SharpLink Gaming, Inc. 10-K Cybersecurity GRC - 2024-03-29

Page last updated on April 11, 2024

SharpLink Gaming, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-29 17:14:07 EDT.

Filings

10-K filed on 2024-03-29

SharpLink Gaming, Inc. filed an 10-K at 2024-03-29 17:14:07 EDT
Accession Number: 0001493152-24-012028

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY SharpLink has established policies and processes for assessing, identifying and managing material cybersecurity risks, and have integrated these processes into our overall risk-management processes. We have also established policies and processes for managing and responding to material cybersecurity incidents. We routinely assess material cybersecurity risks, including potential unauthorized occurrences on, or conducted through, our information systems that may compromise the confidentiality, integrity or availability of those systems or information maintained in them. We devote appropriate resources and designate members of our management, including our Chief Executive Officer and Chief Financial Officer, to manage the risk assessment and mitigation process. Employees are provided specific guidance to mitigate the risk of a cybersecurity attack. This guidance includes safeguards over confidential data, being aware of suspicious emails, choosing passwords, protection of Company issued and use of personal devices, managing large data transfers and use of VPNs when outside the office. Employees are directed to immediately contact either the Chief Financial Officer and Vice President of Affiliate Marketing if they encounter any suspicious activity. 28 We also require appropriate third-party service providers to certify that they can implement and maintain appropriate security measures, consistent with all applicable laws, in connection with their work for us, and to promptly report any suspected breach of their security measures that may affect our company. We oversee and identify risks from cybersecurity threats associated with our use of service providers through an onboarding vendor risk management program, including an inherent risk assessment. We have not, to date, experienced a cybersecurity incident which was determined to be material, although, like any technology provider, we have experienced incidents in the past. For additional information regarding whether any risks from cybersecurity threats are reasonably likely to materially affect our company, including our business strategy, results of operations, or financial condition, please refer to Item 1A, Risk Factors, in this Annual Report on Form 10-K under the heading Despite our security measures, our information technology and infrastructure may be vulnerable to attacks by hackers or breached due to employee error, malfeasance or other disruptions. Any such breach could result in legal claims or proceedings, liability under laws that protect the privacy of personal information, and regulatory penalties, disruption of our operations and the services we provide to clients, damage to our reputation, and a loss of confidence in our products and services, each of which could adversely affect our business, financial condition, results of operations and prospects , which should be read in conjunction with the information above. Cybersecurity Governance One of the key functions of our Board of Directors is informed oversight of our risk management process, including risks from cybersecurity threats. Our Board of Directors is responsible for monitoring and assessing our strategic risk exposure, and our executive officers are responsible for day-to-day management of the material risks we face. Our Board of Directors administers its cybersecurity risk-oversight function as a whole, as well as through the audit committee. Our Chief Financial Officer and Vice President of Affiliate Marketing are responsible for assessing and managing material risks from cybersecurity threats, as well as managing, responding to and reporting material cyber incidents if any occur. They will provide periodic briefings to the Audit Committee and to the Board of Directors about our cybersecurity risks and activities, including cybersecurity incidents and responses, cybersecurity systems testing, third-party activities and related topics. In addition, our policies for managing and responding to cybersecurity incidents include procedures for appropriate escalations to our Audit Committee Chair. Although we have designed our cybersecurity program and governance procedures above to mitigate cybersecurity risks, we face unknown cybersecurity risks, threats and attacks. To date, these risks, threats or attacks have not had a material impact on our operations, business strategy or financial results, but we cannot provide assurance that they will not have a material impact in the future. See the section entitled Risk Factors included elsewhere in this Annual Report for further information. We continuously work to enhance our cybersecurity risk management program.

Company Information