EKSO BIONICS HOLDINGS, INC. 10-K Cybersecurity GRC - 2024-03-04

Page last updated on April 11, 2024

EKSO BIONICS HOLDINGS, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-04 16:14:55 EST.

Filings

10-K filed on 2024-03-04

EKSO BIONICS HOLDINGS, INC. filed an 10-K at 2024-03-04 16:14:55 EST
Accession Number: 0001437749-24-006423

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY Risk Management and Strategy We perform a formal risk assessment each year. As part of its risk assessment, we consider the potential for cybersecurity threats, including but not limited to interruptions, outages and breaches to its operational and financial systems. We have policies, processes, internal controls and tools to assess, identify, and manage material risks from potential cybersecurity threats. We utilize a combination of cybersecurity awareness training, manual processes, specialized software and automated tools, and third-party assessments to build our cybersecurity program. We engage third-party service providers, with significant information technology and cybersecurity experience, to assist with designing, implementing and managing our information technology infrastructure and cybersecurity program. We are also currently developing a cybersecurity incident response plan that establishes a formal framework for responding to cybersecurity incidents, including defining what constitutes a reportable cybersecurity incident; establishing specific escalation and communication channels; identifying parties responsible for managing and responding to each incident; and other preparedness and response activities. Governance The Audit Committee of our Board of Directors (the “Audit Committee”) provides oversight over our internal control program, including the adequacy and effectiveness of our information technology infrastructure and cybersecurity program. Each quarter, management provides updates to the Audit Committee regarding its internal control program, including any significant changes to its information technology infrastructure or cybersecurity program. Management also reports any material risks from cybersecurity threats to the Audit Committee. Management periodically provides the Audit Committee with updates on cybersecurity risks and/or trends. Our management team, specifically the chief executive officer and the chief financial officer, are responsible for the day-to-day administration of our business operations, including our risk management of cybersecurity risks. Management is responsible for the design and implementation of policies, processes and internal controls to manage our cybersecurity risks. Our management team regularly meets with their information technology resources, including its third-party service providers, to ensure that we are appropriately positioned to manage our cybersecurity risks. Our management team also sponsors periodic cybersecurity awareness training for employees. As of the date of this Form 10-K, we are not aware of any cybersecurity threats that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. For further discussion of the cybersecurity risks, see “Part I Item 1A. Risk Factors,” specifically the risks titled " We are subject to cybersecurity risks to our systems, infrastructure, and technology, and data processed by us or third-party vendors. No matter how well designed or implemented our internal controls are, we will not be able to anticipate all cybersecurity threats, and we may not be able to implement effective preventive or detective measures against such security breaches in a timely manner. While we maintain insurance that may cover certain liabilities in connection with certain disruptions, security breaches, and incidents, there can be no guarantee that our insurance coverage will be adequate to compensate us for the potential losses.

Company Information