APPLIED DNA SCIENCES INC 10-K Cybersecurity GRC - 2023-12-07

Page last updated on April 11, 2024

APPLIED DNA SCIENCES INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2023-12-07 16:01:50 EST.

Filings

10-K filed on 2023-12-07

APPLIED DNA SCIENCES INC filed an 10-K at 2023-12-07 16:01:50 EST
Accession Number: 0001410578-23-002615

Item 1C. Cybersecurity.

We operate in the biotechnology sector, which is subject to various cybersecurity risks that could adversely affect our business, financial condition, and results of operations, including intellectual property theft; fraud; extortion; harm to employees or customers; violation of privacy laws and other litigation and legal risk; and reputational risk. We have implemented a risk-based approach to identify and assess the cybersecurity threats that could affect our business and information systems. Our cybersecurity program is aligned with industry standards and best practices, such as the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework. We use various tools and methodologies to manage cybersecurity risk that are tested on a regular cadence. We also monitor and evaluate our cybersecurity posture and performance on an ongoing basis through regular vulnerability scans, penetration tests and threat intelligence feeds. We require third-party service providers with access to personal, confidential or proprietary information to implement and maintain comprehensive cybersecurity practices consistent with applicable legal standards and industry best practices.

Our business depends on the availability, reliability, and security of our information systems, networks, data, and intellectual property. Any disruption, compromise, or breach of our systems or data due to a cybersecurity threat or incident could adversely affect our operations, customer service, product development, and competitive position. They may also result in a breach of our contractual obligations or legal duties to protect the privacy and confidentiality of our stakeholders. Such a breach could expose us to business interruption, lost revenue, ransom payments, remediation costs, liabilities to affected parties, cybersecurity protection costs, lost assets, litigation, regulatory scrutiny and actions, reputational harm, customer dissatisfaction, harm to our vendor relationships, or loss of market share.

The company is currently in the process of implementing a more formalized cybersecurity program.

Item 1A. Risk Factors.

A cybersecurity incident and other technology disruptions could negatively affect our business and our relationships with customers.

We use technology in substantially all aspects of our business operations. The widespread use of technology, including mobile devices, cloud computing, and the internet, gives rise to cybersecurity risks, including security breaches, espionage, system disruption, theft and inadvertent release of information. Our business involves the storage and transmission of numerous classes of sensitive and/or confidential information and intellectual property, including information relating to customers and suppliers, private information about employees, and financial and strategic information about us and our business partners. If we fail to effectively assess and identify cybersecurity risks associated with the use of technology in our business operations, we may become increasingly vulnerable to such risks. Additionally, while we have implemented measures to prevent security breaches and cyber incidents, our preventative measures and incident response efforts may not be entirely effective. The theft, destruction, loss, misappropriation, or release of sensitive and/or confidential information or intellectual property, or interference with our information technology systems or the technology systems of third parties on which we rely, could result in business disruption, negative publicity, brand damage, violation of privacy laws, loss of customers, potential liability and competitive disadvantage.

Company Information