Adicet Bio, Inc. - (ACET)

10-K Filing Date: March 19, 2024
Item 1C. Cybersecurity.

Cyber Risk Management and Strategy

The Company relies on electronic systems and information technologies to conduct its operations. We have adopted and maintain a cybersecurity risk management program, in accordance with our risk profile and business, that is informed by industry standards.

We leverage the support of third-party information technology and security providers, including to perform penetration testing and threat intelligence analysis. We have previously conducted a cybersecurity risk assessment that was intended to take into account the evolving cyber threat landscape and industry best practices, and we have endeavored to adapt our cyber risk strategy to mitigate emerging cybersecurity risks. We implement a multi-layered approach to cybersecurity that includes, for example, employee security awareness training, various security tools and technologies, and incident response planning.

Although risks from cybersecurity threats have to date not materially affected, and we do not believe they are reasonably likely to materially affect, us, our business strategy, results of operations or financial condition, we could, from time to time, experience threats and security incidents relating to our, and our third party vendors’, information systems. For more information, please see the section entitled “Risk Factors” in this Annual Report on Form 10-K.

Governance Related to Cybersecurity Risks

Our Senior Director of Information Technology (“IT”) reports directly to our Chief Financial Officer and is responsible for the strategic leadership and direction of our cybersecurity program, with support from our Associate Director of Information Security and Senior Manager of IT. With over 20 years of experience in IT and cybersecurity risk management, our Senior Director of IT works alongside individuals across other Company management functions to establish and implement our cybersecurity risk management strategy.

Our audit committee, which reports directly to the board of directors, is responsible for overseeing our cybersecurity risk management program pursuant to the audit committee’s charter. The audit committee receives periodic updates on cybersecurity risks, mitigation strategies, and, if necessary, incident response activities from our Senior Director of IT. The audit committee may update the full board of directors on matters relating to cybersecurity risk management as needed.