InterDigital, Inc. 10-K Cybersecurity GRC - 2026-02-05

Page last updated on February 5, 2026

InterDigital, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-02-05 08:35:03 EST.

Filings

10-K filed on 2026-02-05

InterDigital, Inc. filed a 10-K at 2026-02-05 08:35:03 EST
Accession Number: 0001405495-26-000011

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. CYBERSECURITY. InterDigital employs a defense-in-depth security model that uses multiple, layered controls to protect our data, our customers' data, our infrastructure, and our employees. We embed data protection throughout our operations and technology programs and rely on a combination of preventive and detective measures to safeguard our assets and personnel. InterDigital evaluates cybersecurity risks as part of our overall enterprise risk management . A cybersecurity steering committee of senior executives is responsible for assessing and managing cybersecurity risks. The steering committee meets semi-annually to evaluate any changes to the Company's exposure to cybersecurity risks, discuss potential mitigation plans and provide updates on mitigation efforts already underway. The Senior Director, Head of Cybersecurity & Networks, with over 20 years of experience and industry-recognized certifications, reports to the VP of Information Services and manages the cybersecurity team that leads the steering committee. This team monitors threat intelligence from internal and external sources and oversees processes for evaluating cybersecurity risks associated with third-party service providers. The cybersecurity team maintains a comprehensive set of cybersecurity policies and standards. We continually assess and update our cybersecurity strategy through activities such as tabletop exercises to anticipate emerging threats and evolving risks. InterDigital provides quarterly cybersecurity awareness training, conducts an annual Cybersecurity Awareness Month campaign, and performs quarterly phishing simulations to support ongoing employee education and vigilance. We also engage independent third parties to evaluate our cybersecurity program, including annual multi-stage penetration testing of our IT environment. The Audit Committee of our Board oversees risks associated with cybersecurity threats. Both the Audit Committee and the full Board receive quarterly updates on cybersecurity risks identified through our enterprise risk management processes. Our cybersecurity policies include an incident response framework that defines responsibilities, reporting procedures, and escalation paths to ensure timely and accurate response to security incidents. The framework specifies how and when the Executive Leadership Team, cybersecurity steering committee, and the Audit Committee are informed of potential incidents. The Vice President of Information Services and the Head of Cybersecurity also present summaries of recent incidents quarterly at a regular Audit Committee meeting. Despite our extensive cybersecurity program, we may not be able to prevent or mitigate all cybersecurity incidents, any of which could have a material adverse effect on us. To date, cybersecurity threats have not materially affected our business strategy, results of operations, or financial condition . We identify nation-state-sponsored threat actors, increasingly sophisticated criminal cyber actors, and ransomware campaigns as top reasonably likely material risks. Theft, unauthorized use, or disclosure of our intellectual property or confidential business or personal information-whether through a breach of our systems or those of a third-party service provider-could harm our competitive position, diminish the value of our investments in research and development and other strategic initiatives, compromise our patent enforcement strategies, damage our reputation, or otherwise adversely affect our business. See Item 1A, "Risk Factors," for additional information regarding cybersecurity risks.

Company Information