XML 21 R7.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management, Strategy, and Governance
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

ITEM 1C. CYBERSECURITY

Risk Management and Strategy

In the ordinary course of our business, we collect, use, store, and transmit digitally large amounts of confidential, sensitive, proprietary, and personal information. The secure maintenance of this information and our information technology systems is important to our operations and business strategy. To this end, we have implemented processes designed to assess, identify, and manage risks from potential unauthorized occurrences on or through our information technology systems that may result in adverse effects on the confidentiality, integrity, and availability of these systems and the data residing therein. These processes are managed and monitored by a dedicated information technology team, which is led by our Chief Financial Officer and include mechanisms, controls, technologies, systems, and other processes designed to prevent or mitigate data loss, theft, misuse, or other security incidents or vulnerabilities affecting the data and maintain a stable information technology environment. For example, we conduct vulnerability testing, data recovery testing, security audits, and ongoing risk assessments, including due diligence on and audits of our key technology vendors, and other contractors and suppliers. We also conduct periodic employee training on cyber and information security, among other topics. In addition, we consult with outside advisors and experts, when appropriate to assist with assessing, identifying, and managing cybersecurity risks, including to anticipate future threats and trends, and their impact on the Company’s risk environment.

In the last fiscal year, we have not identified risks from known cybersecurity threats, including any prior cybersecurity incidents, that have materially affected us. However, we face certain ongoing cybersecurity threats that, if realized, are reasonably likely to materially affect us. Additional information on cybersecurity risks we face is discussed in Part I, Item 1A, “Risk Factors.”

Governance

Our Chief Financial Officer, who reports directly to the Chief Executive Officer and has over 15 years of experience managing information technology and cybersecurity matters, is responsible for assessing and managing cybersecurity risks. We consider cybersecurity, along with other significant risks that we face, within our overall enterprise risk management framework.

The Board, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Audit Committee, which is comprised solely of independent directors, has been designated by the Board to oversee cybersecurity risks. The Audit Committee receives regular updates on cybersecurity and information technology matters and related risk exposures from our Chief Financial Officer. The Board also receives updates from management and the Audit Committee on cybersecurity risks on at least an annual basis.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block] The Board, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Audit Committee, which is comprised solely of independent directors, has been designated by the Board to oversee cybersecurity risks. The Audit Committee receives regular updates on cybersecurity and information technology matters and related risk exposures from our Chief Financial Officer. The Board also receives updates from management and the Audit Committee on cybersecurity risks on at least an annual basis.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Board, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks. The Audit Committee, which is comprised solely of independent directors, has been designated by the Board to oversee cybersecurity risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Audit Committee receives regular updates on cybersecurity and information technology matters and related risk exposures from our Chief Financial Officer. The Board also receives updates from management and the Audit Committee on cybersecurity risks on at least an annual basis.
Cybersecurity Risk Role of Management [Text Block] The Audit Committee, which is comprised solely of independent directors, has been designated by the Board to oversee cybersecurity risks. The Audit Committee receives regular updates on cybersecurity and information technology matters and related risk exposures from our Chief Financial Officer.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] we have implemented processes designed to assess, identify, and manage risks from potential unauthorized occurrences on or through our information technology systems that may result in adverse effects on the confidentiality, integrity, and availability of these systems and the data residing therein.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our Chief Financial Officer, who reports directly to the Chief Executive Officer and has over 15 years of experience managing information technology and cybersecurity matters, is responsible for assessing and managing cybersecurity risks.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Board, as a whole and at the committee level, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage, and mitigate those risks.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true