|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 31, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Abstract]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|
Risk Management Program
As part of the information security program, CXApp has a risk management program that engages in the process of identifying, evaluating, and treating risks around the organization’s information. It addresses uncertainties around information assets to ensure the desired business outcomes are achieved. CXApp performs annual Risk Assessments (RAs) to determine security risks in corporate operations, products, and services, and initiates appropriate remediation.
CXApp’s information security program is aligned with business objectives that establish rules governing how to identify risks, assign risk ownership, how the risks impact the confidentiality, integrity and availability of the information and the method of treatment for identified risks. A formal risk assessment methodology is approved by management.
The risk management framework includes guidelines for identifying and estimating the cost of protective measures to eliminate or reduce the security risks to an acceptable level.
All operations, products, services, information assets and information systems that are owned and operated by CXApp are assessed for risks that result from threats to the integrity, availability, and confidentiality of CXApp’s data.
The risk management program focuses on the following five types of activities:
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Processes Integrated [Text Block]
|As part of the information security program, CXApp has a risk management program that engages in the process of identifying, evaluating, and treating risks around the organization’s information. It addresses uncertainties around information assets to ensure the desired business outcomes are achieved. CXApp performs annual Risk Assessments (RAs) to determine security risks in corporate operations, products, and services, and initiates appropriate remediation.
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|true
|Cybersecurity Risk Board of Directors Oversight [Text Block]
|
Governance
As part of the risk management program, responsibility is assigned to Information Technology (IT) Department, systems owners, department managers, and executive management.
Management’s Role in Managing Risks
The IT Department is responsible for conducting a risk assessment as well as prioritizing, implementing, and maintaining the appropriate risk-reduction measures defined in the risk assessment process.
Risk owners are the individuals who are ultimately accountable for ensuring the risk is managed appropriately. There may be multiple personnel who have direct responsibility for or oversee activities to manage each identified risk and collaborate with the accountable risk owner in his/her risk management efforts. Responsibilities for the continued development, implementation, and maintenance of the risk management program are also assigned internally to IT.
Executive Management is responsible for the sponsorship and support of the risk management plan and processes, participating in the risk management meetings, and reviewing and approving risk assessments and risk mitigation plans. For the fiscal year ended December 31, 2024, we are not aware of any cybersecurity incidents that have materially affected or are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition. For further discussion of the risks associated with cybersecurity incidents, see the Item 1A. Risk Factors - Risks Relating to Cybersecurity Threats section in this Annual Report.
The Company’s Senior Director DevOps and IT is responsible for leading the assessment and management of cybersecurity risks. The current Senior Director DevOps and IT has significant years of experience in information security. The Senior Director DevOps and IT reports to the board of directors, the Audit Committee and management on cybersecurity threats on a regular basis.
Board of Directors Oversight
The Board of Directors plays an active role by meeting periodically to review the status of the organization’s information security program and roadmap for new cybersecurity risk management initiatives.
The board oversees cybersecurity risk management by evaluating whether management has current cybersecurity policies and procedures, regularly assesses, and monitors cybersecurity risks and receives regular reports on the organization’s cybersecurity posture.
|Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
|As part of the risk management program, responsibility is assigned to Information Technology (IT) Department, systems owners, department managers, and executive management.
|Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
|The IT Department is responsible for conducting a risk assessment as well as prioritizing, implementing, and maintaining the appropriate risk-reduction measures defined in the risk assessment process.
|Cybersecurity Risk Role of Management [Text Block]
|Risk owners are the individuals who are ultimately accountable for ensuring the risk is managed appropriately. There may be multiple personnel who have direct responsibility for or oversee activities to manage each identified risk and collaborate with the accountable risk owner in his/her risk management efforts. Responsibilities for the continued development, implementation, and maintenance of the risk management program are also assigned internally to IT.
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|Executive Management is responsible for the sponsorship and support of the risk management plan and processes, participating in the risk management meetings, and reviewing and approving risk assessments and risk mitigation plans. For the fiscal year ended December 31, 2024, we are not aware of any cybersecurity incidents that have materially affected or are reasonably likely to materially affect the Company, including our business strategy, results of operations, or financial condition. For further discussion of the risks associated with cybersecurity incidents, see the Item 1A. Risk Factors - Risks Relating to Cybersecurity Threats section in this Annual Report.
|Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
|The Board of Directors plays an active role by meeting periodically to review the status of the organization’s information security program and roadmap for new cybersecurity risk management initiatives.
|Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
|The board oversees cybersecurity risk management by evaluating whether management has current cybersecurity policies and procedures, regularly assesses, and monitors cybersecurity risks and receives regular reports on the organization’s cybersecurity posture.
|Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]
|true
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef