Cybersecurity Risk Management, Strategy and Governance |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Item 1C. Cybersecurity. Risk Management and Strategy We maintain and continue to develop processes designed to assess, identify, and manage material risks from cybersecurity threats as part of our overall enterprise risk management framework. These processes are intended to safeguard the confidentiality, integrity, and availability of our information systems and the information residing therein and are integrated into the Company’s broader risk management activities.
Our cybersecurity risk management processes include, among other things:
•
Risk identification and assessment: Periodic evaluations of our information systems to identify cybersecurity threats and vulnerabilities that could adversely affect our operations.
•
Security controls and policies: Implementation and maintenance of company-wide cybersecurity policies, standards, and technical controls designed to mitigate identified risks.
•
Employee awareness and training: Ongoing cybersecurity training programs intended to promote awareness and preparedness across the organization.
•
Incident response planning: Maintenance of a formal incident response plan that defines processes for responding to, mitigating, and remediating cybersecurity incidents.
•
Continuous monitoring: Use of monitoring processes designed to detect anomalous activity and potential cybersecurity incidents in a timely manner.
To support these processes and to align with industry practices, we engage third-party consultants and other service providers to conduct periodic assessments and testing of our cybersecurity policies, standards, processes, and controls. In evaluating cybersecurity risks, we consider the potential impact of such risks on our business, including operational disruption, financial loss, regulatory or legal exposure, and reputational harm. These considerations inform our assessment of whether cybersecurity risks or incidents may be material. We also maintain processes to oversee and manage cybersecurity risks associated with our suppliers and use of third-party service providers. These processes include evaluating the cybersecurity practices of third parties that may have access to our information systems or sensitive data, including through assessments of their alignment with applicable security standards and contractual requirements. We believe these measures help mitigate the risk of cybersecurity incidents originating from third parties. To date, we believe that risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have not materially affected our business, results of operations, cash flows, or financial condition. However, cybersecurity threats continue to evolve, and we can provide no assurance that future incidents will not occur or that such incidents would not have a material effect on the Company. Governance The audit committee of our board of directors has primary responsibility for overseeing the Company’s risk management processes relating to cybersecurity, including risks arising from cybersecurity threats. The audit committee receives regular updates regarding cybersecurity risks and any significant incident. Our cybersecurity department works with executive management to continually develop our cybersecurity strategy and to manage and assess our risk posture in this area. Our cybersecurity department is responsible for establishing and maintaining cybersecurity policies and standards, overseeing key security initiatives, assessing cybersecurity risks, and supporting compliance with applicable laws and regulations. We maintain a documented incident response process led by senior members of the cybersecurity department. This process is designed to coordinate our response to cybersecurity incidents, including assessing the nature, severity, and potential impact of incidents and determining whether an incident may be material. Matters are escalated to executive management and the audit committee, as appropriate. Through ongoing communications and reporting processes, our cybersecurity department monitors the prevention, detection, mitigation, and remediation of cybersecurity threats and incidents and provides relevant information to executive management, the board of directors, and the audit committee. Each member of our cybersecurity department has prior work experience in information technology and cybersecurity functions, including experience managing cybersecurity risks, overseeing security operations, and responding to cybersecurity incidents. Such individuals hold undergraduate and graduate degrees in relevant fields, including a master's degree in Computer Science, and also hold industry-recognized certifications and possess relevant knowledge, skills, or background in cybersecurity. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
Our cybersecurity department works with executive management to continually develop our cybersecurity strategy and to manage and assess our risk posture in this area. Our cybersecurity department is responsible for establishing and maintaining cybersecurity policies and standards, overseeing key security initiatives, assessing cybersecurity risks, and supporting compliance with applicable laws and regulations. We maintain a documented incident response process led by senior members of the cybersecurity department. This process is designed to coordinate our response to cybersecurity incidents, including assessing the nature, severity, and potential impact of incidents and determining whether an incident may be material. Matters are escalated to executive management and the audit committee, as appropriate. Through ongoing communications and reporting processes, our cybersecurity department monitors the prevention, detection, mitigation, and remediation of cybersecurity threats and incidents and provides relevant information to executive management, the board of directors, and the audit committee. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] |
Our cybersecurity department works with executive management to continually develop our cybersecurity strategy and to manage and assess our risk posture in this area. Our cybersecurity department is responsible for establishing and maintaining cybersecurity policies and standards, overseeing key security initiatives, assessing cybersecurity risks, and supporting compliance with applicable laws and regulations. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] |
Through ongoing communications and reporting processes, our cybersecurity department monitors the prevention, detection, mitigation, and remediation of cybersecurity threats and incidents and provides relevant information to executive management, the board of directors, and the audit committee. |
| Cybersecurity Risk Role of Management [Text Block] |
Our cybersecurity department works with executive management to continually develop our cybersecurity strategy and to manage and assess our risk posture in this area. Our cybersecurity department is responsible for establishing and maintaining cybersecurity policies and standards, overseeing key security initiatives, assessing cybersecurity risks, and supporting compliance with applicable laws and regulations. We maintain a documented incident response process led by senior members of the cybersecurity department. This process is designed to coordinate our response to cybersecurity incidents, including assessing the nature, severity, and potential impact of incidents and determining whether an incident may be material. Matters are escalated to executive management and the audit committee, as appropriate. Through ongoing communications and reporting processes, our cybersecurity department monitors the prevention, detection, mitigation, and remediation of cybersecurity threats and incidents and provides relevant information to executive management, the board of directors, and the audit committee. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] |
Our cybersecurity department works with executive management to continually develop our cybersecurity strategy and to manage and assess our risk posture in this area. Our cybersecurity department is responsible for establishing and maintaining cybersecurity policies and standards, overseeing key security initiatives, assessing cybersecurity risks, and supporting compliance with applicable laws and regulations. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] |
Each member of our cybersecurity department has prior work experience in information technology and cybersecurity functions, including experience managing cybersecurity risks, overseeing security operations, and responding to cybersecurity incidents. Such individuals hold undergraduate and graduate degrees in relevant fields, including a master's degree in Computer Science, and also hold industry-recognized certifications and possess relevant knowledge, skills, or background in cybersecurity. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The audit committee receives regular updates regarding cybersecurity risks and any significant incident. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |