Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Plumas Bancorp maintains a cyber risk management program that is designed to prevent, detect, and respond to information security threats. The Board of Directors is responsible for oversight of the Company’s information security program, which is designed and implemented by management under the direction of the Chief Information Officer. In addition, the Internal Auditor and Risk Management Officer consider cybersecurity threat risks alongside other company risks as part of our overall risk assessment and management process. The Chief Information Officer supervises the information security team, which is responsible for maintaining and implementing our enterprise-wide cybersecurity strategy, policy, standards, and architecture processes. The Information Security Officer, in coordination with compliance and human resources, conducts annual and ongoing company-wide information security awareness training. The Chief Information Officer and Information Security Officer have combined over 35 years of IT management experience. We have developed processes to identify and oversee risks from cybersecurity threats associated with third-party service providers, which include the information security team assessing cybersecurity robustness during third-party vendor onboarding, the inclusion of protective provisions in third-party vendor agreements, and risk-based monitoring of third-party vendors on an ongoing basis. The Board of Directors receives regular reports from the Chief Information Officer and the Information Security Officer on Plumas Bancorp’s cyber risks and threats, the status of projects to strengthen Plumas Bancorp’s information security systems, assessments of Plumas Bancorp’s security program, and the emerging threat landscape. Additionally, the Chief Information Officer chairs the Technology Steering Committee, which drives awareness, ownership, and alignment across all business functions for effective cybersecurity risk management and reporting. In addition to conducting internal audits, Plumas Bancorp annually engages third parties to audit its information security programs, whose findings are reported to the Audit and Executive Committees of the Board. The Company also engages with key third-party vendors, industry participants, government agencies, and intelligence and law enforcement communities as part of our efforts, which are reported to the Technology Steering Committee and Board of Directors. The Company has experienced and expects that it will continue to experience cyber-based attempts to compromise its information systems, although none, to its knowledge, has had a material adverse effect on its business, financial condition, or results of operations. Like all financial institutions, the Company faces the risks of such threats, the consequences of which could be material. See Item 1A – Risk Factors – “Cybersecurity breaches and technological discussions could damage our reputation and profitability,” above. In addition, given the constant and evolving threat of cyber-based attacks, the Company incurs significant costs in its efforts to detect and prevent security breaches and incidents, and these costs may increase in the future.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | Plumas Bancorp maintains a cyber risk management program that is designed to prevent, detect, and respond to information security threats. The Board of Directors is responsible for oversight of the Company’s information security program, which is designed and implemented by management under the direction of the Chief Information Officer. In addition, the Internal Auditor and Risk Management Officer consider cybersecurity threat risks alongside other company risks as part of our overall risk assessment and management process. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] | The Company has experienced and expects that it will continue to experience cyber-based attempts to compromise its information systems, although none, to its knowledge, has had a material adverse effect on its business, financial condition, or results of operations. Like all financial institutions, the Company faces the risks of such threats, the consequences of which could be material. See Item 1A – Risk Factors – “Cybersecurity breaches and technological discussions could damage our reputation and profitability,” above. In addition, given the constant and evolving threat of cyber-based attacks, the Company incurs significant costs in its efforts to detect and prevent security breaches and incidents, and these costs may increase in the future. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | The Chief Information Officer supervises the information security team, which is responsible for maintaining and implementing our enterprise-wide cybersecurity strategy, policy, standards, and architecture processes. The Information Security Officer, in coordination with compliance and human resources, conducts annual and ongoing company-wide information security awareness training. The Chief Information Officer and Information Security Officer have combined over 35 years of IT management experience. We have developed processes to identify and oversee risks from cybersecurity threats associated with third-party service providers, which include the information security team assessing cybersecurity robustness during third-party vendor onboarding, the inclusion of protective provisions in third-party vendor agreements, and risk-based monitoring of third-party vendors on an ongoing basis. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The Chief Information Officer supervises the information security team, which is responsible for maintaining and implementing our enterprise-wide cybersecurity strategy, policy, standards, and architecture processes. The Information Security Officer, in coordination with compliance and human resources, conducts annual and ongoing company-wide information security awareness training. The Chief Information Officer and Information Security Officer have combined over 35 years of IT management experience. We have developed processes to identify and oversee risks from cybersecurity threats associated with third-party service providers, which include the information security team assessing cybersecurity robustness during third-party vendor onboarding, the inclusion of protective provisions in third-party vendor agreements, and risk-based monitoring of third-party vendors on an ongoing basis. |
| Cybersecurity Risk Role of Management [Text Block] | The Board of Directors receives regular reports from the Chief Information Officer and the Information Security Officer on Plumas Bancorp’s cyber risks and threats, the status of projects to strengthen Plumas Bancorp’s information security systems, assessments of Plumas Bancorp’s security program, and the emerging threat landscape. Additionally, the Chief Information Officer chairs the Technology Steering Committee, which drives awareness, ownership, and alignment across all business functions for effective cybersecurity risk management and reporting. In addition to conducting internal audits, Plumas Bancorp annually engages third parties to audit its information security programs, whose findings are reported to the Audit and Executive Committees of the Board. The Company also engages with key third-party vendors, industry participants, government agencies, and intelligence and law enforcement communities as part of our efforts, which are reported to the Technology Steering Committee and Board of Directors. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | The Board of Directors receives regular reports from the Chief Information Officer and the Information Security Officer on Plumas Bancorp’s cyber risks and threats, the status of projects to strengthen Plumas Bancorp’s information security systems, assessments of Plumas Bancorp’s security program, and the emerging threat landscape. Additionally, the Chief Information Officer chairs the Technology Steering Committee, which drives awareness, ownership, and alignment across all business functions for effective cybersecurity risk management and reporting. In addition to conducting internal audits, Plumas Bancorp annually engages third parties to audit its information security programs, whose findings are reported to the Audit and Executive Committees of the Board. The Company also engages with key third-party vendors, industry participants, government agencies, and intelligence and law enforcement communities as part of our efforts, which are reported to the Technology Steering Committee and Board of Directors. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | The Board of Directors receives regular reports from the Chief Information Officer and the Information Security Officer on Plumas Bancorp’s cyber risks and threats, the status of projects to strengthen Plumas Bancorp’s information security systems, assessments of Plumas Bancorp’s security program, and the emerging threat landscape. Additionally, the Chief Information Officer chairs the Technology Steering Committee, which drives awareness, ownership, and alignment across all business functions for effective cybersecurity risk management and reporting. In addition to conducting internal audits, Plumas Bancorp annually engages third parties to audit its information security programs, whose findings are reported to the Audit and Executive Committees of the Board. The Company also engages with key third-party vendors, industry participants, government agencies, and intelligence and law enforcement communities as part of our efforts, which are reported to the Technology Steering Committee and Board of Directors. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The Board of Directors receives regular reports from the Chief Information Officer and the Information Security Officer on Plumas Bancorp’s cyber risks and threats, the status of projects to strengthen Plumas Bancorp’s information security systems, assessments of Plumas Bancorp’s security program, and the emerging threat landscape. Additionally, the Chief Information Officer chairs the Technology Steering Committee, which drives awareness, ownership, and alignment across all business functions for effective cybersecurity risk management and reporting. In addition to conducting internal audits, Plumas Bancorp annually engages third parties to audit its information security programs, whose findings are reported to the Audit and Executive Committees of the Board. The Company also engages with key third-party vendors, industry participants, government agencies, and intelligence and law enforcement communities as part of our efforts, which are reported to the Technology Steering Committee and Board of Directors. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |