APPLIED ENERGETICS, INC. - (AERG)
10-K Filing Date: March 26, 2024
As a company in general, and particularly, as a government contractor, we understand the critical need to maintain all data and information systems in the safest, most secure manner. Accordingly, our approach to cybersecurity is multi-tiered and comprehensive. Our board of directors ultimately oversees our processes for assessing, identifying and managing material risks from cybersecurity threats. Our management, together with third party contractors, makes these assessments and periodically provides the board with a report and evaluation, including risk mitigation strategies. This report would also include any cybersecurity related incidents which would give rise to a reporting requirement for the company. Although we consider our program for mitigating cybersecurity risks to be part of an overall risk mitigation strategy, we consider it a separate set of processes because of the unique concerns with keeping our and our customers’ data secure.
Our Chief Executive Officer works with our information technology consultants (IT) to assess any reasonably foreseeable internal and external risks to our information systems, including the likelihood of malware, ransomware, cyber espionage, and any other cybersecurity threats. Through these risk assessments, management seeks to determine the likelihood of, and potential damage that could result from, such risks, and the sufficiency of existing systems and safeguards in place to manage them. Our IT continually monitors our systems for any attempted unauthorized entries or breaches and reports this information to management on a regular basis. Information gathered from these processes enable our IT to make any necessary adjustments to our systems and address any identified gaps in existing safeguards.
Our IT also provides guidance and support with respect to protecting our information systems from these various threats. This includes advising both management and other personnel on the best practices for keeping these systems safe and a training program that includes random testing for weaknesses.
Certain customer contracts require that we maintain a heightened level of information security and set out specific protocols to which we must adhere to safeguard covered data and other information. Our CEO, who has expertise in government contracting and related data and information controls, assesses these requirements on behalf of the company in consultation with our IT to determine the necessary network architecture and infrastructure for all of these requirements and ensures that proper protocols are implemented and that our personnel adhere to them. This includes special, additional training for personnel on handling of various levels of customer information.
We have not encountered cybersecurity threats or incidents that have materially affected our business strategy, financial condition, or operations. For additional information regarding risks from cybersecurity threats, please refer to Item 1A, “Risk Factors,” in this annual report on Form 10-K.