|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 31, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Line Items]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|
Cyber Risk Management and Strategy
Cognition Therapeutics, Inc. has implemented and maintains an enterprise risk management program that includes processes designed to identify, assess, and mitigate cybersecurity risks. These processes include the deployment of third-party security solutions and tools designed to monitor, identify, and address cybersecurity risks. We engage a third-party information technology advisor to support our cyber risk management efforts and, periodically, we engage additional third-party consultants for penetration testing and threat simulation exercises. We also maintain processes to assess and review the cybersecurity practices of third-party vendors and service providers prior to onboarding, including through review of System and Organization Controls (SOC) reports provided by potential vendors and inclusion of security requirements in contracts, as appropriate. Employees are required to complete an annual cybersecurity awareness training program designed to raise awareness of cybersecurity threats across functions, as well as to encourage consideration of cybersecurity risks across our Company.
As part of our cybersecurity risk management, we have adopted an incident response plan that has been designed to identify and manage significant events that may impact our information technology infrastructure, including those arising from or related to cybersecurity threats. We recently tested our incident response plan using a tabletop exercise with the goal of improving our processes and preparedness.
We, like other companies in our industry, face a number of risks from cybersecurity threats in connection with our business. Although such risks have not materially affected, and we do not believe they are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition, to date, we have, from time to time, experienced threats related to our data and systems, including phishing attacks. For more information about risks from cybersecurity threats, see the risk factor entitled “Significant disruptions of information technology systems and infrastructure, breaches of data security and other incidents could materially adversely affect our business, results of operations and financial condition” included in Item 1A “Risk Factors.”
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Processes Integrated [Text Block]
|
Cognition Therapeutics, Inc. has implemented and maintains an enterprise risk management program that includes processes designed to identify, assess, and mitigate cybersecurity risks. These processes include the deployment of third-party security solutions and tools designed to monitor, identify, and address cybersecurity risks. We engage a third-party information technology advisor to support our cyber risk management efforts and, periodically, we engage additional third-party consultants for penetration testing and threat simulation exercises. We also maintain processes to assess and review the cybersecurity practices of third-party vendors and service providers prior to onboarding, including through review of System and Organization Controls (SOC) reports provided by potential vendors and inclusion of security requirements in contracts, as appropriate. Employees are required to complete an annual cybersecurity awareness training program designed to raise awareness of cybersecurity threats across functions, as well as to encourage consideration of cybersecurity risks across our Company.
As part of our cybersecurity risk management, we have adopted an incident response plan that has been designed to identify and manage significant events that may impact our information technology infrastructure, including those arising from or related to cybersecurity threats. We recently tested our incident response plan using a tabletop exercise with the goal of improving our processes and preparedness.
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|true
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]
|false
|Cybersecurity Risk Board of Directors Oversight [Text Block]
|
Governance Related to Cybersecurity Risks
Our cyber risk management program and related operations and processes are managed by the Chief Financial Officer in consultation with other members of the finance team of the company, who collectively have expertise and experience in accounting, financial reporting and auditing, and law and compliance, including as it relates to the assessment of the adequacy of cybersecurity processes.
The Corporate Controller reports to and meets with the Chief Financial Officer periodically to discuss and review risk management processes related to cybersecurity and potential cybersecurity risks, with input from the Company’s third-party information technology advisor as appropriate. The Chief Financial Officer reports on a quarterly basis to the audit committee, which oversees cybersecurity risks pursuant to the audit committee charter. The audit committee is responsible for discussing cybersecurity-related risks with management, including the steps management has taken to monitor and control such risks, including our risk assessment and risk management policies.
The Chief Financial Officer and the audit committee periodically report on cybersecurity risk management to the board of directors. The board of directors, as a whole and through its committees, has responsibility for the oversight of risk management. In its risk oversight role, the board of directors has the responsibility to confirm that the risk management processes designed and implemented by management are appropriate and functioning as designed.
|Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
|The board of directors
|Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
|The Chief Financial Officer reports on a quarterly basis to the audit committee, which oversees cybersecurity risks pursuant to the audit committee charter.The Chief Financial Officer and the audit committee periodically report on cybersecurity risk management to the board of directors
|Cybersecurity Risk Role of Management [Text Block]
|
Our cyber risk management program and related operations and processes are managed by the Chief Financial Officer in consultation with other members of the finance team of the company, who collectively have expertise and experience in accounting, financial reporting and auditing, and law and compliance, including as it relates to the assessment of the adequacy of cybersecurity processes.
|Cybersecurity Risk Management Positions or Committees Responsible [Flag]
|true
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|Chief Financial Officer
|Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
|
Our cyber risk management program and related operations and processes are managed by the Chief Financial Officer in consultation with other members of the finance team of the company, who collectively have expertise and experience in accounting, financial reporting and auditing, and law and compliance, including as it relates to the assessment of the adequacy of cybersecurity processes.
|Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
|
The Chief Financial Officer and the audit committee periodically report on cybersecurity risk management to the board of directors. The board of directors, as a whole and through its committees, has responsibility for the oversight of risk management. In its risk oversight role, the board of directors has the responsibility to confirm that the risk management processes designed and implemented by management are appropriate and functioning as designed.
|Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]
|true
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef