Page last updated on December 19, 2024
Optex Systems Holdings Inc reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-12-19 16:00:52 EST.
Filings
10-K filed on 2024-12-19
Optex Systems Holdings Inc filed a 10-K at 2024-12-19 16:00:52 EST
Accession Number: 0001493152-24-050771
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy We recognize the increasing volume and sophistication of cyber threats and take our responsibility to protect the information and systems under our purview seriously. We consider cybersecurity threat risks alongside other Company risks as part of our overall risk assessment process. Our cybersecurity processes aim to provide a comprehensive approach to assess, identify, manage, mitigate, and respond to cybersecurity threats. We maintain a cybersecurity risk program predicated on a risk-based approach. We use cost-effective controls that are commensurate with the risk and sensitivity of our specific information systems, control systems and enterprise data. Our cybersecurity program incorporates best practices and industry standards from multiple sources and is designed to comply with applicable regulations. The cybersecurity program includes, but is not limited to, the following elements: risk assessment, policies and procedures, training and awareness, auditing, log collection and analysis, threat hunting and intelligence surveillance, compliance monitoring and testing, and incident response. Our internal professionals collaborate with external subject matter specialists, as necessary. All third parties engaged for such matters are subjected to scrutiny to ensure they satisfy our security standards. We periodically review our third-party engagements to ensure that the providers maintain the necessary levels of protection and competency, as well as to oversee and identify potential cybersecurity risks and/or threats from such engagements. We describe how risks from cybersecurity threats could materially affect us, including our business strategy, results of operations, or financial condition, as part of our risk factor disclosures at Part I, Item 1A, “Risk Factors” of this Annual Report on Form 10-K. Cybersecurity Governance Cybersecurity is an important part of our risk management processes and an area of focus for our Board and management. Our Board is responsible for oversight of our cybersecurity risk, including the effectiveness of cybersecurity risk management policies and protocols, while our Facilities Security Officer (“FSO”), and IT Manager are responsible for assessing and managing cybersecurity risk. We use a third-party service which monitors the Company’s security threats twenty-four hours each day throughout the year. Any detected deviation from the expected operating parameters will initiate a communication to our IT Manager for investigation and remediation of the detected deviation in a timely manner. Our IT Manager provides timely reports on cyber security incidents to the FSO, Danny Schoening, who also serves as the CEO and as Chairman of the board of directors. These reports may in turn be presented to the full board depending on the severity of the incident. In the event of a major incident, the Company’s Incident Response policy will be executed and the appropriate parties notified.
Company Information
| Name | Optex Systems Holdings Inc |
| CIK | 0001397016 |
| SIC Description | Optical Instruments & Lenses |
| Ticker | OPXS - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | September 30 |