CURIS INC - (CRIS)
10-K Filing Date: February 08, 2024
ITEM 1C.CYBERSECURITY
We have processes for assessing, identifying and managing cybersecurity risks, which are built into our information technology function and are designed to help protect our information assets and operations from internal and external cyber threats, protect employee and clinical trial information from unauthorized access or attack, as well as secure our networks and systems. Such processes include physical, procedural and technical safeguards, response plans, and routine review of our policies and procedures to identify risks and refine our practices. We engage certain external parties, including consultants, to enhance our cybersecurity oversight.
Our Audit Committee of the Board of Directors, or the Audit Committee, is responsible for overseeing cybersecurity risk and periodically updates our Board of Directors on such matters. The Audit Committee receives periodic updates from management regarding cybersecurity matters, and is notified between such updates regarding any significant new cybersecurity threats or incidents. We do not believe that there are currently any known risks from cybersecurity threats that are reasonably likely to materially affect us or our business strategy, results of operations or financial condition.
Management is responsible for, and is forming a committee tasked with, the operational oversight of company-wide cybersecurity strategy, policy, and standards across relevant departments to assess and help prepare us to address cybersecurity risks.
In an effort to deter and detect cyber threats, we annually provide all employees with cybersecurity and prevention training, which covers timely and relevant topics, including social engineering, phishing, password protection, confidential data protection, and mobile security, and educates employees on the importance of reporting all incidents immediately. We also use technology-based tools to mitigate cybersecurity risks and to bolster our employee-based cybersecurity programs.
77