Onconetix, Inc. 10-K Cybersecurity GRC - 2024-04-11

Page last updated on July 16, 2024

Onconetix, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-11 16:43:05 EDT.


10-K filed on 2024-04-11

Onconetix, Inc. filed a 10-K at 2024-04-11 16:43:05 EDT
Accession Number: 0001213900-24-032225

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Cybersecurity Risk Management and Strategy We, like other companies in our industry, face several cybersecurity risks in connection with our business. Our business strategy, results of operations, and financial condition have not, to date, been materially affected by risks from cybersecurity threats. During the reporting period, we have not experienced any material cyber incidents, nor have we experienced a series of immaterial incidents, which would require disclosure. We are in the process of implementing our cybersecurity program, which is aimed at safeguarding the confidentiality, integrity, and availability of our essential systems and information, and is designed to detect and mitigate risks from cybersecurity threats to our data and our systems. Central to our cybersecurity efforts is a robust incident response plan designed to address potential cyber incidents swiftly and effectively. In designing and evaluating our cybersecurity program, we have adopted the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF 2.0”) as a guiding principle. It is important to clarify that our use of the NIST CSF 2.0 is for guidance purposes to frame our risk identification, assessment, and management processes and does not equate to compliance with any specific technical standards or requirements. The key components of our cybersecurity program will include: ● conducting risk assessments to pinpoint material cybersecurity threats to our critical systems, data, products, services, and overall IT infrastructure; ● a third-party security expert consultant overseeing the risk assessment process, maintenance of security controls, and coordination of responses to cybersecurity incidents; ● engagement with external service providers to evaluate, enhance, or support our security measures; ● an incident response plan outlining specific procedures for managing cybersecurity incidents; and 95 Cybersecurity Governance The governance of cybersecurity risks is a critical function of our Board of Directors, with the Audit Committee playing a key role in the oversight of cybersecurity and related technology risks. The Audit Committee is tasked with monitoring the effectiveness of our cybersecurity risk management program as implemented by management. The Audit Committee will receive regular updates from management on the state of cybersecurity risks facing the Company. This includes briefings on any significant cyber incidents and ongoing risk management efforts. These updates will enable the Audit Committee to provide informed reports on cybersecurity matters to the full Board. The responsibility for day-to-day management of cybersecurity risks lies with our management team, including the Chief Financial Officer. This team is at the forefront of our cybersecurity initiatives, coordinating both internal and external resources to anticipate, identify, and mitigate cyber threats. Our approach includes regular updates from our third-party security expert consultant, leveraging intelligence from various sources, and utilizing advanced security tools to protect our digital environment. Our third-party security expert consultant has over 30 years of experience with cybersecurity, information technology development and deployment, and information technology risk assessment and management, including information security management.

Company Information

NameOnconetix, Inc.
SIC DescriptionPharmaceutical Preparations
TickerBWV - Nasdaq
Emerging growth company
Fiscal Year EndDecember 30