BEL FUSE INC /NJ 10-K Cybersecurity GRC - 2024-03-11

Page last updated on April 11, 2024

BEL FUSE INC /NJ reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-11 08:27:05 EDT.

Filings

10-K filed on 2024-03-11

BEL FUSE INC /NJ filed an 10-K at 2024-03-11 08:27:05 EDT
Accession Number: 0001437749-24-007265

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Bel employs a full-time Cyber Security Expert who reports directly into our Senior Director of Global IT Services. During 2023, the Company worked with third-party cybersecurity companies to continually enhance the programs Bel has in place. These relationships involve regular communication and collaboration between the Bel cybersecurity team and our third-party providers to share threat intelligence and implement proactive measures to safeguard our systems and data. The Company has continued to invest in IT security, including additional end-user training, using layered defenses, identifying, and protecting critical assets, strengthening monitoring and alerting, and engaging experts. Our cybersecurity team regularly monitors alerts and meets to discuss threat levels, trends, and remediation. Further, we conduct periodic external penetration tests. In addition to assessing our own cybersecurity preparedness, we also consider and evaluate cybersecurity risks associated with the use of third-party service providers that host our applications. The internal business owners of the hosted applications are required to document user access reviews at least annually and provide from the vendor a System and Organization Controls (SOC) 1 or SOC 2 report. Third party contractors or vendors that require access to our network are given specific limited access to only the specific resource. The access provided expires automatically after a period determined by the project and must follow all Company security measures. The Audit Committee of the Board of Directors is responsible for overseeing the management of cybersecurity risks. The Audit Committee is informed about cybersecurity risks through quarterly reports from the Senior Director of Global IT Services and, as necessary, to the full Board. The Audit Committee also reviews and approves the company s cybersecurity policies and the Company s Senior Director of Global IT Services is responsible for developing and implementing our information security program and reporting on cybersecurity matters to the Board. This includes our overall information security strategy, policy, security engineering, operations and cyber incident detection and response reporting in alignment with Company policies. The current Senior Director of Global IT Services has more than 15 years of information technology and program management experience which includes information security, and others on our IT security team have years of cybersecurity experience and certifications. 20 Table of Contents

Company Information