Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2024 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Cybersecurity Program
We have implemented a cybersecurity program to support both the effectiveness of our systems and our preparedness for information security risks. This program includes a number of safeguards, such as: password protection; multi-factor authentication; monitoring and alerting systems for internal and external threats; and regular evaluations of our cybersecurity program.
We use a risk-based approach with respect to our use and oversight of third-party service providers, tailoring processes according to the nature and sensitivity of the data accessed, processed, or stored by such third-party service provider. We use a number of means to assess cyber risks related to our third-party service providers, including conducting due diligence in connection with onboarding new vendors. We also seek to include appropriate security terms in our contracts, where applicable as part of our oversight of third-party providers.
Process for Assessing, Identifying and Managing Material Risks from Cybersecurity Threats We maintain an incident response program. In the event of a cybersecurity incident, designated personnel are responsible for assessing the severity of an incident and associated threat, containing the threat, remediating the threat, including recovery of data and access to systems, analyzing any reporting obligations associated with the incident, and performing post-incident analysis and program enhancements. We maintain a Cybersecurity Policy, which includes an Incident Response Plan in the event of a significant cybersecurity incident. In the event of a significant cybersecurity incident, our IT Systems Administrator will chair an incident response team to handle the incident. Such incident response team will include members of IT, finance (if applicable), legal, communications, human resources and any affected unit or department. IT, along with a designated forensic team, will use the Incident Response Plan to guide the response.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | We have implemented a cybersecurity program to support both the effectiveness of our systems and our preparedness for information security risks. This program includes a number of safeguards, such as: password protection; multi-factor authentication; monitoring and alerting systems for internal and external threats; and regular evaluations of our cybersecurity program. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | In its oversight role, our board of directors considers risks, including with respect to privacy, information technology and cybersecurity and threats to technology infrastructure. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | In its oversight role, our board of directors considers risks, including with respect to privacy, information technology and cybersecurity and threats to technology infrastructure. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | On a regular basis, our Vice President of Corporate Development & Administration will report to our board of directors on cybersecurity matters, including key risks, the potential impact of those exposures on our business, financial condition, results of operations, cash flows, reputation and prospects, and the programs and steps implemented by our management team to monitor and mitigate risks. |
| Cybersecurity Risk Role of Management [Text Block] |
The controls and processes employed to assess, identify and manage material risks from cybersecurity threats are implemented and overseen by our IT Systems Administrator. Our IT Systems Administrator has 15 years in total network and system administration experiences, 8 of which are experience addressing cybersecurity risks. Our IT Systems Administrator is responsible for the day-to-day management of the cybersecurity program, including the prevention, detection, investigation, response to, and recovery from cybersecurity threats and incidents, and is regularly engaged to help ensure the cybersecurity program functions effectively in the face of evolving cybersecurity threats. Our Vice President of Corporate Development & Administration oversees the IT Systems Administrator and briefs our board of directors on cybersecurity matters, including the nature and design of our cybersecurity program, and threats, events, and program enhancements.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] |
The controls and processes employed to assess, identify and manage material risks from cybersecurity threats are implemented and overseen by our IT Systems Administrator. Our IT Systems Administrator has 15 years in total network and system administration experiences, 8 of which are experience addressing cybersecurity risks. Our IT Systems Administrator is responsible for the day-to-day management of the cybersecurity program, including the prevention, detection, investigation, response to, and recovery from cybersecurity threats and incidents, and is regularly engaged to help ensure the cybersecurity program functions effectively in the face of evolving cybersecurity threats. Our Vice President of Corporate Development & Administration oversees the IT Systems Administrator and briefs our board of directors on cybersecurity matters, including the nature and design of our cybersecurity program, and threats, events, and program enhancements.
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our IT Systems Administrator has 15 years in total network and system administration experiences, 8 of which are experience addressing cybersecurity risks. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Our cybersecurity risk management processes are integrated into our overall approach to risk management. Given our nature and size, we do not have a dedicated enterprise risk function, but our management team regularly considers and evaluates the cybersecurity risks. As part of that risk management process, our management team identifies, assesses and evaluates risks impacting our operations, including those risks related to cybersecurity, and raise them for internal discussion, and where it is determined to be appropriate, issues are also raised to our board of directors for consideration. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |