XML 69 R46.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
The Company's business and proprietary information, information technology and operational technology assets are important to its success. The Company's cybersecurity program is designed to protect its information assets and operations from external and internal cyber threats by seeking to mitigate and manage risks while helping to ensure business resilience. The program is applied across all levels of the Company.
The Company takes a risk-based approach to cybersecurity and has implemented policies that are designed to address cybersecurity threats and incidents, including those related to third-party service providers. The Company assesses risks from cybersecurity threats, monitors its information systems for potential vulnerabilities and tests those systems pursuant to the Company's cybersecurity standards, processes and practices, as part of the Company's overall risk management system. The Company also leverages external resources and advisors as needed to reinforce its cybersecurity capacity. External consultants perform testing exercises to further assess the Company's cybersecurity program on an annual basis, or more frequently if circumstances warrant such testing.
The Company's cybersecurity strategy is guided by prioritized risk, the National Institute for Standards and Technology (NIST) Cybersecurity Framework, and emerging business needs. The Company maintains a cybersecurity incident response plan, as well as a monitoring program, to support senior leadership and the Board.
The Company's cybersecurity team manages its incident response plan and monitoring program. Company employees are provided cybersecurity awareness training, which includes topics on the Company's policies and procedures for reporting potential incidents. The Company's cybersecurity team is focused on evaluating emerging risks, regulations, and compliance matters and updating the policies and procedures accordingly.
To date, cybersecurity risks, including as a result of any previous cybersecurity incidents, have not materially affected and we believe are not reasonably likely to affect the Company, including its business strategy, results of operations or financial condition. Refer to the risk factor captioned “Our business and operations would suffer in the event of system failures or cyber security attacks” in Part I, Item 1A. “Risk Factors” for additional description of cybersecurity risks and potential related impacts on the Company.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] The Company's business and proprietary information, information technology and operational technology assets are important to its success. The Company's cybersecurity program is designed to protect its information assets and operations from external and internal cyber threats by seeking to mitigate and manage risks while helping to ensure business resilience. The program is applied across all levels of the Company.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
The Board oversees the Company's risk management process directly and through its committees. Pursuant to the Audit Committee Charter, the Audit Committee of the Board provides compliance oversight to the Company's risk assessment and risk management policies and the steps management has taken to monitor and mitigate such exposures and risks.
The Company's Senior Director, Information Security & Network Systems, in coordination with the Senior Vice President, Information Technology, is responsible for leading the assessment and management of cybersecurity risks. The Senior Director, Information Security & Network Systems and Senior Vice President, Information Technology regularly review and assess cybersecurity initiatives and are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents through briefings with internal and external personnel as well as alerts from security measures deployed in the Company's IT environment. These individuals collectively have over 30 years of experience in information security. The Senior Vice President, Information Technology reports to the Board, the Audit Committee and management on cybersecurity risk assessment, policies, incident prevention, detection, mitigation, and remediation of cybersecurity incidents on an as needed basis.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Board oversees the Company's risk management process directly and through its committees. Pursuant to the Audit Committee Charter, the Audit Committee of the Board provides compliance oversight to the Company's risk assessment and risk management policies and the steps management has taken to monitor and mitigate such exposures and risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Senior Vice President, Information Technology reports to the Board, the Audit Committee and management on cybersecurity risk assessment, policies, incident prevention, detection, mitigation, and remediation of cybersecurity incidents on an as needed basis.
Cybersecurity Risk Role of Management [Text Block]
The Board oversees the Company's risk management process directly and through its committees. Pursuant to the Audit Committee Charter, the Audit Committee of the Board provides compliance oversight to the Company's risk assessment and risk management policies and the steps management has taken to monitor and mitigate such exposures and risks.
The Company's Senior Director, Information Security & Network Systems, in coordination with the Senior Vice President, Information Technology, is responsible for leading the assessment and management of cybersecurity risks. The Senior Director, Information Security & Network Systems and Senior Vice President, Information Technology regularly review and assess cybersecurity initiatives and are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents through briefings with internal and external personnel as well as alerts from security measures deployed in the Company's IT environment. These individuals collectively have over 30 years of experience in information security. The Senior Vice President, Information Technology reports to the Board, the Audit Committee and management on cybersecurity risk assessment, policies, incident prevention, detection, mitigation, and remediation of cybersecurity incidents on an as needed basis.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Company's Senior Director, Information Security & Network Systems, in coordination with the Senior Vice President, Information Technology, is responsible for leading the assessment and management of cybersecurity risks. The Senior Director, Information Security & Network Systems and Senior Vice President, Information Technology regularly review and assess cybersecurity initiatives and are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents through briefings with internal and external personnel as well as alerts from security measures deployed in the Company's IT environment. These individuals collectively have over 30 years of experience in information security. The Senior Vice President, Information Technology reports to the Board, the Audit Committee and management on cybersecurity risk assessment, policies, incident prevention, detection, mitigation, and remediation of cybersecurity incidents on an as needed basis.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] These individuals collectively have over 30 years of experience in information security.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Company's Senior Director, Information Security & Network Systems, in coordination with the Senior Vice President, Information Technology, is responsible for leading the assessment and management of cybersecurity risks. The Senior Director, Information Security & Network Systems and Senior Vice President, Information Technology regularly review and assess cybersecurity initiatives and are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents through briefings with internal and external personnel as well as alerts from security measures deployed in the Company's IT environment. These individuals collectively have over 30 years of experience in information security. The Senior Vice President, Information Technology reports to the Board, the Audit Committee and management on cybersecurity risk assessment, policies, incident prevention, detection, mitigation, and remediation of cybersecurity incidents on an as needed basis.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true