GlucoTrack, Inc. 10-K Cybersecurity GRC - 2024-03-28

Page last updated on July 16, 2024

GlucoTrack, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-28 16:35:50 EDT.


10-K filed on 2024-03-28

GlucoTrack, Inc. filed a 10-K at 2024-03-28 16:35:50 EDT
Accession Number: 0001493152-24-011765

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. The Company’s cybersecurity risks are theft of intellectual property, theft of other business data, fraud or extortion, lack of access to our information systems, harm to employees, harm to business partners, violation of privacy laws, potential reputational risk, and litigation or other legal risk if a cybersecurity incident were to occur. It is difficult to assign a monetary materiality assessment to these risks or to the impact if the Company were to sustain a breach of its systems. Our approach is based on the premise that any cybersecurity incident could result in material harm to the Company. Our Audit Committee has been designated with oversight responsibility for cybersecurity risks and our Chief Financial Officer is responsible for managing our efforts in this area. Neither the Chief Financial Officer nor any member of the Audit Committee has relevant expertise in cybersecurity. Rather, the Company retains an outside technical expert to support our information technology systems including addressing cybersecurity risks. 31 We conduct annual risk assessments and quarterly vulnerability scans of risks posed by cybersecurity threats in conjunction with our insurance renewal cycles. As a result of these assessments, we have implemented technical, administrative, and, where appropriate, physical controls and practices to proactively monitor our systems and user accounts including, but not limited to, deploying solutions to constantly monitor users accessing systems, implementation of two factor authentication for logins, and improved rules for password maintenance. Like many companies, we make use of cloud-based solutions provided by several large service providers for critical information technology infrastructure such as email and file storage. We do not maintain stand-alone servers for our email, file storage or other business applications. In the normal course of our relationships with the providers of these services, we regularly monitor their message boards and other formal and informal communications channels for signs of breaches of their systems. We also survey available public information for indications that they have suffered a breach of their systems. Some of our business partners also maintain data related to our trials and ongoing product development on servers they maintain. We require these partners to comply with all HIPAA standards for maintaining security of their systems where this data resides.

Company Information

NameGlucoTrack, Inc.
SIC DescriptionSurgical & Medical Instruments & Apparatus
TickerGCTK - Nasdaq
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndDecember 30