Page last updated on February 9, 2026
RXO, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-02-09 16:46:05 EST.
Filings
10-K filed on 2026-02-09
RXO, Inc. filed a 10-K at 2026-02-09 16:46:05 EST
Accession Number: 0001929561-26-000013
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. Our information security program is managed by our Head of Information Security ("HIS") , who is responsible for assessing, monitoring and managing our cybersecurity risks. Our Chief Financial Officer ("CFO") provides oversight of our information security program. Our HIS has more than 30 years of experience in the technology and cybersecurity fields, including 20 years of cybersecurity experience in the U.S. defense industrial base. Our CFO has over 35 years of experience, inclusive of roles with direct oversight of information technology. Our cybersecurity risk management and identification has been integrated into our broader enterprise risk management framework which is regularly reported on to the Audit Committee of our Board of Directors. Additionally, our HIS provides periodic reports to our Board of Directors, as well as to our Chief Executive Officer and other members of our senior management as appropriate. These reports include updates on our cybersecurity risks and threats, the status of activities to strengthen our information security systems, assessments of the information security program, and the emerging threat landscape. We have implemented robust incident monitoring and response processes, which are overseen by our HIS. Security events are evaluated, ranked by severity and prioritized for response and remediation by the information technology team. Incidents are evaluated to determine materiality as well as operational, business and privacy impacts and are reported to management as appropriate. We also engage with various external experts, including cybersecurity assessors and consultants, to conduct cybersecurity program and threat assessments and to advise management on ways to enhance our cybersecurity program as part of our continuing efforts to evaluate the effectiveness of our information security program. We utilize certain third-party service providers to perform a variety of functions to operate our business and we seek to engage reliable, reputable service providers that maintain cybersecurity programs. Depending on the nature of the services provided, the sensitivity of the information, and the identity of the service provider, our vendor management process may include reviewing the cybersecurity practices of such provider, contractually imposing obligations on the provider, and conducting security assessments. While we have not experienced a cybersecurity incident that has materially affected our business, results of operations or financial condition, see the risk factor entitled "We could be affected by cyberattacks or breaches of our information systems, any of which could have a material adverse effect on our business" in Item 1A - Risk Factors for information about the cybersecurity risks we face.
Company Information
| Name | RXO, Inc. |
| CIK | 0001929561 |
| SIC Description | Transportation Services |
| Ticker | RXO - NYSE |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 31 |