Balance Labs, Inc. 10-K Cybersecurity GRC - 2024-04-15

Page last updated on April 15, 2024

Balance Labs, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-15 16:52:08 EDT.

Filings

10-K filed on 2024-04-15

Balance Labs, Inc. filed an 10-K at 2024-04-15 16:52:08 EDT
Accession Number: 0001493152-24-014644

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity We have processes in place for assessing, identifying, and managing material risks from cybersecurity threats, including potential unauthorized occurrences on or through both, our physical systems and electronic information systems, that could adversely affect the confidentiality, integrity, or availability of our information systems or the information residing on those systems. These include a wide variety of mechanisms, controls, technologies, methods, systems, and other processes that are designed to prevent, detect, or mitigate data loss, theft, misuse, unauthorized access, or other security incidents or vulnerabilities affecting the data. The data include confidential, proprietary, and business and personal information that we collect, process and store as part of our business, including on behalf of third parties. Additionally, we use processes to oversee and identify material risks from cybersecurity threats associated with our use of third-party technology and systems, including: technology and systems we use for encryption and authentication employee email content delivery to customers back-office support and other functions. As part of our risk management process, we conduct application security assessments, vulnerability management, penetration testing, security audits, and ongoing risk assessments. We also maintain a variety of incident response plans that are utilized when incidents are detected. We require employees with access to information systems, including all corporate employees, to undertake data protection and cybersecurity training and compliance programs at least annually. We have a unified and centrally-coordinated team, led by our Michael Farkas that is responsible for implementing and maintaining centralized cybersecurity and data protection practices at the Company in close coordination with senior leadership and other teams across the Company. In addition, we also engage assessors, consultants, auditors, or other third parties to assist with assessing, identifying and managing cybersecurity risks. Our cybersecurity risks and associated mitigations are evaluated by senior leadership, including as part of our risk assessments that are reviewed by the board of directors. The board of directors oversees our policies and procedures for protecting our cybersecurity infrastructure and for compliance with applicable data protection and security regulations, and related risks. They also oversee the response to any significant cybersecurity incidents. Our Michael Farkas, who has cybersecurity knowledge and skills, heads the team responsible for implementing and maintaining cybersecurity and data protection practices at the Company. We describe whether and how risks from cybersecurity threats have or that are reasonably likely to affect our financial position, results of operations and cash flows, under the heading WE RELY HEAVILY ON INFORMATION TECHNOLOGY. ANY INTERRUPTION OR LAPSE RELATED TO THAT TECHNOLOGY, INCLUDING ANY CYBERSECURITY INCIDENTS, COULD HARM OUR ABILITY TO OPERATE OUR BUSINESS EFFECTIVELY. included as part of our Item 1A. Risk Factors of this Annual Report on Form 10-K, which disclosures are incorporated by reference herein.

Company Information