XML 51 R35.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
The Company also engages with third parties on an as-needed basis to advise and assist in managing cybersecurity risks. When the Company utilizes third-party services that include web-based platforms or data collection stored on third-party servers, it reviews the service provider’s SOC1 attestation reports on internal controls and inquires regarding controls and procedures utilized by such third parties with respect to cybersecurity of the Company’s data.
The Company has in place a cybersecurity incident response plan. Procedures for addressing cybersecurity incidents include reporting incidents up to senior management, including the Company’s legal department for analysis. If a cybersecurity incident were determined to be material by the Company's legal department, the Company’s Audit Committee would be informed promptly and the Company’s disclosure committee would address appropriate public disclosures. As noted above, management regularly reports to the Audit Committee regarding the current cyber threat environment and the controls and procedures meant to address such risks.
The Company carries cyber risk insurance, but there can be no assurance that losses from a cybersecurity incident would not exceed the insurance coverage.
Although the Company has not experienced a cybersecurity incident that materially affected or, to the Company’s knowledge, is reasonably likely to materially affect the Company, including its business strategy, results of operations or financial condition, the Company has, from time to time, experienced threats to and breaches of its data and systems. The Company faces risks associated with security breaches through cyber attacks, cyber intrusions, or otherwise, as well as other significant disruptions of its information technology networks and related systems. These risks are described in more detail under Item 1A. Risk Factors.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] The Company annually reviews its overall risk profile with the Audit Committee and full Board of Directors. Assessing, identifying and managing material risks from cybersecurity threats are integrated into the Company’s overall risk management processes.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
The Company annually reviews its overall risk profile with the Audit Committee and full Board of Directors. Assessing, identifying and managing material risks from cybersecurity threats are integrated into the Company’s overall risk management processes.
The Audit Committee of the Company’s Board of Directors has oversight in the management of risks associated with cybersecurity. The Audit Committee is briefed regularly on cybersecurity matters, including meeting with the Company’s Chief Technology Officer at least annually and receiving a memorandum quarterly regarding cybersecurity. In addition, the Audit Committee discusses cybersecurity with other members of management and the internal audit staff at each quarterly meeting. The Audit Committee reports to the full Board of Directors quarterly regarding cybersecurity.
Management of the Company plays an integral role in assessing and managing risks from cybersecurity threats. The Company has a dedicated technology services department, led by the Company’s Chief Technology Officer. The Company also has an in-house internal audit staff that is involved in risk management of cybersecurity threats. The Company solicits input from key employees regarding the overall risk environment, including cybersecurity threats. The Company requires all employees to complete cybersecurity training semi-annually and periodically facilitates penetration tests on the Company's systems.
The Company’s Chief Technology Officer reports to the Company’s Executive Vice President and Chief Administrative Officer. In addition, as discussed in more detail below, any cybersecurity incident is reported to the Company’s legal department. Although the Company’s Executive Vice President and Chief Administrative Officer and the members of its legal department do not have a technology services background, we believe that the Company’s Chief Technology Officer and technology services team possess the requisite background and experience to effectively manage the Company’s cybersecurity needs. The Company's Chief Technology Officer has extensive information technology and program management experience from service in the government and private and public Fortune 100 companies. He has expanded the Company's cybersecurity program over the last several years resulting in a robust enterprise security posture focused on preventing cybersecurity incidents, while simultaneously increasing the Company's system resilience in an effort to minimize the business impact if an incident should occur.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Audit Committee of the Company’s Board of Directors has oversight in the management of risks associated with cybersecurity.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Audit Committee is briefed regularly on cybersecurity matters, including meeting with the Company’s Chief Technology Officer at least annually and receiving a memorandum quarterly regarding cybersecurity. In addition, the Audit Committee discusses cybersecurity with other members of management and the internal audit staff at each quarterly meeting. The Audit Committee reports to the full Board of Directors quarterly regarding cybersecurity.
Cybersecurity Risk Role of Management [Text Block]
Management of the Company plays an integral role in assessing and managing risks from cybersecurity threats. The Company has a dedicated technology services department, led by the Company’s Chief Technology Officer. The Company also has an in-house internal audit staff that is involved in risk management of cybersecurity threats. The Company solicits input from key employees regarding the overall risk environment, including cybersecurity threats. The Company requires all employees to complete cybersecurity training semi-annually and periodically facilitates penetration tests on the Company's systems.
