Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	As part of our overall risk management processes, we maintain a process for assessing, identifying and managing material risks from cybersecurity threats, including risks relating to the disruption of business operations or financial reporting systems, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy laws and other legal and reputational risks (Cybersecurity Management Process). This process is focused on our main operating facilities and networks in Israel, while the processes at our subsidiaries abroad are led by local management and vary in light of their respective needs, operational considerations and regulatory requirements. Cybersecurity risks are considered under our Cybersecurity Management Process on an ongoing basis and alongside other company risks as part of the Board's annual review of the Company's overall risk profile. The Cybersecurity Management Process is based on methodologies implemented in consultation with external enterprise risk professionals and with the involvement of company subject matter experts and management, as applicable. The process includes gathering information necessary to identify risks, evaluating the nature and severity of these risks, recognizing mitigation strategies, assessing the impact of these strategies on residual risks, as well as effectively responding to cybersecurity incidents when they occur. Our Cybersecurity Management Process includes: •a cybersecurity and information security framework that includes risk assessment and mitigation through a threat intelligence-driven approach, application controls, and enhanced security defenses. We strive to act in accordance with industry best practices as well as guidelines and instructions of the Israeli Director of Security of the Defense Establishment (DSDE); •development, implementation, and improvement of policies and procedures designed to safeguard information and maintain availability of critical data and systems; •utilization of software and hardware solutions designed to protect and monitor our environment, including, among others, multifactor authentication, access controls, system backups, encryption, firewalls, intrusion detection and prevention systems, misconfiguration systems and identity management systems – in each case, for specific systems as determined by the Company; •leveraging ISO-27001/27032/27035 and ISO-27017/27018 standards for general information technology controls, and Sarbanes-Oxley Act of 2002 requirements for assessment of internal controls; •information security awareness training, including among others “phishing testing” conducted on a quarterly basis by our cybersecurity team for employees, cybersecurity updates on a regular basis and enhanced training on a quarterly basis for specialized employees involved in our systems and processes that handle sensitive information, customer data and audits. We also run tabletop exercises led by our Chief Information Security Officer (CISO) for our Executive Vice President - Chief Operating Officer (COO), Chief Security Officer (CSO) and Chief Information Officer (CIO) on an annual basis to simulate a response to a cybersecurity incident, and use the findings to improve our practices, procedures, and technologies; •a Cybersecurity Incident Response Plan, which provides a framework for handling cybersecurity incidents. Our Cybersecurity Incident Response Plan is based on the severity of the incident and facilitates cross-functional coordination across the Company and compliance with potentially applicable legal obligations, including processes for reporting material cybersecurity incidents to the Board and issuance of timely reports and public disclosures, when applicable. In addition, we have established at our headquarters in Israel a Security Operations Center (SOC) to monitor and detect cyber incidents in real time and to manage our methodological response to cyber incidents, which is managed by our detection and response (D&R) team; •regular testing of our controls through penetration testing, vulnerability scanning, and attack simulation (including by utilizing breach attack simulations systems and using independent third-party service providers, as described below); •collaborating with our peers in the areas of threat intelligence, vulnerability management and response and drills, while also sharing threat intelligence and best practices across different industries to fight cybercrime, enhance privacy, discuss new technologies, better understand the evolving regulatory environment, and advance capabilities in these areas; •identification of threats associated with our use of third-party service providers, including by conducting surveys as necessary on a project-by project basis, while taking into consideration the needs of the project and in accordance with the level of risk associated with such project. We also include data security obligations and data breach notification requirements in our agreements with third-party service providers that have access to information originated from our IT systems, as necessary on a project-by project basis; and •engagement of independent third-party service providers in connection with our Cybersecurity Management Process who regularly: (a) review, assess and report on our internal incident response preparedness and help identify areas for continued focus and improvement; and (b) test for cyber vulnerabilities. Elbit Systems has also initiated regular information technology reviews performed by a third party based on ISO-27001/27032/27035 and ISO-27017/27018. In addition, as an Israeli defense company, we are subject to periodic reviews by the DSDE, in which our cybersecurity processes, technologies and professional capabilities and certifications