Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
The Company has an information security process integrated into its overall enterprise risk management process that is designed to identify, assess, and manage material risks and threats from cybersecurity. To protect information systems against cybersecurity threats, the Company employs a range of security processes designed to identify, prevent, detect, respond to, and recover from identified vulnerabilities and cybersecurity incidents in a timely manner. These include internal reporting mechanisms, monitoring solutions, and detection tools. The Company also leverages the expertise and support of key cybersecurity third-party partners and tools. The Company's protective measures include technical and organizational
safeguards, employee training, incident response capability assessments, cybersecurity insurance, and business continuity mechanisms. The Company provides employee training as part of its information security processes for all employees. The Company regularly assesses cybersecurity risks and technology threats, using a qualitative risk methodology aligned to its enterprise risk management processes, to identify, prioritize, and inform the selection of controls and safeguards. Risk tolerance is applied through established governance and decision-making processes, and the Company continues to enhance the formalization of certain risk management documentation.
Risk assessments are conducted when the Company onboards certain new services and new vendors, including third-party vendors, applications, and other technology services, and when there are significant changes to IT or security architecture. Further, the Company monitors certain key vendors to understand how such vendors manage cybersecurity risks and threats during the term in which they provide services or products. The Company continues to enhance its third-party cybersecurity risk management processes. As part of the cybersecurity incident response framework, the Company's incident response team focuses on responding to, containing, and recovering from a cybersecurity threat and minimizing any business impact. In the event of a cybersecurity incident, the cybersecurity team assesses, among other factors, data and personal information loss, business operations disruption, projected cost and potential for reputational harm, with support from business stakeholders and external technical, legal and law enforcement, and relevant third-party service providers.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] |
The Company has an information security process integrated into its overall enterprise risk management process that is designed to identify, assess, and manage material risks and threats from cybersecurity. To protect information systems against cybersecurity threats, the Company employs a range of security processes designed to identify, prevent, detect, respond to, and recover from identified vulnerabilities and cybersecurity incidents in a timely manner. These include internal reporting mechanisms, monitoring solutions, and detection tools. The Company also leverages the expertise and support of key cybersecurity third-party partners and tools. The Company's protective measures include technical and organizational
safeguards, employee training, incident response capability assessments, cybersecurity insurance, and business continuity mechanisms. The Company provides employee training as part of its information security processes for all employees. The Company regularly assesses cybersecurity risks and technology threats, using a qualitative risk methodology aligned to its enterprise risk management processes, to identify, prioritize, and inform the selection of controls and safeguards. Risk tolerance is applied through established governance and decision-making processes, and the Company continues to enhance the formalization of certain risk management documentation.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
The Company's Board of Directors ("Board") and Audit Committee have oversight responsibility for cybersecurity risks and incidents, including compliance with disclosure requirements, collaboration with law enforcement, and related effects on financial and other risks. Findings and recommendations are reported, as deemed appropriate, to the Board. Senior management, including the Chief Information Security Officer ("CISO"), engages in regular discussions with the Board regarding cybersecurity risks, trends, and any material incidents that may arise. Furthermore, the Board receives briefings on cybersecurity matters from the CISO on the Company's cybersecurity and information security. Cybersecurity risk management is coordinated with key internal stakeholders, including legal and compliance functions, to support enterprise governance and disclosure obligations.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] |
The Company's CISO has served various roles in information technology and information security for over 20 years, with experience in technology risk management, cybersecurity, compliance, network engineering, information systems, and business resiliency. The CISO is a Certified Information Systems Security Professional. The CISO manages the Company's information security and oversees data security personnel and the Company's incident response and business continuity management programs to assess and manage the cybersecurity element of the Company's risk management program, including policies, cybersecurity training, security operations and engineering, cyber threat detection and incident response. The CISO promptly informs and updates the Board about any information regarding security incidents that may pose a significant risk to the Company.
|
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] |
The Company's CISO has served various roles in information technology and information security for over 20 years, with experience in technology risk management, cybersecurity, compliance, network engineering, information systems, and business resiliency. The CISO is a Certified Information Systems Security Professional. The CISO manages the Company's information security and oversees data security personnel and the Company's incident response and business continuity management programs to assess and manage the cybersecurity element of the Company's risk management program, including policies, cybersecurity training, security operations and engineering, cyber threat detection and incident response. The CISO promptly informs and updates the Board about any information regarding security incidents that may pose a significant risk to the Company.
|
| Cybersecurity Risk Role of Management [Text Block] |
The Company's CISO has served various roles in information technology and information security for over 20 years, with experience in technology risk management, cybersecurity, compliance, network engineering, information systems, and business resiliency. The CISO is a Certified Information Systems Security Professional. The CISO manages the Company's information security and oversees data security personnel and the Company's incident response and business continuity management programs to assess and manage the cybersecurity element of the Company's risk management program, including policies, cybersecurity training, security operations and engineering, cyber threat detection and incident response. The CISO promptly informs and updates the Board about any information regarding security incidents that may pose a significant risk to the Company.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Senior management, including the Chief Information Security Officer ("CISO"), engages in regular discussions with the Board regarding cybersecurity risks, trends, and any material incidents that may arise. Furthermore, the Board receives briefings on cybersecurity matters from the CISO on the Company's cybersecurity and information security. Cybersecurity risk management is coordinated with key internal stakeholders, including legal and compliance functions, to support enterprise governance and disclosure obligations. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | The Company's CISO has served various roles in information technology and information security for over 20 years, with experience in technology risk management, cybersecurity, compliance, network engineering, information systems, and business resiliency. The CISO is a Certified Information Systems Security Professional. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Senior management, including the Chief Information Security Officer ("CISO"), engages in regular discussions with the Board regarding cybersecurity risks, trends, and any material incidents that may arise. Furthermore, the Board receives briefings on cybersecurity matters from the CISO on the Company's cybersecurity and information security. Cybersecurity risk management is coordinated with key internal stakeholders, including legal and compliance functions, to support enterprise governance and disclosure obligations. The Company's CISO has served various roles in information technology and information security for over 20 years, with experience in technology risk management, cybersecurity, compliance, network engineering, information systems, and business resiliency. The CISO is a Certified Information Systems Security Professional. The CISO manages the Company's information security and oversees data security personnel and the Company's incident response and business continuity management programs to assess and manage the cybersecurity element of the Company's risk management program, including policies, cybersecurity training, security operations and engineering, cyber threat detection and incident response. The CISO promptly informs and updates the Board about any information regarding security incidents that may pose a significant risk to the Company.
|
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |