XML 24 R10.htm IDEA: XBRL DOCUMENT

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Abstract]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Management and Strategy

Overall Risk Management

We maintain a cybersecurity program that is reasonably designed to protect our information, and that of our customers, against cybersecurity threats that may result in adverse effects on the confidentiality, integrity, and availability of our information systems.

The Company integrates cybersecurity risk management into its broader risk management framework to promote a company-wide culture of cyber risk awareness. The head of our IT department continuously evaluates and addresses cyber risks in alignment with business objectives, operational needs and industry-accepted standards, such as the National Institute of Standards and Technology (“NIST”).

The Company has processes and procedures in place to monitor the prevention, detection, mitigation and remediation of cybersecurity risks. These include but are not limited to:

Maintaining a defined and practiced incident response plan;

Maintaining cyber insurance coverage;

Employing appropriate incident prevention and detection safeguards;

Maintaining a defined disaster recovery policy and employing disaster recovery software, where appropriate;

Educating, training and testing our user community on information security practices and identification of potential cybersecurity risks and threats; and

Reviewing and evaluating new developments in the cyber threat landscape.

Managing Third Party Risk

Koil Energy recognizes the risks associated with the use of vendors, service providers and other third parties that provide information system services to us, process information on our behalf, or have access to our information systems, and the Company has processes in place to oversee and manage these risks. We conduct thorough risk-weighted security assessments of various third-parties and maintain ongoing monitoring to ensure compliance with our cybersecurity standards. This monitoring includes both annual assessments and assessments on an ongoing basis.

Risks from Cybersecurity Incidents

To our knowledge, Koil Energy has not been subject to cybersecurity incidents that have materially affected, or are reasonably likely to materially affect the Company, its operations or financial condition.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

The Company integrates cybersecurity risk management into its broader risk management framework to promote a company-wide culture of cyber risk awareness.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Governance

Internal Cybersecurity Team

Our internal cybersecurity team, led by our IT Manager, is responsible for implementing, monitoring, and maintaining cybersecurity and data protection practices across the company. Our IT Manager has over 14 years in cybersecurity work experience and managing all levels of the Company’s on-premises and cloud infrastructure.

Management

Our management team periodically participates in the review of our cybersecurity systems, processes, threats and incidents with our internal cybersecurity team, including the controls and procedures that provide for the prompt escalation of certain cybersecurity incidents so that decisions regarding the public disclosure and reporting of such incidents can be made by management in a timely manner.

Board of Directors

The Audit Committee of the Company’s Board of Directors (the “Board”) is responsible for overseeing the Company’s cyber risk. Management has established a process for the Audit Committee to receive regular updates that encompass a broad range of topics, including:

	·	Current cybersecurity threat landscape and emerging threats;
	·	Status of ongoing cybersecurity initiatives and strategies;
	·	Incident reports and learnings from unique cybersecurity events, including those of other companies;
	·	Compliance status and efforts with regulatory requirements and industry standards;
	·	Regulatory updates;
	·	Vulnerability developments; and
	·	Other cyber risk topics as requested by the Board.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Audit Committee of the Company’s Board of Directors (the “Board”) is responsible for overseeing the Company’s cyber risk.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Management has established a process for the Audit Committee to receive regular updates that encompass a broad range of topics

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Our internal cybersecurity team, led by our IT Manager, is responsible for implementing, monitoring, and maintaining cybersecurity and data protection practices across the company.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our IT Manager has over 14 years in cybersecurity work experience and managing all levels of the Company’s on-premises and cloud infrastructure.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true