XML 25 R9.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. This program is integrated within the Company’s enterprise risk management system and addresses both the corporate information technology environment and customer-facing products.

 

The underlying controls and processes of our cyber risk management program are consistent with recognized practices and standards for cybersecurity and information technology, including the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework and the International Organization Standardization 27001 Information Security Management System Requirements.

 

Cyber partners are also a key part of our cybersecurity infrastructure. We utilize third-party software to provide continuous monitoring of our infrastructure and to coordinate the investigation and remediation of alerts. A program for staging incident response drills is intended to prepare support teams in the event of a significant incident.

 

The Chief Financial Officer, who is responsible for assessing and managing our cyber-risk management program, informs senior management regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents and supervises such efforts. The Chief Financial Officer has experience selecting, deploying, and operating cybersecurity technologies, initiatives, and processes, and relies on threat intelligence as well as other information obtained from governmental, public, or private sources, including external consultants.

 

The Audit Committee of the Board of Directors is responsible for overseeing cybersecurity risk exposures and the steps taken by management to monitor and mitigate cybersecurity risks. Management briefs the Audit Committee on the effectiveness of our cyber risk management program. In addition, cybersecurity risks are reviewed by the Board of Directors, at least annually.

 

We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows, or reputation. We have experienced, and will continue to experience, cyber incidents in the normal course of our business, however, prior cybersecurity incidents have not had a material adverse effect on our business, financial condition, results of operations, or cash flows. See “Risk Factors – Risks Relating to Our Business – We may have risks associated with security of our information technology systems”.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We maintain a cyber risk management program designed to identify, assess, manage, mitigate, and respond to cybersecurity threats. This program is integrated within the Company’s enterprise risk management system and addresses both the corporate information technology environment and customer-facing products.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows, or reputation. We have experienced, and will continue to experience, cyber incidents in the normal course of our business, however, prior cybersecurity incidents have not had a material adverse effect on our business, financial condition, results of operations, or cash flows. See “Risk Factors – Risks Relating to Our Business – We may have risks associated with security of our information technology systems”.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Audit Committee of the Board of Directors is responsible for overseeing cybersecurity risk exposures and the steps taken by management to monitor and mitigate cybersecurity risks. Management briefs the Audit Committee on the effectiveness of our cyber risk management program. In addition, cybersecurity risks are reviewed by the Board of Directors, at least annually.
Cybersecurity Risk Role of Management [Text Block] The Chief Financial Officer, who is responsible for assessing and managing our cyber-risk management program, informs senior management regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents and supervises such efforts. The Chief Financial Officer has experience selecting, deploying, and operating cybersecurity technologies, initiatives, and processes, and relies on threat intelligence as well as other information obtained from governmental, public, or private sources, including external consultants.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true