Item 1A. Risk Factors
If any of the risks and uncertainties set forth below actually materialize, our business, financial condition and/or results of operations could be materially and adversely affected, the trading price of our common stock could decline and a stockholder could lose all or part of its, his or her investment. The risks and uncertainties set forth below are not the only ones we face. Additional risks and uncertainties not presently known to us or that we currently consider immaterial may also impair our business operations.
Economic, Industry, and Operational Risks
We depend on a small number of customers for a significant portion of our revenue and the loss of any customer could significantly affect our business.
Both the HPP and TS segments are reliant upon a small number of significant customers, and the loss of or significant reduction in sales to any one of which could have a material adverse effect on our business. For the fiscal years ended September 30, 2025 and 2024, no one customer accounted for 10% or more of our total revenues. Our revenues are largely dependent upon the ability of our customers to continue to grow or need services or to develop and sell products that incorporate our products. No assurance can be given that our customers will not experience financial or other difficulties that could adversely affect their operations and, in turn, our results of operations.
We depend on key personnel and skilled employees and face competition in hiring and retaining qualified employees.
We are largely dependent upon the skills and efforts of our senior management, managerial, sales and technical employees. None of our senior management personnel or other key employees are subject to any employment contracts except Victor Dellovo, our Chief Executive Officer and President. The loss of services of any of our executives or other key personnel could have a material adverse effect on our business, financial condition and results of operations. Our future success will depend to a significant extent on our ability to attract, train, motivate and retain highly skilled technical professionals. Our ability to maintain and renew existing engagements and obtain new business depends, in large part, on our ability to hire and retain technical personnel with skills that keep pace with continuing changes in our industry standards and technologies. The inability to hire additional qualified personnel could impair our ability to satisfy or grow our client base. There can be no assurance that we will be successful in retaining current or future employees.
Our success depends in part on our timely introduction of new products and technologies and our results can be impacted by the effectiveness of our significant investments in new products and technologies.
We have made significant investments in our ARIA cyber security products and services that may not achieve expected returns. We will continue to make significant investments in research, development, and marketing for ARIA products, services, and technologies. Commercial success depends on many factors, including innovativeness, developer support, and effective distribution and marketing. If customers do not perceive our latest offerings as providing significant new functionality or other value, they may reduce their purchases of new software and hardware products or upgrades, unfavorably affecting revenue. We may not achieve significant revenue from new product, service, and distribution channel investments for several years. New products and services may not be profitable, and even if they are profitable, operating margins for some new products and businesses may not be as high as the margins we have experienced historically. Developing new technologies and products is complex. It can require long development and testing periods. Significant delays in new releases or significant in creating new products or services could affect our revenue.
Table of Contents
To be successful, we must respond to the rapid changes in technology. If we are unable to do so on a timely basis our business could be materially adversely affected.
Our future success will depend in large part on our ability to enhance our current products and to develop new commercial products on a timely and cost-effective basis in order to respond to technological developments and changing customer needs. The design-in process is typically lengthy and expensive and there can be no assurance that we will be able to continue to meet the product specifications of our customers in a timely and adequate manner. In addition, if we fail to anticipate or to respond adequately to changes in technology and customer preferences, or if there is any significant delay in product developments or introductions, this could have a material adverse effect on our business, financial condition and results of operations, including the risk of inventory obsolescence. Because of the complexity of our products, we have experienced delays from time to time in completing products on a timely basis. If we are unable to design, develop or introduce competitive new products on a timely basis, our future operating results would be affected, particularly in our HPP segment. There can be no assurance that we will be in developing new products or our existing products on a timely or cost- basis, or that such new products or product will market acceptance.
The complexity of our products, particularly in the HPP segment, could result in unforeseen delays or expense or undetected defects or bugs, which could adversely affect the market acceptance of new products, damage our reputation with current or prospective customers, and materially and adversely affect our operating costs.
Highly complex products, such as those we offer, may contain defects and bugs when they are first introduced or as new versions, software documentation or enhancements are released, or their release may be delayed due to unforeseen difficulties during product development. If any of our products or third-party components used in our products contain defects or bugs, or have reliability, quality or compatibility problems, we may not be able to successfully design workarounds or corrections. Furthermore, if any of these problems are not discovered until after we have commenced commercial production or deployment of a new product, we may be required to incur additional development costs and product recall, repair or replacement costs. Significant technical challenges also arise with our software products because our customers license and deploy our products across a variety of computer platforms and integrate them with a number of third-party software applications and databases. As a result, if there is system-wide or an actual or perceived of information , security or availability occurs in one of our end-user customer’s system, it can be to determine which product is at and we could ultimately be by the of another supplier’s product. Consequently, our reputation may be and customers may be to buy our products, which could materially and affect our ability to retain existing customers and attract new customers. To these , we may have to invest significant capital and other resources and we would likely , or experience a in, market acceptance of the affected product or products. These may also result in us by our customers or others. For example, if a in the manufacture and delivery of our products causes the of a customer’s end-product delivery, we may be required, under the terms of our agreement with that customer, to compensate the customer for the effects of such . As a result, our financial results could be materially affected.
Our international operation is subject to a number of risks.
We market and sell our products in certain international markets and we have established operations in the U.K. Foreign-based revenue is determined based on the location to which the product is shipped or services are rendered and represented 10% and 12% of our total revenue for the fiscal years ended September 30, 2025 and 2024, respectively. If revenues generated by foreign activities are not adequate to offset the expense of establishing and maintaining these foreign activities, our business, financial condition and results of operations could be materially adversely affected. In addition, there are certain risks inherent in transacting business internationally, such as changes in applicable laws and regulatory requirements, export and import restrictions, export controls relating to technology, tariffs and other trade barriers, longer payment cycles, problems in collecting accounts receivable, political instability, fluctuations in currency exchange rates, expatriation controls and potential adverse tax consequences, any of which could adversely impact the success of our international activities. In particular, it is possible activity in the United Kingdom and the rest of Europe will be adversely impacted and that we will face increased regulatory and legal complexities, including those related to tax, trade, data protection, and employee relations as a result of Brexit and evolving international regulations. A portion of our revenues are from sales to foreign entities, including foreign governments, which are primarily paid in the form of foreign currencies.
Table of Contents
There can be no assurance that one or more of such factors will not have a material adverse effect on our future international activities and, consequently, on our business, financial condition or results of operations.
We face competition that could adversely affect our sales and profitability.
The markets for our products are highly competitive and are characterized by rapidly changing technology, frequent product performance improvements and evolving industry standards. Many of our competitors are substantially larger than we are and have greater access to capital and human resources and in many cases price their products and services less than ours. In addition, due to the rapidly changing nature of technology, new competitors may emerge. Competitors may be able to offer more attractive pricing or develop products that could offer performance features that are superior to our products, resulting in reduced demand for our products. Such competitors could have a negative impact on our ability to win future business opportunities. There can be no assurance that a new competitor will not attempt to penetrate the various markets for our products and services. Their entry into markets historically targeted by us could have a material adverse effect on our business, financial condition and results of operations.
Pandemics, epidemics or disease outbreaks may materially adversely affect our business, results of operations, cash flows and financial condition.
Pandemics, epidemics, or disease outbreaks, may cause harm to us, our employees, our clients, our vendors and supply chain partners, and financial institutions, which could have a material adverse effect on our business, results of operations, cash flows, and financial condition. The impact of a pandemic, epidemic, or other disease outbreak may include, but would not be limited to: (i) disruption to operations due to the unavailability of employees due to illness, quarantines, risk of illness, travel restrictions or factors that limit our existing or potential workforce; (ii) volatility in the demand for or availability of our products and services, (iii) inability to meet our customers’ needs due to disruptions in the manufacture, sourcing and distribution of our products and services, or (iv) failure of third parties on which we rely, including our suppliers, clients, and external business partners, to meet their obligations to us, or significant disruptions in their ability to do so.
Intellectual Property and Systems Risks
We may be unsuccessful in protecting our intellectual property rights which could result in the loss of a competitive advantage.
Our ability to compete effectively against other companies in our industry depends, in part, on our ability to protect our current and future proprietary technology under patent, copyright, trademark, trade secret and unfair competition laws. We cannot assure that our means of protecting our proprietary rights in the United States or abroad will be adequate, or that others will not develop technologies similar or superior to our technology or design around our proprietary rights. In addition, we may incur substantial costs in attempting to protect our proprietary rights.
Also, despite the steps taken by us to protect our proprietary rights, it may be possible for unauthorized third parties to copy or reverse-engineer aspects of our products develop similar technology independently or otherwise obtain and use information that we regard as proprietary and we may be unable to successfully identify or prosecute unauthorized uses of our technology. Furthermore, with respect to our issued patents and patent applications, we cannot assure that patents from any pending patent applications (or from any future patent applications) will be issued, that the scope of any patent protection will include competitors or provide competitive advantages to us, that any of our patents will be held valid if subsequently challenged or that others will not claim rights in or ownership of the patents (and patent applications) and other proprietary rights held by us.
If we become subject to intellectual property infringement claims, we could incur significant expenses and could be prevented from selling specific products.
We may become subject to claims that we infringe the intellectual property rights of others in the future. We cannot assure that, if made, these claims will not be successful. Any claim of infringement could cause us to incur substantial costs defending against the claim even if the claim is invalid and could distract management from other
Table of Contents
business. Any judgment against us could require substantial payment in damages and could also include an injunction or other court order that could prevent us from offering certain products.
We need to continue to expend resources on research and development ("R&D") efforts in our HPP segment, to meet the needs of our customers. If we are unable to do so, our products could become less attractive to customers and our business could be materially adversely affected.
Our industry requires a continued investment in R&D. As a result of our need to maintain or increase our spending levels for R&D in this area and the difficulty in reducing costs associated with R&D, our operating results could be materially harmed if our revenues fall below expectations. In addition, as a result of CSPi’s commitment to invest in R&D, spending as a percent of revenues may fluctuate in the future. Further, if we fail to invest sufficiently in R&D or our R&D does not produce competitive results, our products may become less attractive to our customers or potential customers, which could materially harm our business and results of operations.
Our need for continued or increased investment in research and development may increase expenses and reduce our profitability.
Our industry is characterized by the need for continued investment in research and development. If we fail to invest sufficiently in research and development, our products could become less attractive to potential customers and our business and financial condition could be materially and adversely affected. As a result of the need to maintain or increase spending levels in this area and the difficulty in reducing costs associated with research and development, our operating results could be materially harmed if our research and development efforts fail to result in new products or if revenues fall below expectations. In addition, as a result of our commitment to invest in research and development, spending levels of research and development expenses as a percentage of revenues may fluctuate in the future.
Our results of operations are subject to fluctuation from period to period and may not be an accurate indication of future performance.
We have experienced fluctuations in operating results in large part due to the sale of products and services in relatively large dollar amounts to a relatively small number of customers. Customers specify delivery date requirements that coincide with their need for our products and services. Because these customers may use our products and services in connection with other projects with different sizes and durations, a customer’s orders for one quarter generally do not indicate a trend for future orders by that customer. As such, we have not been able in the past to consistently predict when our customers will place orders and request shipments so that we cannot always accurately plan our manufacturing, inventory, and working capital requirements. As a result, if orders and shipments differ from what we predict, we may incur additional expenses and build excess inventory, which may require additional reserves and allowances and reduce our working capital and operational flexibility. Any significant change in our customers’ purchasing patterns could have a material adverse effect on our operating results and reported earnings per share for a particular quarter. Thus, results of operations in any period should not be considered indicative of the results to be expected for any future period.
Our quarterly results may be subject to fluctuations resulting from a number of other factors, including:
delays in completion of internal product development projects;
delays in shipping hardware and software;
delays in acceptance testing by customers;
a change in the mix of products sold to our served markets;
changes in customer order patterns;
production delays due to quality problems with outsourced components;
Table of Contents
inability to scale quick reaction capability products due to low product volume;
shortages and costs of components;
the timing of product line transitions;
declines in quarterly revenues from previous generations of products following announcement of replacement products containing more advanced technology;
inability to realize the expected benefits from acquisitions and restructurings, or delays in realizing such benefits;
potential asset impairment, including goodwill and intangibles, write-off of deferred tax assets or restructuring charges; and
changes in estimates of completion on fixed price service engagements.
In addition, from time to time, we have entered into contracts, referred to as development contracts, to engineer a specific solution based on modifications to standard products. Gross margins from development contract revenues are typically lower than gross margins from standard product revenues. We intend to continue to enter into development contracts and anticipate that the gross margins associated with development contract revenues will continue to be lower than gross margins from standard product sales.
Another factor contributing to fluctuations in our quarterly results is the fixed nature of expenditures on personnel, facilities and marketing programs. Expense levels for these programs are based, in significant part, on expectations of future revenues. If actual quarterly revenues are below management’s expectations, our results of operations will likely be adversely affected. Further, the preparation of financial statements in conformity with accounting principles generally accepted in the United States requires us to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the dates of the financial statements and the reported amounts of revenues and expenses during the reporting periods. Actual results could differ from those estimates, and changes in estimates in subsequent periods could cause our results of operations to fluctuate.
If we experience a disaster or other business continuity problem, we may not be able to recover successfully, which could cause material financial loss, loss of human capital, regulatory actions, reputational harm, or legal liability.
If we experience a local or regional disaster or other business continuity problem, such as a hurricane, earthquake, terrorist attack, pandemic or other natural or human-made disaster, our continued success will depend, in part, on the availability of our personnel, our office facilities, and the proper functioning of our computer, telecommunication and other related systems and operations. As we grow our operations, the potential for particular types of natural or human-made disasters, political, economic or infrastructure instabilities, or other country- or region-specific business continuity risks increases.
If we suffer any data breaches involving the designs, schematics, or source code for our products or other sensitive information, our business and financial results could be adversely affected.
We securely store our designs, schematics, and source code for our products as they are created. A breach, whether physical, electronic or otherwise, of the systems on which this sensitive data is stored could lead to damage or piracy of our products. If we are subject to data security breaches from external sources or from an insider threat, we may have a loss in sales or increased costs arising from the restoration or implementation of additional security measures, either of which could adversely affect our business, financial condition, and results of operations. Other potential costs could include loss of brand value, incident response costs, loss of stock market value, regulatory inquiries, litigation, and management distraction. In addition, a security breach that involved classified information could subject us to civil or ,
Table of Contents
loss of a government contract, loss of access to classified information, or debarment as a government contractor. Similarly, a breach that involved loss of customer-provided data could subject us to loss of a customer, loss of a contract, litigation costs and legal damages, and reputational harm.
Systems failures may disrupt our business and have an adverse effect on our results of operations.
Any systems failures, including network, software or hardware failures, whether caused by us, a third-party service provider, unauthorized intruders and hackers, computer viruses, natural disasters, power shortages or terrorist attacks, could cause loss of data or interruptions or delays in our business or that of our clients and reputational harm as a security provider. Like other companies, we have experienced cyber security threats to our data and systems, our company sensitive information, and our information technology infrastructure, including malware and computer virus attacks, unauthorized access, systems failures and temporary disruptions. We may experience similar security threats at customer sites that we operate and manage as a contractual requirement. Prior cyber attacks directed at us have not had a material impact on our business or our financial results, and we believe that our continuing commitment toward detection and mitigation processes and procedures will help us minimize or avoid such impact in the future. Due to the evolving nature of these security , however, the impact of any future cannot be predicted.
In addition, the failure or disruption of our email, communications or utilities could cause us to interrupt or suspend our operations or otherwise harm our business. Our property and business interruption insurance may be inadequate to compensate us for all losses that may occur as a result of any system or operational failure or disruption and, as a result, our actual results could differ materially and adversely from those anticipated.
The systems and networks that we maintain for our clients, although highly redundant in their design, could also fail. If a system or network we maintain were to fail or experience service interruptions, we might experience loss of revenue or face claims for damages or contract termination. Our errors and omissions liability insurance may be inadequate to compensate us for all the damages that we might incur and, as a result, our actual results could differ materially and adversely from those anticipated.
Our business, financial condition and results of operations could be adversely affected by disruptions in the global economy caused by the ongoing conflict between Russia and Ukraine.
The global economy has been negatively impacted by the military conflict between Russia and Ukraine. Furthermore, governments in the United States, United Kingdom and European Union have each imposed export controls on certain products and financial and economic sanctions on certain industry sectors and parties in Russia. Although we do not have significant customers or suppliers in Russia or Ukraine, we do have customers and suppliers in surrounding regions which may be affected. Further escalation of Russian-Ukraine military conflict and geopolitical tensions related to such military conflict, including increased trade barriers or restrictions on global trade, could result in, among other things, cyber attacks, supply disruptions, lower consumer demand, and changes to foreign exchange rates and financial markets, any of which may adversely affect our business, financial condition and results of operations. The effects of the ongoing conflict could heighten many of our known risks described in these "Risk Factors.”
Our business, financial condition and results of operations could be adversely affected by disruptions in the global economy caused by the conflict between Israel and Hamas.
