Lantern Pharma Inc. - (LTRN)
10-K Filing Date: March 18, 2024
Risk Management and Strategy. We employ processes for assessing, identifying, and managing material risks from cybersecurity threats that are incorporated into our overall risk management system. These items are designed to help protect our information assets from internal and external threats and protect the integrity and confidentiality of our data. Our system includes procedural and technical safeguards, response planning, and reviews of our policies. We engage various external entities, including consultants, to improve and enhance our cybersecurity processes and oversight. We provide employees and consultants with cybersecurity and prevention training including timely and relevant topics covering phishing, mobile security, and data protection and the need for reporting incidents and suspicious events immediately.
Although we develop and maintain systems and controls designed to prevent cybersecurity threats from occurring, and we have a process to identify and mitigate threats, the development and maintenance of these systems, controls and processes is costly and requires ongoing monitoring and updating as technologies change and efforts to overcome security measures become increasingly sophisticated. Moreover, despite our efforts, the possibility of these events occurring cannot be eliminated entirely. As we outsource more of our information systems to vendors, engage in more electronic transactions with service providers and relating to patients participating in clinical trials, and rely more on cloud-based information systems, the related security risks will increase and we will need to expend additional resources to protect our technology and information systems. In addition, there can be no assurance that our internal information technology systems or those of our third-party contractors, or our consultants’ efforts to implement adequate security and control measures, will be sufficient to protect us against breakdowns, service disruption, data deterioration or loss in the event of a system malfunction, or prevent data from being stolen or corrupted in the event of a cyberattack, security breach, industrial espionage attacks or insider threat attacks which could result in financial, legal, business or reputational harm.
As of the date of this report, we are not aware of any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition.
Governance. Our senior management team conducts the regular assessment and management of material risks from cybersecurity threats, including review with our information technology team and third-party service providers. All employees and consultants are directed to report to our senior management any irregular or suspicious activity that could indicate a cybersecurity threat or incident. The Audit Committee of our Board of Directors evaluates our cybersecurity assessment and management policies, including quarterly discussions with our senior officers and independent registered accounting firm.