Page last updated on December 17, 2024
NEUROONE MEDICAL TECHNOLOGIES Corp reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-12-17 08:29:19 EST.
Filings
10-K filed on 2024-12-17
NEUROONE MEDICAL TECHNOLOGIES Corp filed a 10-K at 2024-12-17 08:29:19 EST
Accession Number: 0001213900-24-109524
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY Our corporate information technology, communication networks, enterprise applications, accounting and financial reporting platforms, and related systems are necessary for the operation of our business. We use these systems, among others, to manage our product development, to communicate internally and externally, to operate our accounting and record-keeping functions, to store and access data including sensitive patient data and for many other key aspects of our business. Our business operations rely on the secure collection, storage, transmission, and other processing of proprietary, confidential, and sensitive data. Our Chief Financial Officer leads our information security organization (overseeing work done by a third party IT services company) and reports to the Chief Executive Officer and Board of Directors of any material information regarding such cybersecurity matters. Risk Management and Strategy We recognize the importance of assessing, identifying, and managing material risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K. These risks include, among other things: operational risks, intellectual property theft, fraud, extortion, harm to employees, customers or patients, violation of data privacy or security laws, litigation, and legal, financial and reputational risk. In coordination with third-party consultants, we have implemented and maintain various information security processes designed to identify, assess and manage material risks from cybersecurity threats to our critical systems and data. Depending on the environment, we implement and maintain various technical, physical, and organizational measures, processes, standards, and/or policies designed to manage and mitigate material risks from cybersecurity threats to our information systems and data, including risk assessments, incident detection and response, vulnerability management, disaster recovery and business continuity plans, internal controls within our accounting and financial reporting functions, encryption of data, network security controls, access controls, physical security, asset management, systems monitoring, vendor risk management program and employee training. We conduct annual reviews and tests of our information security program to evaluate its effectiveness and improve our security measures and planning. To operate our business, we utilize certain third-party service providers and vendors to support a variety of functions. We seek to engage reliable, reputable service providers and vendors that maintain cybersecurity programs, and we implement a vetting process to ensure that all third-party service providers and venders comply with our cybersecurity program requirements. Depending on the nature of the services provided, the sensitivity and quantity of information processed, and the identity of the service provider, our vendor management process may include reviewing the cybersecurity practices of such provider, contractually imposing obligations on the provider, conducting security assessments, and conducting periodic reassessments during their engagement. We are not aware of any risks from cybersecurity threats, including as a result of any cybersecurity incidents, which have materially affected or are reasonably likely to materially affect our Company, including our business strategy, results of operations, or financial condition. Governance Our Board of Directors holds oversight responsibility for the Company’s strategy and risk management, including material risks related to cybersecurity threats. Oversight of such cybersecurity risks is executed directly by the Board of Directors. The Board receives reports and engages in regular discussions with management regarding the Company’s significant risk exposures resulting from material cybersecurity threats and the measures implemented to monitor and reasonably manage these risks.
Company Information
Name | NEUROONE MEDICAL TECHNOLOGIES Corp |
CIK | 0001500198 |
SIC Description | Surgical & Medical Instruments & Apparatus |
Ticker | NMTC - Nasdaq |
Website | |
Category | Non-accelerated filer Smaller reporting company |
Fiscal Year End | September 29 |