Page last updated on March 17, 2025
GoPro, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-17 14:51:30 EDT.
Filings
10-K filed on 2025-03-17
GoPro, Inc. filed a 10-K at 2025-03-17 14:51:30 EDT
Accession Number: 0001628280-25-013046
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity The security of personal data is of the utmost importance to GoPro and our customers, vendors, suppliers, and employees. As such, we have implemented industry-standard administrative, technical, and physical security measures to protect against the unauthorized access, destruction, or alteration of our confidential and proprietary information and customer and employee information. Governance Our Chief Information Security Officer (CISO) oversees our information security program and is responsible for leading and implementing, with a cross functional team, our cybersecurity strategy, policy, architecture, and risk management processes. Our CISO has over 20 years of experience in cybersecurity, serving as a security consultant to Fortune 100 companies, and a subject matter expert in computer forensics to law firms and U.S. Government agencies. The Audit Committee of our board of directors (Audit Committee) has oversight responsibility for our cybersecurity program and reviews with management the Company’s policies and procedures for identifying, assessing, managing, and monitoring information security and cybersecurity risks. The CISO provides regular updates to the Audit Committee on cybersecurity and other risks relevant to our information technology environment, including developments in the cybersecurity space and evolving standards, the results of periodic exercises and response readiness assessments and we adjust our cybersecurity policies, standards, processes, and practices as necessary based on the information provided by these assessments, audits, and reviews. Our cybersecurity program is regularly evaluated by internal and external experts with the results of those reviews reported to senior management and the Audit Committee. Risk Management and Strategy Our periodic assessment and testing of policies, standards, processes, and practices that are designed to address cybersecurity threats and incidents include a wide range of activities, including audits, assessments, tabletop exercises, threat modeling, vulnerability testing, simulated attacks and other exercises focused on evaluating the effectiveness of our cybersecurity measures and planning. We regularly engage third parties to 32 perform assessments on our cybersecurity measures, including information security maturity assessments, audits, and independent reviews of our information security control environment and operating effectiveness. We also actively engage with key vendors, industry participants, and intelligence and law enforcement communities as part of our continuing efforts to evaluate and enhance the effectiveness of our information security policies and procedures. We regularly train all employees on cybersecurity risks, such as phishing attacks, and employees are required to acknowledge our cybersecurity policy annually through our Code of Conduct. Risks from Cybersecurity Threats No previous cybersecurity incidents have materially affected us, including our business strategy, results of operations or financial condition. Future cybersecurity threats or incidents may materially affect our business strategy, results of operations or financial condition. For further detail on the potential risks, see Part I, Item 1A of this Annual Report on Form 10-K for the year ended December 31, 2024.
Company Information
| Name | GoPro, Inc. |
| CIK | 0001500435 |
| SIC Description | Photographic Equipment & Supplies |
| Ticker | GPRO - Nasdaq |
| Website | |
| Category | Accelerated filer |
| Fiscal Year End | December 30 |