Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | The Company has invested resources in and is committed to maintaining a robust cybersecurity risk management program designed to identify, assess, and mitigate cybersecurity risks, including those related to data breaches, phishing, ransomware, insider threats, third-party relationships, software vulnerabilities, regulatory compliance, cloud security, artificial intelligence, and end-user computing. We are constantly evolving our cyber defenses to prevent and minimize impacts from cyber threats by using a multi-pronged approach that helps safeguard our assets and data. Our cybersecurity management program includes the following elements: Oversight and Governance: Our board of directors as a whole and our Audit Committee oversee and monitor our cybersecurity risk. Regular updates are provided by management to our board of directors and Audit Committee regarding updates on the status of our current cybersecurity risks, a prioritization of key risk areas to be mitigated, updated procedures implemented to mitigate identified risks, and any significant cyber incidents that have occurred or are reasonably likely to occur. Policies and Procedures: The Company maintains policies that detail acceptable use of IT related assets, safeguarding physical and digital access and how the organization would respond to a data breach or related incident. Processes are documented to formalize the implementation of the related policies. Continuous Monitoring: Use of automated tools and third-party services for real-time threat detection, vulnerability scanning and incident alerting. The Company has established additional detection and protection systems including email and web filtering, dark web monitoring and firewalls. Security Incident Response Plan: A formal plan that includes containment, eradication, recovery, root cause analysis and communication protocols. Third-Party Risk Management: The Company performs due diligence, including assessments of third-party suppliers and vendors at the initiation of the relationship and on an annual basis that assesses risk factors, including the third-party’s business recovery and continuity policies. SOC1 reports are reviewed to mitigate material risks from new and ongoing critical finance-related third-party service providers. Training and Awareness: All of the Company’s team members, including senior management, receive mandatory quarterly cybersecurity training and periodic phishing simulations. Individuals who are determined to have a higher associated risk are provided additional training. Further, upon beginning employment and then annually employees must acknowledge policies related to technology in our employee handbook. Periodic Risk Assessment: Company policies, including those related to cybersecurity and data breach response, are assessed periodically for emerging risks and subject to continuous improvement initiatives.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | The Company has invested resources in and is committed to maintaining a robust cybersecurity risk management program designed to identify, assess, and mitigate cybersecurity risks, including those related to data breaches, phishing, ransomware, insider threats, third-party relationships, software vulnerabilities, regulatory compliance, cloud security, artificial intelligence, and end-user computing. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Oversight and Governance: Our board of directors as a whole and our Audit Committee oversee and monitor our cybersecurity risk. Regular updates are provided by management to our board of directors and Audit Committee regarding updates on the status of our current cybersecurity risks, a prioritization of key risk areas to be mitigated, updated procedures implemented to mitigate identified risks, and any significant cyber incidents that have occurred or are reasonably likely to occur.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Oversight and Governance: Our board of directors as a whole and our Audit Committee oversee and monitor our cybersecurity risk. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Regular updates are provided by management to our board of directors and Audit Committee regarding updates on the status of our current cybersecurity risks, a prioritization of key risk areas to be mitigated, updated procedures implemented to mitigate identified risks, and any significant cyber incidents that have occurred or are reasonably likely to occur. |
| Cybersecurity Risk Role of Management [Text Block] | In the event of a cybersecurity incident the incident response team, led by our CEO and comprised of a cross-functional team including representatives from IT, Finance, Quality, Legal, and Human Resources, and further augmented by additional individuals as deemed necessary, follows the Company’s Security Incident Response Plan. Pursuant to this process, designated personnel are responsible for assessing the severity of the incident, types of data involved, and any associated threats. The incident response team is responsible for identifying any exposure containing protected or sensitive data, containing potential threats by removing access or quarantining effected devices and systems and performing analyses to understand root cause with the goal of minimizing impact to the Company’s stakeholders. As appropriate, a communication plan to satisfy internal and other reporting obligations will be drafted and executed. Post-incident analysis and program enhancements would be implemented as appropriate.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Pursuant to this process, designated personnel are responsible for assessing the severity of the incident, types of data involved, and any associated threats. The incident response team is responsible for identifying any exposure containing protected or sensitive data, containing potential threats by removing access or quarantining effected devices and systems and performing analyses to understand root cause with the goal of minimizing impact to the Company’s stakeholders. As appropriate, a communication plan to satisfy internal and other reporting obligations will be drafted and executed. Post-incident analysis and program enhancements would be implemented as appropriate. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | As appropriate, a communication plan to satisfy internal and other reporting obligations will be drafted and executed. Post-incident analysis and program enhancements would be implemented as appropriate. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |