Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2024 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
We recognize the importance of assessing, identifying, and managing material risks associated with cybersecurity threats. These risks include, among other things, operational risks, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy or security laws, other litigation and legal risks, and reputational risks. To aid in our efforts to assess, identify, and manage any material risks, we have implemented several cybersecurity processes, technologies, and controls.
Our process for identifying and assessing material risks from cybersecurity threats operates within our broader overall risk management program. As part of this program, our Chief Information Officer ("CIO") and Vice President of Internal Audit collaborate with subject matter specialists throughout the Company, as necessary, to gather insights for identifying and assessing material risks throughout the Company, including cybersecurity threat risks.
In addition, we also have business processes to provide for critical data and systems availability, maintain regulatory compliance, identify and manage our risks from cybersecurity threats, and protect against, detect, and respond to cybersecurity incidents.
Our Cybersecurity Incident Response Plan ("IRP") coordinates the activities we take to prepare for, detect, respond to, and recover from cybersecurity incidents, which include processes to detect, analyze, validate, investigate, contain, and remediate the incident, as well as to comply with potentially applicable legal obligations and mitigate brand and reputational damage. Our processes also address cybersecurity threat risks associated with third-party service providers that may have access to our data or systems. Third-party risks are included within our broader overall risk assessment process, as well as our cybersecurity-specific risk identification program, both of which are discussed above. In addition, cybersecurity considerations may affect the selection and oversight of our third-party service providers.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] |
We recognize the importance of assessing, identifying, and managing material risks associated with cybersecurity threats. These risks include, among other things, operational risks, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy or security laws, other litigation and legal risks, and reputational risks. To aid in our efforts to assess, identify, and manage any material risks, we have implemented several cybersecurity processes, technologies, and controls.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] | .
Our process for identifying and assessing material risks from cybersecurity threats operates within our broader overall risk management program. As part of this program, our Chief Information Officer ("CIO") and Vice President of Internal Audit collaborate with subject matter specialists throughout the Company, as necessary, to gather insights for identifying and assessing material risks throughout the Company, including cybersecurity threat risks.
In addition, we also have business processes to provide for critical data and systems availability, maintain regulatory compliance, identify and manage our risks from cybersecurity threats, and protect against, detect, and respond to cybersecurity incidents.
|
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
Cybersecurity is an important part of our risk management processes and an area of increasing focus for our Board and management. The Audit Committee of our Board is responsible for the oversight of risks from cybersecurity threats. The Audit Committee regularly receives an overview of our cybersecurity activities from management. Material cybersecurity threat risks may also be considered during separate Board discussions of important matters such as enterprise risk management, budgeting, and other relevant matters.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] |
Cybersecurity is an important part of our risk management processes and an area of increasing focus for our Board and management. The Audit Committee of our Board is responsible for the oversight of risks from cybersecurity threats. The Audit Committee regularly receives an overview of our cybersecurity activities from management. Material cybersecurity threat risks may also be considered during separate Board discussions of important matters such as enterprise risk management, budgeting, and other relevant matters.
|
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] |
Cybersecurity is an important part of our risk management processes and an area of increasing focus for our Board and management. The Audit Committee of our Board is responsible for the oversight of risks from cybersecurity threats. The Audit Committee regularly receives an overview of our cybersecurity activities from management. Material cybersecurity threat risks may also be considered during separate Board discussions of important matters such as enterprise risk management, budgeting, and other relevant matters. Our cybersecurity risk management and strategy processes are led by our CIO, who reports directly to our President and Chief Financial Officer. Our CIO meets with the Audit Committee of our Board as part of the governance process described above. This individual has prior work experience in various roles involving managing information security and risk management, developing cybersecurity strategies, and implementing cybersecurity programs. The IT subject matter experts meet quarterly to review the cybersecurity framework provided by the National Institute of Standards and Technology and evaluate current cybersecurity processes and procedures.
|
| Cybersecurity Risk Role of Management [Text Block] |
We recognize the importance of assessing, identifying, and managing material risks associated with cybersecurity threats. These risks include, among other things, operational risks, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy or security laws, other litigation and legal risks, and reputational risks. To aid in our efforts to assess, identify, and manage any material risks, we have implemented several cybersecurity processes, technologies, and controls.
Our process for identifying and assessing material risks from cybersecurity threats operates within our broader overall risk management program. As part of this program, our Chief Information Officer ("CIO") and Vice President of Internal Audit collaborate with subject matter specialists throughout the Company, as necessary, to gather insights for identifying and assessing material risks throughout the Company, including cybersecurity threat risks.
In addition, we also have business processes to provide for critical data and systems availability, maintain regulatory compliance, identify and manage our risks from cybersecurity threats, and protect against, detect, and respond to cybersecurity incidents.
Our Cybersecurity Incident Response Plan ("IRP") coordinates the activities we take to prepare for, detect, respond to, and recover from cybersecurity incidents, which include processes to detect, analyze, validate, investigate, contain, and remediate the incident, as well as to comply with potentially applicable legal obligations and mitigate brand and reputational damage. Our processes also address cybersecurity threat risks associated with third-party service providers that may have access to our data or systems. Third-party risks are included within our broader overall risk assessment process, as well as our cybersecurity-specific risk identification program, both of which are discussed above. In addition, cybersecurity considerations may affect the selection and oversight of our third-party service providers.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our cybersecurity risk management and strategy processes are led by our CIO, who reports directly to our President and Chief Financial Officer. Our CIO meets with the Audit Committee of our Board as part of the governance process described above. This individual has prior work experience in various roles involving managing information security and risk management, developing cybersecurity strategies, and implementing cybersecurity programs. The IT subject matter experts meet quarterly to review the cybersecurity framework provided by the National Institute of Standards and Technology and evaluate current cybersecurity processes and procedures. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | This individual has prior work experience in various roles involving managing information security and risk management, developing cybersecurity strategies, and implementing cybersecurity programs. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] |
Cybersecurity is an important part of our risk management processes and an area of increasing focus for our Board and management. The Audit Committee of our Board is responsible for the oversight of risks from cybersecurity threats. The Audit Committee regularly receives an overview of our cybersecurity activities from management. Material cybersecurity threat risks may also be considered during separate Board discussions of important matters such as enterprise risk management, budgeting, and other relevant matters.
|
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |