XML 50 R31.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
The Company has a cybersecurity program, which uses technology and Governance, Risk, and Compliance processes to help mitigate cybersecurity risks, with our management team working to monitor, assess, identify, and respond to potential cybersecurity incidents that threaten the Company. The program also focuses on security awareness and training for employees and contractors with access to Company facilities or systems. Cybersecurity risks for the Company include financial loss, loss of data, and business interruption. The Company maintains technology and non-technology based system controls, cybersecurity insurance, a robust backup program, and disaster recovery testing to mitigate these risks.
The company has implemented a comprehensive cybersecurity risk management program to identify, assess, and manage material risks from cybersecurity threats. This program is integrated into our overall enterprise risk management framework and includes the following key components:
1Risk Assessment Process: We conduct regular cybersecurity risk assessments using industry-standard frameworks such as NIST CSF and CIS. These assessments help us identify potential vulnerabilities and prioritize our mitigation efforts.
2Threat Detection and Response: We have deployed advanced threat detection technologies and maintain an incident response plan that is regularly tested and updated.
3Third-Party Risk Management: We assess and monitor the cybersecurity practices of our key vendors and partners to mitigate supply chain risks.
4Employee Training and Awareness: We provide ongoing cybersecurity awareness training to all employees and conduct simulated phishing exercises to reinforce best practices.
Our cybersecurity program also follows defense in depth principles, which aim to implement various layered access control, detection, prevention, and response measures. We also engage with independent third parties to assess our vulnerabilities and help us mitigate cybersecurity-related risks. Our security posture is also tested by internal personnel and independent third parties to gauge its effectiveness from time to time.
Management’s Role in Assessing and Managing Cybersecurity Risks
The Company’s cybersecurity risk management and strategy processes for assessing, identifying, and managing material risks from cybersecurity threats are managed by members of the Company’s management team, primarily the Chief Executive Officer and the Chief Financial Officer. Per the Company’s policies, cybersecurity incidents are to be immediately reported to the management team for resolution with outsourced IT support team. Information technology general controls, including controls to mitigate cybersecurity risks, are included with management’s testing of internal control over financial reporting. A virtual Chief Information Security Officer is in place to help lead the Company's cybersecurity program. This individual, who
reports directly to the Chief Financial Officer, is well positioned, with over 25 years of experience in the field. He holds various industry-leading certifications along with a Master of Laws in cybersecurity and privacy law.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
The Company has a cybersecurity program, which uses technology and Governance, Risk, and Compliance processes to help mitigate cybersecurity risks, with our management team working to monitor, assess, identify, and respond to potential cybersecurity incidents that threaten the Company. The program also focuses on security awareness and training for employees and contractors with access to Company facilities or systems. Cybersecurity risks for the Company include financial loss, loss of data, and business interruption. The Company maintains technology and non-technology based system controls, cybersecurity insurance, a robust backup program, and disaster recovery testing to mitigate these risks.
The company has implemented a comprehensive cybersecurity risk management program to identify, assess, and manage material risks from cybersecurity threats. This program is integrated into our overall enterprise risk management framework and includes the following key components:
1Risk Assessment Process: We conduct regular cybersecurity risk assessments using industry-standard frameworks such as NIST CSF and CIS. These assessments help us identify potential vulnerabilities and prioritize our mitigation efforts.
2Threat Detection and Response: We have deployed advanced threat detection technologies and maintain an incident response plan that is regularly tested and updated.
3Third-Party Risk Management: We assess and monitor the cybersecurity practices of our key vendors and partners to mitigate supply chain risks.
4Employee Training and Awareness: We provide ongoing cybersecurity awareness training to all employees and conduct simulated phishing exercises to reinforce best practices.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Cybersecurity risks are included in an overall risk management assessment, which is reviewed annually by the Company’s audit committee. The Company engages third-party specialists on a periodic basis to review key information technology systems and provide recommendations for system updates and improvements. Results of these reviews are used to update information technology systems within the Company’s information system governance policies. The Company's management regularly discusses cyber trends and, should they arise, any material incidents with audit committee. The Company’s management will also review the Company’s cybersecurity program with the Board once every year.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
Cybersecurity risks are included in an overall risk management assessment, which is reviewed annually by the Company’s audit committee. The Company engages third-party specialists on a periodic basis to review key information technology systems and provide recommendations for system updates and improvements. Results of these reviews are used to update information technology systems within the Company’s information system governance policies. The Company's management regularly discusses cyber trends and, should they arise, any material incidents with audit committee. The Company’s management will also review the Company’s cybersecurity program with the Board once every year.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
The Company’s cybersecurity risk management and strategy processes for assessing, identifying, and managing material risks from cybersecurity threats are managed by members of the Company’s management team, primarily the Chief Executive Officer and the Chief Financial Officer. Per the Company’s policies, cybersecurity incidents are to be immediately reported to the management team for resolution with outsourced IT support team. Information technology general controls, including controls to mitigate cybersecurity risks, are included with management’s testing of internal control over financial reporting. A virtual Chief Information Security Officer is in place to help lead the Company's cybersecurity program. This individual, who
reports directly to the Chief Financial Officer, is well positioned, with over 25 years of experience in the field. He holds various industry-leading certifications along with a Master of Laws in cybersecurity and privacy law.
Board of Director’s Oversight of Risks from Cybersecurity
Cybersecurity risks are included in an overall risk management assessment, which is reviewed annually by the Company’s audit committee. The Company engages third-party specialists on a periodic basis to review key information technology systems and provide recommendations for system updates and improvements. Results of these reviews are used to update information technology systems within the Company’s information system governance policies. The Company's management regularly discusses cyber trends and, should they arise, any material incidents with audit committee. The Company’s management will also review the Company’s cybersecurity program with the Board once every year.
Cybersecurity Risk Role of Management [Text Block]
The Company’s cybersecurity risk management and strategy processes for assessing, identifying, and managing material risks from cybersecurity threats are managed by members of the Company’s management team, primarily the Chief Executive Officer and the Chief Financial Officer. Per the Company’s policies, cybersecurity incidents are to be immediately reported to the management team for resolution with outsourced IT support team. Information technology general controls, including controls to mitigate cybersecurity risks, are included with management’s testing of internal control over financial reporting. A virtual Chief Information Security Officer is in place to help lead the Company's cybersecurity program. This individual, who
reports directly to the Chief Financial Officer, is well positioned, with over 25 years of experience in the field. He holds various industry-leading certifications along with a Master of Laws in cybersecurity and privacy law.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
Cybersecurity risks are included in an overall risk management assessment, which is reviewed annually by the Company’s audit committee. The Company engages third-party specialists on a periodic basis to review key information technology systems and provide recommendations for system updates and improvements. Results of these reviews are used to update information technology systems within the Company’s information system governance policies. The Company's management regularly discusses cyber trends and, should they arise, any material incidents with audit committee. The Company’s management will also review the Company’s cybersecurity program with the Board once every year.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] A virtual Chief Information Security Officer is in place to help lead the Company's cybersecurity program. This individual, who reports directly to the Chief Financial Officer, is well positioned, with over 25 years of experience in the field. He holds various industry-leading certifications along with a Master of Laws in cybersecurity and privacy law.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Company's management regularly discusses cyber trends and, should they arise, any material incidents with audit committee. The Company’s management will also review the Company’s cybersecurity program with the Board once every year.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true