Page last updated on June 6, 2025
Alternus Clean Energy, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-06-06 17:26:05 EDT.
Filings
10-K filed on 2025-06-06
Alternus Clean Energy, Inc. filed a 10-K at 2025-06-06 17:26:05 EDT
Accession Number: 0001213900-25-052242
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C . Cybersecurity Alternus employs a strategic, multilayered approach to cybersecurity based on the National Institute of Standards and Technology (NIST) framework. The company maintains a dedicated internal cybersecurity team that oversees the development, implementation, and continual improvement of cybersecurity policies, tools, and procedures to identify, prevent, detect, respond to, and recover from evolving cyber threats. The Information Technology team collaborates with key functions across the company, including risk management, legal, finance, and operations to assess organizational exposure to cybersecurity risks. These assessments are integrated into Alternus’ Information Security Policy, which is regularly reviewed and updated in coordination with company leadership. Cybersecurity risk is managed through multiple, overlapping controls and strategic initiatives, including: ● The implementation of a comprehensive cybersecurity policy addressing acceptable use, data governance, social media, encryption, remote access, authentication, vulnerability management, and incident response; ● Cybersecurity awareness training for all employees; ● A multidisciplinary cybersecurity incident response team with defined protocols and escalation paths; ● Tabletop exercises to test and refine response readiness; ● Continuous integration of intelligence from industry and government sources into internal monitoring and defense processes; ● Ongoing internal reviews of enterprise applications and infrastructure, including access control evaluations and configuration audits. 41 The Chief Information Officer (CIO), with more than 20 years of experience in information and operational technology, holds primary responsibility for the cybersecurity program. Under the CIO’s leadership, the IT team continuously evaluates risk postures and safeguards Alternus’ critical cyber assets. Their efforts are designed to provide resilience against both common and sophisticated cyber threats. The organization has implemented strong internal evaluation mechanisms and governance structures to ensure the integrity and maturity of its cybersecurity position. Risk management of third-party service providers, especially those handling sensitive data or enterprise applications, is carried out through documented access reviews and contractual safeguards, including SOC 2 reporting where applicable. Although Alternus has not experienced cybersecurity events that have materially impacted the business, like most organizations, it faces ongoing risks such as phishing, malware, and attempted unauthorized access. These are monitored and addressed in accordance with established policies. See “Item 1A. Risk Factors” for additional information regarding our organization’s cybersecurity risks, which should be read together with this “Item 1C. Cybersecurity”.
Item 1C. Cybersecurity".
Company Information
| Name | Alternus Clean Energy, Inc. |
| CIK | 0001883984 |
| SIC Description | Electric & Other Services Combined |
| Ticker | ALCE - OTCACLEW - OTC |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End | December 30 |