XML 44 R28.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We have implemented a cybersecurity program to assess, identify, and manage risks from cybersecurity threats that may result in material adverse effects on the confidentiality, integrity, and availability of our information systems.

Primary responsibility for executing our cybersecurity program rests with our Vice President of Corporate Strategy and Planning, who has extensive cybersecurity and information technology knowledge and skills gained from over 30 years of related work experience. The Vice President of Corporate Strategy and Planning is responsible for implementing, monitoring and maintaining cybersecurity and data protection practices across our business and reports directly to our Chief Executive Officer. The Vice President of Corporate Strategy and Planning at times attends meetings of the Board to report on any material developments to our risk management practices, including our cybersecurity program.

The Vice President of Corporate Strategy and Planning meets regularly with members of our Information Technology team, whose responsibilities are dedicated solely to cybersecurity matters. On a quarterly basis, we hold Information Technology Steering Committee meetings, which are attended by our Information Technology team, Chief Executive Officer and Chief Financial Officer, where we discuss the risk management measures implemented to identify and mitigate data protection and cybersecurity risks. Our Information Technology team also works with our Vice President – General Counsel to oversee compliance with legal, regulatory and contractual cybersecurity requirements.

Our cybersecurity processes include automated tools and technical safeguards managed and monitored by our Information Technology team. We regularly conduct vulnerability testing and security audits. We also employ systems and processes designed to oversee, identify, and reduce the potential impact of a security incident at a third-party vendor, service provider or customer or otherwise implicating the third-party technology and systems we use. In addition to our internal cybersecurity capabilities, we also at times engage assessors, auditors, or other third parties to assist with the assessment, identification, and management of cybersecurity risks.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We have implemented a cybersecurity program to assess, identify, and manage risks from cybersecurity threats that may result in material adverse effects on the confidentiality, integrity, and availability of our information systems.

Our cybersecurity processes include automated tools and technical safeguards managed and monitored by our Information Technology team. We regularly conduct vulnerability testing and security audits. We also employ systems and processes designed to oversee, identify, and reduce the potential impact of a security incident at a third-party vendor, service provider or customer or otherwise implicating the third-party technology and systems we use. In addition to our internal cybersecurity capabilities, we also at times engage assessors, auditors, or other third parties to assist with the assessment, identification, and management of cybersecurity risks.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Our Board has the primary responsibility to oversee cybersecurity matters. The Board periodically reviews the measures implemented by the Company to identify and mitigate risks from cybersecurity threats. As part of such reviews, the Board receives reports from the members of our management team responsible for executing our cybersecurity program, which may address a wide range of topics including recent developments, evolving standards, vulnerability assessments, third-party and independent reviews, the threat environment, technological trends and information security considerations arising with respect to the Company’s peers and third parties. The Board discusses with such members of our management team our information technology systems and procedures on any material cybersecurity risks identified. We have protocols by which certain cybersecurity incidents are escalated within the Company and, where appropriate, reported to the Board in a timely manner.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Board
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Board periodically reviews the measures implemented by the Company to identify and mitigate risks from cybersecurity threats. As part of such reviews, the Board receives reports from the members of our management team responsible for executing our cybersecurity program, which may address a wide range of topics including recent developments, evolving standards, vulnerability assessments, third-party and independent reviews, the threat environment, technological trends and information security considerations arising with respect to the Company’s peers and third parties. The Board discusses with such members of our management team our information technology systems and procedures on any material cybersecurity risks identified. We have protocols by which certain cybersecurity incidents are escalated within the Company and, where appropriate, reported to the Board in a timely manner.
Cybersecurity Risk Role of Management [Text Block] the Board receives reports from the members of our management team responsible for executing our cybersecurity program, which may address a wide range of topics including recent developments, evolving standards, vulnerability assessments, third-party and independent reviews, the threat environment, technological trends and information security considerations arising with respect to the Company’s peers and third parties. The Board discusses with such members of our management team our information technology systems and procedures on any material cybersecurity risks identified. We have protocols by which certain cybersecurity incidents are escalated within the Company and, where appropriate, reported to the Board in a timely manner.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Vice President of Corporate Strategy and Planning
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Primary responsibility for executing our cybersecurity program rests with our Vice President of Corporate Strategy and Planning, who has extensive cybersecurity and information technology knowledge and skills gained from over 30 years of related work experience.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Vice President of Corporate Strategy and Planning is responsible for implementing, monitoring and maintaining cybersecurity and data protection practices across our business and reports directly to our Chief Executive Officer.The Vice President of Corporate Strategy and Planning meets regularly with members of our Information Technology team, whose responsibilities are dedicated solely to cybersecurity matters. On a quarterly basis, we hold Information Technology Steering Committee meetings, which are attended by our Information Technology team, Chief Executive Officer and Chief Financial Officer, where we discuss the risk management measures implemented to identify and mitigate data protection and cybersecurity risks.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true