LCNB CORP 10-K Cybersecurity GRC - 2025-03-12

Page last updated on March 12, 2025

LCNB CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-12 16:42:58 EDT.

Filings

10-K filed on 2025-03-12

LCNB CORP filed a 10-K at 2025-03-12 16:42:58 EDT
Accession Number: 0001437749-25-007283

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy LCNB recognizes the critical importance of cybersecurity in safeguarding its business operations, intellectual property, and sensitive information. Cybersecurity risk management and strategy are integral to LCNB’s overall risk management framework. The following outlines LCNB’s approach to identifying, assessing, and mitigating cybersecurity risks. LCNB conducts regular risk assessments to identify, prevent, and mitigate potential cybersecurity threats and vulnerabilities. These assessments consider the evolving threat landscape, the sensitivity of our data, and the potential impact on business operations. These risk assessments are utilized to develop our Information Security Program. LCNB leverages threat intelligence sources to continually evaluate current and emerging cyber threats. This proactive approach allows LCNB to anticipate and respond to potential risks promptly. LCNB’s cybersecurity controls are designed to protect against unauthorized access, data breaches, and other cyber threats. These controls encompass a multi-layered defense strategy, including firewalls, intrusion detection systems, encryption, and continuous monitoring. LCNB recognizes that employees are a critical line of defense. Regular training programs ensure that our staff is aware of cybersecurity best practices, social engineering tactics, and the importance of safeguarding sensitive information. In the event of a cybersecurity incident, a well-defined incident response plan is in place. This plan includes a structured approach to containing, eradicating, and recovering from the incident, as well as communication protocols with stakeholders. To further mitigate the potential financial impacts of cybersecurity incidents, LCNB maintains cybersecurity insurance coverage. This coverage is regularly reviewed and adjusted to align with the evolving threat landscape and risk profile. LCNB is committed to a culture of continuous improvement in its cybersecurity practices. Regular evaluations, feedback mechanisms, and participation in industry collaborations help us adapt and enhance the strategy in response to emerging threats. LCNB’s cybersecurity risk management and strategy reflect the dedication to maintaining the confidentiality, integrity, and availability of our information assets. LCNB believes that this proactive approach positions the Company well to navigate the evolving cybersecurity landscape. As of the report date, risks from cybersecurity threats have not materially affected our company. -24- Table of Contents LCNB CORP. AND SUBSIDIARIES Governance LCNB’s cybersecurity strategy is underpinned by a robust governance framework overseen by the Board of Directors. The Board plays an active role in shaping cybersecurity policies, conducting regular reviews of the effectiveness of the cybersecurity program, and ensuring its alignment with overarching business objectives. This governance ensures a comprehensive and proactive approach to managing cybersecurity risks. The Privacy Committee, in conjunction with the Information Security Officer, plays a pivotal role in the assessment and management of cybersecurity risks. Regular committee meetings are conducted to discuss and analyze the evolving threat landscape. These meeting minutes are systematically reported up to the Executive and Board levels, ensuring that key decision-makers are well-informed and can provide strategic guidance. LCNB’s first line of defense against cybersecurity threats involves leveraging its workforce and engaging various Third Parties. Employees play a crucial role in maintaining a vigilant stance, while external partners contribute specialized expertise to enhance the overall cybersecurity posture. This collaborative approach strengthens LCNB’s defense mechanisms against evolving cyber threats. Internal and external audits serve as essential tools to evaluate the efficacy of LCNB’s cybersecurity processes. These audits are conducted periodically to identify vulnerabilities, assess compliance with established policies, and ensure the effectiveness of implemented security controls. The insights gained from audits contribute to the continuous improvement and refinement of cybersecurity measures. The Bank is equipped with a cadre of IT professionals boasting extensive industry experience in cybersecurity. These dedicated individuals bring years of knowledge to the table, staying abreast of the latest developments in the field. Their expertise enhances LCNB’s ability to address emerging threats proactively and reinforces the resilience of our cybersecurity framework. LCNB’s governance structure ensures that cybersecurity is a top-level priority, with the Board, committees, employees, and external partners collaborating seamlessly to safeguard systems and data. Through continuous evaluation, robust defense mechanisms, and a skilled workforce, LCNB remains committed to maintaining the highest standards of cybersecurity.

Company Information