MGO Global Inc. - (MGOL)
10-K Filing Date: April 01, 2024
MGO has established policies and processes for assessing, identifying and managing material cybersecurity risks, and has integrated these processes into our overall risk-management processes. We have also established policies and processes for managing and responding to material cybersecurity incidents.
We routinely assess material cybersecurity risks, including potential unauthorized occurrences on, or conducted through, our information systems that may compromise the confidentiality, integrity or availability of those systems or information maintained in them. We devote appropriate resources and designate members of our management, including our Chief Executive Officer, Chief Operating Officer and Chief Financial Officer, to manage the risk assessment and mitigation process.
Employees are provided specific guidance to mitigate the risk of a cybersecurity attack. This guidance includes safeguards over confidential data, being aware of suspicious emails, choosing passwords, protection of Company issued and use of personal devices and managing large data transfers. Employees are directed to immediately contact either the Chief Financial Officer, the Chief Operating Officer and the Director of Information Technology if they encounter any suspicious activity.
We require appropriate third-party service providers to certify that they can implement and maintain appropriate security measures, consistent with all applicable laws, in connection with their work for us, and to promptly report any suspected breach of their security measures that may affect our company. We oversee and identify risks from cybersecurity threats associated with our use of service providers through an onboarding vendor risk management program, including an inherent risk assessment.
We have not, to date, experienced a cybersecurity incident that was determined to be material, although, like any technology provider, we have experienced incidents in the past in regards to phishing and suspicious emails. For additional information regarding whether any risks from cybersecurity threats are reasonably likely to materially affect our company, including our business strategy, results of operations, or financial condition, please refer to Item 1A, “Risk Factors,” in this Annual Report on Form 10-K.
Cybersecurity Governance
Cybersecurity is an important part of our risk management processes and an area of focus for our Board of Directors and management team. Our Board of Directors has delegated responsibility to the Audit Committee for the oversight of risks from cybersecurity threats. Members of the Audit Committee receive regular updates from senior management, including leaders from our information technology, legal and compliance teams regarding matters of cybersecurity. This includes existing and new cybersecurity risks, information on how management is addressing and/or mitigating those risks, cybersecurity incidents (if any) and the status on key information security initiatives.
Our Chief Operating Officer and Director of IT are responsible for assessing and managing material risks from cybersecurity threats, as well as managing and responding to material cyber incidents if any occur. They will provide periodic briefings to the Audit Committee and to the Board of Directors about our cybersecurity risks and activities, including cybersecurity incidents and responses, cybersecurity systems testing, third-party activities and related topics. In addition, our policies for managing and responding to cybersecurity incidents include procedures for appropriate escalations to our Audit Committee Chair.
36 |
Although we have designed our cybersecurity program and governance procedures above to mitigate cybersecurity risks, we face unknown cybersecurity risks, threats and attacks. To date, these risks, threats or attacks have not had a material impact on our operations, business strategy or financial results, but we cannot provide assurance that they will not have a material impact in the future. See the section entitled “Risk Factors” included elsewhere in this Annual Report for further information. We continuously work to enhance our cybersecurity risk management program.