Vaxart, Inc. - (VXRT)
10-K Filing Date: March 14, 2024
The Company maintains general cybersecurity policies and procedures to assess, identify, and manage cyber threats, and has designated personnel to implement and maintain these policies and procedures, subject to oversight by our management and board of directors.
The Company has implemented various technical, physical and administrative security controls to account for these and other cybersecurity threats. For example, we have implemented technical security controls focused on ensuring the security and protection of computer systems and networks; all pertinent domestic operating entities of the Company are required to adhere to a standardized “Company Confidentiality System,” which is centrally overseen and enforced, subject to oversight by our management and board of directors. This Company Confidentiality System includes specific provisions for information pertaining to network security, data security, and information that, if compromised, could have detrimental effects on the public interest and the Company. The Company and its employees are also required to sign confidentiality agreements for purposes including helping to ensure cybersecurity. The Company has taken measures to better ensure that key employees are aware of data security threats (including cybersecurity threats), and Company security policies and procedures, as appropriate. Improper or illegitimate use of the Company’s information system resources or violation of the Company’s information security policies and procedures may result in disciplinary action.
As of the date of this report, we are not aware of any material risks from cybersecurity threats that have in the reporting calendar year materially affected or are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition.
The Company relies on third-party service providers for critical or key infrastructure and solutions across various Company operations. Cybersecurity incidents that impact third-party service providers have significantly increased in recent years and represent a continuing risk to the Company. The Company has sought to mitigate this risk through specific cybersecurity controls, designed to assess the business and security controls implemented by key information services to the Company, which are annually audited and subject to oversight by management and the board of directors.