Odysight.ai Inc. 10-K Cybersecurity GRC - 2025-03-26

Page last updated on March 26, 2025

Odysight.ai Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-26 07:00:51 EDT.

Filings

10-K filed on 2025-03-26

Odysight.ai Inc. filed a 10-K at 2025-03-26 07:00:51 EDT
Accession Number: 0001641172-25-000677

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY Cybersecurity Risk Management and Strategy. We depend on software applications, information technology systems, computing infrastructure and cloud service providers to operate our business. Certain of these systems are managed, hosted, provided or used by third parties to assist in conducting our business and which have their own cybersecurity measures in place . We are currently working to ensure that we satisfy generally applicable industry standards and best practice methods for the assessment, identification and management of risks from cybersecurity threats that may jeopardize our line of business or may pose a risk to our information technology systems, including from third parties with whom we work. To further enhance our understanding of potential threats and prioritize our security efforts, we conducted a comprehensive cybersecurity threat survey in 2024, which included a review of cybersecurity threats. Based on the findings of this survey, we are actively implementing recommended security measures to mitigate identified risks, with such implementation being conducted with the support and expertise of a professional services company serving as our outsourced cybersecurity partner. Our cybersecurity team is composed of our Information Security Coordinator, who has several years of experience overseeing cybersecurity and other IT matters, our IT Coordinator and an outsourced cybersecurity partner, who employs various professionals with expertise in the field of cybersecurity. Our cybersecurity team oversees our internal information security policies and procedures and is responsible for the day-to-day implementation and monitoring of our security controls, including those developed as a result of the 2024 threat survey. In case of a cyber incident, our cybersecurity team will maintain a cyber incident reporting and response process and will provide management notifications based on the seriousness of any incident. Management will provide periodic reports to our board of directors/audit committee on cybersecurity risks and steps that the Company has taken to address those risks. Our outsourced cybersecurity partner provides expert support in areas such as threat intelligence, vulnerability assessments, incident response and ongoing security monitoring. This collaborative approach allows us to leverage both internal oversight and external expertise to enhance our cybersecurity posture. 43 Our information security policies and procedures are required to be reviewed on a regular basis We have not experienced a cybersecurity incident that resulted in a material adverse impact to our business or operations; however, there can be no guarantee that we will not experience such an incident in the future. For a description of the risks from cybersecurity threats that may materially affect our Company, see “Item 1A. - Risk Factors” included elsewhere this Annual Report on Form 10-K, including “Our data and information systems and network infrastructure may be subject to hacking or other cybersecurity threats. If our security measures are breached and an unauthorized party obtains access to our proprietary business information, our information systems may be perceived as being insecure, which could harm our business and reputation and our proprietary business information could be misappropriated, which could have an adverse effect on our business and results of operations.”

Company Information