Vislink Technologies, Inc. 10-K Cybersecurity GRC - 2025-05-01

Page last updated on May 2, 2025

Vislink Technologies, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-05-01 21:36:54 EDT.

Filings

10-K filed on 2025-05-01

Vislink Technologies, Inc. filed a 10-K at 2025-05-01 21:36:54 EDT
Accession Number: 0001641172-25-008150

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risk Management and Strategy Managing Material Risks & Integrated Overall Risk Management We are developing processes to assess, identify, and manage material risks from cybersecurity threats to the IT systems and information we create, use, transmit, receive, and maintain. We also seek to integrate these processes and policies into our overall enterprise risk management system and processes. The processes for assessing, identifying, and managing material risks from cybersecurity threats, including threats associated with our use of third-party service providers, include our efforts to identify the relevant assets that could be affected, determine possible threat sources and threat events, assess threats based on their potential likelihood and impact, and identify controls that are in place or necessary to manage and/or mitigate such risks. Engage Third Parties in Risk Management We engage a range of external experts, including consultants and cybersecurity assessors, who assist us in evaluating and testing our cybersecurity systems and processes. These engagements are intended to give us access to specialized knowledge and insights to inform our cybersecurity strategies and processes, including industry-standard control frameworks and applicable regulations, laws, and standards. Oversee Third-Party Risk The Company has implemented stringent security assessments before engagement and ongoing monitoring throughout partnerships to address risks associated with third-party service providers. We’ve also enhanced our contractual requirements to align third-party security practices with our standards. Risks from Cybersecurity Threats The Company has not experienced any material cybersecurity incidents, and expenses related to minor incidents have remained immaterial. However, as highlighted in “Risk Factors” in Part I, Item 1A of this Annual Report, cybersecurity threats continue to pose significant risks to our operations and financial condition. These risks are amplified as cyber threats become more sophisticated and coordinated. We have invested in monitoring tools, security infrastructure, and employee training programs to mitigate risks and adapt to this evolving landscape. Governance Board of Directors Oversight Our Board continues to oversee management’s identification and management of cybersecurity risks. The Audit Committee of the Board (the “Audit Committee”) is responsible for cybersecurity risk oversight and meets at least annually with management to review risk assessments, ongoing initiatives, and key learnings from incidents. In 2024, the Audit Committee adopted enhanced reporting protocols to ensure timely and transparent updates on cybersecurity matters. 27 Management’s Role in Managing Risk Our Global IT Manager, with over 34 years of IT-related experience, continues to lead our information security efforts, working closely with third-party experts and consultants, and regularly briefs our CFO on any related matters. Our CFO then ensures the Audit Committee is regularly briefed on cybersecurity matters, including risks, initiatives, and incidents. Throughout 2024, management has prioritized the following: ● Conducting advanced employee training programs that include phishing simulations and scenario-based threat responses. ● Enhancing security monitoring and incident response plans. ● Updating encryption protocols and performing regular system updates to address potential vulnerabilities. Risk Management Personnel The Global IT Manager oversees all vendor-related cybersecurity work, focusing on process evolution, risk remediation, and employee training. Training efforts now include quarterly updates on emerging threats such as AI-enabled phishing and ransomware attacks. Our ongoing business continuity and disaster recovery plans complement these measures. Monitor Cybersecurity Incidents Our IT team employs advanced monitoring tools to identify and address vulnerabilities promptly. No material cybersecurity incidents were identified in 2024, and our incident response plan effectively addresses and mitigates risks. These processes include detailed documentation, root cause analysis, and continuous updates to our response strategy. Reporting to the Board of Directors The Global IT Manager promptly escalates significant cybersecurity matters to the CFO and the Audit Committee, ensuring that the Board remains fully informed. Regular updates to the Audit Committee include detailed discussions on system performance, risk exposure, and planned mitigation strategies. 28

Company Information