Page last updated on March 12, 2025
Anteris Technologies Global Corp. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-12 17:02:13 EDT.
Filings
10-K filed on 2025-03-12
Anteris Technologies Global Corp. filed a 10-K at 2025-03-12 17:02:13 EDT
Accession Number: 0001140361-25-008455
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Cybersecurity Risk Management and Strategy The operation of our business depends on our information technology systems. We rely on our information technology systems to effectively manage sales and marketing data, accounting and financial functions, inventory management, product development tasks, clinical data, customer service and technical support functions. Our information technology infrastructure and products are vulnerable to cyber-based attacks. Cyber-based attacks can include computer viruses, denial-of-service attacks, phishing attacks, ransomware attacks and other introduction of malware to computers and networks; unauthorized access through the use of compromised credentials; exploitation of design flaws, bugs or security vulnerabilities; intentional or unintentional acts by employees or other insiders with access privileges; and intentional acts of vandalism by third parties and sabotage. We have developed and implemented a risk-based program focused on cybersecurity measures to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management is integrated into our overall risk management framework, and shares common methodologies, reporting channels and governance processes that apply across the risk management program to other legal, compliance, strategic, operational, and financial risk areas. The Audit and Risk Committee periodically reviews and discusses with management the Company’s policies and internal controls with respect to cybersecurity. Our Senior Group Technology Manager (“SGTM”) (who has over 20 years of experience in information technology roles and holds various industry certifications) reports to the Chief Financial Officer and together report to the Audit and Risk Committee periodically on cyber security matters. The Audit and Risk Committee reports through to the Board. In addition to the annual security assessment and penetration test, the SGTM utilizes an Endpoint Detection and Response system which acts as Anti-virus and intrusion prevention system and reports all abnormalities to the SGTM. Essential Eight and Center for Internet Security Control Strategies including patch applications, multi-factor authentication, administrative privileges, application hardening and backups are performed internally via a security consultant with regular updates provided to the SGTM. Reported findings and action items are recorded and assigned to personnel for action. Any failure to protect our information technology infrastructure and our products against cyber-based attacks, network security breaches, service interruptions or data corruption could materially disrupt our operations and harm our business. Our cybersecurity risk management program includes: - periodic risk assessments; - annual security assessment and penetration testing; - A third-party Security Operations Center (“SOC”) partner to monitor, manage and respond to cybersecurity incidents; - the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security controls; - a cyber risk management process for service providers, suppliers, and vendors that have access to our critical systems and information managed through the selection of typically larger well-known providers, which is supplemented by review of contractual arrangements, insurance and information requests; - cybersecurity awareness training and phishing campaigns for specific employee groups; - disaster recovery plans/procedures; - access control and CCTV systems (where appropriate) for the physical protection of Anteris systems; and - incident response and recovery procedures, for cybersecurity incidents. We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. For more information, see the section titled “Risk Factors - Risks related to our business - Our information technology systems, or those used by our third-party contract research organizations or other contractors or consultants, may fail or suffer security breaches.”
Company Information
| Name | Anteris Technologies Global Corp. |
| CIK | 0002011514 |
| SIC Description | Orthopedic, Prosthetic & Surgical Appliances & Supplies |
| Ticker | AVR - Nasdaq |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End | December 30 |