are evaluated in relation to the DSDE's requirements and standards. In recent years we have devoted significant resources in an increasing level, to configure, operate, maintain, monitor, upgrade and improve the security of our systems and databases, handle cyber-incidents and meet applicable customer requirements regarding their protection. As of the date hereof, our business strategy, results of operations and financial condition have not been materially affected by risks from cybersecurity threats, including as a result of previous cybersecurity incidents, but we cannot provide assurance that they will not be materially affected in the future by such risks and any future material incidents. We have experienced an increase in the amount of these threats and attempted cyber-attacks over the last year, which may be related to the geopolitical environment. However, none of these acts were estimated to have had a material effect on the Company Where required, relevant authorities were notified in accordance with the relevant procedures the Company and its subsidiaries have in place. As reported in our annual report for 2022, during 2022 our monitoring and protection systems detected a cyber-incident at our U.S. subsidiary involving unauthorized access by a ransomware group to our subsidiary's network that resulted in disclosure of certain personal data and a minimal amount of non-critical business data. The incident was contained through the implementation of various measures, including the immediate shut-down of the network, which was gradually restored. Relevant authorities were notified by our subsidiary. We believe this incident did not have a material impact on the Company. For additional information related to our cybersecurity risks, see Item 3. Key Information – Risk Factors – Risks Related to Our Operations – A cyber or security attack or other similar incident resulting in a breach, disruption or failure in our or our supply chain's digital environment could adversely affect us.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Cybersecurity risks are considered under our Cybersecurity Management Process on an ongoing basis and alongside other company risks as part of the Board's annual review of the Company's overall risk profile. The Cybersecurity Management Process is based on methodologies implemented in consultation with external enterprise risk professionals and with the involvement of company subject matter experts and management, as applicable. The process includes gathering information necessary to identify risks, evaluating the nature and severity of these risks, recognizing mitigation strategies, assessing the impact of these strategies on residual risks, as well as effectively responding to cybersecurity incidents when they occur.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Board is primarily responsible for the oversight of risks from cybersecurity threats. To fulfill this responsibility, our Board holds regular cybersecurity discussions on a semi-annual basis, during which it receives reports about cybersecurity risks from our COO, CISO, CSO and/or CIO and reviews the implementation and administration of the Cybersecurity Management Process. These reports may include, among others and as relevant: (a) a presentation of the Cybersecurity Work Plan and its status; (b) updates of the Audit and Financial Statements Review Committee - Acting as the Audit Committee in respect of its discussions and audits of the internal audit; (b) information regarding resource utilization, main actions taken, external consulting, new tools, audits and trainings with respect to cybersecurity; (c) updates of material cybersecurity threats or incidents and responses thereto if relevant; (d) regulatory updates; and (e) updates on cybersecurity trends, threat intelligence landscape and the results of assessments performed by internal stakeholders or third-party advisors. Furthermore, as part of the Company's risk management process, the Board holds an annual review of the Company's risk profile which considers cybersecurity risks, as described above. In addition, the Board, as well as the Audit and Financial Statements Review Committee - Acting as the Audit Committee, may conduct discussions on cybersecurity matters outside of the regular semi-annual discussions, as it deems necessary. As mentioned above, there are also internal escalation processes in place within the framework of our Cybersecurity Incident Response Plan for providing ad-hoc updates to the Board regarding material cybersecurity incidents.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	the Board holds an annual review of the Company's risk profile which considers cybersecurity risks, as described above. In addition, the Board, as well as the Audit and Financial Statements Review Committee - Acting as the Audit Committee, may conduct discussions on cybersecurity matters outside of the regular semi-annual discussions, as it deems necessary.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	our Board holds regular cybersecurity discussions on a semi-annual basis, during which it receives reports about cybersecurity risks from our COO, CISO, CSO and/or CIO and reviews the implementation and administration of the Cybersecurity Management Process.there are also internal escalation processes in place within the framework of our Cybersecurity Incident Response Plan for providing ad-hoc updates to the Board regarding material cybersecurity incidents.
