Movano Inc. - (MOVE)
10-K Filing Date: April 16, 2024
Risk Management and Strategy
We operate in the technology and general wellness, continuous glucose and blood pressure monitoring sectors, which are subject to various cybersecurity risks that could adversely affect our business, financial condition, and results of operations, including intellectual property theft; fraud; extortion; harm to employees or customers; violation of privacy laws and other litigation and legal risk; and reputational risk. We have implemented a risk-based approach to identify and assess the cybersecurity threats that could affect our business and information systems. Our processes also include assessing cybersecurity threat risks associated with our use of third-party services providers in normal course of business use. Third-party risks are included within our cybersecurity risk management processes discussed above. In addition, we assess cybersecurity considerations in the selection and oversight of our third-party services providers, including due diligence on the third parties that have access to our systems and facilities that house systems and data.
Our business depends on the availability, reliability, and security of our information systems, networks, data, and intellectual property. Any disruption, compromise, or breach of our systems or data due to a cybersecurity threat or incident could adversely affect our operations, customer service, product development, and competitive position. They may also result in a breach of our contractual obligations or legal duties to protect the privacy and confidentiality of our stakeholders. Such a breach could expose us to business interruption, lost revenue, ransom payments, remediation costs, liabilities to affected parties, cybersecurity protection costs, lost assets, litigation, regulatory scrutiny and actions, reputational harm, customer dissatisfaction, or harm to our vendor relationships.
Cybersecurity Governance and Oversight
Our board of directors addresses our cybersecurity risk management as part of its general oversight function. We maintain security controls that are continuously reviewed to protect against emerging cyber threats. Our IT Department monitors these security controls and risks and regularly reports to senior management and the board of directors on material developments.
To manage our material risks from cybersecurity threats and to protect against, detect, and prepare to respond to cybersecurity incidents, we undertake the below listed activities:
● | Monitor emerging data protection laws in conjunction with our advisors and implement changes to our processes to comply; | |
● | Maintain firewall and virus protection software; and | |
● | Maintain a cybersecurity insurance policy. |
Our cybersecurity incident response processes are designed to escalate certain cybersecurity incidents to designated employees and other members of management depending on the circumstances, including in some cases to our executive team. The board of directors receives regular reports from management concerning our cybersecurity risk management program. The board also receives various summaries and/or presentations related to cybersecurity threats, risks and mitigation.
As of the date of this Annual Report on Form 10-K, we are not aware of any cybersecurity threats that have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations or financial position.