Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
---|---|
Dec. 31, 2024 | |
Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Risk Management and Strategy Our information and operational technology networks, those of our operators and managers, and those of third parties on whom we rely, are important to our ability to perform day-to-day operations of our business. Our business operations rely on the secure collection, storage, transmission and other processing of proprietary, confidential or sensitive data. As a part of our cybersecurity risk management program, we review the Company’s cybersecurity policy on an annual basis and have implemented procedures for responding to cybersecurity incidents. We provide training and awareness programs for team members that include periodic and ongoing assessments to drive adoption and awareness of cybersecurity processes and controls. We have implemented multi-factor authentication, artificial intelligence/machine learning network analysis, containment and incident response tools, vulnerability management processes and penetration testing. A third-party, 24/7 security operations center, along with an artificial intelligence network and endpoint agents, monitor alerts and actively respond in real time to threats. We also actively engage with key vendors and third-party advisors and consultants that assist us to identify, assess and manage cybersecurity risks to our business and employ processes to detect and monitor unusual network activity. In connection with our use of third-parties, we employ systems and processes designed to oversee, identify and reduce the potential impact of a security incident at such vendor or service provider. |
Cybersecurity Risk Management Processes Integrated [Flag] | true |
Cybersecurity Risk Management Processes Integrated [Text Block] | As a part of our cybersecurity risk management program, we review the Company’s cybersecurity policy on an annual basis and have implemented procedures for responding to cybersecurity incidents. We provide training and awareness programs for team members that include periodic and ongoing assessments to drive adoption and awareness of cybersecurity processes and controls. We have implemented multi-factor authentication, artificial intelligence/machine learning network analysis, containment and incident response tools, vulnerability management processes and penetration testing. A third-party, 24/7 security operations center, along with an artificial intelligence network and endpoint agents, monitor alerts and actively respond in real time to threats. We also actively engage with key vendors and third-party advisors and consultants that assist us to identify, assess and manage cybersecurity risks to our business and employ processes to detect and monitor unusual network activity. In connection with our use of third-parties, we employ systems and processes designed to oversee, identify and reduce the potential impact of a security incident at such vendor or service provider. |
Cybersecurity Risk Management Third Party Engaged [Flag] | true |
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
Cybersecurity Risk Board of Directors Oversight [Text Block] |
The Board, in coordination with the Audit Committee, oversees the Company’s processes for assessing and managing risk. Our Board has delegated primary responsibility for overseeing our enterprise risk management process, including oversight of information technology, cybersecurity, and data privacy risks, to the Audit Committee. Despite this delegation of primary responsibility, both the Audit Committee and the Board are actively involved in risk oversight. The Board and Audit Committee regularly review the measures implemented by the Company to identify and mitigate data protection and cybersecurity risks. The Board and Audit Committee meet quarterly, or more frequently as needed, with members of the Company’s Cybersecurity Committee, which is responsible at the management level for the implementation, monitoring, and maintenance of the cybersecurity and data protection practices across the Company. |
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Audit Committee and the Board |
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The Board and Audit Committee regularly review the measures implemented by the Company to identify and mitigate data protection and cybersecurity risks. The Board and Audit Committee meet quarterly, or more frequently as needed, with members of the Company’s Cybersecurity Committee, which is responsible at the management level for the implementation, monitoring, and maintenance of the cybersecurity and data protection practices across the Company. |
Cybersecurity Risk Role of Management [Text Block] |
Management is responsible for identifying and assessing cybersecurity risks, establishing processes to ensure that such cybersecurity risk exposures are monitored, implementing proactive mitigation measures and responding in the event of an incident. We seek to identify and mitigate cybersecurity risks through a comprehensive, cross-functional approach. The Cybersecurity Committee headed by our Vice President of Information Technology, also includes our Chief Financial Officer and senior representatives from various corporate and operational functions. The Cybersecurity Committee meets periodically with our Chief Executive Officer and other members of our senior management to provide updates on the Company’s cyber risks and threats, cybersecurity incidents (if any), the status of projects to strengthen our information security systems, assessments of the information security program and the emerging threat landscape. The individual serving as our Vice President of Information Technology, who possesses deep experience in technology and cybersecurity gained over a career of over 20 years, leads our information technology team, which is responsible for managing our internal IT and cybersecurity processes. We have processes in place to guide our assessment, response and notification procedures upon the occurrence of a cybersecurity incident. Depending on the nature and severity of the cybersecurity incident, this process provides for notifying and escalating the incident to our Board. |
Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Cybersecurity Committee |
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | The individual serving as our Vice President of Information Technology, who possesses deep experience in technology and cybersecurity gained over a career of over 20 years, leads our information technology team, which is responsible for managing our internal IT and cybersecurity processes. We have processes in place to guide our assessment, response and notification procedures upon the occurrence of a cybersecurity incident. Depending on the nature and severity of the cybersecurity incident, this process provides for notifying and escalating the incident to our Board. |
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The Cybersecurity Committee meets periodically with our Chief Executive Officer and other members of our senior management to provide updates on the Company’s cyber risks and threats, cybersecurity incidents (if any), the status of projects to strengthen our information security systems, assessments of the information security program and the emerging threat landscape. |
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |