diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..7885181
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,33 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 12.x    | :white_check_mark: |
+| 11.x    | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+_Please do not report security vulnerabilities through public GitHub issues._
+
+Instead, report a vulnerability through GitHub's security advisory feature at
+https://github.com/carbon-design-system/carbon-icons-svelte/security/advisories/new
+
+Please include a description of the issue, the steps you took to create the
+issue, affected versions, and, if known, mitigations for the issue. Our team
+aims to respond to all new vulnerability reports within 7 business days.
+
+Additional information on reporting vulnerabilities to IBM is available at
+https://www.ibm.com/trust/security-psirt
+
+## Preferred languages
+
+We prefer all communications to be in English.
+
+## Comments on this policy
+
+If you have suggestions on how this process could be improved please
+[submit a pull request](https://github.com/carbon-design-system/carbon-icons-svelte/compare)
+or [file an issue](https://github.com/carbon-design-system/carbonicons-svelte/issues/new) to
+discuss.