Cybersecurity Risk Management and Strategy Disclosure
|
6 Months Ended |
Dec. 31, 2024 |
|---|
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] |
|
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
We have implemented processes for assessing, identifying and managing material risks from cybersecurity threats. These processes mainly include: | ● | conducting risk assessments to identify material cybersecurity risks to our critical systems, information, products and services, as well as broader enterprise IT environment; |
| ● | developing risk-based action plans to manage identified vulnerabilities and implementing new protocols and infrastructure improvements; |
| ● | investigating cybersecurity incidents, if any; |
| ● | monitoring cybersecurity threats to sensitive data and unauthorized access to our systems; |
| ● | implementing secure access control measures to our critical IT systems, equipment, and devices to prevent unauthorized access; and |
| ● | based on the severity of the cybersecurity risk and the potential impact of such risk on our business operations, developing and executing protocols to promptly report material cybersecurity incidents to our board of directors. |
We have also integrated cybersecurity risk management into our overall enterprise risk management system. In addition, we hold cybersecurity, information security and threat awareness training on a regular basis. We handle the assessment, identification, and management of cybersecurity risks in-house. Meanwhile, we have also engaged third-party cybersecurity assessment service providers to conduct risk assessments on our core systems, including vulnerability scanning, penetration testing, and code reviews. In 2024, we did not have any cybersecurity incidents that have materially affected or are reasonably likely to materially affect our business, results of operations, or financial condition. Our subsidiaries, Sparrow Tech Private Limited (“Sparrow Tech”) and Sparrow Digital Pte. Ltd., have obtained ISO 27001 certifications, demonstrating our commitment to internationally recognized information security standards. However, despite our efforts, we cannot eliminate all risks from cybersecurity threats, or provide assurances that we have not experienced an undetected cybersecurity incident.
|
| Cybersecurity Risk Management Processes Integrated [Flag] |
true
|
| Cybersecurity Risk Management Processes Integrated [Text Block] |
We have implemented processes for assessing, identifying and managing material risks from cybersecurity threats. These processes mainly include: | ● | conducting risk assessments to identify material cybersecurity risks to our critical systems, information, products and services, as well as broader enterprise IT environment; |
| ● | developing risk-based action plans to manage identified vulnerabilities and implementing new protocols and infrastructure improvements; |
| ● | investigating cybersecurity incidents, if any; |
| ● | monitoring cybersecurity threats to sensitive data and unauthorized access to our systems; |
| ● | implementing secure access control measures to our critical IT systems, equipment, and devices to prevent unauthorized access; and |
| ● | based on the severity of the cybersecurity risk and the potential impact of such risk on our business operations, developing and executing protocols to promptly report material cybersecurity incidents to our board of directors. |
We have also integrated cybersecurity risk management into our overall enterprise risk management system. In addition, we hold cybersecurity, information security and threat awareness training on a regular basis.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] |
true
|
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] |
true
|
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] |
false
|
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
Our board of directors oversees our cybersecurity risk profile and exposures. Specifically, our board of directors (i) maintains oversight of the disclosure related to cybersecurity matters in our current reports or periodic reports (including annual reports on Form 20-F); (ii) reviews and approves material cybersecurity policies, and (iii) reviews updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats, and the disclosure issues, if any, presented by our IT department.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] |
board of directors
|
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] |
our board of directors (i) maintains oversight of the disclosure related to cybersecurity matters in our current reports or periodic reports (including annual reports on Form 20-F); (ii) reviews and approves material cybersecurity policies, and (iii) reviews updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats, and the disclosure issues, if any, presented by our IT department.
|
| Cybersecurity Risk Role of Management [Text Block] |
Our board of directors delegates its authorities and powers in managing risks associated with cybersecurity threats to our IT department. | ● | Our IT department currently consists of 37 members, who have relevant experience in information security, compliance and risk management. Our IT department is responsible for the daily operation and maintenance of our information systems and monitoring and coordinating our cybersecurity risk management processes, including preparing internal policies and remediation plans with respect to cybersecurity risk assessment and management, and promptly reporting material cybersecurity risk or incidents to our board of directors. |
| ● | In addition, our IT department is responsible for implementing our cybersecurity risk management plans, regularly monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents, and reporting information about our cybersecurity risk and assessments results to the head of the IT department. |
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] |
true
|
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] |
IT department
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] |
Our IT department currently consists of 37 members, who have relevant experience in information security, compliance and risk management.
|
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] |
Our IT department is responsible for the daily operation and maintenance of our information systems and monitoring and coordinating our cybersecurity risk management processes, including preparing internal policies and remediation plans with respect to cybersecurity risk assessment and management, and promptly reporting material cybersecurity risk or incidents to our board of directors. | ● | In addition, our IT department is responsible for implementing our cybersecurity risk management plans, regularly monitoring the prevention, detection, mitigation, and remediation of cybersecurity incidents, and reporting information about our cybersecurity risk and assessments results to the head of the IT department. |
|
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] |
true
|