Cybersecurity Risk Role of Management [Text Block]	Management The Cybersecurity Management Process described above is managed by our COO and primarily implemented by our CISO, CIO and CSO. Our CSO is authorized in accordance with the Israeli Regulation of Security in Public Entities Law, 5758-1998 and the procedures of the DSDE and the Company, to implement and oversee the Company's security guidelines and protection of the Company's networks in Israel, including by managing information security incidents, including cybersecurity incidents. The day-to-day execution of our Cybersecurity Management Process, including the implementation of our information security strategy, policy, operations and cyber threat detection and response, is led by our CISO, who directly manages our cybersecurity team, comprising mainly of: (i) the design & implementation (D&I) team, which focuses on planning cyber defense architecture, topology and solutions for various systems of the Company, including our IT environment, and ongoing work with other relevant parties in the Company on the implementation of such cyber defense solutions; (ii) the governance, risk, compliance awareness (GRACE) team, which manages the Company's operations related to cybersecurity, including by: (A) applying procedures, principles and rules aiming to create a secured organizational environment that corresponds with the Company's policies and values; (B) identifying, verifying and managing cybersecurity risks; (C) determining standards of compliance to applicable law, regulations and internal procedures; (D) creating organizational awareness to cybersecurity threats and their effects; and (E) educating and exercising both human and technological systems to deal with cyber events; (iii) the D&R team, as described above, which monitors and detects cyber incidents in real time through the SOC and manages our methodological response to cyber incidents; (iv) the Intelligence & Defense (I&D) team that consolidates the intelligence obtained from different sources and submits it to the Company's relevant planning and application parties, who translates such intelligence to a collection of various defensive actions, and in addition, liaises between the CISO and the Company's divisions regarding cybersecurity aspects originating from the security policies of the DSDE and/or the Company; and (v) the system defense team, which focuses on cybersecurity aspects related to the Company's products and on the security of the supply chain from a software, code and development perspective. The execution of our cybersecurity processes is achieved also through ongoing periodic updates by our CISO to our COO, CIO and CSO, based on a pre-defined topic-based reporting matrix and also via ad-hoc updates and reports as required. Our CISO is a certified Chief Information Security Officer, cyber security methodology professional and cyber security technology professional and has extensive professional experience in cyber security, information security, information technologies operations and in designing, implementing, and managing enterprise security solutions at large scales and across multiple regions. Our cybersecurity processes, which are part of our Cybersecurity Management Process, are reviewed, updated and approved by our COO, CIO and CSO, with the involvement of additional professionals as applicable, based on analysis of the Company's current cybersecurity needs and the tools and technologies that could further enhance the Company's cybersecurity resilience and capabilities to address such needs. Management has also adopted a multi-year cybersecurity work plan, which is formulated in coordination with the Company's cybersecurity professionals and approved annually (Cybersecurity Work Plan) by our COO and President and CEO. The Cybersecurity Work Plan and its implementation are reviewed and assessed by our COO on a periodic basis or earlier as necessary. As an additional and complementing layer of review and assessment of our Cybersecurity Management Process, our internal auditor examines risk-related aspects of the Company's cybersecurity controls. The findings and suggestions of such audits are reported on an ongoing basis by our internal auditor to our Audit and Financial Statements Review Committee - Acting as the Audit Committee, which discusses said reports, findings and suggestions and provides guidelines and updates to the Board where necessary. Furthermore, within the framework of our Cybersecurity Incident Response Plan, we have internal escalation processes in place regarding cybersecurity incidents, to facilitate an efficient and timely flow of information to our CISO, CSO and relevant members of management (and ultimately to our Board, as discussed below).
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The Cybersecurity Management Process described above is managed by our COO and primarily implemented by our CISO, CIO and CSO. Our CSO is authorized in accordance with the Israeli Regulation of Security in Public Entities Law, 5758-1998 and the procedures of the DSDE and the Company, to implement and oversee the Company's security guidelines and protection of the Company's networks in Israel, including by managing information security incidents, including cybersecurity incidents.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CISO is a certified Chief Information Security Officer, cyber security methodology professional and cyber security technology professional and has extensive professional experience in cyber security, information security, information technologies operations and in designing, implementing, and managing enterprise security solutions at large scales and across multiple regions.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The execution of our cybersecurity processes is achieved also through ongoing periodic updates by our CISO to our COO, CIO and CSO, based on a pre-defined topic-based reporting matrix and also via ad-hoc updates and reports as required.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

As part of our overall risk management processes, we maintain a process for assessing, identifying and managing material risks from cybersecurity threats, including risks relating to the disruption of business operations or financial reporting systems, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy laws and other legal and reputational risks (Cybersecurity Management Process). This process is focused on our main operating facilities and networks in Israel, while the processes at our subsidiaries abroad are led by local management and vary in light of their respective needs, operational considerations and regulatory requirements.

Cybersecurity risks are considered under our Cybersecurity Management Process on an ongoing basis and alongside other company risks as part of the Board's annual review of the Company's overall risk profile. The Cybersecurity Management Process is based on methodologies implemented in consultation with external enterprise risk professionals and with the involvement of company subject matter experts and management, as applicable. The process includes gathering information necessary to identify risks, evaluating the nature and severity of these risks, recognizing mitigation strategies, assessing the impact of these strategies on residual risks, as well as effectively responding to cybersecurity incidents when they occur.

Our Cybersecurity Management Process includes:

•a cybersecurity and information security framework that includes risk assessment and mitigation through a threat intelligence-driven approach, application controls, and enhanced security defenses. We strive to act in accordance with industry best practices as well as guidelines and instructions of the Israeli Director of Security of the Defense Establishment (DSDE);

•development, implementation, and improvement of policies and procedures designed to safeguard information and maintain availability of critical data and systems;

•utilization of software and hardware solutions designed to protect and monitor our environment, including, among others, multifactor authentication, access controls, system backups, encryption, firewalls, intrusion detection and prevention systems, misconfiguration systems and identity management systems – in each case, for specific systems as determined by the Company;

•leveraging ISO-27001/27032/27035 and ISO-27017/27018 standards for general information technology controls, and Sarbanes-Oxley Act of 2002 requirements for assessment of internal controls;

•information security awareness training, including among others “phishing testing” conducted on a quarterly basis by our cybersecurity team for employees, cybersecurity updates on a regular basis and enhanced training on a quarterly basis for specialized employees involved in our systems and processes that handle sensitive information, customer data and audits. We also run tabletop exercises led by our Chief Information Security Officer (CISO) for our Executive Vice President - Chief Operating Officer (COO), Chief Security Officer (CSO) and Chief Information Officer (CIO) on an annual basis to simulate a response to a cybersecurity incident, and use the findings to improve our practices, procedures, and technologies;

•a Cybersecurity Incident Response Plan, which provides a framework for handling cybersecurity incidents. Our Cybersecurity Incident Response Plan is based on the severity of the incident and facilitates cross-functional coordination across the Company and compliance with potentially applicable legal obligations, including processes for reporting material cybersecurity incidents to the Board and issuance of timely reports and public disclosures, when applicable. In addition, we have established at our headquarters in Israel a Security Operations Center (SOC) to monitor and detect cyber incidents in real time and to manage our methodological response to cyber incidents, which is managed by our detection and response (D&R) team;

•regular testing of our controls through penetration testing, vulnerability scanning, and attack simulation (including by utilizing breach attack simulations systems and using independent third-party service providers, as described below);

•collaborating with our peers in the areas of threat intelligence, vulnerability management and response and drills, while also sharing threat intelligence and best practices across different industries to fight cybercrime, enhance privacy, discuss new technologies, better understand the evolving regulatory environment, and advance capabilities in these areas;

•identification of threats associated with our use of third-party service providers, including by conducting surveys as necessary on a project-by project basis, while taking into consideration the needs of the project and in accordance with the level of risk associated with such project. We also include data security obligations and data breach notification requirements in our agreements with third-party service providers that have access to information originated from our IT systems, as necessary on a project-by project basis; and

