CNSREIT-AR-2024 Final - Flipbook - Page 35
We cannot assure you that our or Cohen & Steers9 data protection efforts and Cohen & Steers9 investment in
information technology will prevent significant breakdowns, data leakages, breaches in their systems, or those of our or
their third-party vendors and other contractors and consultants, or other cyber incidents that could have a material adverse
effect upon our reputation, business, operations or financial condition. Although Cohen & Steers takes precautions to
password protect and encrypt all authorized electronic devices, if such devices are stolen, misplaced or left unattended, they
may become vulnerable to hacking or other unauthorized use, creating a security risk. Our, Cohen & Steers9 or our thirdparty service providers9 systems may also be affected by, or fail as a result of, catastrophic events, such as fires, floods,
hurricanes, tornadoes, acts of terrorism or power disruptions. Like other companies, Cohen & Steers has experienced and
we and Cohen & Steers will likely continue to experience cyber incidents, security threats and attacks. There can be no
assurance that Cohen & Steers9 efforts to maintain and monitor the security and integrity of its information technology
systems will be effective at all times.
Any breach or other failure of our, Cohen & Steers9 or certain other parties9 technology or security systems, including
those systems of third-party intermediaries, service providers, key vendors and third parties with whom we do business,
could result in the loss of valuable information, liability for stolen assets or information, remediation costs to repair damage
caused by the incident, additional security costs to mitigate against future incidents, regulatory scrutiny and penalties and
litigation costs resulting from the incident. In addition, Cohen & Steers9 increased use of mobile and cloud computing
technologies could increase these and other operational risks, and any failure by mobile or cloud technology service
providers to adequately safeguard their systems could disrupt Cohen & Steers9 operations and result in misappropriation,
corruption or loss of confidential or proprietary information.
For many companies, remote and hybrid in-office work arrangements have made their network and communication
systems more vulnerable to cyberattacks and incursions, and there has been an overall increase in both the frequency and
severity of cyber incidents as such vulnerabilities have been exploited. Use of a remote work environment subjects Cohen
& Steers to heightened risk of cyberattacks, unauthorized access or other privacy or data security incidents, both directly as
well as indirectly through third-party intermediaries, service providers and key vendors that have access or other
connections to Cohen & Steers9 systems.
Loss of confidential information could harm our reputation, result in the termination of contracts by our existing
business counterparties, and subject us to litigation or liability under laws and agreements that protect confidential and
personal data, resulting in increased costs and loss of revenues. Cohen & Steers maintains a cyber insurance policy to help
mitigate against certain potential losses relating to information security breaches. However, such insurance may only
partially reimburse us for our losses, if at all, and if a claim is successful and exceeds or is not covered by such insurance
policy, we may be required to pay a substantial amount to satisfy such successful claim.
Failure to maintain adequate business continuity plans in the event of a catastrophic event could have a material
adverse effect on the Company and its business.
Our operations depend on our ability to protect our personnel, offices and technology infrastructure against damage
from catastrophic or business continuity events that could have a significant disruptive effect on our operations. We and
our third-party intermediaries, service providers and key vendors could experience a local or regional disaster, such as an
epidemic or pandemic, weather event such as an earthquake, flood, hurricane or fire, terrorist attack, security breach, power
loss and other failure of technology or telecommunications systems or operations. Events like these could threaten the
safety and welfare of our personnel, cause the loss of investor data or cause us to experience material adverse interruptions
to our operations. Infectious illness outbreaks or other adverse public health developments in countries where we operate,
as well as restrictive measures implemented to control such outbreaks, could adversely affect the economies of many
nations or the global economy, the financial condition of individual issuers or companies and capital markets, in ways that
are not within our control and cannot be foreseen. A sustained decline in the performance of or demand for the portfolios
and strategies we manage as a result of negative market, financial and economic conditions caused by catastrophic events
could lead us to experience operational issues and interruptions, require us to incur significant additional costs and
negatively impact our business.
18
