Page last updated on April 11, 2024
CURIS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-08 16:01:17 EST.
Filings
10-K filed on 2024-02-08
CURIS INC filed an 10-K at 2024-02-08 16:01:17 EST
Accession Number: 0001108205-24-000010
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY We have processes for assessing, identifying and managing cybersecurity risks, which are built into our information technology function and are designed to help protect our information assets and operations from internal and external cyber threats, protect employee and clinical trial information from unauthorized access or attack, as well as secure our networks and systems. Such processes include physical, procedural and technical safeguards, response plans, and routine review of our policies and procedures to identify risks and refine our practices. We engage certain external parties, including consultants, to enhance our cybersecurity oversight. Our Audit Committee of the Board of Directors, or the Audit Committee, is responsible for overseeing cybersecurity risk and periodically updates our Board of Directors on such matters. The Audit Committee receives periodic updates from management regarding cybersecurity matters, and is notified between such updates regarding any significant new cybersecurity threats or incidents. We do not believe that there are currently any known risks from cybersecurity threats that are reasonably likely to materially affect us or our business strategy, results of operations or financial condition. Management is responsible for, and is forming a committee tasked with, the operational oversight of company-wide cybersecurity strategy, policy, and standards across relevant departments to assess and help prepare us to address cybersecurity risks. In an effort to deter and detect cyber threats, we annually provide all employees with cybersecurity and prevention training, which covers timely and relevant topics, including social engineering, phishing, password protection, confidential data protection, and mobile security, and educates employees on the importance of reporting all incidents immediately. We also use technology-based tools to mitigate cybersecurity risks and to bolster our employee-based cybersecurity programs. 77 Table of Conten t s
Company Information
| Name | CURIS INC |
| CIK | 0001108205 |
| SIC Description | Biological Products, (No Diagnostic Substances) |
| Ticker | CRIS - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | December 30 |