Ideal Power Inc. 10-K Cybersecurity GRC - 2025-03-28

Page last updated on March 28, 2025

Ideal Power Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-28 17:11:10 EDT.

Filings

10-K filed on 2025-03-28

Ideal Power Inc. filed a 10-K at 2025-03-28 17:11:10 EDT
Accession Number: 0001437749-25-009911

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C: CYBERSECURITY Our Board oversees our comprehensive cybersecurity program. Our cybersecurity program is managed by our Chief Financial Officer in collaboration with a specialized third-party service provider. Our Chief Financial Officer has over ten years’ experience managing information technology (“IT”), including cybersecurity, and is the designated Chief Information Officer under our Information Resources Policy. As of the date of this Annual Report on Form 10-K, we know of no cybersecurity incident that has or is likely to materially affect us, our business strategy, our results of operations, or our financial condition. We employ a robust, multi-layer approach to identify and mitigate cybersecurity risks, such as anti-virus and content filtering to protect against malware and inappropriate content, weekly patch management, network firewall monitoring to detect and prevent unauthorized access, off-site email back-ups to safeguard data integrity and availability, endpoint threat detection and threat hunting to identify and respond to potential threats, and multi-factor authentication and security hardening to reinforce system defenses. In December 2023, we conducted a thorough cybersecurity assessment with our third-party service provider. Based on their recommendations, we implemented several cybersecurity enhancements in 2024. To date and to our knowledge, no external entity has successfully breached our systems. If a breach were to be discovered, our Chief Financial Officer would promptly inform our Chief Executive Officer, who would then communicate the details to our Board. In addition to our cybersecurity program, we have implemented operational improvements intended to streamline business processes, reduce certain risks, and fuel growth. Led by a Senior Engineer, our third-party service provider proactively assesses security, risk, and productivity to ensure optimal coverage and investment in the rapidly changing IT industry. Our IT partner’s responsible IT architecture program aims to: ● Create a network of defense against hacks ● Protect against outages, disasters, and data loss ● Continuously patch, monitor, and remediate vulnerabilities ● Meet and align with cyber risk insurance requirements ● Implement proper authentication and access protocols ● Secure all endpoints ● Install content filtering and quarantine tools ● Calibrate backups to match usage and data needs This program also helps to identify system gaps and provides solutions to align us with best practices and security measures against any cybersecurity threats.

Company Information