Xeris Biopharma Holdings, Inc. 10-K Cybersecurity GRC - 2024-03-06

Page last updated on July 16, 2024

Xeris Biopharma Holdings, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-06 16:10:13 EST.


10-K filed on 2024-03-06

Xeris Biopharma Holdings, Inc. filed a 10-K at 2024-03-06 16:10:13 EST
Accession Number: 0001867096-24-000031

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Risk Management and Strategy In the normal course of business, we collect and store personal information and other sensitive information, including proprietary and confidential business information, intellectual property, information regarding patients, sensitive third-party information and employee information. To protect this information, we have implemented a framework that is designed to identify, assess, and mitigate cybersecurity threats. We use managed detection and response services to monitor our network infrastructure and associated endpoints for possible cybersecurity threats. In addition, we engage third parties to perform penetration testing and to assess the effectiveness of our cybersecurity practices. We conduct a cybersecurity risk assessment by identifying critical assets, recognizing potential threats and vulnerabilities, and implementing strategies to mitigate these cybersecurity risks and their possible impacts. We also actively engage with key vendors and industry participants as part of our continuing efforts to evaluate and enhance the effectiveness of our information security policies and procedures. We have established a cybersecurity incident response plan and provide cybersecurity training to our employees and monitor their activity for adherence to our security protocols. No risks from cybersecurity threats have occurred that have affected our business strategy, results of operations, or financial condition. See " Risk Factors - General Risk Factors " for additional information. Governance Our information security program is overseen by our Executive Director of Information Technology (“IT”). The Executive Director of IT reports to the Chief Financial Officer and oversees the team responsible for leading enterprise-wide cybersecurity strategy, policy, standards, and processes. The Executive Director of IT possesses over twenty-five years of experience in information technology and approximately ten years in cybersecurity risk management. Our Board of Directors (“Board”) has responsibility for oversight of risk management and, pursuant to the Audit Committee Charter, has delegated to our Audit Committee oversight of our cybersecurity risk management program. The Executive Director of IT provides reports to the Audit Committee at least annually as well as the Chief Executive Officer and other members of our senior management as appropriate. These reports include updates on the Company’s cyber risks and threats, the status of projects to strengthen our information security systems, assessments of the information security program, and the emerging threat landscape. Our program is regularly evaluated by internal and external security professionals with the results of those reviews reported to senior management and the Board.

Company Information

NameXeris Biopharma Holdings, Inc.
SIC DescriptionPharmaceutical Preparations
TickerXERS - Nasdaq
CategoryNon-accelerated filer
Smaller reporting company
Emerging growth company
Fiscal Year EndDecember 30