VerifyMe, Inc. 10-K Cybersecurity GRC - 2025-03-12

Page last updated on March 12, 2025

VerifyMe, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-12 16:38:08 EDT.

Filings

10-K filed on 2025-03-12

VerifyMe, Inc. filed a 10-K at 2025-03-12 16:38:08 EDT
Accession Number: 0001214659-25-004279

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. Risk Management and Strategy Cyber criminals are becoming more sophisticated and effective every day, and they are increasingly targeting enterprise software companies. All companies utilizing technology are subject to threats of breaches of their cybersecurity programs. To mitigate the threat to our business, we have established a comprehensive approach to cybersecurity risk management and hold securing the data customers and other stakeholders entrust to us as one of our top priorities. As described in more detail below, we have established policies, standards, processes and practices for testing, training, and monitoring material risks from cybersecurity threats. We have devoted financial and personnel resources to implement security measures to meet regulatory requirements and customer expectations, and we intend to continue to make investments to maintain the security of our data and cybersecurity infrastructure. There can be no guarantee that our policies and procedures will be properly followed in every instance or that those policies and procedures will be effective. Although our Risk Factors include further details about the material cybersecurity risks we face, we believe that risks have not materially affected our business to date. We can provide no assurance that there will not be incidents in the future or that they will not materially affect us, including our business strategy, results of operations, or financial condition. We have established controls and procedures designed to ensure prompt escalation of material cybersecurity incidents so that decisions regarding public disclosure and reporting of such incidents can be made by management and the Board in a timely manner. We intend to continue to review and enhance our incident response and recovery plan for the Company. Our policies require each of our employees to contribute to our data security efforts. We regularly remind employees of the importance of handling and protecting customer and employee data, including through annual privacy and security training to enhance employee awareness of how to detect and respond to cybersecurity threats. Our incident response and recovery plans and policies will address - and guide our employees, management and the Board on our response to a cybersecurity incident. Our cybersecurity policies, standards, processes and practices are also assessed by third party cybersecurity providers. These assessments include a variety of activities including information security maturity assessments, audits and independent reviews of our information security control environment and operating effectiveness. Governance Our Board of Directors is responsible for monitoring and assessing strategic risk exposure related to cybersecurity risks, and our executive officers are responsible for the day-to-day assessment and management of the material risks we face. Our Board of Directors administers its cybersecurity risk oversight function directly as a whole. Currently, Jack Wang senior advisor of our subsidiary PeriShip Global, has primary responsibility for managing material cybersecurity risks. Mr. Wang holds an undergraduate and master’s degree in computer science and has served in various roles in information technology and security for over 20 years. Mr. Wang is responsible for reporting any cybersecurity related incidents to our executive officers. Our executive officers are responsible for reporting material cybersecurity related incidents to our Board of Directors . We may implement other reporting structures governing the day-to-day management and reporting of cybersecurity risks.

Company Information