XML 69 R28.htm IDEA: XBRL DOCUMENT v3.25.4
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
Cybersecurity is critical to Patrick’s ability to drive its vision and operational initiatives. Patrick faces a range of cybersecurity threats including attacks common to most industries, such as ransomware and denial-of-service, and attacks from more advanced and persistent, highly organized adversaries. Our customers, suppliers, consultants and subcontractors face similar cybersecurity threats, and a cybersecurity incident impacting us or any of these entities could materially adversely affect our operations, performance and results of operations. These cybersecurity threats and related risks make it imperative that we remain vigilant and apprised of developments in the information security field, and we expend considerable resources on cybersecurity.
The Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, and to support alignment of our risk exposure with our strategic objectives. Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us. In the event of an incident, we intend to follow our incident response protocol, which outlines the steps to be followed from incident detection to mitigation, recovery and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board of Directors, as appropriate.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
Cybersecurity is critical to Patrick’s ability to drive its vision and operational initiatives. Patrick faces a range of cybersecurity threats including attacks common to most industries, such as ransomware and denial-of-service, and attacks from more advanced and persistent, highly organized adversaries. Our customers, suppliers, consultants and subcontractors face similar cybersecurity threats, and a cybersecurity incident impacting us or any of these entities could materially adversely affect our operations, performance and results of operations. These cybersecurity threats and related risks make it imperative that we remain vigilant and apprised of developments in the information security field, and we expend considerable resources on cybersecurity.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
The Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, and to support alignment of our risk exposure with our strategic objectives. Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us. In the event of an incident, we intend to follow our incident response protocol, which outlines the steps to be followed from incident detection to mitigation, recovery and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board of Directors, as appropriate.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
The Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, and to support alignment of our risk exposure with our strategic objectives. Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us. In the event of an incident, we intend to follow our incident response protocol, which outlines the steps to be followed from incident detection to mitigation, recovery and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board of Directors, as appropriate.
Our corporate information security organization, led by our CISO, is responsible for our overall information security strategy, policy, security engineering, operations and cyber threat detection and response. The corporate information security organization manages the Company's enterprise security structure with the ultimate goal of preventing cybersecurity incidents to the extent feasible, while simultaneously increasing our system resilience in an effort to minimize the business impact should an incident occur. Central to this organization is our carefully selected combination of security tools that concentrate on both perimeter and internal environments. These solutions are responsible for the protection, detection and response capabilities used in the defense of Patrick’s data and enterprise computing networks. Employees outside of our corporate information security organization also have a role in our cybersecurity defenses, which we believe improves our cybersecurity program.
Cybersecurity Risk Role of Management [Text Block]
The Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, and to support alignment of our risk exposure with our strategic objectives. Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us. In the event of an incident, we intend to follow our incident response protocol, which outlines the steps to be followed from incident detection to mitigation, recovery and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board of Directors, as appropriate.
Our corporate information security organization, led by our CISO, is responsible for our overall information security strategy, policy, security engineering, operations and cyber threat detection and response. The corporate information security organization manages the Company's enterprise security structure with the ultimate goal of preventing cybersecurity incidents to the extent feasible, while simultaneously increasing our system resilience in an effort to minimize the business impact should an incident occur. Central to this organization is our carefully selected combination of security tools that concentrate on both perimeter and internal environments. These solutions are responsible for the protection, detection and response capabilities used in the defense of Patrick’s data and enterprise computing networks. Employees outside of our corporate information security organization also have a role in our cybersecurity defenses, which we believe improves our cybersecurity program.
The corporate information security organization has implemented a governance structure and process to assess, identify, manage and report cybersecurity risks. We also have a corporate-wide counterintelligence and insider threat detection program to proactively identify external and internal threats and mitigate those threats in a timely manner. In addition to developing and implementing pre-existing third party frameworks, we have implemented our own practices and customized controls tailored to the Patrick enterprise environment. We believe this approach enhances our defense in depth stance while increasing our ability to identify, contain and manage cybersecurity risks.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, and to support alignment of our risk exposure with our strategic objectives. Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] We also have a corporate-wide counterintelligence and insider threat detection program to proactively identify external and internal threats and mitigate those threats in a timely manner. In addition to developing and implementing pre-existing third party frameworks, we have implemented our own practices and customized controls tailored to the Patrick enterprise environment. We believe this approach enhances our defense in depth stance while increasing our ability to identify, contain and manage cybersecurity risks.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
The Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, and to support alignment of our risk exposure with our strategic objectives. Senior leadership, including our Vice President – IT Operations and Chief Information Security Officer (CISO), regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us. In the event of an incident, we intend to follow our incident response protocol, which outlines the steps to be followed from incident detection to mitigation, recovery and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board of Directors, as appropriate.
Our corporate information security organization, led by our CISO, is responsible for our overall information security strategy, policy, security engineering, operations and cyber threat detection and response. The corporate information security organization manages the Company's enterprise security structure with the ultimate goal of preventing cybersecurity incidents to the extent feasible, while simultaneously increasing our system resilience in an effort to minimize the business impact should an incident occur. Central to this organization is our carefully selected combination of security tools that concentrate on both perimeter and internal environments. These solutions are responsible for the protection, detection and response capabilities used in the defense of Patrick’s data and enterprise computing networks. Employees outside of our corporate information security organization also have a role in our cybersecurity defenses, which we believe improves our cybersecurity program.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true