Search SEC Filings

...Complementing our Information Security Policy Framework, we conduct regular cybersecurity training campaigns that emphasize the importance of cybersecurity awareness. These campaigns address relevant cybersecurity topics, such as common cybersecurity threats, phishing awareness, and best practices for safeguarding sensitive information. Employees are held accountable for completing all assigned cybersecurity programs and...

...Secure Communications (formerly “Cybersecurity”), IoT (and, collectively with Cybersecurity, “Software & Services”), and Licensing, as further discussed in Note 11. Significant Accounting Policies and Critical Accounting Estimates There have been no material changes to the Company’s accounting policies or critical accounting estimates from those described in the Annual Financial Statements...

...Secure Communications (formerly “Cybersecurity”), IoT (and, collectively with Cybersecurity, “Software & Services”), and Licensing, as further discussed in Note 11. Significant Accounting Policies and Critical Accounting Estimates There have been no material changes to the Company’s accounting policies or critical accounting estimates from those described in the Annual Financial Statements...

...The Company’s Cybersecurity and Martech business provides cloud-based subscription services to consumers and businesses including cybersecurity, privacy, and marketing technology. Impairment or Disposal of Long-Lived Assets The Company assesses whether events or changes in circumstances have occurred that potentially indicate the carrying amount of definite-lived assets...

...The Company’s Cybersecurity and Martech business provides cloud-based subscription services to consumers and businesses including cybersecurity, privacy, and marketing technology. Impairment or Disposal of Long-Lived Assets The Company assesses whether events or changes in circumstances have occurred that potentially indicate the carrying amount of definite-lived assets...

...The Company’s Cybersecurity and Martech business provides cloud-based subscription services to consumers and businesses including cybersecurity, privacy, and marketing technology. Impairment or Disposal of Long-Lived Assets The Company assesses whether events or changes in circumstances have occurred that potentially indicate the carrying amount of definite-lived assets...

...Further, the SEC recently adopted new cybersecurity disclosure rules for public companies that require disclosure regarding cybersecurity risk management (including the board’s role in overseeing cybersecurity risks, management’s role and expertise in assessing and managing cybersecurity risks, and processes for assessing, identifying, and managing cybersecurity risks) in annual...

...Risk Management and Strategy Processes for Assessing, Identifying, and Managing Cybersecurity Threats: The Company maintains a fully defined set of documentation for assessing, identifying, and managing material risks from cybersecurity threats. We recognize the risk that cybersecurity threats pose to our operations, and cybersecurity is an integral component of our...

...Risk Management and Strategy Processes for Assessing, Identifying, and Managing Cybersecurity Threats: The Company maintains a fully defined set of documentation for assessing, identifying, and managing material risks from cybersecurity threats. We recognize the risk that cybersecurity threats pose to our operations, and cybersecurity is an integral component of our...

...However, due to the importance of cybersecurity to our company, in July 2024, our board of directors formed Cybersecurity Committee of our board of directors (the “ Cybersecurity 46 Table of Contents Committee ”), which is solely dedicated to cybersecurity risk management. Our executives with responsibility over cybersecurity, including our Chief Information...

...However, due to the importance of cybersecurity to our company, in July 2024, our board of directors formed Cybersecurity Committee of our board of directors (the “ Cybersecurity 46 Table of Contents Committee ”), which is solely dedicated to cybersecurity risk management. Our executives with responsibility over cybersecurity, including our Chief Information...

...Our cybersecurity risk mitigation strategy is designed so that the Company’s cybersecurity program is aligned with generally accepted cybersecurity standards and frameworks, in particular the NIST Cybersecurity Framework, or “NIST CSF,” and our Company is externally audited, or certified, with ISO27001 partial scope. We maintain an Office of Cybersecurity...

...Cybersecurity We have a cross-departmental approach to addressing cybersecurity risk, including input from employees and our Board of Directors (the Board). The Board, Audit Committee and senior management devote significant resources to cybersecurity and risk management processes to adapt to the changing cybersecurity landscape and respond to emerging threats...

...COMMITMENTS AND CONTINGENCIES Litigation, Claims and Government Investigations Related to the 2017 Cybersecurity Incident. In 2017, we experienced a cybersecurity incident following a criminal attack on our systems that involved the theft of certain personally identifiable information of U.S., Canadian and U.K. consumers. Following the 2017 cybersecurity incident...

...We therefore continue to make investments in our cybersecurity infrastructure and training of employees, which may result in increased costs, to strengthen our cybersecurity measures. See also Part I, Item 1A. - “Risk Factors, Technology, IT Systems and Cybersecurity Risks” and Part I, Item 1C - “Cybersecurity.” 47 Trends in Our Business...

...The Cybersecurity and Technology Subcommittee has oversight responsibility for cybersecurity risk management and cyber resiliency and certain technology matters . The Risk Management Committee and its Cybersecurity and Technology Subcommittee receive quarterly reports from management on cybersecurity issues, including cybersecurity threats. The Board’s Risk Management Committee and Audit Committee also...

...The Cybersecurity and Technology Subcommittee has oversight responsibility for cybersecurity risk management and cyber resiliency and certain technology matters . The Risk Management Committee and its Cybersecurity and Technology Subcommittee receive quarterly reports from management on cybersecurity issues, including cybersecurity threats. The Board’s Risk Management Committee and Audit Committee also...

...Cybersecurity Governance Okta’s board oversees Okta’s enterprise risk management program, of which cybersecurity is a critical component. To facilitate the board’s supervision of cybersecurity matters, the board formed a cybersecurity risk committee. Among other responsibilities, the cybersecurity risk committee oversees Okta's cybersecurity program. The cybersecurity risk...

...Cybersecurity Risk Management and Strategy Our cybersecurity strategy prioritizes detection, analysis, and response to known, anticipated or unexpected cybersecurity threats; effective management of cybersecurity risks; and resiliency against incidents. Our cybersecurity risk management processes include technical security controls, policy enforcement mechanisms, monitoring systems, team member training, contractual arrangements, tools and...

...Cybersecurity Risk Management and Strategy Our cybersecurity strategy prioritizes detection, analysis, and response to known, anticipated or unexpected cybersecurity threats; effective management of cybersecurity risks; and resiliency against incidents. Our cybersecurity risk management processes include technical security controls, policy enforcement mechanisms, monitoring systems, team member training, contractual arrangements, tools and...