Freight Technologies, Inc. 10-K Cybersecurity GRC - 2025-04-14

Page last updated on April 14, 2025

Freight Technologies, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-04-14 06:20:36 EDT.

Filings

10-K filed on 2025-04-14

Freight Technologies, Inc. filed a 10-K at 2025-04-14 06:20:36 EDT
Accession Number: 0001641172-25-003944

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY. Risk Management and Strategy The Company recognizes the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. We have developed the following processes as part of our strategy for assessing, identifying, and managing material risks from cybersecurity threats. Managing Material Risks and Integrated Overall Risk Management The Company’s executive officers oversee the strategic processes to safeguard data and comply with relevant regulations and has overall responsibility for evaluating cybersecurity risks, as well as related policies and risks in connection with the Company’s supply chain, suppliers and other service providers. The Company does not currently engage any assessors, consultants, auditors, or other third parties in connection with any such processes, given the size and scale of the Company, the resources available to it, the anticipated expenditures, and the risks it faces in terms of cybersecurity. The Company’s executive officers are responsible for overseeing and periodically reviewing and identifying risks from cybersecurity threats associated with its use of any third-party service provider. 40 The Company provides mandatory, quarterly (and sometimes monthly) information security training sessions to employees about current cybersecurity threats and best practices to address them, and provides regular updates to employees about emerging cybersecurity threats and preventive measures. The Company provides its employees, contractors and third parties with access to the Company’s information systems and data with a written guide which contains discussions of the key concepts, potential threats, and practical solutions to ensure the confidentiality, integrity and availability of the Company’s information assets. The Company also provides employees with an information guide containing essential information, best practices, and guidelines for utilizing Google Drive as a cloud backup solution for the Company’s data. Since the start of its latest completed fiscal year and up to the date of this Report, the Company is not aware of any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the registrant, including its business strategy, results of operations, or financial condition. The Company’s board of directors is collectively responsible for oversight of risks from cybersecurity threats . The Company’s executive officers oversee the overall processes to safeguard data and comply with relevant regulations and will report material cybersecurity incidents to the board of directors. The Company’s CEO has more than 15 years of experience in the field of information technology with a focus on software development. Some of his experience and knowledge relates specifically to cybersecurity. Other executive officers of the Company have more limited experience in the area of cybersecurity. When and where necessary in the view of the Company’s executive officers, the Company will consult with external advisers to manage and remediate any cybersecurity incidents. For material cybersecurity incidents, the Company’s executive officers will promptly inform, update, and seek the instructions of the board. Internal Risk Management Recognizing the complexity and evolving nature of cybersecurity threats, our technology team periodically evaluates and tests our risk management systems. Our technology team has specialized knowledge and insights, ensuring our cybersecurity strategies and processes remain at the forefront of industry best practices. Overseeing Third-Party Risk Because we are aware of the risks associated with third-party service providers, we implement processes to oversee and manage these risks. We conduct security assessments of all third-party providers before engagement and maintain ongoing monitoring to ensure compliance with our cybersecurity standards. The monitoring includes regular assessments by our technology team. This approach is designed to mitigate risks related to data breaches or other security incidents originating from third parties. Risks from Cybersecurity Threats We have not encountered cybersecurity challenges that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition. Governance Board of Directors Oversight Our board of directors oversees the management of risks associated with cybersecurity threats. Management’s Role Managing Risk The Company’s technology team is primarily responsible for assessing, monitoring and managing our cybersecurity risks. The technology team ensures that all industry standard cybersecurity measures are functioning as required to prevent or detect cybersecurity threats and related risks, and provides briefings on cybersecurity threats and related risks to our Chief Executive Officer on a regular basis. Our Director of IT has over 15 years of experience in the field of information technology. He oversees and tests our compliance with standards, remediates known risks, and leads our employee training program and has extensive experience in cybersecurity and possesses the necessary knowledge, skills, background, and experience. 41 Monitoring Cybersecurity Incidents The technology team is continually informed about the latest developments in cybersecurity, including potential threats and innovative risk management techniques. The technology team implements and oversees processes for the regular monitoring of our information systems. This includes the deployment of industry-standard security measures and regular system audits to identify potential vulnerabilities. In the event of a cybersecurity incident, the Director of IT will implement an incident response plan. This plan includes immediate actions to mitigate the impact and long-term strategies for remediation and prevention of future incidents. Reporting to Board of Directors Significant cybersecurity matters, and strategic risk management decisions, will be escalated to the board of directors.

Company Information