Globalstar, Inc. - (GSAT)
10-K Filing Date: February 29, 2024
Item 1C. Cybersecurity
We have an enterprise-wide information security program designed to identify, protect, detect and respond to and manage reasonably foreseeable cybersecurity risks and threats.
Our cybersecurity program is integrated into our overall risk management systems and led by our data protection officer. This program is on par with industry standards and best practices, such as the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework. Oversight of the program is performed by our executive management and board of directors. Internal employees as well as third party advisors were involved in the development and continued maintenance of our cybersecurity program. The program is evaluated and audited on an annual basis by independent third parties through ongoing IT compliance initiatives.
Our formalized cybersecurity incident response plan is a framework to facilitate the detection, identification, containment, eradication and recovery from cybersecurity incidents. This framework addresses how and which risks impact our operational, financial or reputational standing and/or the ability to comply with regulatory or legal requirements. The incident response plan is evaluated and tested on an annual basis by management and independent third parties.
As of the date of this report, we are not aware of any material risks from cybersecurity threats, that have materially affected or are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition. However, we are subject to various cybersecurity risks that could adversely affect our business, financial condition and results of operations. Such risks may include harm to our employees or customers, violation of privacy laws, theft, fraud, extortion as well as legal and reputational risk. See Item 1A. Risk Factors, “Our networks and those of our third-party service providers and customers may be vulnerable to unauthorized or unlawful access, including cyber-attacks and other security breaches, that could have significant negative consequences. Our use of personal information could give rise to costs and liabilities arising from developing data privacy laws." for further discussion.