XML 39 R24.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Management and Strategy

We have established processes to assess, identify, and manage cybersecurity risks. These processes are integrated into our overall risk management program and are designed to protect our information assets from internal and external cyber threats and include:

implementing physical, procedural, and technical safeguards;
developing and maintaining comprehensive response plans;
conducting regular exercises and tests to identify potential vulnerabilities;
engaging with external cybersecurity experts to enhance our oversight and keep pace with evolving threats; and
considering the cybersecurity capabilities of partners and third-party service providers, both prior to engaging them and on an ongoing basis.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] These processes are integrated into our overall risk management program and are designed to protect our information assets from internal and external cyber threats and include:
implementing physical, procedural, and technical safeguards;
developing and maintaining comprehensive response plans;
conducting regular exercises and tests to identify potential vulnerabilities;
engaging with external cybersecurity experts to enhance our oversight and keep pace with evolving threats; and
considering the cybersecurity capabilities of partners and third-party service providers, both prior to engaging them and on an ongoing basis.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Governance and Oversight

Our board of directors provides direct oversight of cybersecurity risk and has delegated to its audit committee the responsibility of reviewing and discussing with management our risk exposures relating to cybersecurity. The board of directors and the audit committee conduct periodic reviews of our cybersecurity readiness to ensure continuous improvement in our cybersecurity strategies and receive regular updates from management on cybersecurity matters and are promptly informed by management about any significant new threats or incidents.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] the audit committee
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The board of directors and the audit committee conduct periodic reviews of our cybersecurity readiness to ensure continuous improvement in our cybersecurity strategies and receive regular updates from management on cybersecurity matters and are promptly informed by management about any significant new threats or incidents.
Cybersecurity Risk Role of Management [Text Block]

We have implemented robust mechanisms to monitor and manage cybersecurity threats and incidents, including utilization of advanced tools for continuous monitoring of our IT environment to detect and mitigate threats, a fundamental plan for responding to cyber incidents and training for employees to recognize and report potential cybersecurity incidents and to foster a culture of cybersecurity awareness and vigilance. We have a dedicated management team, led by our Vice President of IT, that is responsible for operational oversight of our cybersecurity strategy and policies. Our Vice President of IT has an extensive background in IT management with a focus on securing sensitive biotech data and systems, having held similar roles at two previous biotech companies with responsibilities including corporate infrastructure and cyber security readiness and response, in addition to over 20 years of professional experience in IT. Any identified cybersecurity incident is reported to our cybersecurity management team, which evaluates the severity of the incident. Based on this assessment, further steps are taken involving other members of management and, depending on the severity, the audit committee and the board of directors. We believe this structured approach allows us to effectively manage and mitigate cybersecurity risks, safeguarding our systems and data against various digital threats. Additionally, our proactive stance is supported by comprehensive cybersecurity insurance, which further reinforces our preparedness against potential cyber threats.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Vice President of IT
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our Vice President of IT has an extensive background in IT management with a focus on securing sensitive biotech data and systems, having held similar roles at two previous biotech companies with responsibilities including corporate infrastructure and cyber security readiness and response, in addition to over 20 years of professional experience in IT.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Any identified cybersecurity incident is reported to our cybersecurity management team, which evaluates the severity of the incident. Based on this assessment, further steps are taken involving other members of management and, depending on the severity, the audit committee and the board of directors. We believe this structured approach allows us to effectively manage and mitigate cybersecurity risks, safeguarding our systems and data against various digital threats. Additionally, our proactive stance is supported by comprehensive cybersecurity insurance, which further reinforces our preparedness against potential cyber threats.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true