Entera Bio Ltd. 10-K Cybersecurity GRC - 2024-03-08

Page last updated on April 11, 2024

Entera Bio Ltd. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-08 16:12:56 EST.

Filings

10-K filed on 2024-03-08

Entera Bio Ltd. filed an 10-K at 2024-03-08 16:12:56 EST
Accession Number: 0001178913-24-000881

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C . CYBERSECURITY. We recognize the importance of assessing, identifying, and managing material risks associated with cybersecurity threats, as such term is defined in Item 106(a) of Regulation S-K. These risks include, among other things: operational risks, intellectual property theft, fraud, extortion, harm to employees or customers and violation of data privacy or security laws. Identifying and assessing cybersecurity risk is integrated into our overall risk management systems and processes. Cybersecurity risks related to our business, technical operations, privacy and compliance issues are identified and addressed through a multi-faceted approach including third party assessments, internal IT Audit, IT security, governance, risk and compliance reviews. Our IT policies, processes and practices are based on recognized frameworks established by our external IT service provider and other applicable industry standards. In general, we seek to address cybersecurity risks through a comprehensive, cross-functional approach that is focused on preserving the confidentiality, security and availability of the information that we collect and store by identifying, preventing and mitigating cybersecurity threats and effectively responding to cybersecurity incidents when they occur. As part of the above processes, we regularly engage consultants to assess our internal cybersecurity programs and compliance with applicable practices and standards. As part of our cybersecurity defense measures, we enforce the use of the following security systems: EDR System (Endpoint Detection & Response) Two-factor authentication for email (Office 365) and cloud-stored information We protect our mail system against spam, phishing, spoofing, and malware using a (Mail Relay system). Additionally, we enforce a real-time threat notification mechanism and activate alerts and reports for failures in our backup system. We do not believe that there are currently any known risks from cybersecurity threats that are reasonably likely to materially affect us or our business strategy, results of operations or financial condition. We also describe whether and how risks from identified cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition, under the heading We are increasingly dependent on information technology systems, infrastructure and data, and our internal computer systems, or those of our collaborators, third-party clinical research organizations or other contractors or consultants, may fail or suffer security breaches, which could result in a material disruption of our product development programs. included as part of our risk factor disclosures at Item 1A of this Annual Report on Form 10-K. Our Audit Committee of the Board of Directors, or the Audit Committee, is responsible for overseeing cybersecurity risk and periodically updates our Board of Directors on such matters. The Audit Committee receives periodic updates from management regarding cybersecurity matters and is notified between such updates regarding any significant new cybersecurity threats or incidents. Management is responsible for the operational oversight of company-wide cybersecurity strategy, policy, and standards across relevant departments to assess and help prepare us to address cybersecurity risks.

Company Information