BioRestorative Therapies, Inc. - (BRTX)
10-K Filing Date: March 29, 2024
We recognize the critical importance of cybersecurity in safeguarding sensitive information, maintaining operational resilience, and protecting stakeholders’ interests.
67 |
We are in the process of establishing a cybersecurity policy designed to establish a comprehensive framework for identifying, assessing, mitigating, and responding to cybersecurity risks across the organization and implement protocols to evaluate, recognize, and address significant risks, including those posed by cybersecurity threats. This strategy will encompass the utilization of standard traffic monitoring tools, educating personnel to identify and report abnormal activities, and partnering with reputable service providers capable of upholding security standards equivalent to or exceeding our own.
These measures are to be integrated into our broader operational risk management framework aimed at minimizing exposure to unnecessary risks across our operations. For cybersecurity, we collaborate with consultants and third-party service providers to implement industry-standard strategies aimed at identifying and mitigating potential threats or vulnerabilities within our systems. Additionally, the policy strategy will have a comprehensive cybersecurity crisis response plan to manage high severity security incidents, ensuring efficient coordination across the organization.
Cybersecurity threats have not significantly impacted our operations, and we do not anticipate such risks materially affecting our business, strategy, financial condition, or results of operations. However, given the escalating sophistication of cybersecurity threats, our preventive measures may not always suffice. Despite well-designed controls, we acknowledge the inability to foresee all security breaches, including those stemming from third-party misuse of AI technologies, and the potential challenges in implementing timely preventive measures. See Item 1A (“Risk Factors - Our internal computer systems, or those that are expected to be used by our clinical investigators, clinical research organizations or other contractors or consultants, may fail or suffer security breaches, which could result in a material disruption of development programs for our product candidates.”) for further insights into cybersecurity attack-related risks that we may face.
Our Chief Financial Officer will oversee our information security programs, including cybersecurity initiatives, and our cybersecurity incident response process. The Audit Committee of the Board oversees cybersecurity risk management activities, supported by our management, the Board of Directors, and external consultants. We assess and prioritize risks based on potential impact, implement technical controls, and monitor third-party vendors’ security practices.