v3.26.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Abstract]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] Risk Management and Strategy

 

We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity program is based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). This does not imply that we meet any particular technical standards, specifications, or requirements, but rather that we use the NIST CSF as a guide to help us identify, assess, and manage cybersecurity risks relevant to our business.

  

Key elements of our cybersecurity risk management program include:

 

risk assessments designed to help identify material cybersecurity risks to our critical systems, information, and our broader enterprise information technology environment;
leveraging our external service providers, where appropriate, to assess, test, monitor or otherwise assist with aspects of our security controls;
training and awareness programs for employees to drive adoption and awareness of cybersecurity processes and controls;
a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents.

 

In the last two fiscal years, the Company has not experienced any material cybersecurity incidents, and expenses incurred from cybersecurity incidents were immaterial. For a discussion of whether and how any risks from cybersecurity threats are reasonably likely to materially affect us, including our business, results of operations or financial condition, refer to Item 1A. Risk Factors - “Our business and operations would suffer in the event of system failures or cyber-attacks,” which is incorporated by reference into this Item 1C.

 
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Our cybersecurity program is based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). This does not imply that we meet any particular technical standards, specifications, or requirements, but rather that we use the NIST CSF as a guide to help us identify, assess, and manage cybersecurity risks relevant to our business.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block] Governance (Role of Management/Role of the Board) 

 

Our cybersecurity program and function is overseen by the Director of Information Technology (“Director of IT”), who has over 15 years of experience leading information technology divisions in various industries. The Director of IT collaborates with all business units to identify and assess cybersecurity risks and compliance with company policy. The Director of IT stays aware of emerging threats and trends in cybersecurity through attendance at cyber security conferences, subscription to the CISA.gov mailing list, various tech focused news outlets, and other sources.

 

The Audit Committee is responsible for the oversight of risks associated with cybersecurity threats. The Audit Committee charter provides that the Committee is responsible for considering the effectiveness of the Company’s internal control system, including information technology security and control. The Director of IT reports significant cybersecurity events to our Chief Financial Officer, who then reports such events to our Audit Committee.

 
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Director of IT collaborates with all business units to identify and assess cybersecurity risks and compliance with company policy.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Audit Committee charter provides that the Committee is responsible for considering the effectiveness of the Company’s internal control system, including information technology security and control.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true