NewLake Capital Partners, Inc. 10-K Cybersecurity GRC - 2024-03-11

Page last updated on April 11, 2024

NewLake Capital Partners, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-11 17:14:57 EDT.

Filings

10-K filed on 2024-03-11

NewLake Capital Partners, Inc. filed an 10-K at 2024-03-11 17:14:57 EDT
Accession Number: 0001854964-24-000007

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Risk Management and Strategy We employ a risk management strategy for the assessment, identification and management of material risks stemming from cybersecurity threats. Our methodologies involve a systematic evaluation of potential threats, vulnerabilities, and their potential impacts on our organization s operations, data, and systems. Our cybersecurity risk management program includes: 44 T a b l e o f Contents Risk assessments designed to help identify material cybersecurity risks to our critical systems, and our IT environment The use of external service providers to assess, test or otherwise assist with aspects of our security controls Cybersecurity awareness training of our employees and senior management through the use of third-party providers for regular mandatory trainings A cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents and We design and assess our program using the National Institute Cybersecurity Framework ( NIST CSF ) as a set of guiding principles. Our third-party service providers are primarily responsible for the security of their own information technology environments and in certain instances we rely significantly on third-party service providers to supply and store our sensitive data in a secure manner. All of these third parties face potential risks relating to cybersecurity similar to ours which could disrupt their businesses and therefore adversely impact us. While we provide guidance and specific requirements in some cases, we do not directly control any of these parties’ information technology security operations, or the amount of investment they place in guarding against cybersecurity threats. Accordingly, we are subject to any flaw or breaches to their information technology systems, or those which they operate for us, which could have a material adverse effect on our financial condition or results of operations. We face certain ongoing risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. See Risk Factors The occurrence of cyber incidents or cyberattacks could disrupt our operations, result in the loss of confidential information and/or damage our business relationships and reputation. Governance Our board of directors considers cybersecurity risk as part of its risk oversight function and has delegated to the Audit Committee (the Committee ) oversight of cybersecurity and other information technology risks. The Committee oversees management s implementation of our cybersecurity risk management program.The Committee receives periodic reports from management on our potential cybersecurity risks and threats and receives presentations on cybersecurity topics. In addition, management works collaboratively with our third-party provider to test our systems security processes and prevent, monitor, detect, mediate and remediate cybersecurity threats and incidents, and will report such threats and incidents to the Audit Committee when appropriate. The Committee reports to the full Board of Directors regarding its activities, including those related to cybersecurity. As of the date of this Annual Report on Form 10-K, we have not identified of any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition.

Company Information