v3.26.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We operate in the biotechnology sector, which is subject to various cybersecurity risks that could adversely affect our business, financial condition, and results of operations, including intellectual property theft; fraud; extortion; harm to employees; violation of privacy laws and other litigation and legal risk; and reputational risk. We recognize the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. We currently have security measures in place to protect patients’, employees’ and vendors’ information and prevent data loss and other security breaches, including a cybersecurity risk assessment program. Both management and the Company’s Audit Committee are actively involved in the continuous assessment of risks from cybersecurity threats, including prevention, mitigation and detection.

Risk Management and Strategy

Our cybersecurity assessment program outlines policies and procedures and technology we use to oversee and identify risks from cybersecurity threats, and focuses on the following areas:

  Vigilance: The Company maintains cybersecurity threat operations with the goal of identifying, preventing and mitigating cybersecurity threats and responding to cybersecurity incidents in accordance with our established disaster recovery policy.
  Systems Safeguards: The Company deploys systems safeguards that are designed to protect the Company’s information systems from cybersecurity threats, including firewalls, intrusion prevention and detection systems, anti-malware functionality and access controls, which are evaluated and improved through ongoing vulnerability assessments and cybersecurity threat intelligence.
  Third Party Service Provider: The Company utilizes a third-party service provider to assist the Company to identify, assess, prevent and respond to cybersecurity risks.
  Training: The Company provides periodic training for personnel regarding cybersecurity threats, which reinforces the Company’s information security policies, standards and practices.
  Incident Response and Recovery Planning: The Company has established and maintains a plan that addresses the Company’s response to a cybersecurity incident and the recovery from a cybersecurity incident, which plan is evaluated periodically.
  Communication and Disclosure: The Company’s established plan includes procedures for the communication of cybersecurity incidents so that decisions regarding the disclosure and reporting of such incidents can be made in a timely manner.
  Governance: The management’s oversight of cybersecurity risk management is supported by the Company’s Audit Committee.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Both management and the Company’s Audit Committee are actively involved in the continuous assessment of risks from cybersecurity threats, including prevention, mitigation and detection.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Role of Management [Text Block]

Risk Management and Strategy

Our cybersecurity assessment program outlines policies and procedures and technology we use to oversee and identify risks from cybersecurity threats, and focuses on the following areas:

  Vigilance: The Company maintains cybersecurity threat operations with the goal of identifying, preventing and mitigating cybersecurity threats and responding to cybersecurity incidents in accordance with our established disaster recovery policy.
  Systems Safeguards: The Company deploys systems safeguards that are designed to protect the Company’s information systems from cybersecurity threats, including firewalls, intrusion prevention and detection systems, anti-malware functionality and access controls, which are evaluated and improved through ongoing vulnerability assessments and cybersecurity threat intelligence.
  Third Party Service Provider: The Company utilizes a third-party service provider to assist the Company to identify, assess, prevent and respond to cybersecurity risks.
  Training: The Company provides periodic training for personnel regarding cybersecurity threats, which reinforces the Company’s information security policies, standards and practices.
  Incident Response and Recovery Planning: The Company has established and maintains a plan that addresses the Company’s response to a cybersecurity incident and the recovery from a cybersecurity incident, which plan is evaluated periodically.
  Communication and Disclosure: The Company’s established plan includes procedures for the communication of cybersecurity incidents so that decisions regarding the disclosure and reporting of such incidents can be made in a timely manner.
  Governance: The management’s oversight of cybersecurity risk management is supported by the Company’s Audit Committee.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

Management is responsible for day-to-day assessment and management of risks from cybersecurity threats, including the prevention, mitigation, detection, and remediation of cybersecurity incidents (if any). The Company’s Chief Executive Officer is the member of the Company’s management who is principally responsible for overseeing the Company’s cybersecurity risk management program.

The Company’s Audit Committee, in conjunction with management, oversees the assessment of the Company’s risks from cybersecurity threats, including prevention and mitigation. The Company’s Audit Committee receives periodic updates from the Company’s Chief Executive Officer with respect to the management of risks from cybersecurity threats. Additionally, the Audit Committee, in conjunction with management, considers risks from cybersecurity threats as part of its oversight of the Company’s business strategy, risk management, and financial oversight.

We engage a third-party consultant to help us assess and identify risks from cybersecurity threats, including the threat of a cybersecurity incident, and assisted us to establish our cybersecurity program and manage our risk assessment program. Our third-party consultant monitors cybersecurity threats to our software.

To date, no risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect our business strategy, results of operations or financial condition. However, an actual or perceived breach of our cybersecurity could damage our reputation, interfere with the progress of our clinical trials and/or our efforts to pursue regulatory approvals for our therapeutic candidates, or subject us to third-party lawsuits, regulatory fines or other actions or liabilities, any of which could adversely affect our business, operating results or financial condition. For further information, see “Item 3. Key Information – D. Risk Factors – Risks Related to Our Industry – Our business and operations may be materially adversely affected in the event of computer system failures or security or breaches due to cyber-attacks or cyber intrusions, including ransomware, phishing attacks and other malicious intrusions.”
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Company’s Audit Committee receives periodic updates from the Company’s Chief Executive Officer with respect to the management of risks from cybersecurity threats. Additionally, the Audit Committee, in conjunction with management, considers risks from cybersecurity threats as part of its oversight of the Company’s business strategy, risk management, and financial oversight.