Page last updated on February 25, 2025
MASIMO CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-02-25 17:19:23 EST.
Filings
10-K filed on 2025-02-25
MASIMO CORP filed a 10-K at 2025-02-25 17:19:23 EST
Accession Number: 0000937556-25-000032
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY Risk Management & Strategy Cybersecurity is integral to our risk management approach. We are reliant on information technology, and any interruption, failure, or security breach-including cybersecurity incidents-could adversely impact our operations and business continuity. To address these risks, we maintain a comprehensive, risk-based cybersecurity program focused on protecting sensitive data and systems. Our approach includes: - Layered Security (defense-in-Depth) : Implementing multiple levels of controls to safeguard against cyber threats. - Employee Awareness : Delivering mandatory cybersecurity training, conducting phishing simulations, and fostering a culture of vigilance. - Proactive Monitoring and Testing : Leveraging real-time monitoring, regular vulnerability assessments, and external audits to continuously evaluate and enhance defenses. - Preparedness : Maintaining and testing business continuity and disaster recovery plans with scenarios such as simulated cyberattacks. For more information on risks related to cybersecurity and data security, see Item 1A. “Risk Factors - Risks Related to Our Regulatory Environment” and “Risk Factors - General Risk Factors”. To date, no cybersecurity incidents or risks from cybersecurity threats have materially impacted our business strategy, results of operations, or financial condition. Key Elements of Our Cybersecurity Program Our cybersecurity program emphasizes: - Threat Awareness and Risk Identification : Engaging with industry groups and third-party experts to stay ahead of emerging threats. - Employee Training : Conducting annual training and phishing simulations to reinforce best practices. - Advanced Safeguards : Deploying comprehensive technical measures, including firewalls, intrusion detection systems, penetration tests, anti-malware, encryption, and access controls to secure our systems and data. - Vendor Management : Requiring contractual data protection safeguards and screening vendors for compliance during onboarding. - Incident Response : Maintaining up-to-date response and recovery plans, validated through regular tabletop exercises. - Compliance Standards : Adhering to recognized standards such as HITRUST, NIST CSF, ISO 27001, and PCI DSS. - Insurance : Partnering with leading insurers to maintain cyber liability coverage. Governance Our Audit Committee oversees our cybersecurity program and its alignment with overall risk management. This includes monitoring cybersecurity, data privacy and IT risks. Leadership of our cybersecurity efforts is provided by our VP, Global Information Security, a seasoned expert with over a decade of experience . This role ensures continuous program improvement and alignments with evolving threats and standards. Our executive team, including our Chief Financial Officer and Chief Information Officer, receive regular briefings on: - Cybersecurity trends and evolving threats; - Program effectiveness and risk mitigation strategies; and - Updates to regulatory and legal requirements related to data security and privacy. These briefings ensure cybersecurity considerations are integrated into strategic decisions, resource allocation, and risk mitigation planning. In accordance with our incident response plan, any material cybersecurity incidents are promptly reported to the Audit Committee to maintain transparency and oversight.
Company Information
| Name | MASIMO CORP |
| CIK | 0000937556 |
| SIC Description | Electromedical & Electrotherapeutic Apparatus |
| Ticker | MASI - Nasdaq |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 27 |