AMERICAN REALTY INVESTORS INC 10-K Cybersecurity GRC - 2024-03-21

Page last updated on July 16, 2024

AMERICAN REALTY INVESTORS INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-21 12:52:58 EDT.


10-K filed on 2024-03-21

AMERICAN REALTY INVESTORS INC filed a 10-K at 2024-03-21 12:52:58 EDT
Accession Number: 0001102238-24-000004

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY We rely on the information technology and systems maintained by Pillar and their employees to identify and manage material risks from cybersecurity threats. Pillar takes various actions, and incurs significant costs, to maintain and manage the operation and security of information technology and systems, including the data maintained in those systems. We believe that Pillar’s Director of Information Technology and his associates endeavor to evaluate and address cyber risks in alignment with our business objectives, operational needs and industry-accepted standards, such as the National Institute of Standards and Technology and CIS Critical Security Controls frameworks. Since we rely on accounting, financial, operational, management and other information systems, including the Internet and third-party hosted services to conduct our operations, store personal and sensitive data, process financial information and results of operations for internal reporting purposes and comply with financial reporting, legal and tax requirements, we have processes and procedures in place to monitor the prevention, detection, mitigation and remediation of cybersecurity risks. These include, but are not limited to (i) maintaining a defined and practiced incident response plan; (ii) employing appropriate incident prevention and detection safeguards; (iii) maintaining a defined disaster recovery policy and employing disaster recovery software, where appropriate; (iv) educating, training and testing our user community on information security practices and identification of potential cybersecurity risks and threats; and (v) reviewing and evaluating new developments in the cyber threat landscape. Recognizing the complexity and evolving nature of cybersecurity risk, we engage with a range of external support in evaluating, monitoring and testing our cybersecurity management systems and related cyber risks. The Audit Committee of the Board of Directors oversees cybersecurity matters, including the material risks related thereto, and regularly receives updates from Pillar’s Director of Information Technology regarding the development and advancement of its cybersecurity strategy, as well as the related risks. In the event of a cybersecurity incident, a detailed incident response plan is in place for contacting authorities and informing key stakeholders, including management. We do not believe we are reasonably likely to be materially affected from cybersecurity threats, including as a result of previous incidents. 11

Company Information

SIC DescriptionReal Estate Operators (No Developers) & Lessors
TickerARL - NYSE
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30