XML 31 R8.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

 

In the normal course of business, we collect and store sensitive information, including proprietary and confidential business information, intellectual property, information regarding clinical and non-clinical trials, sensitive third-party information and employee information.

 

We have processes designed to protect our information systems, data, assets, infrastructure, and computing environments from cybersecurity threats and risks. Our cybersecurity strategy includes the use of managed detection and response services to monitor our network infrastructure and associated endpoints for possible cybersecurity threats. In addition, we use multi-factor authentication, perform periodical penetration testing and other logical, physical and technical controls designed to deter, prevent, mitigate and respond to cybersecurity threats. Further, our information systems include continuous alert plans, and we provide periodical cybersecurity reminders to our employees to emphasizes the importance of adherence to our security policies.

 

We conduct organizational risk assessment, which help management in identifying data assets and recognizing and assessing potential threats, and investigating potential vulnerabilities. We are in the process of reviewing and implementing incremental information technology strategies to mitigate cybersecurity risks and their possible impacts. Risk assessments enable management to make risk management decisions and assign resources to mitigate risk. We also periodically engage third parties to assess the effectiveness of our cybersecurity practices.

 

As of the date of this Annual Report, we do not believe that any past cybersecurity incidents that have been detected have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition.

 

See “Risk Factors - Risks Related to Our Business and Operations” for additional information about the risks to our business associated with cybersecurity or a breach or compromise to our information security systems.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We have processes designed to protect our information systems, data, assets, infrastructure, and computing environments from cybersecurity threats and risks. Our cybersecurity strategy includes the use of managed detection and response services to monitor our network infrastructure and associated endpoints for possible cybersecurity threats. In addition, we use multi-factor authentication, perform periodical penetration testing and other logical, physical and technical controls designed to deter, prevent, mitigate and respond to cybersecurity threats. Further, our information systems include continuous alert plans, and we provide periodical cybersecurity reminders to our employees to emphasizes the importance of adherence to our security policies.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] As of the date of this Annual Report, we do not believe that any past cybersecurity incidents that have been detected have materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition.
Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

 

Our Director of Information Technology has responsibilities which include preventing and monitoring cybersecurity threats and utilizes the assistance of external vendors in this effort. Our Director of Information Technology regularly reports to senior management regarding the status of our cybersecurity program, emerging cybersecurity threats, long-term cybersecurity investments and strategies, and oversight of our cybersecurity profile.

 

Our full Board of Directors oversees the risk management process for the Company, which includes identifying, assessing and managing enterprise-level risks. The Board administers this oversight function directly through the Board of Directors as a whole, as well as through its standing committees that address risks inherent in their respective areas of oversight. The risk oversight responsibility of the Board of Directors and its committees is supported by the management reporting processes, which are designed to provide visibility to the Board of Directors and to the personnel who are responsible for risk assessment and information about the identification, assessment and management of critical risks, and management’s risk mitigation strategies. Our cybersecurity risk program directly integrates and is intended to align with the Board of Directors’ overall risk management process.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our full Board of Directors oversees the risk management process for the Company, which includes identifying, assessing and managing enterprise-level risks. The Board administers this oversight function directly through the Board of Directors as a whole, as well as through its standing committees that address risks inherent in their respective areas of oversight. The risk oversight responsibility of the Board of Directors and its committees is supported by the management reporting processes, which are designed to provide visibility to the Board of Directors and to the personnel who are responsible for risk assessment and information about the identification, assessment and management of critical risks, and management’s risk mitigation strategies. Our cybersecurity risk program directly integrates and is intended to align with the Board of Directors’ overall risk management process.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our full Board of Directors oversees the risk management process for the Company, which includes identifying, assessing and managing enterprise-level risks. The Board administers this oversight function directly through the Board of Directors as a whole, as well as through its standing committees that address risks inherent in their respective areas of oversight. The risk oversight responsibility of the Board of Directors and its committees is supported by the management reporting processes, which are designed to provide visibility to the Board of Directors and to the personnel who are responsible for risk assessment and information about the identification, assessment and management of critical risks, and management’s risk mitigation strategies. Our cybersecurity risk program directly integrates and is intended to align with the Board of Directors’ overall risk management process.
Cybersecurity Risk Role of Management [Text Block] Our Director of Information Technology has responsibilities which include preventing and monitoring cybersecurity threats and utilizes the assistance of external vendors in this effort. Our Director of Information Technology regularly reports to senior management regarding the status of our cybersecurity program, emerging cybersecurity threats, long-term cybersecurity investments and strategies, and oversight of our cybersecurity profile.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true