Eco Bright Future, Inc. 10-K Cybersecurity GRC - 2025-04-09

Page last updated on April 9, 2025

Eco Bright Future, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-04-09 15:03:44 EDT.

Filings

10-K filed on 2025-04-09

Eco Bright Future, Inc. filed a 10-K at 2025-04-09 15:03:44 EDT
Accession Number: 0001171520-25-000088

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Risks Material Effects from Cybersecurity Incidents Our business is subject to risk from cybersecurity threats and incidents, including attempts to gain unauthorized access to our systems or networks, or those of our managers, employees, and third-party vendors and service providers, to disrupt operations, corrupt data or steal confidential or personal information and other cybersecurity breaches. We consider cybersecurity risk a serious threat to our assets and our people and have put processes in place designed to mitigate the risk and impact of any such cybersecurity threat or incident. Our operations rely on the secure, accurate and timely receipt, storage, transmission, use, disclosure, and other processing of confidential and other information (including personal information) in our systems and networks. We also rely on the secure, accurate and timely receipt, storage, transmission, use, disclosure, and other processing of confidential and other information in the systems and networks of our customers and third parties, including suppliers, sellers and servicers, financial market utilities, and other third parties. Cybersecurity risks for companies like ours continue to increase. Like many companies and government entities, from time to time we have been, and expect to continue to be, the target of attempted cybersecurity incidents and other information security threats, including those from nation-state and nation-state supported actors. As of the date of this report we have not experienced or aware of any cybersecurity incidents resulting, or reasonably likely to result in, a material impact to us, including to our business, financial condition, and results of operations. There is no assurance that our cybersecurity risk management program will prevent cybersecurity incidents from having such impacts in the future. Additionally, insider threats also remain a risk given our workforce diversification to include contractors, remote workers, part-time employees, and full-time employees. As referenced above, our third-party vendors and service providers and their supply chain connections remain a potential source of risk. Cybersecurity Risk Management and Strategy Our cybersecurity program is built upon industry standards and we have deployed sophisticated software both from internal and external sources to mitigate cybersecurity threats. We identify security threats through internal audits of our systems. We also require any service providers to provide System and Organizational Control (“SOC”) type reports to ensure that data is secure and our duty to protect information is fulfilled. Cybersecurity Governance We believe that all employees of the company have a duty to manage cybersecurity. We have implemented industry standard guidelines that help ensure that cybersecurity governance is a priority. Our BOD is also very involved in the cybersecurity governance. We conduct regular searches for threats and suspicious activities, and we monitor passwords and change passwords within industry expectations. Due to the technical aspects, we have a lot of individuals that are very capable and are able to quickly act if we are to find any issues with our cybersecurity.

Company Information