We may be required to make material expenditures or incur additional liabilities to comply with changes in environmental laws or climate change regulations or to meet the increasing societal expectations on companies to address climate change. Both our products and the operation of our manufacturing facilities are subject to statutory and regulatory requirements. These include environmental requirements applicable to manufacturing and vehicle emissions, government contracting regulations, regulations impacting our supply chain and domestic and international trade regulations. A significant change to these regulatory requirements could substantially increase manufacturing costs, which could make our business results more variable. Climate change attributed to increased levels of greenhouse gases, including carbon dioxide, has led to significant legislative, regulatory, investment community and societal efforts to limit greenhouse gas emissions. These considerations may lead to new international, national, regional and/or local legislation or regulatory responses. The legislation or regulation of greenhouse gases could result in unfavorable financial impacts through various forms including taxation, emission allowances, fines, requirements for investments or facilities improvement, higher energy costs and higher compliance costs associated with complex and evolving federal, state and international public disclosures. The impact of any future greenhouse gas legislation, regulatory, or product standard requirements is unknown, and therefore, we are uncertain of the potential impact that future changes may have. Our global facilities, operations and products are subject to increasingly stringent environmental laws and regulations, including laws and regulations governing air emissions, noise, releases to soil and discharges to water and the generation, handling, storage, transportation, treatment and disposal of non-hazardous and hazardous waste materials. Certain environmental laws impose strict, retroactive and joint and several liability for the release of hazardous substances, even for conduct that was lawful at the time it occurred, or for the conduct of, or conditions caused by, prior operators, predecessors or other third parties. We could be subject to fines, cleanup costs or other costs or damages under environmental laws if we are not in compliance with environmental regulations. We may be subject to other more stringent environmental laws in the future that could have a material adverse impact on our business, results of operations and financial condition. ITEM 1B. UNRESOLVED STAFF COMMENTS The Company has no unresolved staff comments regarding its periodic or current reports from the staff of the SEC that were issued 180 days or more preceding December 31, 2025. ITEM 1C. CYBERSECURITY Risk Management and Strategy — The Company maintains a cybersecurity risk management program, led by a Chief Information Security Officer (CISO), who is responsible for the Company’s overall cybersecurity strategy, policy, architecture and cyber threat detection and response. The CISO, who reports to the Company’s Chief Information Officer (CIO), has a Bachelor's degree in Information Systems and Master of Business Administration degree and is a Certified Information Systems Security Professional with over a decade of professional cybersecurity experience. The Company's program is aligned to industry frameworks and controls from the National Institute of Standards and Technology that allow the Company to identify the fundamental security capabilities and controls necessary to maintain and enhance the program. The Company utilizes a wide range of capabilities to maintain cybersecurity, including threat intelligence, multi-factor authentication, endpoint detection and response and security automation. As part of the cybersecurity risk management program, the Company has a set of Company-wide cybersecurity policies and procedures, including an Acceptable Use Policy as well as other policies covering subjects such as Access Control, Awareness and Training, Audit and Accountability, Configuration Management, Identification and Authentication, Media Protection, System and Communications Protection and Incident Response. These policies and procedures go through an internal review process and are approved by appropriate members of management. The Company requires all personnel, including contingent workers and business partners handling information on the Company’s behalf, to follow its cybersecurity policies and procedures. Regular training modules educate the Company’s team members on relevant cyber threats and trends and help prepare them for real-life phishing threats.
23
Made with FlippingBook Digital Proposal Creator