•engagement of independent third-party service providers in connection with our Cybersecurity Management Process who regularly: (a) review, assess and report on our internal incident response preparedness and help identify areas for continued focus and improvement; and (b) test for cyber vulnerabilities. Elbit Systems has also initiated regular information technology reviews performed by a third party based on ISO-27001/27032/27035 and ISO-27017/27018. In addition, as an Israeli defense company, we are subject to periodic reviews by the DSDE, in which our cybersecurity processes, technologies and professional capabilities and certifications are evaluated in relation to the DSDE's requirements and standards.

In recent years we have devoted significant resources in an increasing level, to configure, operate, maintain, monitor, upgrade and improve the security of our systems and databases, handle cyber-incidents and meet applicable customer requirements regarding their protection. As of the date hereof, our business strategy, results of operations and financial condition have not been materially affected by risks from cybersecurity threats, including as a result of previous cybersecurity incidents, but we cannot provide assurance that they will not be materially affected in the future by such risks and any future material incidents. We have experienced an increase in the amount of these threats and attempted cyber-attacks over the last year, which may be related to the geopolitical environment. However, none of these acts were estimated to have had a material effect on the Company Where required, relevant authorities were notified in accordance with the relevant procedures the Company and its subsidiaries have in place. As reported in our annual report for 2022, during 2022 our monitoring and protection systems detected a cyber-incident at our U.S. subsidiary involving unauthorized access by a ransomware group to our subsidiary's network that resulted in disclosure of certain personal data and a minimal amount of non-critical business data. The incident was contained through the implementation of various measures, including the immediate shut-down of the network, which was gradually restored. Relevant authorities were notified by our subsidiary. We believe this incident did not have a material impact on the Company. For additional information related to our cybersecurity risks, see Item 3. Key Information – Risk Factors – Risks Related to Our Operations – A cyber or security attack or other similar incident resulting in a breach, disruption or failure in our or our supply chain's digital environment could adversely affect us.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

The Board is primarily responsible for the oversight of risks from cybersecurity threats. To fulfill this responsibility, our Board holds regular cybersecurity discussions on a semi-annual basis, during which it receives reports about cybersecurity risks from our COO, CISO, CSO and/or CIO and reviews the implementation and administration of the Cybersecurity Management Process. These reports may include, among others and as relevant: (a) a presentation of the Cybersecurity Work Plan and its status; (b) updates of the Audit and Financial Statements Review Committee - Acting as the Audit Committee in respect of its discussions and audits of the internal audit; (b) information regarding resource utilization, main actions taken, external consulting, new tools, audits and trainings with respect to cybersecurity; (c) updates of material cybersecurity threats or incidents and responses thereto if relevant; (d) regulatory updates; and (e) updates on cybersecurity trends, threat intelligence landscape and the results of assessments performed by internal stakeholders or third-party advisors.

Furthermore, as part of the Company's risk management process, the Board holds an annual review of the Company's risk profile which considers cybersecurity risks, as described above. In addition, the Board, as well as the Audit and Financial Statements Review Committee - Acting as the Audit Committee, may conduct discussions on cybersecurity matters outside of the regular semi-annual discussions, as it deems necessary.

As mentioned above, there are also internal escalation processes in place within the framework of our Cybersecurity Incident Response Plan for providing ad-hoc updates to the Board regarding material cybersecurity incidents.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

the Board holds an annual review of the Company's risk profile which considers cybersecurity risks, as described above. In addition, the Board, as well as the Audit and Financial Statements Review Committee - Acting as the Audit Committee, may conduct discussions on cybersecurity matters outside of the regular semi-annual discussions, as it deems necessary.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

our Board holds regular cybersecurity discussions on a semi-annual basis, during which it receives reports about cybersecurity risks from our COO, CISO, CSO and/or CIO and reviews the implementation and administration of the Cybersecurity Management Process.there are also internal escalation processes in place within the framework of our Cybersecurity Incident Response Plan for providing ad-hoc updates to the Board regarding material cybersecurity incidents.

