINV personnel; · Providing that all of the Company’s information systems are backed up daily, with offline copies available in the event that a major security issue arises; · Testing and evaluating cybersecurity safeguards via the use of third-party information technology service providers; · Reviewing the security measures in the Company’s Cybersecurity Policy annually or when there is a change in applicable laws or regulations or in business activities of Equus; and · Conducting training as necessary for all CINV personnel; and · Reporting cybersecurity matters to our Board of Directors who provide oversight of our Information Security Team. We utilize third-party services and tools for identifying, protecting against, and detecting cyber incidents, and also partner with external vendors to augment our internal security capabilities. Additionally, we engage third-parties to conduct independent assessments of our cybersecurity infrastructure to evaluate the efficiency and effectiveness of our detection capabilities, along with our response mechanisms, and overall risk management. Our approach to managing cybersecurity risks is part of a continuous improvement process, both in the context of cybersecurity and broader operational risk management. This ongoing process, which includes personnel training, is aimed at routinely reviewing and, as necessary, improving, our oversight processes and tools to ensure they remain effective and resilient in their management of cybersecurity risk. Material Impact of Cybersecurity Threats While we have yet to experience a material cybersecurity event, we acknowledge the persistent and evolving nature of these threats, which have the potential to materially impact our business strategy, operations, and financial results adversely. We maintain robust policies and procedures focused on cybersecurity incident management, ensuring timely communication and escalation to all relevant stakeholders. This enables faster response and effective communication, including public disclosure if a material cybersecurity event were to occur. Board of Directors Oversight Our Board of Directors oversees risks related to cybersecurity, including the security of our corporate, financial, and operations information and the steps management is taking to monitor and control these risks. In the future, our Information Security Team will conduct regular meetings with our independent directors to discuss various compliance matters, including any cybersecurity issues.

Company Information