XML 76 R34.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
Our information security program is managed by a dedicated Chief Information Security Officer (“CISO”) who is responsible, along with his team, for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. Our CISO has served in that role since 2021 and has been in cybersecurity related roles for more than 25 years, including with two publicly traded companies. Our Board of Directors has delegated oversight of risks from cybersecurity threats through our information security program to our Audit Committee, which receives updates twice a year on the program and on an as needed basis from our CISO regarding risks from cybersecurity threats. Our CISO additionally provides periodic updates to our Board of Directors, our Chief Executive Officer and other senior management members, including through our overall Enterprise Risk Management Program. These updates include, among other risk management issues, updates on the Company’s cybersecurity risks and threats, the status of projects to strengthen our information security systems, assessments of the information security program, and the emerging threat landscape.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Our information security program is managed by a dedicated Chief Information Security Officer (“CISO”) who is responsible, along with his team, for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Our information security program leverages components from industry frameworks and generally recognized best practices, including International Organization for Standardization 27001 and National Institute of Standards and Technology ("NIST") standards, such as the NIST Cybersecurity Framework, which emphasizes identification, protection, detection, response and recovery. Our program is regularly evaluated by internal and external experts with the results of those reviews reported to senior management and the Board of Directors. We also collaborate with thought leaders in cybersecurity including with key vendors, clients, business partners, industry
participants, and intelligence and law enforcement communities as part of our continuing efforts to evaluate and improve the effectiveness of our information security policies and procedures. This collaboration allows us to rapidly adopt industry best practices developed through firsthand experience mitigating cyber incidents. Our program also includes processes to oversee and identify risks from cybersecurity threats associated with our use of third-party service providers.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our Board of Directors has delegated oversight of risks from cybersecurity threats through our information security program to our Audit Committee, which receives updates twice a year on the program and on an as needed basis from our CISO regarding risks from cybersecurity threats.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our CISO additionally provides periodic updates to our Board of Directors, our Chief Executive Officer and other senior management members, including through our overall Enterprise Risk Management Program. These updates include, among other risk management issues, updates on the Company’s cybersecurity risks and threats, the status of projects to strengthen our information security systems, assessments of the information security program, and the emerging threat landscape.
Cybersecurity Risk Role of Management [Text Block]
Our information security program is managed by a dedicated Chief Information Security Officer (“CISO”) who is responsible, along with his team, for leading enterprise-wide cybersecurity strategy, policy, standards, architecture, and processes. Our CISO has served in that role since 2021 and has been in cybersecurity related roles for more than 25 years, including with two publicly traded companies. Our Board of Directors has delegated oversight of risks from cybersecurity threats through our information security program to our Audit Committee, which receives updates twice a year on the program and on an as needed basis from our CISO regarding risks from cybersecurity threats. Our CISO additionally provides periodic updates to our Board of Directors, our Chief Executive Officer and other senior management members, including through our overall Enterprise Risk Management Program. These updates include, among other risk management issues, updates on the Company’s cybersecurity risks and threats, the status of projects to strengthen our information security systems, assessments of the information security program, and the emerging threat landscape.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our Board of Directors has delegated oversight of risks from cybersecurity threats through our information security program to our Audit Committee, which receives updates twice a year on the program and on an as needed basis from our CISO regarding risks from cybersecurity threats. Our CISO additionally provides periodic updates to our Board of Directors, our Chief Executive Officer and other senior management members, including through our overall Enterprise Risk Management Program.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our CISO has served in that role since 2021 and has been in cybersecurity related roles for more than 25 years, including with two publicly traded companies.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Our Board of Directors has delegated oversight of risks from cybersecurity threats through our information security program to our Audit Committee, which receives updates twice a year on the program and on an as needed basis from our CISO regarding risks from cybersecurity threats. Our CISO additionally provides periodic updates to our Board of Directors, our Chief Executive Officer and other senior management members, including through our overall Enterprise Risk Management Program. These updates include, among other risk management issues, updates on the Company’s cybersecurity risks and threats, the status of projects to strengthen our information security systems, assessments of the information security program, and the emerging threat landscape.
Our information security program leverages components from industry frameworks and generally recognized best practices, including International Organization for Standardization 27001 and National Institute of Standards and Technology ("NIST") standards, such as the NIST Cybersecurity Framework, which emphasizes identification, protection, detection, response and recovery. Our program is regularly evaluated by internal and external experts with the results of those reviews reported to senior management and the Board of Directors. We also collaborate with thought leaders in cybersecurity including with key vendors, clients, business partners, industry
participants, and intelligence and law enforcement communities as part of our continuing efforts to evaluate and improve the effectiveness of our information security policies and procedures. This collaboration allows us to rapidly adopt industry best practices developed through firsthand experience mitigating cyber incidents. Our program also includes processes to oversee and identify risks from cybersecurity threats associated with our use of third-party service providers.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true