MDB Capital Holdings, LLC - (MDBH)

10-K Filing Date: March 29, 2024
Item 1C. Cybersecurity

 

We incorporate by reference the disclosure about cybersecurity regulation that is generally applicable to MDB from section Part I, Item 1, Business – Regulation – Data Protection ad Cybersecurity Regulation.

 

We have not had any reportable cybersecurity breaches, including what we may perceive or recognize as cybersecurity incidents or credible threats during the fiscal year ended December 31, 2023. To date, as a result, there has not been any material adverse effect on our business operations or financial condition. If there is an cybersecurity attack and an infiltration of our files, data, customer data and the like, there would be a material adverse effect on our business, our reputation, our operations and financial condition. For example, our reputation would be damaged in the event of a cybersecurity infiltration. If there were a cybersecurity infiltration, we could lose access to our data which would disrupt our operations, and we even may not be able to operate. Such a loss of access might be temporary or permanent, and it might be localized or general. The level of disruption will depend on our backup systems. Our clients financial and other data could be taken and used against us to damage our reputation or cause harm to our clients in different ways. In the latter instance, we may be liable for monetary damages to our clients. We may be held for cyber ransom, which would be loss to our financial resources. Our inability to operate, payment of damages, payment of ransom, and the costs of reparation of our systems, consultants and tangential expenses will all result in damage to our business and our financial resources.

 

For MDB Holdings and its subsidiaries including Public Ventures, our regulated broker-dealer, we have implemented a comprehensive cybersecurity program aimed at identifying, monitoring, and mitigating cybersecurity risks to the best of our ability. Our security program encompasses information security responsibilities, incident response, and is diligently managed by our information technology department. Cybersecurity is integrated into our overall risk management framework, with consultation from subject matter experts to assess and address potential cyber risks and their impacts.

 

51

 

 

Management is committed to providing the Audit Committee with regular cybersecurity updates, at least annually or more often as needed, based on emerging threats or specific incidents. These updates cover risk assessments, the current threat landscape, and any recent cybersecurity incidents.

 

The information technology department has put in place robust governance measures for information security. This includes control requirements for change management, patching processes, the implementation of multifactor authentication, comprehensive data backup strategies, and continuous security monitoring. Additionally, management continues to enhance our security controls, with any significant issues promptly reported to the Audit Committee.