XML 43 R28.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
We understand the importance of preventing, assessing, identifying, and managing material risks associated with cybersecurity threats. Cybersecurity processes to assess, identify and manage risks from cybersecurity threats have been incorporated as a part of our overall risk assessment process. On a regular basis we implement into our operations these cybersecurity processes, technologies, and controls to assess, identify, and manage material risks. Specifically, we engage a third-party cybersecurity firm to assist with network and endpoint monitoring, cloud system monitoring and assessment of our incident response procedures. Further, we employ periodic penetration testing and tabletop exercises to inform our risk identification and assessment of material cybersecurity threats.
To manage our material risks from cybersecurity threats and to protect against, detect, and prepare to respond to cybersecurity incidents, we undertake the below listed activities:
Monitor emerging data protection laws and implement changes to our processes to comply;
Conduct periodic data handling and use requirement training for our employees;
Conduct annual cybersecurity management and incident training for employees involved in our systems and processes that handle sensitive data; and
Conduct regular phishing email simulations for all employees.
Our incident response plan coordinates the activities that we and our third-party cybersecurity providers take to prepare to respond and recover from cybersecurity incidents, which include processes to triage, assess severity, investigate, escalate, contain, and remediate an incident, as well as to comply with potentially applicable legal obligations.
As part of the above processes, we engage with third party providers to review our cybersecurity program and help identify areas for continued focus, improvement, and compliance.
Our processes also include assessing cybersecurity threat risks associated with our use of third-party services providers in normal course of business use, including those in our supply chain or who have access to our tenant and employee data or our systems. Third-party risks are included within our cybersecurity risk management processes discussed above. In addition, we assess cybersecurity considerations in the selection and oversight of our third-party services providers, including due diligence on the third parties that have access to our systems and facilities that house systems and data.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
We understand the importance of preventing, assessing, identifying, and managing material risks associated with cybersecurity threats. Cybersecurity processes to assess, identify and manage risks from cybersecurity threats have been incorporated as a part of our overall risk assessment process. On a regular basis we implement into our operations these cybersecurity processes, technologies, and controls to assess, identify, and manage material risks. Specifically, we engage a third-party cybersecurity firm to assist with network and endpoint monitoring, cloud system monitoring and assessment of our incident response procedures. Further, we employ periodic penetration testing and tabletop exercises to inform our risk identification and assessment of material cybersecurity threats.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Our Audit Committee of the Board of Directors is responsible for oversight of our risk assessment, risk management, disaster recovery procedures and cybersecurity risks. Members of the Board regularly engage in discussions with management on cybersecurity-related news events and discuss any updates to our cybersecurity risk management and strategy programs.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our Audit Committee of the Board of Directors is responsible for oversight of our risk assessment, risk management, disaster recovery procedures and cybersecurity risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our Audit Committee of the Board of Directors is responsible for oversight of our risk assessment,
Cybersecurity Risk Role of Management [Text Block]
Our Audit Committee of the Board of Directors is responsible for oversight of our risk assessment, risk management, disaster recovery procedures and cybersecurity risks. Members of the Board regularly engage in discussions with management on cybersecurity-related news events and discuss any updates to our cybersecurity risk management and strategy programs.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
Our Audit Committee of the Board of Directors is responsible for oversight of our risk assessment, risk management, disaster recovery procedures and cybersecurity risks. Members of the Board regularly engage in discussions with management on cybersecurity-related news events and discuss any updates to our cybersecurity risk management and strategy programs.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] s. Members of the Board regularly engage in discussions with management on cybersecurity-related news events and discuss any updates to our cybersecurity risk management and strategy programs.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
Our incident response plan coordinates the activities that we and our third-party cybersecurity providers take to prepare to respond and recover from cybersecurity incidents, which include processes to triage, assess severity, investigate, escalate, contain, and remediate an incident, as well as to comply with potentially applicable legal obligations.
As part of the above processes, we engage with third party providers to review our cybersecurity program and help identify areas for continued focus, improvement, and compliance.
Our processes also include assessing cybersecurity threat risks associated with our use of third-party services providers in normal course of business use, including those in our supply chain or who have access to our tenant and employee data or our systems. Third-party risks are included within our cybersecurity risk management processes discussed above. In addition, we assess cybersecurity considerations in the selection and oversight of our third-party services providers, including due diligence on the third parties that have access to our systems and facilities that house systems and data.
Our Audit Committee of the Board of Directors is responsible for oversight of our risk assessment, risk management, disaster recovery procedures and cybersecurity risks. Members of the Board regularly engage in discussions with management on cybersecurity-related news events and discuss any updates to our cybersecurity risk management and strategy programs.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true