Mycotopia Therapies, Inc. 10-K Cybersecurity GRC - 2024-04-22

Page last updated on April 23, 2024

Mycotopia Therapies, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-04-22 17:50:23 EDT.

Filings

10-K filed on 2024-04-22

Mycotopia Therapies, Inc. filed an 10-K at 2024-04-22 17:50:23 EDT
Accession Number: 0001096906-24-000907

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY The safeguarding of our digital and physical assets against cybersecurity threats is a cornerstone of our operational integrity and reliability. Recognizing the sophisticated and ever-evolving nature of cyber threats, we have instituted a robust cybersecurity framework that not only aims to protect our systems and data but also ensures the resilience of our operations against potential cyber-attacks. Cybersecurity Protocols and Practices AIBotics employs a multi-layered cybersecurity strategy that encompasses various protocols and best practices, designed to defend against a wide array of cyber threats: Multifactor Authentication (MFA): To ensure the security of user accounts, we implement MFA across our digital platforms. This approach adds an additional layer of security by requiring two or more verification factors, significantly reducing the risk of unauthorized access. Limited Physical Access to Local Servers and Company’s NAS: We enforce strict physical security measures to safeguard our local servers and Network Attached Storage (NAS) devices. Access to these critical assets is restricted to authorized personnel only, thereby mitigating the risk of physical tampering or data theft. Employee Training for Cybersecurity: Recognizing that human error can often be a cybersecurity vulnerability, we provide comprehensive cybersecurity training to our employees. This training covers essential practices such as recognizing phishing attempts, securing sensitive information, and adhering to our internal cybersecurity policies. Credential Management and Rotation: To prevent unauthorized access stemming from compromised credentials, we implement rigorous credential management and rotation policies. These measures include regularly updating passwords and access keys, ensuring that former employees’ access rights are promptly revoked, and employing advanced credential management systems. Anti-Phishing Training: Our employees undergo targeted anti-phishing training to identify and respond appropriately to phishing attempts. This training is crucial in cultivating a vigilant and informed workforce capable of recognizing and thwarting phishing attacks. Periodical Viruses Analysis: We conduct regular scans and analyses for viruses and malware across our network. This proactive approach enables us to detect and neutralize potential threats before they can inflict harm. Software with Latest Security Updates: Our IT infrastructure is maintained with up-to-date software, including the latest security patches. This policy helps protect against vulnerabilities that could be exploited by cybercriminals. Avoid Sharing Confidential Files Outside the Organization: We enforce strict data handling policies to prevent the sharing of confidential files outside the organization. This includes the use of encrypted communication channels and secure data storage solutions. Scanning Third-Party Emails and Attachments: To mitigate the risk of email-based threats, all incoming emails and attachments from third parties are scanned for malicious content. This ensures that potentially harmful materials are identified and quarantined before they can reach the end user. 7 IT Staff Authorization for Software Installations and Updates: To maintain the integrity of our IT environment, only authorized IT staff are permitted to install or update software on the company s computers. This control prevents the introduction of unauthorized or potentially malicious software. Additional Measures and Good Practices In addition to the aforementioned protocols, we are committed to continuous improvement and adaptation of our cybersecurity measures to counter new threats. This includes engaging in threat intelligence sharing with industry partners, conducting regular cybersecurity risk assessments, and implementing a comprehensive incident response plan to quickly address and mitigate the impact of any cybersecurity incidents. Governance and Oversight Our cybersecurity strategy is governed by a dedicated cybersecurity team, under the leadership of the Chief Information Security Officer (CISO). This team is responsible for the continuous monitoring and improvement of our cybersecurity posture. Furthermore, our Board of Directors regularly reviews our cybersecurity strategies and policies, ensuring they align with our overall business objectives and the evolving cybersecurity landscape.

Company Information