XML 42 R28.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. Our policies over areas such as information security, access on/offboarding, and access and account management help govern the processes put in place by management designed to protect our IT assets, data, and services from threats and vulnerabilities. We partner with cybersecurity providers leveraging third-party technology and expertise. These cybersecurity partners, including consultants and other third-party service providers, are a key part of our cybersecurity risk management strategy and infrastructure and provide services including, maintenance of an IT assets inventory, periodic vulnerability scanning, identity access management controls including restricted access of privileged accounts, network integrity safeguarded by employing web-based software, including endpoint protection, endpoint detection and response, and remote monitoring management on all devices, industry-standard encryption protocols, critical data backups, infrastructure maintenance, incident response, cybersecurity strategy, and cyber risk advisory, assessment and remediation.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]

We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. Our policies over areas such as information security, access on/offboarding, and access and account management help govern the processes put in place by management designed to protect our IT assets, data, and services from threats and vulnerabilities. We partner with cybersecurity providers leveraging third-party technology and expertise. These cybersecurity partners, including consultants and other third-party service providers, are a key part of our cybersecurity risk management strategy and infrastructure and provide services including, maintenance of an IT assets inventory, periodic vulnerability scanning, identity access management controls including restricted access of privileged accounts, network integrity safeguarded by employing web-based software, including endpoint protection, endpoint detection and response, and remote monitoring management on all devices, industry-standard encryption protocols, critical data backups, infrastructure maintenance, incident response, cybersecurity strategy, and cyber risk advisory, assessment and remediation.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

As part of its review of the adequacy of our system of internal controls over financial reporting and disclosure controls and procedures, the Audit Committee is specifically responsible for reviewing the adequacy of our computerized information system controls and security related thereof. The cybersecurity stakeholders, including member(s) of management assigned with cybersecurity oversight responsibility and/or third-party consultants providing cyber risk services brief the Audit Committee on cyber vulnerabilities identified through the risk management process, the effectiveness of our cyber risk management program, and the emerging threat landscape and new cyber risks on at least an annual basis. This includes updates on our processes to prevent, detect, and mitigate cybersecurity incidents. In addition, cybersecurity risks are reviewed by our Board of Directors at least annually, as part of our corporate risk oversight processes.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Audit Committee
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] As part of its review of the adequacy of our system of internal controls over financial reporting and disclosure controls and procedures, the Audit Committee is specifically responsible for reviewing the adequacy of our computerized information system controls and security related thereof.
Cybersecurity Risk Role of Management [Text Block]

Our management team, in conjunction with third-party information technology (“IT”) and cybersecurity service providers, is responsible for oversight and administration of our cyber risk management program, and for informing senior management and other relevant stakeholders regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents. Scorpius Holdings’ management team has prior experience selecting, deploying, and overseeing cybersecurity technologies, initiatives, and processes directly or via selection of strategic third-party partners, and relies on threat intelligence as well as other information obtained from governmental, public, or private sources, including external consultants engaged by us for strategic cyber risk management, advisory and decision making. Our Audit Committee also provides oversight of risks from cybersecurity threats.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] management team
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Scorpius Holdings’ management team has prior experience selecting, deploying, and overseeing cybersecurity technologies, initiatives, and processes directly or via selection of strategic third-party partners, and relies on threat intelligence as well as other information obtained from governmental, public, or private sources, including external consultants engaged by us for strategic cyber risk management, advisory and decision making.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The cybersecurity stakeholders, including member(s) of management assigned with cybersecurity oversight responsibility and/or third-party consultants providing cyber risk services brief the Audit Committee on cyber vulnerabilities identified through the risk management process, the effectiveness of our cyber risk management program, and the emerging threat landscape and new cyber risks on at least an annual basis. This includes updates on our processes to prevent, detect, and mitigate cybersecurity incidents. In addition, cybersecurity risks are reviewed by our Board of Directors at least annually, as part of our corporate risk oversight processes.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true