XML 53 R30.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. Our information technology (“IT”) personnel, together with third party firms, continuously work to identify, assess, and manage cybersecurity risks in alignment with cybersecurity standards, [including the National Institute of Standards and Technology (NIST) Cyber Security Framework, NIST 800-53, NIST 800-82, and International Electrotechnical Commission 62443]. Our executive management team and Board of Directors are periodically updated regarding the status of, and adjustments to, our cybersecurity program.
To protect our technology systems from cybersecurity threats, we use various security tools that help prevent, identify, escalate, investigate, resolve, and recover from identified vulnerabilities and security incidents in a timely manner. These include, but are not limited to, internal reporting, monitoring, and detection tools to assist us in identifying vulnerabilities in our products before they are exploited by malicious threat actors.
No unauthorized access to customer, vendor, supplier, joint venture, employee or our data occurred as a result of cybersecurity incidents against us that has had a material adverse effect on our business, operations, or consolidated financial condition. If our systems, or our customers' or suppliers’ systems, for protecting against cybersecurity incidents prove to be insufficient, a cybersecurity incident could have a material adverse effect on our business, operations, or consolidated financial condition.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. Our information technology (“IT”) personnel, together with third party firms, continuously work to identify, assess, and manage cybersecurity risks in alignment with cybersecurity standards, [including the National Institute of Standards and Technology (NIST) Cyber Security Framework, NIST 800-53, NIST 800-82, and International Electrotechnical Commission 62443].
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
We have an Incident Response Plan that defines and documents procedures for assessing, identifying, and managing a cybersecurity incident. In the event there is a cyber security incident, the designated IT personnel and the Incident Response Team will assess the cybersecurity incident’s impact as the basis for assigning a preliminary severity level. Designated IT personnel are also responsible for communicating incidents to other members of management as appropriate. Were a cybersecurity incident to occur that was determined to be material by our Incident Response Team, including executive management, then our Board of Directors would be notified. Should any incidents occur that have a preliminary severity rating of high or critical, our Incident Response Team would confer with our Board of Directors to determine whether to report the cybersecurity incident in our public filings.
Aside from more immediate reporting of material incidents to our Board of Directors as described above, our IT personnel regularly provide our Board of Directors an update on cybersecurity during each of its quarterly meetings regarding the effectiveness of technical and human security controls, cybersecurity training program compliance, internal and third-party cybersecurity incidents, and cybersecurity risks.
Our CFO leads the IT department and together with IT management they have more than 30 years of combined experience in the IT profession.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] In the event there is a cyber security incident, the designated IT personnel and the Incident Response Team will assess the cybersecurity incident’s impact as the basis for assigning a preliminary severity level. Designated IT personnel are also responsible for communicating incidents to other members of management as appropriate. Were a cybersecurity incident to occur that was determined to be material by our Incident Response Team, including executive management, then our Board of Directors would be notified.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Aside from more immediate reporting of material incidents to our Board of Directors as described above, our IT personnel regularly provide our Board of Directors an update on cybersecurity during each of its quarterly meetings regarding the effectiveness of technical and human security controls, cybersecurity training program compliance, internal and third-party cybersecurity incidents, and cybersecurity risks.
Cybersecurity Risk Role of Management [Text Block] Were a cybersecurity incident to occur that was determined to be material by our Incident Response Team, including executive management, then our Board of Directors would be notified. Should any incidents occur that have a preliminary severity rating of high or critical, our Incident Response Team would confer with our Board of Directors to determine whether to report the cybersecurity incident in our public filings.
Aside from more immediate reporting of material incidents to our Board of Directors as described above, our IT personnel regularly provide our Board of Directors an update on cybersecurity during each of its quarterly meetings regarding the effectiveness of technical and human security controls, cybersecurity training program compliance, internal and third-party cybersecurity incidents, and cybersecurity risks.
Our CFO leads the IT department and together with IT management they have more than 30 years of combined experience in the IT profession.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
We have an Incident Response Plan that defines and documents procedures for assessing, identifying, and managing a cybersecurity incident. In the event there is a cyber security incident, the designated IT personnel and the Incident Response Team will assess the cybersecurity incident’s impact as the basis for assigning a preliminary severity level. Designated IT personnel are also responsible for communicating incidents to other members of management as appropriate. Were a cybersecurity incident to occur that was determined to be material by our Incident Response Team, including executive management, then our Board of Directors would be notified. Should any incidents occur that have a preliminary severity rating of high or critical, our Incident Response Team would confer with our Board of Directors to determine whether to report the cybersecurity incident in our public filings.
Aside from more immediate reporting of material incidents to our Board of Directors as described above, our IT personnel regularly provide our Board of Directors an update on cybersecurity during each of its quarterly meetings regarding the effectiveness of technical and human security controls, cybersecurity training program compliance, internal and third-party cybersecurity incidents, and cybersecurity risks.
Our CFO leads the IT department and together with IT management they have more than 30 years of combined experience in the IT profession.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our CFO leads the IT department and together with IT management they have more than 30 years of combined experience in the IT profession.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
We have an Incident Response Plan that defines and documents procedures for assessing, identifying, and managing a cybersecurity incident. In the event there is a cyber security incident, the designated IT personnel and the Incident Response Team will assess the cybersecurity incident’s impact as the basis for assigning a preliminary severity level. Designated IT personnel are also responsible for communicating incidents to other members of management as appropriate. Were a cybersecurity incident to occur that was determined to be material by our Incident Response Team, including executive management, then our Board of Directors would be notified. Should any incidents occur that have a preliminary severity rating of high or critical, our Incident Response Team would confer with our Board of Directors to determine whether to report the cybersecurity incident in our public filings.
Aside from more immediate reporting of material incidents to our Board of Directors as described above, our IT personnel regularly provide our Board of Directors an update on cybersecurity during each of its quarterly meetings regarding the effectiveness of technical and human security controls, cybersecurity training program compliance, internal and third-party cybersecurity incidents, and cybersecurity risks.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true