The global economy has been negatively impacted by the military conflict between Israel and Hamas. Although we do not have significant customers or suppliers in the Middle East region, we do have customers and suppliers in surrounding regions which may be affected. Violation of the peace process may lead to to renewed military conflict and/or escalation of the Israel and Hamas conflict and geopolitical tensions related to such military conflict and/or escalation, including increased trade barriers or restrictions on global trade, could result in, among other things, cyber attacks, supply disruptions, lower consumer demand, and changes to foreign exchange rates and financial markets, any of which may adversely affect our business, financial condition and results of operations. The effects of the ongoing conflict could heighten many of our known risks described in these "Risk Factors.”
Table of Contents
Significant political, trade, regulatory developments, and other circumstances beyond our control, could have a material adverse effect on our financial condition or results of operations.
Significant political, trade, or regulatory developments in the jurisdictions in which we sell or purchase our products, including country of origin of such products, are difficult to predict and may create periods of volatility in such markets which may have a material adverse effect on us. Recent changes in U.S. federal policy that affect the geopolitical landscape could give rise to circumstances outside our control that could have negative impacts on our business operations. Beginning in the second quarter of 2025, new U.S. Tariffs were announced, including additional tariffs on imports from China, India, Japan, South Korea, Taiwan, Vietnam and the EU, among others. In response, several countries have imposed, or threatened to impose, reciprocal tariffs on imports from the U.S. and other retaliatory measures. Various modifications and delays to the U.S. Tariffs have been announced and further changes are expected to be made in the future, which may include additional sector-based tariffs or other measures. For example, the U.S. Department of Commerce has initiated an investigation under Section 232 of the Trade Expansion Act of 1962, as amended, into, among other things, imports of semiconductors, semiconductor manufacturing equipment, and their derivative products, including downstream products that contain semiconductors. These tariffs do not currently include software, services, intangibles, and other digital services; however, we cannot predict future trade policy or tariffs, including the impact or timing thereof, or whether such services will be subject to any form of tariffs or other restrictions in the future. The ultimate impact remains uncertain and will depend on several factors, including whether additional or incremental U.S. Tariffs or other measures are announced or imposed, to what extent other countries implement tariffs or other measures in response, and the overall magnitude and duration of these measures. If and further , actions by governments in response could be significantly more and restrictive. Any of the foregoing could materially affect the Company’s business, results of operations, financial condition and stock price.
Legal and Regulatory Risks
Changes in regulations could materially adversely affect us.
Our business, results of operations, or financial condition could be materially adversely affected if laws, regulations, or standards relating to us or our products are newly implemented or changed. In addition, our compliance with existing regulations may have a material adverse impact on us. Under applicable federal securities laws, we are required to evaluate and determine the effectiveness of our internal control structure and procedures. If we have a material weakness in our internal controls, our results of operations or financial condition may be materially adversely affected, or our stock price may decline.
Risks Related to Ownership of Our Common Stock
Failure to remediate and then maintain our internal control over our financial reporting could cause our financial reports to be inaccurate.
We are required to maintain internal control over financial reporting and to assess and report on the effectiveness of those controls. This assessment includes disclosure of any material weaknesses identified by our management in our internal control over financial reporting. Our management concluded that our internal control over financial reporting was effective as of September 30, 2025. If we are not able to maintain effective internal control over financial reporting, our financial statements, including related disclosures, may be inaccurate, which could have a material adverse effect on our business.
Failure to maintain our accounting systems and controls could impair our ability to comply with the financial reporting and internal controls requirements for publicly traded companies.
As a public company, we operate in an increasingly demanding regulatory environment, which requires us to comply with the Sarbanes-Oxley Act of 2002, and the related rules and regulations of the SEC. Company responsibilities required by the Sarbanes-Oxley Act include establishing corporate oversight and adequate internal control over financial
Table of Contents
reporting and disclosure controls and procedures. Effective internal controls are necessary for us to produce reliable financial reports and are important to help prevent financial fraud.
Because we are a smaller reporting company and a non-accelerated filer, we are not required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act. However, we must perform system and process evaluation and testing of our internal control over financial reporting to allow management to report on the effectiveness of our internal control over financial reporting in this report and future annual reports on Form 10-K, as required by Section 404 of the Sarbanes-Oxley Act. This requires that we incur substantial additional professional fees and internal costs to expand our accounting and finance functions and that we expend significant management efforts.
Our internal control over financial reporting will not prevent or detect all errors and all fraud. A control system, no matter how well designed and operated, can provide only reasonable, not absolute, assurance that the control system’s objectives will be met. Because of the inherent limitations in all control systems, no evaluation of controls can provide absolute assurance that misstatements due to error or fraud will not occur or that all control issues and instances of fraud will be detected.
