Salarius Pharmaceuticals, Inc. - (SLRX)
10-K Filing Date: March 22, 2024
Item 1C. Cybersecurity
Risk Management and Strategy
We maintain standard procedures to help assess, identify and manage material risk posed by cybersecurity threats and regularly evaluate how we can integrate these procedures into our overall risk management processes. For example, we require that all of our employees who have access to our internal network complete formal cybersecurity training upon hire and on a periodic basis, including training on phishing, malware, and other cybersecurity risks. We also continuously evaluate our information technology systems and our practices that relate to our information technology systems. To date, we have not engaged any formal assessment or cyber security auditors or other third parties in connection with these efforts but may elect to do so in the future.
To the extent we identify areas in our information systems that need improvement, we seek to timely implement and monitor such improvements. While we believe that we have taken appropriate security measures to protect our data and information technology systems, and have been informed by our third-party vendors that they have as well, there can be no assurance that our efforts will prevent breakdowns or breaches in our systems, or those of our third-party vendors, that could materially adversely affect our business and financial condition. For additional information regarding whether risks from cybersecurity threats are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition, see Item 1A, “Risk Factors,” in this Annual Report on Form 10-K.
Governance
We currently engage a qualified IT consultant who reports to our Chief Executive Officer. This consultant has robust experience with cybersecurity, information technology development and deployment and information technology risk assessment and management, including information security management.
49
Our IT consultant regularly monitors our information technology systems and monitors the prevention, detection, mitigation and remediation of cybersecurity incidents in consultation with our Chief Executive Officer. To the extent necessary, our Chief Executive Officer reports such risks to our Board, which has overall responsibility for risk oversight.
Over the last two years, we have not experienced any cybersecurity incidents that have materially affected or are reasonably likely to materially affect is, including our business, results of operations, or financial condition.