Page last updated on March 27, 2025
BeyondSpring Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-27 07:06:20 EDT.
Filings
10-K filed on 2025-03-27
BeyondSpring Inc. filed a 10-K at 2025-03-27 07:06:20 EDT
Accession Number: 0001171843-25-001758
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Risk Management and Strategy As an active participant in the biopharmaceutical industry, our company operates within a landscape fraught with diverse cybersecurity risks. These risks have the potential to significantly impact our business, financial standing, and operational outcomes. Our partnership with a trusted third-party service provider stands as a pivotal pillar in our cybersecurity strategy. Leveraging their expertise, they have crafted and implemented 58 automated lockdown policies, each strategically designed to create safeguards around our digital infrastructure. These policies serve as a sophisticated array of safeguards, actively working to thwart potential breaches before they can even manifest. Moreover, their commitment to our security extends to continuous monitoring measures that operate round-the-clock. This proactive surveillance ensures that any anomalies or suspicious activities are swiftly identified and addressed, minimizing the window of vulnerability. Complementing this arsenal is the deployment of an EDR (Endpoint Detection and Response) agent, a cutting-edge technology that places us at the forefront of cybersecurity innovation. This agent is not merely a passive observer; it is our vigilant sentinel, constantly scanning and analyzing our network for any aberrations or patterns indicative of cyber threats. Through real-time monitoring, it provides us with invaluable insights into our system’s health, promptly flagging any deviations from the norm. Within our own operations, we uphold a culture of uncompromising security standards. To enhance access controls, we have implemented robust multifactor authentication methods for all personnel accessing our SharePoint and Outlook software. This additional layer of authentication not only bolsters our defenses but also ensures that only authorized individuals can gain entry to sensitive information. Moreover, our stringent email sign-in blocking policy exemplifies our proactive stance towards security. This policy is particularly pivotal during employee transitions, where the potential for security lapses is heightened. Upon an employee’s departure, our Outlook administrators promptly deactivate their email sign-in functionalities, mitigating any risks associated with unauthorized access. These measures collectively form a cohesive and dynamic security framework, safeguarding our assets and ensuring the integrity of our operations in an increasingly digital landscape. Governance The Board of Directors oversees risks stemming from cybersecurity threats. Their strategic guidance and informed decisions serve as the cornerstone of our cybersecurity framework. Complementing this oversight, our third-party IT vendor plays a pivotal role in the implementation of comprehensive company-wide cybersecurity policies. Beyond this, they are entrusted with the deployment and management of critical protective software, serving as our frontline defenders against evolving cyber threats. To ensure seamless communication and swift action, they maintain a direct reporting line to the company’s IT administrator. This structured reporting mechanism enables prompt notification and collaborative response to any detections or anomalies, fostering a proactive and vigilant stance towards safeguarding our digital assets and operations.
Company Information
| Name | BeyondSpring Inc. |
| CIK | 0001677940 |
| SIC Description | Pharmaceutical Preparations |
| Ticker | BYSI - Nasdaq |
| Website | |
| Category | Non-accelerated filer |
| Fiscal Year End | December 30 |