NEW ERA HELIUM INC. 10-K Cybersecurity GRC - 2025-03-31

Page last updated on March 31, 2025

NEW ERA HELIUM INC. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-03-31 17:07:42 EDT.

Filings

10-K filed on 2025-03-31

NEW ERA HELIUM INC. filed a 10-K at 2025-03-31 17:07:42 EDT
Accession Number: 0001410578-25-000590

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Risk Management and Strategy The Company relies heavily on its information systems, and the availability and integrity of these systems is essential to conducting its business and operations. As a producer of oil and natural gas, the Company faces various security threats, including cybersecurity threats, to gain unauthorized access to its sensitive information or to render its information or systems unusable, and threats to the security of its facilities and infrastructure or third-party facilities and infrastructure, such as gathering and processing and other facilities, and pipelines. This risk may be heightened as a result of an increased remote working environment, similar to the one created by the COVID-19 outbreak in 2020. The potential for such security threats subjects its operations to increased risks that could have a material adverse effect on its business, financial condition, results of operations and cash flows. As the Company implements various procedures and controls to monitor and mitigate such security threats and to increase security for its information, systems, facilities and infrastructure it may result in increased costs. Moreover, there can be no assurance that such procedures and controls will be sufficient to prevent security breaches from occurring. If any of these security breaches were to occur, they could lead to losses of, or damage to, sensitive information or facilities, infrastructure and systems essential to its business and operations, as well as data corruption, communication interruptions or other disruptions to its operations, which, in turn, could have a material adverse effect on its business, financial position, results of operations and cash flows. The Company is in the process of developing an information security program to address risks from cybersecurity threats. Management plans to engage a reputable third party with the appropriate expertise in IT and cybersecurity to develop these programs. The Company may not be able to fully, continuously, and effectively implement appropriate security controls as intended. In addition, security controls, no matter how well designed or implemented, may only mitigate and not fully eliminate risks. And events, when detected by security tools or third parties, may not always be immediately understood or acted upon. 26 Governance Our Board is responsible for the oversight of cybersecurity risk management. The Board may assign this oversight a committee of the Board. The Company’s senior leadership is responsible for developing appropriate cybersecurity programs, including as may be required by applicable law or regulation. During this process, these individuals may utilize third parties with the appropriate expertise in IT and cybersecurity to develop these programs .

Company Information