The Company’s Chief Technology Officer reports to the Company’s Executive Vice President and Chief Administrative Officer. In addition, as discussed in more detail below, any cybersecurity incident is reported to the Company’s legal department. Although the Company’s Executive Vice President and Chief Administrative Officer and the members of its legal department do not have a technology services background, we believe that the Company’s Chief Technology Officer and technology services team possess the requisite background and experience to effectively manage the Company’s cybersecurity needs. The Company's Chief Technology Officer has extensive information technology and program management experience from service in the government and private and public Fortune 100 companies. He has expanded the Company's cybersecurity program over the last several years resulting in a robust enterprise security posture focused on preventing cybersecurity incidents, while simultaneously increasing the Company's system resilience in an effort to minimize the business impact if an incident should occur.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
The Audit Committee of the Company’s Board of Directors has oversight in the management of risks associated with cybersecurity. The Audit Committee is briefed regularly on cybersecurity matters, including meeting with the Company’s Chief Technology Officer at least annually and receiving a memorandum quarterly regarding cybersecurity. In addition, the Audit Committee discusses cybersecurity with other members of management and the internal audit staff at each quarterly meeting. The Audit Committee reports to the full Board of Directors quarterly regarding cybersecurity.
Management of the Company plays an integral role in assessing and managing risks from cybersecurity threats. The Company has a dedicated technology services department, led by the Company’s Chief Technology Officer. The Company also has an in-house internal audit staff that is involved in risk management of cybersecurity threats. The Company solicits input from key employees regarding the overall risk environment, including cybersecurity threats. The Company requires all employees to complete cybersecurity training semi-annually and periodically facilitates penetration tests on the Company's systems.
The Company’s Chief Technology Officer reports to the Company’s Executive Vice President and Chief Administrative Officer. In addition, as discussed in more detail below, any cybersecurity incident is reported to the Company’s legal department. Although the Company’s Executive Vice President and Chief Administrative Officer and the members of its legal department do not have a technology services background, we believe that the Company’s Chief Technology Officer and technology services team possess the requisite background and experience to effectively manage the Company’s cybersecurity needs. The Company's Chief Technology Officer has extensive information technology and program management experience from service in the government and private and public Fortune 100 companies. He has expanded the Company's cybersecurity program over the last several years resulting in a robust enterprise security posture focused on preventing cybersecurity incidents, while simultaneously increasing the Company's system resilience in an effort to minimize the business impact if an incident should occur.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] the Company’s Executive Vice President and Chief Administrative Officer and the members of its legal department do not have a technology services background, we believe that the Company’s Chief Technology Officer and technology services team possess the requisite background and experience to effectively manage the Company’s cybersecurity needs. The Company's Chief Technology Officer has extensive information technology and program management experience from service in the government and private and public Fortune 100 companies. He has expanded the Company's cybersecurity program over the last several years resulting in a robust enterprise security posture focused on preventing cybersecurity incidents, while simultaneously increasing the Company's system resilience in an effort to minimize the business impact if an incident should occur.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Audit Committee is briefed regularly on cybersecurity matters, including meeting with the Company’s Chief Technology Officer at least annually and receiving a memorandum quarterly regarding cybersecurity. In addition, the Audit Committee discusses cybersecurity with other members of management and the internal audit staff at each quarterly meeting. The Audit Committee reports to the full Board of Directors quarterly regarding cybersecurity.
Management of the Company plays an integral role in assessing and managing risks from cybersecurity threats. The Company has a dedicated technology services department, led by the Company’s Chief Technology Officer. The Company also has an in-house internal audit staff that is involved in risk management of cybersecurity threats. The Company solicits input from key employees regarding the overall risk environment, including cybersecurity threats. The Company requires all employees to complete cybersecurity training semi-annually and periodically facilitates penetration tests on the Company's systems.
The Company’s Chief Technology Officer reports to the Company’s Executive Vice President and Chief Administrative Officer. In addition, as discussed in more detail below, any cybersecurity incident is reported to the Company’s legal department.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true