XML 25 R8.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Our enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes are led by a dedicated, outsourced Chief Information Officer, in collaboration with outside cybersecurity partners, is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. Qualified third-party service providers are tasked with developing, implementing, and executing that strategy. These third parties play a key role in our cybersecurity risk assessment and management processes, as we rely on their cybersecurity experience and expertise to assess, identify, and manage emerging trends and risks from cybersecurity threats on an ongoing basis.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] We assess materiality of cybersecurity incidents based on the type of breach, whether any information was accessed, the nature of the information accessed, and the potential for business interruption. As of the date of this report, we are not aware of any material incidents from cybersecurity threats, that have materially affected or are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our Chief Executive Officer and other members of our senior management, as appropriate, provide oversight and monitoring of these third parties, who provide regular reports to management. Management provides periodic reports to our Board as a whole, who are ultimately responsible for the oversight of risks from cybersecurity threats, which include updates on the Company’s cyber risks, the status of projects to strengthen our information security systems, assessments of the information security program, the emerging threat landscape, and any recommendations for additional internal controls, systems, or insurance coverage for board approval.
Cybersecurity Risk Role of Management [Text Block]

 

ITEM 1C. CYBERSECURITY. 

 

Risk Management, Strategy, and Governance

 

Our enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes are led by a dedicated, outsourced Chief Information Officer, in collaboration with outside cybersecurity partners, is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. Qualified third-party service providers are tasked with developing, implementing, and executing that strategy. These third parties play a key role in our cybersecurity risk assessment and management processes, as we rely on their cybersecurity experience and expertise to assess, identify, and manage emerging trends and risks from cybersecurity threats on an ongoing basis.

 

Our Chief Executive Officer and other members of our senior management, as appropriate, provide oversight and monitoring of these third parties, who provide regular reports to management. Management provides periodic reports to our Board as a whole, who are ultimately responsible for the oversight of risks from cybersecurity threats, which include updates on the Company’s cyber risks, the status of projects to strengthen our information security systems, assessments of the information security program, the emerging threat landscape, and any recommendations for additional internal controls, systems, or insurance coverage for board approval.

 

Our cybersecurity policies are focused on ensuring the security and protection of our systems, networks, and proprietary data, which includes trade secrets, intellectual property, corporate strategic plans, marketing plans, material non-public financial information, and personally identifiable information, such as employee and customer information. We also actively engage with key vendors as part of our continuing efforts to actively monitor system access, identify and quarantine potential cybersecurity threats, to assess and implement cybersecurity systems and tools, and to enhance the effectiveness of our information security policies and procedures.

 

Cybersecurity risk management processes are one component of our overall risk assessment process whereby, on an ongoing basis, we analyze our internal control environment and consider how threats to the business might circumvent those controls. These processes include control over and segregation of user access to key systems, monitoring of any user access anomalies, active monitoring of emerging trends in the broader market, timely identification and quarantine of any potential cybersecurity incidents, evaluation of our operations and business needs and how executing on those needs translates to potential threats, and training of end users to mitigate the likelihood of user error.

 

We assess materiality of cybersecurity incidents based on the type of breach, whether any information was accessed, the nature of the information accessed, and the potential for business interruption. As of the date of this report, we are not aware of any material incidents from cybersecurity threats, that have materially affected or are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Cybersecurity risk management processes are one component of our overall risk assessment process whereby, on an ongoing basis, we analyze our internal control environment and consider how threats to the business might circumvent those controls. These processes include control over and segregation of user access to key systems, monitoring of any user access anomalies, active monitoring of emerging trends in the broader market, timely identification and quarantine of any potential cybersecurity incidents, evaluation of our operations and business needs and how executing on those needs translates to potential threats, and training of end users to mitigate the likelihood of user error.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true