RICHTECH ROBOTICS INC. 10-K Cybersecurity GRC - 2025-01-14

Page last updated on January 14, 2025

RICHTECH ROBOTICS INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-01-14 16:53:16 EST.

Filings

10-K filed on 2025-01-14

RICHTECH ROBOTICS INC. filed a 10-K at 2025-01-14 16:53:16 EST
Accession Number: 0001213900-25-003458

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. Cybersecurity Cybersecurity Risk Management and Strategy Our Company has a dedicated internal IT department with cybersecurity engineers who oversee various aspects of cybersecurity. These engineers specialize in different areas, including ensuring security during product development, particularly in the domains of cloud management platforms and network interactions, as well as managing cybersecurity for daily office communications. In the event of an unexpected cybersecurity incident, the engineers immediately report to the Company’s management. They are equipped with pre-established response plans to address such situations effectively and mitigate potential risks. Currently, our cybersecurity risk management relies primarily on internal resources. However, as the Company continues to expand, we anticipate engaging third-party consultants to assist in enhancing our cybersecurity management processes and addressing evolving threats. While we do not currently have third-party collaborations, the Company plans to implement a process for selecting and evaluating third-party service providers in the future. This will include comparing services, signing security agreements, and having our internal engineers assess the third parties’ achievement of security objectives. In the past three years, our Company has not experienced any material cybersecurity risks. To ensure robust protection against potential threats, we have implemented the following security measures: ● Regularly updating and changing critical passwords. ● Periodically modifying communication interfaces to enhance security. ● Assigning development tasks in a modular fashion to minimize exposure. ● Utilizing dual-factor authentication for system access. ● Implementing tiered authorization levels for critical network operations. ● Conducting routine security training and awareness programs for employees. 40 Cybersecurity Governance Currently, the Company’s board of directors does not oversee cybersecurity risks directly. However, plans are in place to introduce such oversight in the future. The Audit Committee of the Board will assume responsibility for cybersecurity risk oversight, with a plan to review cybersecurity matters on a quarterly basis. This initiative will ensure that the Company maintains robust oversight mechanisms to address evolving cybersecurity threats effectively. The responsibility for assessing and managing cybersecurity risks within the Company lies with the managers of the R&D department and the IT department. Both individuals possess relevant expertise in their respective fields, ensuring a high level of competence in identifying and mitigating cybersecurity risks. Their duties include monitoring potential threats, implementing security protocols, and responding to incidents to safeguard company assets and operations. In the event of cybersecurity incidents or abnormal alerts, the relevant department managers immediately intervene and manage the situation. All logs and records related to such events are preserved for future analysis. Cybersecurity testing is incorporated into every stage of product development, ensuring that vulnerabilities are identified and addressed proactively. Additionally, server security patches are regularly updated to mitigate potential threats.

Company Information