|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 31, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Line Items]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|
The Company operates in the body contouring and cosmetic surgery industry, which is subject to various cybersecurity risks that could adversely affect our business, financial condition, and results of operations, including intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy laws and other litigation and legal risk and reputational risk. We have implemented a risk-based approach to identify and assess the cybersecurity threats that could affect our business and information systems. Our cybersecurity program is aligned with industry standards and best practices, specifically the National Institute of Standards and Technology (NIST) Cybersecurity Framework. We conduct a yearly third-party Security Risk Assessment (SRA) to identify the potential impact and likelihood of various cyber scenarios, including those involving third-party service providers, and to determine the appropriate mitigation strategies and controls. We also use this SRA to inform our yearly Cybersecurity roadmap and strategies to ensure the best IT security posture is implemented at the Company. We use various tools and methodologies to manage cybersecurity risk, including the use of a managed Enterprise Detection and Response (EDR) software with external Security Operations Center (SOC) real-time monitoring, email Data Loss Prevention (DLP) enabled, Multi-factor Authentication (MFA) mandatory in our IT environment, and Managed Detection and Response (MDR) for our Local Area Network (LAN) monitoring. All laptops and mobile endpoints are protected with an Operating System (OS) specific Mobile Device Management (MDM) software, which can be remotely disabled if necessary. In addition, we do daily cloud backups and regularly test the process to recover any lost or corrupted data. We also monitor and evaluate our cybersecurity posture and performance on an ongoing basis through regular vulnerability scans, penetration tests, and threat intelligence feeds, conducted by our third-party Managed Service Provider (MSP). We require third-party service providers with access to personal, confidential or proprietary information to implement and maintain comprehensive cybersecurity practices consistent with applicable legal standards and industry best practices.
Our business depends on the availability, reliability, and security of our information systems, networks, data, and intellectual property. Any disruption, compromise, or breach of our systems or data due to a cybersecurity threat or incident could adversely affect our operations, customer service, product development, and competitive position. They might also result in a breach of our contractual obligations or legal duties to protect the privacy and confidentiality of our stakeholders. Such a breach could expose us to business interruption, lost revenue, ransom payments, remediation costs, liabilities to affected parties, cybersecurity protection costs, lost assets, litigation, regulatory scrutiny and actions, reputational harm, customer dissatisfaction, harm to our vendor relationships, or loss of market share.
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Processes Integrated [Text Block]
|We have implemented a risk-based approach to identify and assess the cybersecurity threats that could affect our business and information systems. Our cybersecurity program is aligned with industry standards and best practices, specifically the National Institute of Standards and Technology (NIST) Cybersecurity Framework. We conduct a yearly third-party Security Risk Assessment (SRA) to identify the potential impact and likelihood of various cyber scenarios, including those involving third-party service providers, and to determine the appropriate mitigation strategies and controls. We also use this SRA to inform our yearly Cybersecurity roadmap and strategies to ensure the best IT security posture is implemented at the Company. We use various tools and methodologies to manage cybersecurity risk, including the use of a managed Enterprise Detection and Response (EDR) software with external Security Operations Center (SOC) real-time monitoring, email Data Loss Prevention (DLP) enabled, Multi-factor Authentication (MFA) mandatory in our IT environment, and Managed Detection and Response (MDR) for our Local Area Network (LAN) monitoring. All laptops and mobile endpoints are protected with an Operating System (OS) specific Mobile Device Management (MDM) software, which can be remotely disabled if necessary. In addition, we do daily cloud backups and regularly test the process to recover any lost or corrupted data.
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|true
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]
|false
|Cybersecurity Risk Board of Directors Oversight [Text Block]
|Our board of directors exercises its oversight role through the Audit Committee, which provides the board of directors with regular reports and findings from our Chief Financial Officer. Our Audit Committee Chair holds a Certification in Cybersecurity Oversight from the National Association of Corporate Directors. The effectiveness of the cybersecurity and information security program is tested through a combination of internal and external assessments. Updates are provided to senior management and the Audit Committee on a quarterly basis for informed decision-making and as part of the Company's broader risk management process.
|Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
|Our board of directors exercises its oversight role through the Audit Committee, which provides the board of directors with regular reports and findings from our Chief Financial Officer. Our Audit Committee Chair holds a Certification in Cybersecurity Oversight from the National Association of Corporate Directors. The effectiveness of the cybersecurity and information security program is tested through a combination of internal and external assessments. Updates are provided to senior management and the Audit Committee on a quarterly basis for informed decision-making and as part of the Company's broader risk management process.
|Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
|Our board of directors exercises its oversight role through the Audit Committee, which provides the board of directors with regular reports and findings from our Chief Financial Officer. Our Audit Committee Chair holds a Certification in Cybersecurity Oversight from the National Association of Corporate Directors. The effectiveness of the cybersecurity and information security program is tested through a combination of internal and external assessments. Updates are provided to senior management and the Audit Committee on a quarterly basis for informed decision-making and as part of the Company's broader risk management process.
|Cybersecurity Risk Role of Management [Text Block]
|Our board of directors exercises its oversight role through the Audit Committee, which provides the board of directors with regular reports and findings from our Chief Financial Officer. Our Audit Committee Chair holds a Certification in Cybersecurity Oversight from the National Association of Corporate Directors. The effectiveness of the cybersecurity and information security program is tested through a combination of internal and external assessments. Updates are provided to senior management and the Audit Committee on a quarterly basis for informed decision-making and as part of the Company's broader risk management process.
|Cybersecurity Risk Management Positions or Committees Responsible [Flag]
|true
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|Our board of directors exercises its oversight role through the Audit Committee, which provides the board of directors with regular reports and findings from our Chief Financial Officer
|Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
|Our Audit Committee Chair holds a Certification in Cybersecurity Oversight from the National Association of Corporate Directors.
|Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
|Our board of directors exercises its oversight role through the Audit Committee, which provides the board of directors with regular reports and findings from our Chief Financial Officer. Our Audit Committee Chair holds a Certification in Cybersecurity Oversight from the National Association of Corporate Directors. The effectiveness of the cybersecurity and information security program is tested through a combination of internal and external assessments. Updates are provided to senior management and the Audit Committee on a quarterly basis for informed decision-making and as part of the Company's broader risk management process.
|Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]
|true
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef