XML 52 R38.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
The Company has implemented controls based on the National Institute of Standards and Technology Cybersecurity Framework (the “NIST CSF”) and the Sarbanes-Oxley Act of 2002. Our Information Technology organization is led by the Chief Information Officer (“CIO”) who is responsible for cybersecurity risk management. The Audit Committee of the Board of Directors is tasked with oversight of our overall enterprise risk management program, including cybersecurity, and receives recurring cybersecurity updates throughout the year with at least two cybersecurity reports to the full Board of Directors annually. Directors with experience in cybersecurity and technology play crucial oversight roles for our digital and cybersecurity strategies.
Our cybersecurity program is overseen by the Company’s Chief Information Security Officer (“CISO”) and is designed to protect and preserve the confidentiality, integrity and availability of our information technology assets. Risks and controls are monitored by the CISO and CIO and their evaluation of our overall program drives the nature and scope of our cybersecurity investments. Our CISO reports directly to the CIO and has 20 years of IT experience including leadership roles at various companies with enterprise responsibility for IT audit, IT infrastructure, and cybersecurity. The CISO reports to the Audit Committee on the effectiveness of the Company’s cybersecurity program controls aligned to the NIST CSF framework. We periodically engage external subject matter experts who provide independent qualitative and quantitative assessments of the cybersecurity program maturity and response readiness. We also use processes to oversee and identify material risks from cybersecurity threats associated with our use of third-party technology and systems. In addition, the Company leverages a monthly cybersecurity awareness training program for all employees that is further reinforced through frequent phishing simulations.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
The Company has implemented controls based on the National Institute of Standards and Technology Cybersecurity Framework (the “NIST CSF”) and the Sarbanes-Oxley Act of 2002. Our Information Technology organization is led by the Chief Information Officer (“CIO”) who is responsible for cybersecurity risk management. The Audit Committee of the Board of Directors is tasked with oversight of our overall enterprise risk management program, including cybersecurity, and receives recurring cybersecurity updates throughout the year with at least two cybersecurity reports to the full Board of Directors annually. Directors with experience in cybersecurity and technology play crucial oversight roles for our digital and cybersecurity strategies.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block] The Audit Committee of the Board of Directors is tasked with oversight of our overall enterprise risk management program, including cybersecurity, and receives recurring cybersecurity updates throughout the year with at least two cybersecurity reports to the full Board of Directors annually. Directors with experience in cybersecurity and technology play crucial oversight roles for our digital and cybersecurity strategies.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our cybersecurity program is overseen by the Company’s Chief Information Security Officer (“CISO”) and is designed to protect and preserve the confidentiality, integrity and availability of our information technology assets. Risks and controls are monitored by the CISO and CIO and their evaluation of our overall program drives the nature and scope of our cybersecurity investments.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Audit Committee of the Board of Directors is tasked with oversight of our overall enterprise risk management program, including cybersecurity, and receives recurring cybersecurity updates throughout the year with at least two cybersecurity reports to the full Board of Directors annually.
Cybersecurity Risk Role of Management [Text Block]
Our cybersecurity program is overseen by the Company’s Chief Information Security Officer (“CISO”) and is designed to protect and preserve the confidentiality, integrity and availability of our information technology assets. Risks and controls are monitored by the CISO and CIO and their evaluation of our overall program drives the nature and scope of our cybersecurity investments. Our CISO reports directly to the CIO and has 20 years of IT experience including leadership roles at various companies with enterprise responsibility for IT audit, IT infrastructure, and cybersecurity. The CISO reports to the Audit Committee on the effectiveness of the Company’s cybersecurity program controls aligned to the NIST CSF framework. We periodically engage external subject matter experts who provide independent qualitative and quantitative assessments of the cybersecurity program maturity and response readiness. We also use processes to oversee and identify material risks from cybersecurity threats associated with our use of third-party technology and systems. In addition, the Company leverages a monthly cybersecurity awareness training program for all employees that is further reinforced through frequent phishing simulations.
Quarterly updates are provided by the CISO to the Cybersecurity Governance Committee comprised of cross functional senior management regarding the effectiveness of cybersecurity program and its ability to monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. Our Cybersecurity Governance Committee is responsible for monitoring and coordinating enterprise cybersecurity policy and strategy, and for providing guidance to key management and oversight bodies. Our cybersecurity program includes a risk-based incident response plan that provides a documented framework for handling incidents including coordination across multiple parts of the Company.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our cybersecurity program is overseen by the Company’s Chief Information Security Officer (“CISO”) and is designed to protect and preserve the confidentiality, integrity and availability of our information technology assets.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our CISO reports directly to the CIO and has 20 years of IT experience including leadership roles at various companies with enterprise responsibility for IT audit, IT infrastructure, and cybersecurity.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Quarterly updates are provided by the CISO to the Cybersecurity Governance Committee comprised of cross functional senior management regarding the effectiveness of cybersecurity program and its ability to monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. Our Cybersecurity Governance Committee is responsible for monitoring and coordinating enterprise cybersecurity policy and strategy, and for providing guidance to key management and oversight bodies. Our cybersecurity program includes a risk-based incident response plan that provides a documented framework for handling incidents including coordination across multiple parts of the Company.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true