Cybersecurity Risk Role of Management [Text Block]

Management

The Cybersecurity Management Process described above is managed by our COO and primarily implemented by our CISO, CIO and CSO.

Our CSO is authorized in accordance with the Israeli Regulation of Security in Public Entities Law, 5758-1998 and the procedures of the DSDE and the Company, to implement and oversee the Company's security guidelines and protection of the Company's networks in Israel, including by managing information security incidents, including cybersecurity incidents.

The day-to-day execution of our Cybersecurity Management Process, including the implementation of our information security strategy, policy, operations and cyber threat detection and response, is led by our CISO, who directly manages our cybersecurity team, comprising mainly of: (i) the design & implementation (D&I) team, which focuses on planning cyber defense architecture, topology and solutions for various systems of the Company, including our IT environment, and ongoing work with other relevant parties in the Company on the implementation of such cyber defense solutions; (ii) the governance, risk, compliance awareness (GRACE) team, which manages the Company's operations related to cybersecurity, including by: (A) applying procedures, principles and rules aiming to create a secured organizational environment that corresponds with the Company's policies and values; (B) identifying, verifying and managing cybersecurity risks; (C) determining standards of compliance to applicable law, regulations and internal procedures; (D) creating organizational awareness to cybersecurity threats and their effects; and (E) educating and exercising both human and technological systems to deal with cyber events; (iii) the D&R team, as described above, which monitors and detects cyber incidents in real time through the SOC and manages our methodological response to cyber incidents; (iv) the Intelligence & Defense (I&D) team that consolidates the intelligence obtained from different sources and submits it to the Company's relevant planning and application parties, who translates such intelligence to a collection of various defensive actions, and in addition, liaises between the CISO and the Company's divisions regarding cybersecurity aspects originating from the security policies of the DSDE and/or the Company; and (v) the system defense team, which focuses on cybersecurity aspects related to the Company's products and on the security of the supply chain from a software, code and development perspective. The execution of our cybersecurity processes is achieved also through ongoing periodic updates by our CISO to our COO, CIO and CSO, based on a pre-defined topic-based reporting matrix and also via ad-hoc updates and reports as required.

Our CISO is a certified Chief Information Security Officer, cyber security methodology professional and cyber security technology professional and has extensive professional experience in cyber security, information security, information technologies operations and in designing, implementing, and managing enterprise security solutions at large scales and across multiple regions.

Our cybersecurity processes, which are part of our Cybersecurity Management Process, are reviewed, updated and approved by our COO, CIO and CSO, with the involvement of additional professionals as applicable, based on analysis of the Company's current cybersecurity needs and the tools and technologies that could further enhance the Company's cybersecurity resilience and capabilities to address such needs.

Management has also adopted a multi-year cybersecurity work plan, which is formulated in coordination with the Company's cybersecurity professionals and approved annually (Cybersecurity Work Plan) by our COO and President and CEO. The Cybersecurity Work Plan and its implementation are reviewed and assessed by our COO on a periodic basis or earlier as necessary.

As an additional and complementing layer of review and assessment of our Cybersecurity Management Process, our internal auditor examines risk-related aspects of the Company's cybersecurity controls. The findings and suggestions of such audits are reported on an ongoing basis by our internal auditor to our Audit and Financial Statements Review Committee - Acting as the Audit Committee, which discusses said reports, findings and suggestions and provides guidelines and updates to the Board where necessary. Furthermore, within the framework of our Cybersecurity Incident Response Plan, we have internal escalation processes in place regarding cybersecurity incidents, to facilitate an efficient and timely flow of information to our CISO, CSO and relevant members of management (and ultimately to our Board, as discussed below).

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

The Cybersecurity Management Process described above is managed by our COO and primarily implemented by our CISO, CIO and CSO.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The execution of our cybersecurity processes is achieved also through ongoing periodic updates by our CISO to our COO, CIO and CSO, based on a pre-defined topic-based reporting matrix and also via ad-hoc updates and reports as required.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true