SolarWindow Technologies, Inc. 10-K Cybersecurity GRC - 2025-11-13

Page last updated on November 13, 2025

SolarWindow Technologies, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-11-13 17:18:19 EST.

Filings

10-K filed on 2025-11-13

SolarWindow Technologies, Inc. filed a 10-K at 2025-11-13 17:18:19 EST
Accession Number: 0001171843-25-007295

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY The Company does not currently have formal processes in place for assessing, identifying, and managing material risks from cybersecurity threats. Our approach to cybersecurity is currently informal and primarily reactive, involving basic security measures such as: · Basic Security Software: We use standard antivirus and anti-malware software for protection against common threats. · Password Policies: Simple password policies are in place to protect access to our systems. · Reliance on the security systems of our service providers: We utilize the services of various providers for items such as intellectual property management, payroll, and accounting, and rely on their systems to prevent or detect cybersecurity threats and incidents. However, the Company recognizes the importance of cybersecurity and plans to: · Develop a Cybersecurity Framework: Establish a formal risk assessment process to identify vulnerabilities. · Engage Cybersecurity Expertise: Consider hiring or consulting with cybersecurity professionals to guide our strategy. We acknowledge that the absence of comprehensive cybersecurity processes could potentially expose the company to risks, which may materially affect our operations, financial condition, or strategic decisions in the future. We are committed to improving our cybersecurity posture as our resources allow. Governance · Board Oversight: Currently, our directors do not have a formal structure for overseeing cybersecurity risks. We plan to review this oversight in the near future to ensure appropriate governance is established. · Management's Role: Day-to-day management of cybersecurity is handled by our Chief Executive Officer ("CEO"), who does not have specialized training in cybersecurity. We are considering enhancing this role or outsourcing to professionals with specific cybersecurity expertise. · Expertise: Our current management and Board do not have in-depth cybersecurity expertise. We are considering educational opportunities or consulting to address this gap. Material Effect from Cybersecurity Threats To date, no known cybersecurity incidents have materially affected our business strategy, results of operations, or financial condition. However, due to our limited cybersecurity measures, we acknowledge that our company could be at higher risk of material impact from cybersecurity threats .

Company Information