Item 1C. Cybersecurity

 

 

NextPlat uses, stores, and processes data for and about our customers, employees, partners and suppliers. We have implemented a cybersecurity risk management program that is designed to identify, assess, and mitigate risks from cybersecurity threats to this data, our systems, and our business operations.

 

Cyber Risk Management and Strategy

 

Our cybersecurity risk management processes are being integrated into our overall risk management processes. We are making efforts to incorporate cybersecurity considerations as a part of our business processes. We engage with external cybersecurity experts, including assessors, consultants, and auditors, to enhance our cybersecurity measures and ensure compliance with industry best practices. We have established processes to oversee and manage cybersecurity risks associated with our use of third-party service providers, ensuring they adhere to our security standards. We review third-party service provider contracts to ensure they contain data privacy and security provisions, aligning with our standards and regulatory requirements. We use the National Institute of Standards and Technology Cybersecurity Framework to guide our approach, ensuring a structured and comprehensive strategy for managing cybersecurity risks.

 

Risk Management Oversight and Governance

 

 

The Board of Directors has oversight of the Company’s cybersecurity program. Our management team, in consultation with the Board of Directors, is responsible for monitoring, preventing, detecting, mitigating and remediating cybersecurity incidents.