v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Abstract]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] Risk Management and Strategy 

Assessing, Identifying, and Managing Material Cyber Threats

 

We have in place certain infrastructure, systems, policies, and procedures that are designed to proactively and reactively address circumstances that arise when unexpected events such as a cybersecurity incident occur. These include processes for assessing, identifying, and managing material risks from cybersecurity threats. We consult with external parties, such as cybersecurity firms and risk management and governance experts, on risk management and strategy. We use a team of outside vendors and government services specializing in IT and cybersecurity that provide expertise, tools, and methodologies to identify and assess vulnerabilities and potential threats. Automated tools and

 

AI-based user behavior analytics also support identification and management of cyber threats. Response to a broad category of threats is immediate and automatic. Security personnel and members of our management are alerted when cyber threats or anomalies are detected. Persistent threats or issues that, in the opinion of management, are material are immediately brought to the attention of our board of directors.

 

In the event of a detected cyber incident by 24/7 monitoring software or employee notification, our IT and cybersecurity provider performs a detailed assessment of the incident, identifies the source of the problem, and resolves the issue as appropriate. If they are unable to resolve the issue, the problem is escalated to our cybersecurity monitoring and detection software provider for resolution. Events which are not routinely resolved by our IT and cybersecurity provider are brought to the attention of the board.

 

In order to mitigate risks of cybersecurity incidents, critical business and operational data are backed up at night and stored offsite for security purposes and to restore data in the event of a breach. Additionally, we provide cybersecurity awareness training of our employees, incident response personnel, and senior management.

 
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] Although, to date, cybersecurity incidents have not materially impacted our business strategy, results of operations, or financial condition, there can be no assurances that they will not do so in the future.
Cybersecurity Risk Board of Directors Oversight [Text Block] Our board of directors provides oversight and oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, to help align our risk exposure with our strategic objectives. Two of our management have received training on cyber risk governance for public companies, regularly brief our board of directors on our cybersecurity and information security posture as well as cybersecurity incidents deemed to have a moderate or higher business impact, even if viewed as immaterial to us. As cyber threats evolve and become more sophisticated, we believe that the board’s involvement in cybersecurity governance ensures that we are adequately focused on resources and protecting the Company’s assets and reputation.
Cybersecurity Risk Role of Management [Text Block] Vital aspects of our cybersecurity governance that are currently in process or have been implemented include the following: 
  Governance and Strategy: Management and the board ensure that our cybersecurity strategy is aligned with our business strategy.
  Risk Management and Oversight: Our board, as part of the board’s enterprise risk management oversight, actively oversee our cybersecurity risk management framework, ensuring that material risks are identified, assessed, and mitigated.
  Resource Allocation:
  Budget Approval: The board reviews and approves cybersecurity budgets and resource allocations to ensure we have adequate resources to implement and maintain effective cybersecurity measures.
  Investment Decisions: The board, based upon recommendation of management or our external vendors and consultants, evaluates and approves significant investments in cybersecurity technologies, training, and talent.
  Compliance and Legal Obligations:
  Regulatory Compliance: Management and the board both play a role in overseeing compliance with relevant cybersecurity regulations and legal requirements.
  Legal Oversight: Management and the board ensure we have appropriate legal counsel to address cybersecurity-related issues, including breach notification requirements.
  Education and Awareness:
  Training and Awareness: Members of management and members of our board take reasonable steps to stay informed about cybersecurity trends, threats, and best practices through ongoing education and training. Management reviews Company employee training programs to ensure employees are being trained appropriately and kept up to date on evolving cyber trends.
  Board Training: Certain of our board members have received training to understand cybersecurity risks and their role in overseeing cybersecurity.
  Reporting and Communication:
  Periodic Updates: The board receives periodic updates from management, responsible staff regarding the Company’s cybersecurity posture, incidents, and risk management efforts.
  Communication Strategy: Management, together with the board, are in the process of establishing a communication strategy for addressing cybersecurity disclosures with stakeholders, including customers, employees, and the public.
  Performance Evaluation: Included in the board’s annual evaluation of the performance of the Company’s chief executive officer is the effectiveness of implementing cybersecurity policy and measures, ensuring that cybersecurity policies and practices are effective and aligned with organizational goals.
  Cybersecurity Culture: The board fosters a cybersecurity-aware culture throughout the organization, supporting management’s efforts to build risk management including cyber into the fabric of the operating culture.
 
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our executive management team is primarily responsible for assessing and managing our material risks from cybersecurity threats. Management supervises both our internal cybersecurity and IT related personnel, as well as our retained external cybersecurity consultants and vendors. Additionally, they supervise efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefing from internal or external security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants or vendors engaged by us; and alerts and reports produced by security tools deployed in our IT environment.