ZW Data Action Technologies Inc. - (CNET)
10-K Filing Date: June 28, 2024
We face risks associated with cybersecurity. For additional details on risks from cybersecurity threats, please refer to “Item 1A. Risk Factors - The occurrence of security breaches and cyber-attacks could negatively impact our business.” and “- Privacy and data security concerns, laws, or other regulations could expose us to liability or impair our operations..”
The purpose of our cybersecurity program is to assess, identify, manage and mitigate cybersecurity risk while supporting the achievement of our business objectives. Under our comprehensive risk management program, the Board of Directors of the Company maintains oversight of the most significant risks facing the Company, including cybersecurity risks, while senior management is responsible for the identification and prioritization of risks that are material to our business, corresponding risk-mitigation efforts and day-to-day management of our risk management program. The full Board of Directors retains oversight over management’s cybersecurity efforts. At least annually, and often more frequently, our Board of Directors receives cybersecurity briefings from senior executives, including, when appropriate, executives focused on cybersecurity matters.
Our companywide cybersecurity policy sets the framework for our approach to cybersecurity. Each business unit and our corporate headquarters designates individuals with appropriate qualifications and experience to be responsible for addressing cybersecurity matters, including assessing, identifying and managing risks from cybersecurity threats, with a direct reporting line to senior management. Under our approach to cybersecurity, each business unit designs and operates its own information and cybersecurity program tailored to its market, customer requirements, regulatory requirements and threats. Our cybersecurity policy and procedures are designed to ensure senior management receives timely and adequate information regarding cybersecurity matters, including threats and incident response, as appropriate to the matter. Our policies and procedures are also designed to oversee and identify material cybersecurity risks related to third-party vendors and service providers.
As part of our approach to cyber risk management, we regularly perform internal audits of internal processes and controls relating to cybersecurity. From time to time, as appropriate under our overall cybersecurity program, we engage third-party experts to support the assessment of cyber related risks, including to conduct cyber penetration testing.
To its knowledge, the Company has not experienced a material cybersecurity breach within the last three years, nor identified any risks from cybersecurity threats that have materially affected us, including our business strategy, results of operations or financial condition.
|