Fundamental Global Inc. 10-K Cybersecurity GRC - 2024-03-14

Page last updated on April 11, 2024

Fundamental Global Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-14 16:05:54 EDT.

Filings

10-K filed on 2024-03-14

Fundamental Global Inc. filed an 10-K at 2024-03-14 16:05:54 EDT
Accession Number: 0001493152-24-009954

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Material risks from cybersecurity threats are managed across the Company, third-party suppliers and vendors. Monitoring such risks and threats is integrated into the Company s overall risk management program. The Company regularly assesses risks from cybersecurity and technology threats and monitors information systems for potential vulnerabilities. The Company maintains technical and organizational safeguards, including risk awareness education, employee training, incident response capability exercises, and cybersecurity insurance for the protection of the Company s assets. With the goal of minimizing disruption, the Company also leverages a third-party specialist to identify, prioritize, assess, mitigate, and remediate risks within our network and to assist in implementing processes to oversee and identify material risks from cybersecurity threats associated with third-party service providers. Our operations depend on our ability to process our business timely and efficiently and protect our information systems from physical loss or unauthorized access. A sustained business interruption or system failure could adversely impact our ability to perform necessary business operations promptly, hurt our relationships with our business partners and customers, and have a material adverse effect on our financial condition and results of operations. In the event of an incident, the Company focuses on responding to and containing the threat and minimizing any business impact, as appropriate. In the event of an incident, Senior Management assesses, among other factors, safety impact, data loss, business operations disruption, projected cost and potential for reputational harm. To date, the Company has not experienced any material cybersecurity incidents. For a discussion of whether any risks from cybersecurity threats are reasonably likely to materially affect the Company, including its business strategy, results of operations or financial condition, See Item 1A. Risk Factors Technology and Operational Risks . The Chief Financial Officer leads the implementation of information system controls and is responsible for monitoring the controls to ensure they remain appropriate. The Chief Financial Officer has the proper credentials and relevant experience given the environment in which the Company operates, The Audit Committee of the Board, with input from Senior Management, primarily the Chief Financial Officer, assesses the Company s cybersecurity, other information technology risks, threats, and the measures implemented by the Company to mitigate and prevent cyberattacks. The Audit Committee will elevate any issues identified as potential threats to the attention of the Board. In addition, the Board of the Company oversees our annual enterprise risk assessment and receives periodic reports on the Company s cybersecurity controls. 14

Company Information