ORAGENICS INC - (OGEN)
10-K Filing Date: March 29, 2024
Cybersecurity Risk Management and Strategy
Our management recognizes the impact that cybersecurity threats could have on our business operations, our compliance with regulations and our reputation. We have identified cybersecurity as a critical business risk as part of our overall risk management strategy, which our board of directors oversees.
We have implemented an information security management system in accordance with our risk profile and business that is designed to protect the Company, our employees, and our shareholders from cybersecurity threats. We have also developed an incident response policy and procedure designed to facilitate the handling of cybersecurity incidents.
Our cybersecurity risk management program aims to identify risks from cybersecurity threats. Our cybersecurity risk management program includes a number of components, including informal self-assessments. Our managed security services provider helps us implement additional security controls, including malware protection and network security tools. We take a risk-based approach to the evaluation of third-party vendors.
We have not identified any cybersecurity incidents or threats that have materially affected us or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition. However, like other companies in our industry, we and our third-party vendors have from time-to-time experienced threats and cybersecurity incidents that could affect our information or systems. For more information, see Item 1A. Risk Factors.
Governance Related to Cybersecurity Risks
The Board of Directors and Audit Committee oversee the management of risks by the Company’s management. The Audit Committee is responsible for reviewing the Company’s cybersecurity program and risks, as identified by Company management, and the steps that Company management has taken to protect against threats to the Company’s assets including information systems and data security. The Audit Committee provides updates to the Board approximately annually.