Page last updated on March 28, 2025
Magnolia Bancorp, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-28 11:22:03 EDT.
Filings
10-K filed on 2025-03-28
Magnolia Bancorp, Inc. filed a 10-K at 2025-03-28 11:22:03 EDT
Accession Number: 0000927089-25-000061
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Overview. Our Board of Directors and management consider information security and cybersecurity as high priorities in our strategic and operational plans. We understand the critical nature of the confidentiality, integrity and availability of customer and bank sensitive information. Any loss of confidentiality, integrity or availability introduces operational, compliance, strategic, transactional, reputational, legal and capital risks which we actively seek to avoid. It is understood that any one of these risks, if realized, will have a negative impact upon Magnolia Bancorp and Mutual Savings and Loan Association. Our approach to information and cybersecurity is proactive and strives to avoid incidents where possible through the use technical, administrative and physical controls. Governance. Our efforts for increased information and cybersecurity readiness are driven from the top of the organization. The Board of Directors reviews and approves an Information Technology and Information Security Risk Appetite Statement which guides the actions of the management team, staff members and supporting third-party service providers. In addition, the Board is active in the review and approval of all policies concerning information technology and information security. The Board further reviews reports provided by the management team regarding the status of Mutual Savings and Loan Association’s compliance with the Gramm-Leach-Bliley Act, risk management program, vendor management program, and the results of tests and exercises conducted for business continuity, disaster recovery, cybersecurity incident response and pandemic response. Lastly, the Board of Directors reviews and approves the budget for information and cybersecurity, ensuring that we have sufficient resources to properly address all current and foreseeable information and cybersecurity threats. Management and Strategy. Senior management takes the guidance provided by the Board of Directors and transforms this guidance into operational priorities which are implemented and maintained by the staff members and third-party service providers. In addition, the senior management team ensures that budgeted resources are allocated in a timely manner to support the various security initiatives . The Director of Compliance and Internal Audit and third-party service providers utilize the direction and resources provided by the senior management team to develop procedures, standards and guidelines to achieve the strategic goals defined by the Board of Directors. Operational and security health is reported monthly to the Board of Directors. Recommendations for improvements are shared between operational staff and the senior management team as part of a continuous improvement program for information security and cybersecurity. Operational staff members actively maintain, review, update and exercise plans and procedures designed to enhance our overall business resiliency. All staff members are trained annually on current information and cybersecurity trends, techniques and their responsibilities to keep our information confidential, accurate and available. We also utilize the services of third -party providers to conduct an IT audit, external and internal vulnerability testing, external and internal penetration testing, and social engineering testing on at least an annual basis. The results of these independent audits and tests are sent to the Board of Directors for review. Finally, Mutual Savings and Loan Association complies with its regulatory requirements by having federal safety and security examinations performed on a schedule dictated by the regulatory agencies. The results of these examinations are reviewed and approved by the Board of Directors. Additionally, all findings from these examinations are recorded and prioritized for remediation. Conclusion. Our Board of Directors and management take very seriously the information security and cybersecurity obligations that Magnolia Bancorp and Mutual Savings and Loan Association have to their respective customers, shareholders, staff members and regulatory agencies. In support of these obligations, we have and actively maintain a robust information security and cybersecurity program based upon industry best practices, regulatory requirements, and the expertise of staff members and supporting third-party vendors. To our knowledge, we have not had a cybersecurity incident that has materially affected Magnolia Bancorp, its business strategy, financial condition or results of operation. 43
Company Information
| Name | Magnolia Bancorp, Inc. |
| CIK | 0002033615 |
| SIC Description | Savings Institution, Federally Chartered |
| Ticker | MGNO - OTC |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End |