Strong Global Entertainment, Inc. 10-K Cybersecurity GRC - 2024-03-29

Page last updated on April 11, 2024

Strong Global Entertainment, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-29 16:41:00 EDT.

Filings

10-K filed on 2024-03-29

Strong Global Entertainment, Inc. filed an 10-K at 2024-03-29 16:41:00 EDT
Accession Number: 0001493152-24-012001

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Cybersecurity Overview We rely on proprietary and third-party information systems to process, transmit and store information and to manage or support our business processes. We store and maintain confidential financial and business information regarding us and persons with whom we do business on our information technology systems. We also collect and hold personally identifiable information of our employees in connection with their employment. In addition, we engage third-party service providers that may collect and hold personally identifiable information of our employees in connection with providing business services to us, including web hosting, accounting, payroll and benefit services. Cybersecurity Governance The protection of the information technology systems on which we rely is critically important to us. The Audit Committee of the Board of Directors has oversight for the reliability and security of our information systems, including identifying material risks and cybersecurity threats arising in our business. The Audit Committee receives updates from management of the ongoing cybersecurity initiatives and events at least once per quarter. In the event of a material cybersecurity incident, management will notify the Audit Committee, which will provide oversight for the Company s response and mitigation to the incident. Our Chief Executive Officer is responsible for the management of the Company s information systems and oversees the Company s information technology team ( IT Team ). The IT Team has in place documented procedures for cybersecurity response plans, which are reviewed annually or as events warrant. The IT Team utilizes third party security experts and tools to provide continuous external penetration testing, conduct security reviews, and provide threat and incident response support. Cybersecurity Risk Management and Strategy We employ a multi-layered approach to protect our information systems from cybersecurity threats. All hardware within our information systems run an industry-standard anti-virus solution, and we have an established patching program in place to keep security updates current. Penetration testing is conducted by an outside party on a continual basis, resulting in rapid discovery and remediation of any potential weaknesses. To ensure employee compliance with our processes, we require yearly cybersecurity training and conduct phish testing, including simulated phishing attempts. Additional training is assigned to employees as deemed necessary to reduce the risk of cybersecurity threats. In case of a cybersecurity incident, we maintain a cybersecurity insurance policy to reduce any direct costs that could be incurred. A cybersecurity incident could interrupt our operations, result in downtime, divert our planned efforts and resources from other projects, damage our reputation and brand, damage our competitive position, subject us to liability claims or regulatory penalties under laws protecting the privacy of personal information. Although impacts of past cybersecurity incidents have been immaterial to date, the impacts of such events in the future may materially and adversely affect our business, financial condition, or results of operations.

Company Information