XML 93 R39.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 28, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
Risk Management & Strategy
Cybersecurity is integral to our risk management approach. We are reliant on information technology, and any interruption, failure, or security breach-including cybersecurity incidents-could adversely impact our operations and business continuity.
To address these risks, we maintain a comprehensive, risk-based cybersecurity program focused on protecting sensitive data and systems. Our approach includes:
Layered Security (defense-in-Depth): Implementing multiple levels of controls to safeguard against cyber threats.
Employee Awareness: Delivering mandatory cybersecurity training, conducting phishing simulations, and fostering a culture of vigilance.
Proactive Monitoring and Testing: Leveraging real-time monitoring, regular vulnerability assessments, and external audits to continuously evaluate and enhance defenses.
Preparedness: Maintaining and testing business continuity and disaster recovery plans with scenarios such as simulated cyberattacks.
For more information on risks related to cybersecurity and data security, see Item 1A. “Risk Factors - Risks Related to Our Regulatory Environment” and “Risk Factors - General Risk Factors”. To date, no cybersecurity incidents or risks from cybersecurity threats have materially impacted our business strategy, results of operations, or financial condition.
Key Elements of Our Cybersecurity Program
Our cybersecurity program emphasizes:
Threat Awareness and Risk Identification: Engaging with industry groups and third-party experts to stay ahead of emerging threats.
Employee Training: Conducting annual training and phishing simulations to reinforce best practices.
Advanced Safeguards: Deploying comprehensive technical measures, including firewalls, intrusion detection systems, penetration tests, anti-malware, encryption, and access controls to secure our systems and data.
Vendor Management: Requiring contractual data protection safeguards and screening vendors for compliance during onboarding.
Incident Response: Maintaining up-to-date response and recovery plans, validated through regular tabletop exercises.
Compliance Standards: Adhering to recognized standards such as HITRUST, NIST CSF, ISO 27001, and PCI DSS.
Insurance: Partnering with leading insurers to maintain cyber liability coverage.
Cybersecurity Risk Management Processes Integrated [Flag] false
Cybersecurity Risk Management Processes Integrated [Text Block]
Cybersecurity is integral to our risk management approach. We are reliant on information technology, and any interruption, failure, or security breach-including cybersecurity incidents-could adversely impact our operations and business continuity.
To address these risks, we maintain a comprehensive, risk-based cybersecurity program focused on protecting sensitive data and systems. Our approach includes:
Layered Security (defense-in-Depth): Implementing multiple levels of controls to safeguard against cyber threats.
Employee Awareness: Delivering mandatory cybersecurity training, conducting phishing simulations, and fostering a culture of vigilance.
Proactive Monitoring and Testing: Leveraging real-time monitoring, regular vulnerability assessments, and external audits to continuously evaluate and enhance defenses.
Preparedness: Maintaining and testing business continuity and disaster recovery plans with scenarios such as simulated cyberattacks.
Cybersecurity Risk Management Third Party Engaged [Flag] false
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Our Audit Committee oversees our cybersecurity program and its alignment with overall risk management. This includes monitoring cybersecurity, data privacy and IT risks.
Leadership of our cybersecurity efforts is provided by our VP, Global Information Security, a seasoned expert with over a decade of experience. This role ensures continuous program improvement and alignments with evolving threats and standards.
Our executive team, including our Chief Financial Officer and Chief Information Officer, receive regular briefings on:
Cybersecurity trends and evolving threats;
Program effectiveness and risk mitigation strategies; and
Updates to regulatory and legal requirements related to data security and privacy.
These briefings ensure cybersecurity considerations are integrated into strategic decisions, resource allocation, and risk mitigation planning. In accordance with our incident response plan, any material cybersecurity incidents are promptly reported to the Audit Committee to maintain transparency and oversight.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
Our Audit Committee oversees our cybersecurity program and its alignment with overall risk management. This includes monitoring cybersecurity, data privacy and IT risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
Our Audit Committee oversees our cybersecurity program and its alignment with overall risk management. This includes monitoring cybersecurity, data privacy and IT risks.
Leadership of our cybersecurity efforts is provided by our VP, Global Information Security, a seasoned expert with over a decade of experience. This role ensures continuous program improvement and alignments with evolving threats and standards.
Our executive team, including our Chief Financial Officer and Chief Information Officer, receive regular briefings on:
Cybersecurity trends and evolving threats;
Program effectiveness and risk mitigation strategies; and
Updates to regulatory and legal requirements related to data security and privacy.
Cybersecurity Risk Role of Management [Text Block]
Leadership of our cybersecurity efforts is provided by our VP, Global Information Security, a seasoned expert with over a decade of experience. This role ensures continuous program improvement and alignments with evolving threats and standards.
Our executive team, including our Chief Financial Officer and Chief Information Officer, receive regular briefings on:
Cybersecurity trends and evolving threats;
Program effectiveness and risk mitigation strategies; and
Updates to regulatory and legal requirements related to data security and privacy.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
Our Audit Committee oversees our cybersecurity program and its alignment with overall risk management. This includes monitoring cybersecurity, data privacy and IT risks.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] a seasoned expert with over a decade of experience
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
Our Audit Committee oversees our cybersecurity program and its alignment with overall risk management. This includes monitoring cybersecurity, data privacy and IT risks.
Leadership of our cybersecurity efforts is provided by our VP, Global Information Security, a seasoned expert with over a decade of experience. This role ensures continuous program improvement and alignments with evolving threats and standards.
Our executive team, including our Chief Financial Officer and Chief Information Officer, receive regular briefings on:
Cybersecurity trends and evolving threats;
Program effectiveness and risk mitigation strategies; and
Updates to regulatory and legal requirements related to data security and privacy.
These briefings ensure cybersecurity considerations are integrated into strategic decisions, resource allocation, and risk mitigation planning. In accordance with our incident response plan, any material cybersecurity incidents are promptly reported to the Audit Committee to maintain transparency and oversight.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true