Page last updated on February 26, 2026
Kymera Therapeutics, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-02-26 07:15:56 EST.
Filings
10-K filed on 2026-02-26
Kymera Therapeutics, Inc. filed a 10-K at 2026-02-26 07:15:56 EST
Accession Number: 0001193125-26-073395
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersec urity Cyber Risk Management and Strategy Kymera uses, stores and processes data for and about our research programs, clinical trials, employees, and suppliers. We have developed and maintain an information security program designed to assess, identify, and manage risks from cybersecurity threats, including to our data and systems. We conduct periodic assessments of our assets, including internal and external security testing, as part of our risk management process and to evaluate the effectiveness of applicable security controls. These assessments are informed by industry standards. Our cybersecurity risk management process is a part of our overall risk management program. We also have an employee education program that includes training designed to raise awareness of cybersecurity threats. We have adopted an Incident Response Policy that outlines the legal and governance process for identifying and managing material cyber risks to our information and information systems and our framework for assessing and responding to cyber incidents, as applicable. Although risks from cybersecurity threats have to date not materially affected, and we do not believe they are reasonably likely to materially affect, us, our business strategy, results of operations or financial condition, we could, from time to time, experience threats and communicate security incidents relating to our and our third-party vendors' information systems. For more information, please see Item 1A- Risk Factors. Governance Related to Cybersecurity Risks Under the ultimate direction of the Chief Executive Officer (CEO) and our executive management team, the Cybersecurity Supervisory Committee (CSSC) has primary responsibility for overseeing our management of cybersecurity risks. Members of the CSSC include the Chief Financial Officer (CFO); the Chief Legal Officer (CLO); and the Head of Information Technology (IT). Additional members of the ET may be asked to support specific incidents as deemed appropriate by the CSSC. The CSSC meets as circumstances warrant to review and update incident response procedures and to provide oversight of incident response activities of the Cyber Security Incident Response Team. The head of information technology and the CSSC have primary responsibility for assessing and managing our cybersecurity program. The head of information technology, who reports to the Chief Financial Officer, has more than 25 years of experience in building and leading information technology and security teams. The board of directors has ultimate oversight of our risk management program and has delegated oversight of that program, including, oversight of cybersecurity, to the audit committee of the board of directors. T he head of Information Technology presents to the audit committee periodically regarding cybersecurity matters. The CFO and the CLO, in partnership with the CEO, are responsible for informing the audit committee in the event of any material cybersecurity incidents and any potential disclosure obligations arising from such incidents. 86
Company Information
| Name | Kymera Therapeutics, Inc. |
| CIK | 0001815442 |
| SIC Description | Biological Products, (No Diagnostic Substances) |
| Ticker | KYMR - Nasdaq |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 31 |