Annual report [Section 13 and 15(d), not S-K Item 405]

Cybersecurity Risk Management, Strategy, and Governance

v3.25.1
Cybersecurity Risk Management, Strategy, and Governance
12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Item 1C. Cybersecurity.

Cybersecurity is critical to advancing our overall objectives and enabling our digital efforts. As a company operating in the technology and software sectors, we face a wide variety of cybersecurity threats that range from common attacks such as ransomware and denial-of-service, to more advanced attacks. Our customers, suppliers and other partners face similar cybersecurity threats, and a cybersecurity incident impacting these entities could materially adversely affect our operations, performance and results. These cybersecurity threats and related risks make it imperative that we maintain focus on cybersecurity and systematic risks. Below is a

discussion of our risk management and approach to governance as it relates to cybersecurity. For additional information on the impact of cyber risks, refer to Part I, Item 1A. “Risk Factors”, of this Form 10-K.

Risk Management and Strategy

Cybersecurity risk management is a core tenet of our information technology security program. We have implemented various cybersecurity technologies, controls, and processes to ensure the integrity and availability of our infrastructure, data, and operations. We periodically review and modify these technologies and policies to align with the latest in industry best practices and an ever-changing threat landscape.

As part of our cybersecurity risk management program:

Cybersecurity risk assessment is performed on all new products and product updates;
We employ internal staff with security certifications, and we work with third parties to perform security vulnerability testing;
Changes to data protection laws are closely monitored and necessary changes are implemented;
We provide routine security training to employees and communicate any emerging threats;
We review the security posture of all third parties that we engage;
We maintain a comprehensive incident response plan; and
We carry cybersecurity insurance to help mitigate any potential losses arising from cybersecurity incidents.

While we face a number of ongoing cybersecurity risks in connection with our business, such risks have not materially affected us to date, including our business strategy, results of operations, or financial condition.

Governance

Our Vice President of Information Technology, who reports directly to the Chief Executive Officer, manages and monitors our cybersecurity program. Our board of directors, as a whole, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage and mitigate those risks, including cybersecurity risks. The board of directors receives regular updates on cybersecurity and information technology matters and related risk exposures from our executive team.

Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

Our Vice President of Information Technology, who reports directly to the Chief Executive Officer, manages and monitors our cybersecurity program. Our board of directors, as a whole, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage and mitigate those risks, including cybersecurity risks. The board of directors receives regular updates on cybersecurity and information technology matters and related risk exposures from our executive team.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our board of directors, as a whole, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage and mitigate those risks, including cybersecurity risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The board of directors receives regular updates on cybersecurity and information technology matters and related risk exposures from our executive team.
Cybersecurity Risk Role of Management [Text Block]

Risk Management and Strategy

Cybersecurity risk management is a core tenet of our information technology security program. We have implemented various cybersecurity technologies, controls, and processes to ensure the integrity and availability of our infrastructure, data, and operations. We periodically review and modify these technologies and policies to align with the latest in industry best practices and an ever-changing threat landscape.

As part of our cybersecurity risk management program:

Cybersecurity risk assessment is performed on all new products and product updates;
We employ internal staff with security certifications, and we work with third parties to perform security vulnerability testing;
Changes to data protection laws are closely monitored and necessary changes are implemented;
We provide routine security training to employees and communicate any emerging threats;
We review the security posture of all third parties that we engage;
We maintain a comprehensive incident response plan; and
We carry cybersecurity insurance to help mitigate any potential losses arising from cybersecurity incidents.

While we face a number of ongoing cybersecurity risks in connection with our business, such risks have not materially affected us to date, including our business strategy, results of operations, or financial condition.

Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our Vice President of Information Technology, who reports directly to the Chief Executive Officer, manages and monitors our cybersecurity program.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Chief Executive Officer, manages and monitors our cybersecurity program. Our board of directors, as a whole, has oversight for the most significant risks facing us and for our processes to identify, prioritize, assess, manage and mitigate those risks, including cybersecurity risks. The board of directors receives regular updates on cybersecurity and information technology matters and related risk exposures from our executive team.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true