If we are not able to comply with the requirements of Section 404 of the Sarbanes-Oxley Act, or if we are unable to remediate or maintain proper and effective internal controls, we may not be able to produce timely and accurate financial statements. If we cannot provide reliable financial reports or prevent fraud, our business and results of operations could be harmed, and investors could lose confidence in our reported financial information.
Our stock price may continue to be volatile.
Historically, the market for technology stocks has been extremely volatile. Our common stock has experienced and may continue to experience substantial price volatility. The following factors could cause the market price of our common stock to fluctuate significantly:
loss of a major customer;
loss of a major supplier;
inflationary pressures;
the addition or departure of key personnel;
variations in our quarterly operating results;
announcements by us or our competitors of significant contracts, new products or product enhancements;
acquisitions, distribution partnerships, joint ventures or capital commitments;
regulatory changes;
sales of our common stock or other securities in the future;
changes in market valuations of technology companies; and
fluctuations in stock market prices and volumes.
In addition, the stock market in general and the NASDAQ Global Market and technology companies in particular, have experienced extreme price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of such companies. These broad market and industry factors may materially adversely affect the market price
Table of Contents
of our common stock, regardless of our actual operating performance. In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been instituted against such companies. If any shareholder were to issue a lawsuit, we could incur substantial costs defending the lawsuit and the attention of management could be diverted.
Item 1C. Cybersecurity
Risk Management and Strategy
We have implemented a comprehensive cybersecurity risk management strategy to evaluate, detect, and mitigate significant risks posed by cybersecurity threats. The Information Security Risk component of our overall Risk Management Policy outlines our approach to manage processes, people and technology to address and meet the ever-changing challenges in the global IT security landscape. Our program aims to safeguard our systems, data, and operations against cyber threats, maintain business continuity, ensure compliance with relevant privacy and other regulations, and fulfill our commitments to members, customers, suppliers, employees, and other stakeholders.
Our cybersecurity program is designed to align with and meet the rigorous standards set by industry frameworks such as NIST, SOC 2 Type 2, and other relevant guidelines. By adhering to these frameworks, we ensure that our security measures are robust, comprehensive, and effective in protecting our systems, data, and operations. This commitment not only helps us maintain compliance with regulatory requirements but also demonstrates our dedication to providing a secure environment for our members, customers, suppliers, employees, and other stakeholders.
Risk Assessment; Third Party Assessments and Audits
An information security Risk Assessment (RA) is conducted annually or following any significant changes to the operating or sensitive data environments to identify vulnerabilities and implement appropriate controls and risk mitigation strategies. These assessments can be conducted on any entity within CSPi or any external entity that has signed a Third-Party Agreement with CSPi , covering information systems, applications, servers, networks, and related processes. The IT Manager, along with the responsible department, oversees the execution, development, and implementation of remediation programs. The RA process involves assembling a team, defining the scope, identifying business and IT owners, conducting interviews, reviewing controls and incidents, developing a threat/risk matrix, and preparing an executive summary with recommendations. The executive team reviews and approves the recommendations, and a project is initiated to implement the necessary controls and procedures, which are tested quarterly.
Incident Response Planning
Our incident response policies and procedures are aligned with applicable laws and state policies. They encompass the identification of roles and responsibilities, investigation, containment and escalation procedures, documentation and preservation of evidence, communication protocols, and lessons learned.
We have established robust incident reporting policies and procedures. These include training employees and contractors to recognize and report incidents promptly upon discovery, as well as preparing and submitting follow-up written reports.
To date, no cybersecurity incident has resulted in any material impact on our business, operations or financial results or our ability to service our customers or run our business.
Governance
A formal process exists through our enterprise risk management matrix developed by the management team of the Company that tracks the Company’s material risks, associated mitigation and remediation strategies and direct accountability which is submitted quarterly to the Audit Committee of the Board of Directors for review and oversight.
Table of Contents
The management team includes our Vice President and General Manager of the HPP segment , who has developed cybersecurity software at the Company. In addition, he has been the Chief Technical Officer and served in various roles at several cybersecurity companies over his 40 year career. He holds a Bachelor of Science in Business and Engineering as well as a Masters of Science in Finance. Also on the team is the Vice President of Managed Services at the TS segment, who has over twenty years of technology experience including the monitoring and management of other organization’s security systems.
