Transcode Therapeutics, Inc. - (RNAZ)
10-K Filing Date: April 01, 2024
Cybersecurity Risk Management and Strategy
We understand the importance of assessing, identifying, and managing risks associated with cybersecurity threats. Certain cybersecurity processes designed to assess, identify and manage risks from cybersecurity threats have been incorporated into our operations as a part of our overall risk assessment process.
To help us defend against, detect and respond to risks from cybersecurity threats, we engage a third-party computer support firm to assist with network monitoring, cloud system monitoring, and employee cybersecurity awareness training. Training topics include how to escalate suspicious activities including phishing, viruses, spams, insider threats, suspect human behaviors or safety issues.
Since July 2021, we have no knowledge of any cybersecurity incidents which have materially affected or are reasonably likely to materially affect our Company, including our business strategy, results of operations, or financial condition. Refer to “Item 1A. Risk Factors” in this Annual Report on Form 10-K, including “Our internal computer systems, or those of our third-party CROs or other contractors or consultants, may fail or suffer security breaches, which could result in a material disruption of our current or future therapeutic candidates’ development programs,” and “We may be unable to adequately protect our information systems from cyberattacks, which could result in the disclosure of confidential or proprietary information, including personal data, damage our reputation, and subject us to significant financial and legal exposure,” for additional discussion about cybersecurity-related risks.
Cybersecurity Governance
Cybersecurity is an important part of our risk management processes. Our Chief Financial Officer is the primary person in our company responsible for overseeing the cybersecurity risk management program. He has had oversight of our cybersecurity and risk management programs since the second half of 2021. This is not a full-time function for our Chief Financial Officer and because he is not an experienced computer professional, he relies to a large degree on our outside information technology, or IT, support firm. He is also immediately alerted of any cybersecurity breaches that occurs by our third-party vendors or by others so that appropriate measures may be taken timely.
Our Board of Director’s role in risk oversight is consistent with our leadership structure, with management having day-to-day responsibility for assessing and managing our risk exposure and our Board actively overseeing the management of our risks. The Board conducts its risk oversight by receiving reports from our executive officers regarding our risk identification, risk management, and risk mitigation strategies with respect to areas of potential material risk, including cybersecurity risk. The Board has delegated to the Audit Committee of the Board primary responsibility for overseeing risks from cybersecurity threats.
121