Brand Engagement Network Inc. 10-K Cybersecurity GRC - 2025-03-31

Page last updated on March 31, 2025

Brand Engagement Network Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-31 17:14:10 EDT.

Filings

10-K filed on 2025-03-31

Brand Engagement Network Inc. filed a 10-K at 2025-03-31 17:14:10 EDT
Accession Number: 0001838163-25-000005

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity We recognize the critical importance of cybersecurity in safeguarding sensitive information and maintaining operational resilience. We have processes for assessing, identifying and managing cybersecurity risks, which are built into our information technology function and are designed to help protect our information assets and operations from internal and external cyber threats, protect employee and customer information from unauthorized access or attack, as well as secure our networks and systems. The Audit Committee of the Board of Directors (the “Audit Committee”) is responsible for overseeing cybersecurity risk and periodically updates our Board of Directors on such matters. The Audit Committee receives periodic updates from management regarding cybersecurity matters and is notified between such updates regarding any significant new cybersecurity threats or incidents. We do not believe that there are currently any known risks from cybersecurity threats that are reasonably likely to materially affect us or our business strategy, results of operations or financial condition. Our management is responsible for the day-to-day oversight and management of our enterprise risks, including risks from cybersecurity threats. Primary responsibility for assessing, monitoring, and managing our cybersecurity risks rests with our Chief Information and Data Officer and dedicated information security team, who develop, prioritize, and execute our cybersecurity strategy in partnership with relevant departments and business units. Our CIDO, who has over 25 years of information technology experience including cybersecurity and information security, oversees our cybersecurity framework and reports to our management-level information technology steering subcommittee and management-level enterprise risk management committee. Our CIDO is assisted in this oversight role by additional members of management. The Company’s data security framework integrates technical solutions, policies, controls, data governance, and employee training. Key components of our framework include strong encryption, access control, regular updates, data backup, and endpoint security. The Company is also currently implementing features within its AWS environment , such as Security Hub, and is committed to compliance with HIPAA and SOC 2. The Company continuously researches alternatives to its current framework, recognizing that cybersecurity presents an ever-evolving challenge. We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows or reputation. To date, we have not experienced any cyber incidents that have had a material adverse effect on our business, financial condition, results of operations, or cash flows. See “Risk Factors - Risks Related to Our Business and Industry - If our information technology systems or those of third parties upon which we rely, or our data are or were compromised, we could experience adverse consequences resulting from such compromise, including but not limited to regulatory investigations or actions; litigation; fines and penalties; disruptions of our business operations; reputational harm; loss of revenue or profits; and other adverse consequences.”

Company Information