Page last updated on March 18, 2025
Coya Therapeutics, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-18 08:26:15 EDT.
Filings
10-K filed on 2025-03-18
Coya Therapeutics, Inc. filed a 10-K at 2025-03-18 08:26:15 EDT
Accession Number: 0000950170-25-040782
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Cybersecurity Risk Management and Strategy We, like other companies in our industry, face several cybersecurity risks in connection with our business. Our business strategy, results of operations, and financial condition have not, to date, been affected by risks from cybersecurity threats. During the reporting period, we have not experienced any material cyber incidents, nor have we experienced a series of immaterial incidents, which would require disclosure. In the ordinary course of our business, we may produce, store and process sensitive data. To effectively prevent, detect, and respond to cybersecurity threats, we maintain a cyber risk management program which is comprised of data segregation, physical, procedural, and technical safeguards along with policies and procedures. We have substantially outsourced our IT environment and utilize expert third party software-as-a-service providers for our financial accounting, human resource management, payroll and benefits functions. We also substantially outsource the conduct of our clinical programs and the associated IT infrastructure to expert third party CROs. As a result, the primary means by which we avoid cyber risk is minimizing the sensitive data within our own enterprise. The cyber risk management program falls under the responsibility of our Chief Financial Officer (“CFO”) and the Chief Operations Officer (“COO”) who manages the overall security through routine communication and supervision of our third-party vendors . Under the guidance of our CFO, who reports to the Audit Committee, we try to minimize our data footprint to keep our cyber risk low. We have implemented a cybersecurity risk management program that is designed to limit and mitigate risks from cybersecurity threats. Our cybersecurity risk management program incorporates several components, including employee training, SOC 2 Type 1 controls, multifactor authentication, endpoint monitoring, and we maintain Business Associate Agreements where required. We do not believe that there are currently any known risks from cybersecurity threats that have affected, or are reasonably likely to materially affect, us or our business strategy, results of operations or financial condition . Governance; Board Oversight Under the ultimate direction of our CFO, with oversight from the Board, we maintain a security governance structure to evaluate and address cyber risk. Our Board is responsible for the oversight of cybersecurity risk management. The Board delegates oversight function of the cybersecurity risk management program to the Audit Committee. Our CFO reports to the Audit Committee on the program. The Audit Committee provides updates to the Board on our cybersecurity risk management program, including any critical cybersecurity risks, ongoing cybersecurity initiatives and strategies, and applicable regulatory requirements and industry standards on a regular and as-needed basis. The Audit Committee also notifies the Board of any cybersecurity incidents (suspected or actual) and provides updates on the incidents as well as cybersecurity risk mitigation activities as appropriate.
Company Information
| Name | Coya Therapeutics, Inc. |
| CIK | 0001835022 |
| SIC Description | Pharmaceutical Preparations |
| Ticker | COYA - Nasdaq |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End | December 30 |