Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
---|---|
Dec. 31, 2024 | |
Cybersecurity Risk Management, Strategy, and Governance [Abstract] | |
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Cybersecurity
risk management is an important part of the Company’s overall risk management efforts. We maintain a comprehensive enterprise-wide
information security program that comprises policies and controls designed to identify, safeguard against, detect, respond to, mitigate
and manage reasonably foreseeable cybersecurity risks and threats. Our approach utilizes diverse security tools to prevent, identify,
investigate, resolve and recover from vulnerabilities and security incidents. These include, but are not limited to, internal reporting,
monitoring and detection tools. We use a collaborative, enterprise-wide strategy to address cybersecurity risks and allocate significant
resources to our cybersecurity and risk management processes, which efforts are intended to adapt to the evolving cybersecurity landscape
and promptly address emerging threats. Our cybersecurity risk management program aligns with the National Institute of Standards and
Technology (NIST) framework and is organized into five key functions: identification, protection, detection, response and recovery. We
regularly assess the threat landscape and employ a layered cybersecurity strategy to prevent, detect and mitigate threats.
All employees undergo security awareness training, with regular testing through simulated phishing emails. Certain employee positions require additional role-based, specialized security awareness or other cybersecurity training, as applicable. Simulations, drills and assessments are conducted to test our defenses from both a technical and an operational perspective.
Management plays a key role in assessing and managing material risks related to cybersecurity threats, including evaluating potential vulnerabilities, monitoring the effectiveness of controls, and ensuring timely remediation of any identified gaps. This ongoing effort includes the coordination of internal and external resources to respond to emerging cybersecurity threats and ensure our systems are resilient against attacks.
We assess risks associated with third-party providers as part of our overall cybersecurity risk management framework by reviewing system and organization controls reports, when available, and other independent reports. We also generally require third parties to, among other things, maintain security controls to protect our confidential information and to promptly notify us of material breaches that may impact our data. |
Cybersecurity Risk Management Processes Integrated [Flag] | true |
Cybersecurity Risk Management Processes Integrated [Text Block] | We maintain a comprehensive enterprise-wide information security program that comprises policies and controls designed to identify, safeguard against, detect, respond to, mitigate and manage reasonably foreseeable cybersecurity risks and threats. Our approach utilizes diverse security tools to prevent, identify, investigate, resolve and recover from vulnerabilities and security incidents. These include, but are not limited to, internal reporting, monitoring and detection tools. We use a collaborative, enterprise-wide strategy to address cybersecurity risks and allocate significant resources to our cybersecurity and risk management processes, which efforts are intended to adapt to the evolving cybersecurity landscape and promptly address emerging threats. Our cybersecurity risk management program aligns with the National Institute of Standards and Technology (NIST) framework and is organized into five key functions: identification, protection, detection, response and recovery. We regularly assess the threat landscape and employ a layered cybersecurity strategy to prevent, detect and mitigate threats. |
Cybersecurity Risk Management Third Party Engaged [Flag] | true |
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] | We face cybersecurity threats in the ordinary course of our business and have faced cybersecurity threats and breach attempts in the past. Such threats and breach attempts have not materially affected our business, strategy, results of operations or financial condition. At any given time, however, we may face known or unknown cybersecurity risks and threats that cannot be fully prevented or mitigated, and we may discover vulnerabilities in our cybersecurity programs. |
Cybersecurity Risk Board of Directors Oversight [Text Block] |
Our
Board of Directors has oversight of our enterprise risk assessment and risk management processes, as well as the steps taken to mitigate
these risks, including for cybersecurity matters. The Audit Committee of our Board of Directors has oversight of cybersecurity risk assessment
and risk management policies as part of its risk management oversight responsibilities, and is responsible for ensuring that the Company
has processes in place to identify, evaluate and manage cybersecurity risks, as well as appropriate processes and programs to mitigate
cybersecurity incidents if they occur. Significant cybersecurity matters, including those related to incidents, are escalated to the
Board of Directors.
We face cybersecurity threats in the ordinary course of our business and have faced cybersecurity threats and breach attempts in the past. Such threats and breach attempts have not materially affected our business, strategy, results of operations or financial condition. At any given time, however, we may face known or unknown cybersecurity risks and threats that cannot be fully prevented or mitigated, and we may discover vulnerabilities in our cybersecurity programs. Therefore, we may not be successful in preventing or mitigating a cybersecurity incident that could have a material adverse effect on us. For more information on the cybersecurity risks we face, please refer to “ A failure of one or more key information technology systems, networks or processes may materially adversely affect our ability to conduct our business.” in Item 1A. “ Risk Factors.” |
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Board of Directors has oversight of our enterprise risk assessment and risk management processes, as well as the steps taken to mitigate these risks, including for cybersecurity matters. The Audit Committee of our Board of Directors has oversight of cybersecurity risk assessment and risk management policies as part of its risk management oversight responsibilities, and is responsible for ensuring that the Company has processes in place to identify, evaluate and manage cybersecurity risks, as well as appropriate processes and programs to mitigate cybersecurity incidents if they occur. |
Cybersecurity Risk Role of Management [Text Block] | Management plays a key role in assessing and managing material risks related to cybersecurity threats, including evaluating potential vulnerabilities, monitoring the effectiveness of controls, and ensuring timely remediation of any identified gaps. This ongoing effort includes the coordination of internal and external resources to respond to emerging cybersecurity threats and ensure our systems are resilient against attacks. |
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Significant cybersecurity matters, including those related to incidents, are escalated to the Board of Directors. |