Page last updated on February 4, 2026
Trio Petroleum Corp reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-01-20 16:06:19 EST.
Filings
10-K filed on 2026-01-20
Trio Petroleum Corp filed a 10-K at 2026-01-20 16:06:19 EST
Accession Number: 0001493152-26-002848
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
ITEM 1C. CYBERSECURITY. Cybersecurity attacks impact businesses and organizations of all sizes and sectors on a global basis. At Trio, we recognize the importance of developing, implementing, and maintaining a cybersecurity risk management program. Although the Company does not operate a centralized server environment, our operations rely on distributed devices and cloud-based platforms provided by third-party vendors. While this architecture reduces certain single-point-of-failure risks, it does not eliminate exposure to cybersecurity threats. We remain dependent on internal systems, employee devices, and external cloud-based infrastructure to securely process, transmit, and store critical information. We are continuing to implement resources designed to protect our systems and data from cybersecurity threats and are in the process of engaging an outsourced security firm to oversee our cybersecurity program. We seek to reduce cybersecurity risks through a variety of risk management activities intended to identify, assess, manage, and mitigate cybersecurity threats. Risk Management Strategy Our cybersecurity risk management program is focused on the following key areas: ● Governance: Our cybersecurity risk management program is led by our outsourced security team. At present, our Board of Directors does not directly oversee the cybersecurity risk management program; however, the Audit Committee is in the process of implementing procedures to obtain regular updates on our cybersecurity program, including recent developments, key initiatives to strengthen our systems, applicable industry standards, vulnerability assessments, third-party and independent reviews, and other information security considerations. ● Approach: We intend to use a cross-functional approach to identifying, preventing, assessing, and mitigating cybersecurity threats and incidents, while implementing controls and procedures designed to provide for the prompt escalation of cybersecurity incidents and support appropriate public disclosure and reporting. Our cybersecurity efforts include, or are expected to include, risk-based administrative, technical, and physical controls. Trio is in the process of implementing an extensive set of policies, procedures, systems, and tools designed to help safeguard our distributed systems and cloud-based data, including firewalls, intrusion detection systems, access controls such as multi-factor authentication, vulnerability scanning, penetration testing, independent third-party control audits, an internal bug bounty program, and other systems and processes. ● Incident Response Planning: We intend to maintain a breach reporting and resolution plan that includes defined processes, roles, communications, responsibilities, and procedures for responding to cybersecurity incidents and other events that impact our operations. Our incident response plans will be tested and evaluated on a regular basis. ● Education and Awareness: We plan to establish a security and privacy awareness program that runs throughout the year and includes training for all company personnel to enhance employee awareness of how to detect and respond to cybersecurity threats, as well as more targeted training for personnel with increased responsibility for mitigating certain cybersecurity risks. We plan to review and update our policies, procedures, processes, and practices to address changes in the threat landscape and lessons learned from suspected, actual, or simulated incidents. We also plan to review industry best practices to assist in evaluating responses to new challenges and risks. These evaluations include testing both the design and operational effectiveness of security controls. 30 Cybersecurity Risks While we plan to dedicate significant efforts and resources to our cybersecurity program, we may be unable to successfully identify threats, prevent attacks, satisfactorily resolve cybersecurity incidents, or implement adequate mitigating controls. Any cybersecurity incident affecting our distributed systems, employee devices, cloud-based platforms, or third-party service providers that results in, or may result in, the loss, theft, or unauthorized disclosure of data-or any delay in determining the full extent of a potential breach-could have a material adverse impact on our business, results of operations, and financial condition. Potential impacts include harm to our reputation and brand, reduced demand for our solutions, time-consuming and expensive litigation, fines, penalties, and other damages. To date, and except as otherwise noted in this Annual Report, we are not aware of any cybersecurity threats that have materially affected us, nor have we experienced any cybersecurity incidents.
Company Information
| Name | Trio Petroleum Corp |
| CIK | 0001898766 |
| SIC Description | Crude Petroleum & Natural Gas |
| Ticker | TPET - NYSE |
| Website | |
| Category | Emerging growth company |
| Fiscal Year End | October 31 |