XML 43 R26.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 28, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Our cybersecurity risk management process is a component of our overall enterprise risk management process, through which our Chief Executive Officer and other members of senior management assess, identify, and manage material risks from cybersecurity threats we face. Our cybersecurity process seeks to protect our information systems by managing and reducing material risks from cybersecurity threats and by responding to and mitigating cybersecurity incidents. The Board of Directors (the “Board”), and the Audit Committee of the Board (the “Audit Committee”), provide oversight of our cybersecurity risk management process. The Audit Committee reviews our cybersecurity program and cybersecurity risk management process quarterly, and our Board reviews our cybersecurity program annually. Our cybersecurity program is directly managed by the Chief Information Officer (“CIO”), who is experienced in information systems and cybersecurity and whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. The CIO provides periodic updates to our Board and Audit Committee, as well as our Chief Executive Officer and other members of our senior management. These updates cover the Company’s material cybersecurity threats, the status of projects to strengthen our cybersecurity posture, and assessments of the cybersecurity program. Our cybersecurity risk management process is evaluated by internal and external cybersecurity experts, and the material results of those reviews are reported to senior management and the Board and Audit Committee as part of their oversight role. We also engage with third-party service providers deemed to have subject matter expertise in cybersecurity matters, industry participants, and law enforcement communities as part of our continuing efforts to evaluate and enhance the effectiveness of our cybersecurity policies and processes. We require each third-party service provider to certify that they implement and maintain appropriate security measures in connection with their work with us, and to promptly report any suspected breach of its security measures that may affect us. We use various tools and methodologies to manage cybersecurity risk and to prevent, detect, and mitigate cybersecurity incidents. Our tools and methodologies are tested regularly, including vulnerability scans, red-teaming exercises and other penetration testing, and review of cybersecurity threat intelligence feeds. We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows or reputation. We have experienced, and will continue to experience, cybersecurity incidents in the normal course of our business. However, prior cybersecurity incidents have not had a material adverse effect on our business, financial condition, results of operations, or cash flows. See “Risk Factors – Factors Related to Overall Business & Operations – Our business depends on the use of information technology systems. A failure of these systems, cybersecurity incidents, or cyber-fraud may cause business disruptions, compromise our intellectual property or other sensitive information, or result in losses.”
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Our cybersecurity process seeks to protect our information systems by managing and reducing material risks from cybersecurity threats and by responding to and mitigating cybersecurity incidents. 
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Our cybersecurity risk management process is a component of our overall enterprise risk management process, through which our Chief Executive Officer and other members of senior management assess, identify, and manage material risks from cybersecurity threats we face. Our cybersecurity process seeks to protect our information systems by managing and reducing material risks from cybersecurity threats and by responding to and mitigating cybersecurity incidents. The Board of Directors (the “Board”), and the Audit Committee of the Board (the “Audit Committee”), provide oversight of our cybersecurity risk management process. The Audit Committee reviews our cybersecurity program and cybersecurity risk management process quarterly, and our Board reviews our cybersecurity program annually. Our cybersecurity program is directly managed by the Chief Information Officer (“CIO”), who is experienced in information systems and cybersecurity and whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. The CIO provides periodic updates to our Board and Audit Committee, as well as our Chief Executive Officer and other members of our senior management. These updates cover the Company’s material cybersecurity threats, the status of projects to strengthen our cybersecurity posture, and assessments of the cybersecurity program. Our cybersecurity risk management process is evaluated by internal and external cybersecurity experts, and the material results of those reviews are reported to senior management and the Board and Audit Committee as part of their oversight role. We also engage with third-party service providers deemed to have subject matter expertise in cybersecurity matters, industry participants, and law enforcement communities as part of our continuing efforts to evaluate and enhance the effectiveness of our cybersecurity policies and processes. We require each third-party service provider to certify that they implement and maintain appropriate security measures in connection with their work with us, and to promptly report any suspected breach of its security measures that may affect us. We use various tools and methodologies to manage cybersecurity risk and to prevent, detect, and mitigate cybersecurity incidents. Our tools and methodologies are tested regularly, including vulnerability scans, red-teaming exercises and other penetration testing, and review of cybersecurity threat intelligence feeds. We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows or reputation. We have experienced, and will continue to experience, cybersecurity incidents in the normal course of our business. However, prior cybersecurity incidents have not had a material adverse effect on our business, financial condition, results of operations, or cash flows. See “Risk Factors – Factors Related to Overall Business & Operations – Our business depends on the use of information technology systems. A failure of these systems, cybersecurity incidents, or cyber-fraud may cause business disruptions, compromise our intellectual property or other sensitive information, or result in losses.”
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Board of Directors (the “Board”), and the Audit Committee of the Board (the “Audit Committee”), provide oversight of our cybersecurity risk management process.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Audit Committee reviews our cybersecurity program and cybersecurity risk management process quarterly, and our Board reviews our cybersecurity program annually.
Cybersecurity Risk Role of Management [Text Block] reviews our cybersecurity program and cybersecurity risk management process quarterly, and our Board reviews our cybersecurity program annually.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Chief Information Officer (“CIO”), who is experienced in information systems and cybersecurity and whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. The CIO provides periodic updates to our Board and Audit Committee, as well as our Chief Executive Officer and other members of our senior management. These updates cover the Company’s material cybersecurity threats, the status of projects to strengthen our cybersecurity posture, and assessments of the cybersecurity program. 
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our cybersecurity program is directly managed by the Chief Information Officer (“CIO”), who is experienced in information systems and cybersecurity and whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. The CIO provides periodic updates to our Board and Audit Committee, as well as our Chief Executive Officer and other members of our senior management. These updates cover the Company’s material cybersecurity threats, the status of projects to strengthen our cybersecurity posture, and assessments of the cybersecurity program. 
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Audit Committee reviews our cybersecurity program and cybersecurity risk management process quarterly, and our Board reviews our cybersecurity program annually.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true