SONO TEK CORP 10-K Cybersecurity GRC - 2024-05-23

Page last updated on July 16, 2024

SONO TEK CORP reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-05-23 14:05:51 EDT.


10-K filed on 2024-05-23

SONO TEK CORP filed a 10-K at 2024-05-23 14:05:51 EDT
Accession Number: 0001171520-24-000208

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C CYBERSECURITY Sample Disclosure Risk Management and Strategy Securing our business information, intellectual property, customer and employee data and technology systems is essential for the continuity of our business, meeting applicable regulatory requirements and maintaining the trust of our stockholders. Cybersecurity is an important and integrated part of our enterprise risk management function that identifies, monitors and mitigates business, operational and legal risks. To help protect us from a major cybersecurity incident that could have a material impact on operations or our financial results, the Company is in the process of implementing policies, programs and controls, including technology investments that focus on cybersecurity incident prevention, identification and mitigation. The steps we expect to take to reduce our vulnerability to cyberattacks and to mitigate impacts from cybersecurity incidents include, but are not limited to: penetration testing by a third party vendor, agent based security scanning that runs continuously, establishing information security policies and standards, implementing information protection processes and technologies, monitoring our information technology systems for cybersecurity threats and implementing cybersecurity training. In addition, we annually purchase a cybersecurity risk insurance policy that would help defray the costs associated with a covered cybersecurity incident if it occurred. Governance Our Board of Directors is actively engaged in overseeing and reviewing our strategic direction and objectives, taking into account, among other considerations, our risk profile and related exposures, including oversight of risks from cybersecurity threats. As part of this oversight, the Company will update the Board periodically, and at least annually, on our cybersecurity program, including with respect to particular cybersecurity threats, cybersecurity incidents, new developments in our risk profile, the status of projects to strengthen our cybersecurity systems, assessments of our cybersecurity program, and the emerging threat landscape.

Company Information

SIC DescriptionSpecial Industry Machinery, NEC
TickerSOTK - Nasdaq
CategoryNon-accelerated filer
Smaller reporting company
Fiscal Year EndFebruary 27