Page last updated on April 11, 2024
MARCHEX INC reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-29 19:51:09 EDT.
Filings
10-K filed on 2024-03-29
MARCHEX INC filed an 10-K at 2024-03-29 19:51:09 EDT
Accession Number: 0000950170-24-038807
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. Cybersecurity We are committed to protecting our information systems against cybersecurity threats. Any cybersecurity incident can adversely affect our business and disrupt our operations as described in greater detail in our Risk Factors relevant to cybersecurity risks. Our senior leadership, in consultation with our board of directors, has assigned responsibilities for ensuring and overseeing the operation of our information security program to the Marchex Information Security Committee (the ISC ) comprised of senior representatives of departments across our organization. Effective risk management is a critical component of our operations. The ISC conducts a formal cybersecurity risk assessment annually. The assessment methodology is designed to identify cybersecurity threats to our information systems and considers a range of relevant risk factors that include both intentional and unintentional human acts by our or our vendors personnel, or malicious third-party actors, risks inherent to technology/equipment we and our service providers use, as well as natural and environmental risks. The ISC discusses and documents mitigation strategies based on the risks identified. Results of assessments are reported to senior leadership and our board of directors. To the extent that any control deficiencies or material changes in the threat environment are identified, the ISC may make recommendations for new or improved controls and threat mitigation strategies. The ISC also oversees day-to-day cybersecurity risk mitigation efforts, which include, but are not limited to monitoring systems for availability, performance, and security issues, periodic vulnerability scans, penetration testing performed at least annually by independent, reputable, third-party vendors, as well as evaluating any risk(s) associated with prospective third-party service providers who require access to sensitive customer data and implementing any additional controls to address significant risks identified. Furthermore, the ISC meets quarterly to discuss and analyze any relevant developments within the organization and industry relative to cybersecurity, reviews our internal policies and operational procedures relevant to cybersecurity at least annually, and promulgates updates when deemed necessary or advisable.
Company Information
| Name | MARCHEX INC |
| CIK | 0001224133 |
| SIC Description | Services-Business Services, NEC |
| Ticker | MCHX - Nasdaq |
| Website | |
| Category | Non-accelerated filer Smaller reporting company |
| Fiscal Year End | December 30 |