Pattern Group Inc. 10-K Cybersecurity GRC - 2026-03-06

Page last updated on March 6, 2026

Pattern Group Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-03-06 20:01:24 EST.

Filings

10-K filed on 2026-03-06

Pattern Group Inc. filed a 10-K at 2026-03-06 20:01:24 EST
Accession Number: 0001811935-26-000013

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity Cybersecurity Risk Management and Strategy The Company has implemented a robust and dynamic cybersecurity risk management program that is integrated into its overall enterprise risk management (ERM) framework. This program is designed to assess, identify and manage material risks from cybersecurity threats that could potentially affect the confidentiality, integrity, or availability of our information systems and data. Our primary goal is to ensure the reliability and security of our operations and the data we process, including proprietary business information and customer data. Key components of our cybersecurity strategy and risk management processes include: - Risk Assessments: We conduct risk assessments at least annually and on an ad-hoc basis following significant changes to our IT environment or business operations. These assessments are designed to identify potential vulnerabilities, evaluate emerging threats and determine the likelihood and potential magnitude of a cybersecurity incident. - Integration with ERM: Cybersecurity risks are continuously reviewed in the context of our broader enterprise risks, with regular updates provided to executive management to ensure alignment with business strategy and resource allocation. - Third-Party Oversight : We maintain formal processes to oversee and identify risks from cybersecurity threats associated with our use of third-party service providers and vendors. This includes pre-contract due diligence, security assessments and contractual security and privacy requirements. - External Expertise: We engage independent cybersecurity assessors, consultants and auditors to evaluate and test our systems and controls. This collaboration is designed to ensure our practices adhere to industry best standards and helps us stay ahead of evolving threat landscapes. - Employee Training: All employees receive mandatory cybersecurity awareness training upon hire and annually thereafter. To date, no risks from cybersecurity threats or previous cybersecurity incidents have materially affected the Company's business strategy, results of operations, or financial condition. We continuously monitor and invest in preventative, detective and corrective controls to manage these risks. Governance The Board of Directors, through its Audit Committee, is responsible for the oversight of the Company's cybersecurity risk management program. The Audit Committee receives periodic briefings and presentations from management on the Company's cybersecurity posture, emerging risks and incident response readiness. Our VP of Information Security is responsible for developing, implementing and maintaining the cybersecurity program and reports to the Chief Information Officer . The VP of Information Security has over 15 years of progressive experience in information security, risk management and incident response. The VP of Information Security and the cybersecurity team are responsible for ongoing security monitoring, prevention, detection, mitigation, incident response and remediation of cybersecurity incidents. They inform the Audit Committee and executive management with real-time alerts for significant events. Information regarding material risks and incidents is reported to the Audit Committee at least quarterly, and immediately for any material or highly significant incident. Ongoing Improvements We continue to invest in our cybersecurity infrastructure and enhance our capabilities to detect, prevent and respond to emerging threats. We also monitor regulatory developments and industry best practices to ensure our program remains robust and effective.

Company Information