Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | Our cybersecurity program, a pivotal component of our overarching ERM framework, concentrates on several key areas:
Collaborative Approach: We employ a holistic, cross-functional strategy to identify, prevent, and mitigate cybersecurity threats. Our approach includes rapid escalation protocols for specific cybersecurity incidents, enabling timely decision-making on public disclosure and reporting by management.
Technical Safeguards: We utilize advanced technical safeguards to defend our information systems. These include firewalls, intrusion prevention and detection systems, anti-malware tools, and stringent access controls. Continuous vulnerability assessments and leveraging cybersecurity threat intelligence ensure these safeguards remain practical and up to date.
Incident Response and Recovery Planning: Our comprehensive incident response and recovery plans are designed to manage the aftermath of cybersecurity incidents. Regular testing and evaluation of these plans ensure preparedness and resilience.
Third-Party Risk Management: Recognizing the significance of external threats, we have implemented a risk-based strategy to manage cybersecurity risks associated with third parties, such as vendors and service providers. This strategy extends to these third parties' systems, which, if compromised, could impact our operations. |
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | Our approach to cybersecurity aims to protect the confidentiality, integrity, and availability of the data we handle. This process involves measures to identify and prevent cybersecurity threats and mechanisms to mitigate and respond to cybersecurity incidents. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our Board of Directors (Board) oversees the management of the risks inherent in the operation of the Company’s business, principally through the Governance Committee. Our Governance Committee oversees our risk management efforts, with cybersecurity being an element of our comprehensive Enterprise Risk Management (ERM) strategy. Our Chief Executive Officer and Chief Operating Officer report information to the Board through the Governance Committee regarding the risks that impact the organization, including cybersecurity risks, and any material events. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | We are committed to maintaining robust cybersecurity defenses through regularly evaluating and improving our policies, standards, processes, and practices. This commitment is actualized through a diverse array of assessment and testing activities, which include:
Comprehensive Audits and Assessments: We conduct audits and assessments to scrutinize the efficacy of our cybersecurity measures.
Tabletop Exercises and Threat Modeling: Engaging in tabletop exercises and threat modeling allows us to simulate and prepare for potential cybersecurity scenarios, ensuring readiness and adaptability.
Vulnerability Testing: Vulnerability testing is performed to proactively identify and address potential security weaknesses.
External Evaluations: We regularly commission third parties to conduct in-depth assessments to ensure an unbiased and comprehensive evaluation. These include information security maturity assessments, audits, and independent reviews of our information security control environment and its operational effectiveness.
Based on the insights gleaned from these assessments, audits, and reviews, we dynamically adjust and refine our cybersecurity policies, standards, processes, and practices to continuously enhance our cybersecurity posture.
By engaging in these rigorous and diverse testing and assessment activities, we verify the current effectiveness of our cybersecurity measures and identify areas for continual improvement, ensuring our defenses evolve in line with the dynamic nature of cyber threats.
Executive Experience and Qualifications
Our CEO has over thirty (30) years of risk management experience, and our COO with over twenty (20) years of experience including cybersecurity, possess deep expertise in their respective fields, evidenced by their academic qualifications and professional trajectories. This collective experience underpins our robust approach to managing cybersecurity risks. In addition, we have numerous employees with experience and qualifications related to cybersecurity. We have named a Chief Information Security Officer as part our cybersecurity program. Our Chief Executive and Chief Operating officers are responsible for informing the Board and Governance Committee of any new material cyber events or risks.
Cybersecurity Threats are discussed in ITEM 1 A. RISK FACTORS, under the heading RISKS RELATED TO PRIVACY, CYBERSECURITY AND TECHNOLOGY in this Annual Report on Form 10-K. We are not aware of any material cybersecurity incidents in the past that have materially affected or are reasonably likely to affect us, including our business strategy, results of operations or financial condition. |