Lazydays Holdings, Inc. 10-K Cybersecurity GRC - 2024-03-12

Page last updated on July 16, 2024

Lazydays Holdings, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-12 17:21:05 EDT.


10-K filed on 2024-03-12

Lazydays Holdings, Inc. filed a 10-K at 2024-03-12 17:21:05 EDT
Accession Number: 0001628280-24-010645

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity risk management is a major component of our overall risk management systems and processes. We have a cybersecurity program and governance structure designed to identify and manage cybersecurity risks and threats. The program encompasses a comprehensive framework that begins with a clear governance structure comprised of our Chief Technical Officer (CTO), Director of Internal Audits, and Senior Director of Compliance, ensuring a holistic approach to risk management. Regular reporting mechanisms to the board and senior management keep all stakeholders informed about the evolving cyber risk landscape and the program’s effectiveness. The program includes a well-defined risk assessment and analysis process, identifying critical digital assets, conducting thorough threat and vulnerability assessments, and quantifying risks based on potential impact and likelihood. This information prioritizes risks, allowing us to allocate resources effectively and focus on mitigating the most significant threats. Policies and procedures form the foundation of the cyber risk management program, with comprehensive guidelines covering data protection, access controls, incident response, and employee training. Security controls, such as robust identity governance and access controls, AI-based email security solutions, endpoint protection, and network security measures, are implemented to fortify our defenses. An effective incident response plan ensures a swift and coordinated response to security incidents, minimizing potential damages. Continuous monitoring through MDR (Managed Detect and Respond) solutions and staying informed about the latest threat intelligence feeds enhance our ability to detect and respond to evolving cyber threats. As part of our cybersecurity program, we assess the cybersecurity posture of our third-party vendors and partners to ensure they meet our security standards. This includes due diligence during the vendor selection and periodic evaluations throughout our partnerships. Third-party risk management, compliance adherence, and the consideration of cyber insurance contribute to a holistic and proactive approach to cyber risk management. Regular reviews and updates to the program ensure its relevance and effectiveness in the face of emerging threats, fostering a culture of continuous improvement and resilience. We have not identified any risks from cybersecurity threats including those ones resulted from previous cybersecurity incidents that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition.

Company Information

NameLazydays Holdings, Inc.
SIC DescriptionRetail-Auto Dealers & Gasoline Stations
TickerLAZY - Nasdaq
CategoryAccelerated filer
Smaller reporting company
Fiscal Year EndDecember 30