Urgent.ly Inc. 10-K Cybersecurity GRC - 2025-03-14

Page last updated on March 14, 2025

Urgent.ly Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-14 16:05:25 EDT.

Filings

10-K filed on 2025-03-14

Urgent.ly Inc. filed a 10-K at 2025-03-14 16:05:25 EDT
Accession Number: 0000950170-25-039411

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C . Cybersecurity. At Urgently, we understand the paramount importance of cybersecurity in safeguarding our operational integrity , customer information, and proprietary data. Our commitment to cybersecurity excellence involves a comprehensive approach to risk management and the continual enhancement of our cybersecurity protocols to address the dynamic nature of cyber threats. Board Oversight and Cybersecurity Governance Our cybersecurity strategy is firmly anchored in a governance structure that emphasizes board oversight. The Board of Directors work to ensure our cybersecurity posture and cybersecurity risks are adequately evaluated and managed in alignment with our business objectives. To this end, the Board receives regular updates on our critical cybersecurity initiatives, risk management practices, and incident response measures. This oversight ensures that cybersecurity remains a top priority at the executive level and that strategic decisions reflect our commitment to safeguarding our digital assets. 38 The Board is supported by the Cybersecurity Risk Committee, a specialized group that includes senior executives and departmental representatives from IT, legal, human resources, and operations. This committee is charged with the development of cybersecurity policies, evaluation of defense mechanisms, and oversight of the company’s response to cyber incidents. Our Cybersecurity Risk Committee, led by our Chief Financial Officer, receives input from third party cybersecurity risk advisors that bring decades of experience in designing, implementing, and managing cyber security risk programs. They are experts in the assessment, identification, and management of cybersecurity risk. Our Cybersecurity Risk Committee members meet and collaborate regularly with our information technology and operations teams, stay abreast of industry trends and relevant regulations, and regularly inform management of various cybersecurity risks, trends, threats, and countermeasure techniques. Cybersecurity Risk Management Program Our Cybersecurity Risk Management Program is designed around the Center for Internet Security (CIS) Controls version 18. The CIS Controls offer a strategic framework that directs our implementation of effective cybersecurity defenses across 18 critical areas, ranging from asset management to data protection and network security . A cornerstone of our cybersecurity governance is the annual performance of comprehensive cybersecurity risk assessments performed by third party cybersecurity advisors. These service providers assist us to design and implement our cybersecurity policies and procedures, as well as monitor and test our safeguards. The insights gained from these assessments inform the continuous refinement of our cybersecurity strategies and defense mechanisms. As a core component of our risk management process, all employees are required to participate in annual information security training. We engage third parties annually to evaluate our information security posture, risks and third-party service provider solutions as part of our overall risk management activities. We maintain an inventory of vendors and third-party service providers and evaluate those service providers for cybersecurity risks annually at a minimum. Cybersecurity Incidents and Responses As of the date of this Annual Report on Form 10-K, we have no t identified any risks from cybersecurity threats that have materially impacted our Company, our business operations, and our financial condition. Recognizing the potential impact of significant disruptions, we remain committed to fortify our systems against evolving threats. Any significant disruption to our ability to transact business could adversely affect our business performance as well as our reputation. For additional detail about the cybersecurity risks facing our Company, and whether they are reasonably likely to affect our Company, please see the discussion in Item 1A, “Risk Factors.” Our commitment to cybersecurity resilience includes an ongoing monitoring program and a well-defined incident response plan that provides guidelines for mitigating the impact of cyber threats. These processes are periodically reviewed and updated to address emerging threat intelligence and other matters. Future Directions Looking ahead Urgently is dedicated to maintaining a vigilant stance against cyber threats. We will continue to invest in cutting-edge cybersecurity technologies, enhance our staff training programs, and foster collaborations with leading cybersecurity experts. Our board-driven, proactive approach to cybersecurity risk management is integral to our mission of delivering unparalleled value to our customers, employees, and shareholders, safeguarding our reputation, and ensuring the long-term success of our Company.

Company Information