VIVOS INC - (RDGL)

10-K Filing Date: March 18, 2024
ITEM 1C. CYBERSECURITY

 

Risk Management and Strategy

 

Our cybersecurity policies, standards, processes and practices are based on applicable laws and regulations and informed by industry standards and industry-recognized practices. Our strategy to assess, identify, and manage material cybersecurity risks is through a comprehensive, cross-functional approach that is focused on preserving the confidentiality, security, and availability of our information systems and data. We implement security measures and processes to identify, prevent, and mitigate cybersecurity threats and to effectively respond to cybersecurity incidents when they occur. Our cyber risk management includes: (1) enterprise risk management to identify top cybersecurity risks; (2) vulnerability management to identify software vulnerabilities and risks related to compute infrastructure; (3) vendor risk management to identify risks related to third parties and business partners, which includes pre-engagement review, use of contractual security provisions, and continued monitoring, as applicable; (4) privacy risk management to identify privacy risks in our product and platforms and ensure regulatory compliance; (5) security monitoring to analyze and assess threat activity in real time; and (6) security incident response to investigate, respond to, and mitigate cyber threats. We regularly engage third parties to identify risks in our underlying software and infrastructure, to provide threat intelligence, and to assist in triaging, identifying, and responding to cyber threats.

 

In 2023, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. However, despite our efforts, we cannot eliminate all risks from cybersecurity threats, or provide assurances that we have not experienced undetected cybersecurity incidents.

 

Governance

 

Our Board of Directors maintains oversight of risks from cybersecurity threats by meeting with and receiving periodic updates from our Chief Executive Officer, who is assigned oversight of cybersecurity risks. Our Chief Executive Officer is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the Company is exposed and to implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents.