|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 29, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Line Items]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|
We maintain a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical information technology systems and information.
Our cybersecurity risk management program is integrated into our overall enterprise risk management program, and shares common methodologies, incident reporting channels and governance processes, as those used in our enterprise risk management program. We designed and continue to assess our cybersecurity program based on the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF”), which we use as a guide to help us identify, prioritize and manage the cybersecurity risks that could materially affect our business, financial condition or results of operations.
Our cybersecurity risk management program includes a Security Incident Response Plan (“SIRP”). Our SIRP provides the Company with the capability of planning, identifying, containing, and tracking cybersecurity incidents experienced by us or our third party service providers. Our SIRP was established to reduce or minimize the impact of cybersecurity incidents on our networks, IT systems, users or business processes. The execution of our SIRP is led by the Chief Information Officer (“CIO”) in conjunction with our Security Incident Response Team, comprised of network, system administrators and cybersecurity experts, who, in the event of incident, together perform a damage assessment, deliver impact notifications and implement containment procedures depending upon the incident. In addition, we also engage third parties on an as needed basis to assess our cybersecurity practices and procedures.
Our cybersecurity risk management program also includes:
•a multi-layered approach to cybersecurity designed to protect our assets;
•identification of key risk areas through internal reviews and researching trends;
•ongoing mitigation in the areas of human behavior, data breaches, remote work, third party vendors, removable media and emerging threats;
•performance of multiple assessments both internally and externally;
•quarterly mandatory security training for employees as well as monthly phishing tests; and
•multi-factor authentication.For the fiscal year ended December 29, 2024, we are not aware of any cybersecurity incidents or risks from cybersecurity incidents that have materially affected or were reasonably likely to materially affect our business strategy, results of operations or financial condition. We cannot guarantee that we may not experience any cybersecurity incidents or risks related to cybersecurity incidents in the future.
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Processes Integrated [Text Block]
|
Our cybersecurity risk management program is integrated into our overall enterprise risk management program, and shares common methodologies, incident reporting channels and governance processes, as those used in our enterprise risk management program. We designed and continue to assess our cybersecurity program based on the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF”), which we use as a guide to help us identify, prioritize and manage the cybersecurity risks that could materially affect our business, financial condition or results of operations.
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|true
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]
|false
|Cybersecurity Risk Board of Directors Oversight [Text Block]
|
We are committed to protecting our information technology (“IT”) assets and data. This commitment includes the protection of IT assets relevant to our operations, employees, customers and suppliers’ data, intellectual property and our products, among others.
Our Company Board plays a role in overseeing risks associated with cybersecurity threats. The Audit Committee of the Board has been delegated specific responsibility for overseeing the Company’s risk management of cybersecurity. The Audit Committee has appointed a member of the Audit Committee to receive certified cybersecurity training so he can provide specialized guidance to the Board and Company.
Periodically throughout the year, the CIO briefs the Audit Committee and Board on cybersecurity activities and long-term cybersecurity strategies, as well as general cybersecurity trends that could have a material impact on the Company. At any time, the Company Board members may raise concerns regarding the Company’s cybersecurity posture and recommend future changes to controls or procedures.
Our Audit Committee is also responsible for the oversight of risks from cybersecurity threats. Our CIO, Chief Financial Officer, and Security Incident Response Team provide regular updates to the Audit Committee of the Company Board on cybersecurity risks. Through these updates, the Audit Committee receives information on the status of key cybersecurity activities such as email phishing, event logging and data encryption, among others. Information regarding relevant cybersecurity training is provided as well.Our CIO leads our management team in assessing and managing our response to cybersecurity threats and incidents. Our CIO has a Bachelor of Technology degree in Computer Science with over 30 years of experience in IT, with over five years managing IT Infrastructure and Security. The primary responsibility of the management team with respect to cybersecurity risk is managing our overall cybersecurity risk management program and supervising both our internal cybersecurity personnel and our retained external cybersecurity consultants, and working with all divisional, manufacturing, and functional teams on cybersecurity issues. The management team’s efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents are enhanced by monthly and quarterly briefings from internal security personnel, by receipt of threat intelligence and other information obtained from governmental, public or private sources, including external consultants, periodic assessments against the NIST CSF and through alerts and reports produced by security tools deployed in our IT environment. In the event a cybersecurity incident meets certain predetermined criteria, the management team along with the Security Incident Response Team would engage the Company Board.
|Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
|The Audit Committee of the Board has been delegated specific responsibility for overseeing the Company’s risk management of cybersecurity. The Audit Committee has appointed a member of the Audit Committee to receive certified cybersecurity training so he can provide specialized guidance to the Board and Company.
|Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
|
Periodically throughout the year, the CIO briefs the Audit Committee and Board on cybersecurity activities and long-term cybersecurity strategies, as well as general cybersecurity trends that could have a material impact on the Company. At any time, the Company Board members may raise concerns regarding the Company’s cybersecurity posture and recommend future changes to controls or procedures.
|Cybersecurity Risk Role of Management [Text Block]
|Our CIO leads our management team in assessing and managing our response to cybersecurity threats and incidents. Our CIO has a Bachelor of Technology degree in Computer Science with over 30 years of experience in IT, with over five years managing IT Infrastructure and Security. The primary responsibility of the management team with respect to cybersecurity risk is managing our overall cybersecurity risk management program and supervising both our internal cybersecurity personnel and our retained external cybersecurity consultants, and working with all divisional, manufacturing, and functional teams on cybersecurity issues. The management team’s efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents are enhanced by monthly and quarterly briefings from internal security personnel, by receipt of threat intelligence and other information obtained from governmental, public or private sources, including external consultants, periodic assessments against the NIST CSF and through alerts and reports produced by security tools deployed in our IT environment. In the event a cybersecurity incident meets certain predetermined criteria, the management team along with the Security Incident Response Team would engage the Company Board.
|Cybersecurity Risk Management Positions or Committees Responsible [Flag]
|true
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|
Our Company Board plays a role in overseeing risks associated with cybersecurity threats. The Audit Committee of the Board has been delegated specific responsibility for overseeing the Company’s risk management of cybersecurity. The Audit Committee has appointed a member of the Audit Committee to receive certified cybersecurity training so he can provide specialized guidance to the Board and Company.
Periodically throughout the year, the CIO briefs the Audit Committee and Board on cybersecurity activities and long-term cybersecurity strategies, as well as general cybersecurity trends that could have a material impact on the Company. At any time, the Company Board members may raise concerns regarding the Company’s cybersecurity posture and recommend future changes to controls or procedures.
Our Audit Committee is also responsible for the oversight of risks from cybersecurity threats. Our CIO, Chief Financial Officer, and Security Incident Response Team provide regular updates to the Audit Committee of the Company Board on cybersecurity risks. Through these updates, the Audit Committee receives information on the status of key cybersecurity activities such as email phishing, event logging and data encryption, among others. Information regarding relevant cybersecurity training is provided as well.
|Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
|Our CIO has a Bachelor of Technology degree in Computer Science with over 30 years of experience in IT, with over five years managing IT Infrastructure and Security. The primary responsibility of the management team with respect to cybersecurity risk is managing our overall cybersecurity risk management program and supervising both our internal cybersecurity personnel and our retained external cybersecurity consultants, and working with all divisional, manufacturing, and functional teams on cybersecurity issues.
|Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
|
Periodically throughout the year, the CIO briefs the Audit Committee and Board on cybersecurity activities and long-term cybersecurity strategies, as well as general cybersecurity trends that could have a material impact on the Company. At any time, the Company Board members may raise concerns regarding the Company’s cybersecurity posture and recommend future changes to controls or procedures.
|Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]
|true
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef