Nikola Corp 10-K Cybersecurity GRC - 2024-02-28

Page last updated on July 16, 2024

Nikola Corp reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-02-28 16:17:14 EST.

Filings

10-K filed on 2024-02-28

Nikola Corp filed a 10-K at 2024-02-28 16:17:14 EST
Accession Number: 0001731289-24-000053

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Approach and Integration We have implemented processes and controls for identifying, monitoring, assessing, mitigating, and managing potential risks including unauthorized access to our computer networks, applications and systems. These processes and controls include a wide variety of mechanisms and methods that are designed to prevent, detect, or mitigate data loss, theft, misuse or unauthorized access. Our cybersecurity risk mitigation program is integrated into our overall risk management program and includes, but is not limited to, conducting end-user training campaigns to spread awareness, training our employees on security fundamentals, application security assessments, risk scores, security audits, and change review boards. Additionally, we use processes to identify and oversee risks from cybersecurity threats associated with our use of third-party technology and systems, including the use of monitoring and logging inherent in those systems or applications. Our data includes confidential, proprietary, and business information that we collect, process and store. When incidents are detected, we utilize internal and external systems, processes and applications that are designed to reduce the impact of a security incident. We also maintain incident response plans to be utilized when incidents are detected. Governance Our security team, led by our Global Head of Information Technology, is responsible for implementing and maintaining centralized cybersecurity and data protection practices, as well as overall management of material risk. Reporting to our Global Head of Information Technology are a number of experienced technical managers and team leads responsible for various parts of our IT infrastructure and operations, each of whom is supported by a team of trained cybersecurity, infrastructure and network professionals. In addition to our in-house cybersecurity capabilities, we also engage external partners to assist with assessing, identifying, and managing cybersecurity risks and supplement or enhance our team capabilities. The Global Head of Information Technology provides regular updates to the audit committee of our board of directors regarding potential risks and recommendations for mitigation. Our Security Committee oversees the incident response procedure for any significant cybersecurity incidents. Engagement with third-party experts We partner with third-party security vendors to conduct our security assessments, penetration testing, security audits and ongoing risk assessments on a regular frequency. Our security vendors also assist with cyber defense capabilities and transformation to mitigate associated threats, reduce risk, enhance our cybersecurity posture, and meet our evolving needs.


Company Information

NameNikola Corp
CIK0001731289
SIC DescriptionMotor Vehicles & Passenger Car Bodies
TickerNKLA - Nasdaq
Website
CategoryLarge accelerated filer
Fiscal Year EndDecember 30