Safe Pro Group Inc. 10-K Cybersecurity GRC - 2025-03-28

Page last updated on March 31, 2025

Safe Pro Group Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-28 19:28:58 EDT.

Filings

10-K filed on 2025-03-28

Safe Pro Group Inc. filed a 10-K at 2025-03-28 19:28:58 EDT
Accession Number: 0001641172-25-001383

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY There have been an increasing number of cyberattacks on companies around the world, which have caused operational failures, compromised sensitive corporate or customer data, and/or resulted in significant financial damages. These attacks have occurred over the internet, through malware, viruses or attachments to e-mails, or through inside actors with access to systems within an organization. Risk Management and Strategy We utilize third party applications and resources to support our information technology (“IT”) needs. All of the applications we use are Software as a Service (“SaaS”) offerings. As our applications are developed and managed by third parties , we are dependent on these providers for many functions including disaster recovery during a disaster or cyber incident. Our goal is to utilize the most secure and trusted providers for our IT needs. Our business continuity plans are evaluated against evolving security and service level standards, which includes evaluating those cybersecurity threats associated with our use of key third party service providers. Our cybersecurity management strategy consists of utilizing a combination of preventative controls and detective controls. For instance, suspicious emails are quarantined by our email service provider and must be reviewed before they are downloaded to an individual computer. Our process and cybersecurity posture will continue to be refined . To operate our business, we rely upon certain third-party service providers to perform a variety of functions, such as outsourced professional services, SaaS platforms, managed services, cloud-based infrastructure, corporate productivity services, and other functions . To date, there have been no risks identified from cybersecurity threats or previous cybersecurity incidents that have materially affected or are reasonably likely to materially affect the Company. However, despite all of the above aforementioned efforts, a cyberattack, if it occurred, could cause system operational problems, disrupt service to clinical trial sites, compromise important data or systems or result in an unintended release of confidential information. See “Item 1A. Risk Factors” for additional discussion of cybersecurity risks impacting our Company. 29 Governance The Audit Committee is responsible for oversight of cybersecurity risk . Our Chief Executive Officer is the member of management responsible for managing and assessing our cybersecurity practices . Our Chief Executive Officer has over 20 years’ experience as a C-Level technology executive for private and public companies . The plan for the future is that our Chief Executive Officer will report to the Audit Committee on cybersecurity on a quarterly basis. Should any cybersecurity threat or incident be detected, our senior management team would timely report such threat or incident to the Audit Committee and provide regular communications and updates throughout the incident and any subsequent investigation, in order that the impact, materiality, and reporting requirements of such incident are appropriately identified and assessed for further necessary or appropriate action to be taken . We believe we are appropriately staffed (as supported by our outsourced IT provider) to support a healthy cybersecurity posture given our size and scope.

Company Information