INTEST CORP - (INTT)
10-K Filing Date: March 27, 2024
CYBERSECURITY
Cyber Security Governance
Oversight of cybersecurity risks by management is led by our Information Technology (“IT”) Committee, which is chaired by our Director of IT and comprised of members of senior management including our Chief Executive Officer and Chief Financial Officer. Among its responsibilities, the IT Committee identifies our material cyber risks and reviews the strategies, processes and controls in place to facilitate the understanding, identification, prevention, measurement, reporting and mitigation of those risks. The IT Committee meets quarterly to review our cyber risk management strategy. A member of the Board attends these meetings as an observer.
The Board and senior management provide general oversight and support to the IT Committee. The Board periodically reviews, appraises and discusses with management the effectiveness of our information technology security, data privacy and cyber security and related risks.
Risk Management and Strategy
Cybersecurity is a key component of our overall risk management system. We are implementing processes that are designed to effectively manage risks from cybersecurity threats. The IT Committee currently has in place an Incident Response Plan (the “IRP”). The IRP lays out our guidelines for responding to and handling cyber incidents. The IRP helps to ensure a quick and organized response in the event of a cyber incident and helps ensure all necessary members of management, the Board and legal counsel are informed so action can be taken as soon as possible. Under the IRP, once a cyber incident is identified, a response team will review the details of the cyber incident, inform management and the Board and work to secure our systems and fix the vulnerability. An investigation will be conducted, with the assistance of third-party consultants if needed, to determine the root cause of the cyber incident, the materiality of the cyber incident, and any disclosure or legal obligations that will stem from the cyber incident.
To help prevent cyber security incidents we have integrated a number of third-party services into our IT systems to bolster our cyber security defenses. These services include a detection and response system which provides continuous monitoring of our IT systems, end-point protection on all of our computers and connected devices, as well as two-step verification for accessing our systems. We also engage a third-party consultant with experience in cyber defense to review our IRP to ensure it meets current standards and best practices.
We have been the victim of cyber incidents and may be the subject of cyber incidents in the future. See Item 1A, Risk Factors for more information about the risk posed to us by cybersecurity threats.
|