Page last updated on March 6, 2026
CIVISTA BANCSHARES, INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-03-06 17:01:33 EST.
Filings
10-K filed on 2026-03-06
CIVISTA BANCSHARES, INC. filed a 10-K at 2026-03-06 17:01:33 EST
Accession Number: 0001193125-26-096836
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity The Company understands that security of our banking operations is critical to protecting our customers, maintaining our reputation and preserving the value of the Company. The Company is focused on addressing cybersecurity risks on confidentiality, integrity, and the availability of the information the Company collects, transmits and stores by identifying, preventing, and mitigating cybersecurity risks. The Board of Directors, through the Board Risk and Audit Committees, and the Company's Enterprise Risk Management Committee provide direction and oversight of the enterprise-wide risk management program of the Company, which includes the Information Security Program. The Chief Information Officer and the Chief Risk Officer oversee these programs to accomplish the following: - assure the confidentiality, integrity and availability of our information and information systems; - protect against any anticipated threats or hazards to the confidentiality, integrity or availability of such information and information systems; and - protect against unauthorized access to or use of such information or information systems that could result in substantial harm or inconvenience to us, our clients and the value of the Company. These programs establish policies (including vendor management), procedures, risk assessments, systems, monitoring, reporting, strategies, and training to effectively manage cybersecurity risks. Specifically, the Company deploys multiple layers of controls, including embedding security into our technology investments, designed to identify, protect, detect, respond to and recover from information security and cybersecurity incidents. The Company also performs simulations and drills to further ensure our readiness and preparedness for potential threats. In addition, the Company employs a nationally recognized firm with information security experts to annually perform audits that extensively test our program and controls, which are reviewed by the Board Audit Committee. These programs and controls align with Federal Financial Institutions Examination Council guidelines and standards. As of the date of this filing, the Company has not experienced any cybersecurity incidents that have materially affected, or are reasonably likely to materially affect, the Company's business strategy, results of operations, or financial condition. The Company, as well as our customers, colleagues, regulators, service providers and other third parties , have seen an increase in information security and cybersecurity risk in recent years. We continue to assess the 29 risks and threats in the cyber environment, invest in enhancements to our cybersecurity capabilities, and engage in industry and government forums to promote advancements in our cybersecurity collaboration and capabilities.
Company Information
| Name | CIVISTA BANCSHARES, INC. |
| CIK | 0000944745 |
| SIC Description | State Commercial Banks |
| Ticker | CIVB - Nasdaq |
| Website | |
| Category | Accelerated filer |
| Fiscal Year End | December 31 |