XML 44 R28.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
We have an enterprise-wide information security program designed to identify, protect, detect and respond to and manage reasonably foreseeable cybersecurity risks and threats. To protect our information systems from cybersecurity threats, we use various security tools that help prevent, identify, escalate, investigate, resolve and recover from identified
vulnerabilities and security incidents in a timely manner. These include, but are not limited to, internal reporting, and monitoring and detection tools to allow our information security team members to assist us in identifying vulnerabilities in our systems before they are exploited by malicious threat actors. Our information security activities are overseen by our Chief Technology Officer, who has over 25 years of experience in information technology, including security, encryption, system design, programming and compliance, and leaders from Information Technology, Legal and Finance teams, who have an average of 20 years of experience in information technology, security, compliance and auditing.
We also maintain a third party security program to identify, prioritize, assess, mitigate and remediate third party risks; however, we rely on the third parties we use to implement security programs commensurate with their risk, and we cannot ensure in all circumstances that their efforts will be successful.
As part of our cybersecurity risk management system, our information security team tracks and logs privacy and security incidents across our Company, our vendors, and other third-party service providers to remediate and resolve any such incidents. Significant incidents are reviewed regularly by a cross-functional working group including legal, SEC regulation and information security professionals to determine whether further escalation is appropriate. Any incident assessed as potentially being or potentially becoming material is immediately escalated for further assessment, and then reported to designated members of our senior management. We consult with outside counsel as appropriate, including on materiality analysis and disclosure matters, and our senior management makes the final materiality determinations and disclosure and other compliance decisions.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
We have an enterprise-wide information security program designed to identify, protect, detect and respond to and manage reasonably foreseeable cybersecurity risks and threats. To protect our information systems from cybersecurity threats, we use various security tools that help prevent, identify, escalate, investigate, resolve and recover from identified
vulnerabilities and security incidents in a timely manner.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block] The board oversees our annual enterprise risk assessment, where we assess key risks within the Company, including security and technology risks and cyber security threats. The audit committee has oversight responsibility for risks and incidents relating to cybersecurity threats, including compliance with disclosure requirements, cooperation with law enforcement, and related effects on financial and other risks, and it reports any findings and recommendations, as appropriate, to the full board for consideration. Our executive leadership team regularly discusses cyber risks and trends and, should they arise, any material incidents with the audit committee.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The audit committee has oversight responsibility for risks and incidents relating to cybersecurity threats, including compliance with disclosure requirements, cooperation with law enforcement, and related effects on financial and other risks, and it reports any findings and recommendations, as appropriate, to the full board for consideration. Our executive leadership team regularly discusses cyber risks and trends and, should they arise, any material incidents with the audit committee.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The audit committee has oversight responsibility for risks and incidents relating to cybersecurity threats, including compliance with disclosure requirements, cooperation with law enforcement, and related effects on financial and other risks, and it reports any findings and recommendations, as appropriate, to the full board for consideration. Our executive leadership team regularly discusses cyber risks and trends and, should they arise, any material incidents with the audit committee.
Cybersecurity Risk Role of Management [Text Block] Our information security activities are overseen by our Chief Technology Officer, who has over 25 years of experience in information technology, including security, encryption, system design, programming and compliance, and leaders from Information Technology, Legal and Finance teams, who have an average of 20 years of experience in information technology, security, compliance and auditing. Any incident assessed as potentially being or potentially becoming material is immediately escalated for further assessment, and then reported to designated members of our senior management. We consult with outside counsel as appropriate, including on materiality analysis and disclosure matters, and our senior management makes the final materiality determinations and disclosure and other compliance decisions.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our information security activities are overseen by our Chief Technology Officer, who has over 25 years of experience in information technology, including security, encryption, system design, programming and compliance, and leaders from Information Technology, Legal and Finance teams, who have an average of 20 years of experience in information technology, security, compliance and auditing.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our information security activities are overseen by our Chief Technology Officer, who has over 25 years of experience in information technology, including security, encryption, system design, programming and compliance, and leaders from Information Technology, Legal and Finance teams, who have an average of 20 years of experience in information technology, security, compliance and auditing.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Our executive leadership team regularly discusses cyber risks and trends and, should they arise, any material incidents with the audit committee.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true