Annual report [Section 13 and 15(d), not S-K Item 405]

Cybersecurity Risk Management and Strategy Disclosure

v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] Our suppliers, subcontractors, and business partners face similar cybersecurity threats, and a cybersecurity incident impacting us or any of these entities could materially adversely affect our operations, performance, and results of operations.
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] true
Cybersecurity Risk Board of Directors Oversight [Text Block] Our Board of Directors oversees management’s processes for identifying and mitigating risks, including cybersecurity risks, to help align our risk exposure with our strategic objectives. Senior leadership regularly briefs the Board of Directors on our cybersecurity and information security posture and the Board of Directors is apprised of cybersecurity incidents deemed to have a moderate or higher business impact, even if immaterial to us. The full Board retains oversight of cybersecurity because of its importance. In the event of an incident, we intend to follow our detailed incident response playbook, which outlines the steps to be followed from incident detection to mitigation, recovery, and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board, as appropriate. Our Cybersecurity consultant has extensive information technology and program management experience. We have implemented a governance structure and processes to assess, identify, manage, and report cybersecurity risks
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] In the event of an incident, we intend to follow our detailed incident response playbook, which outlines the steps to be followed from incident detection to mitigation, recovery, and notification, including notifying functional areas (e.g., legal), as well as senior leadership and the Board, as appropriate.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our Cybersecurity consultant has extensive information technology and program management experience. We have implemented a governance structure and processes to assess, identify, manage, and report cybersecurity risks.
Cybersecurity Risk Role of Management [Text Block] In addition to following SEC guidance and implementing pre-existing third party frameworks, we have developed our own practices and frameworks, which we believe enhance our ability to identify and manage cybersecurity risks. Third parties also play a role in our cybersecurity. We engage third-party services to conduct evaluations of our security controls, whether through penetration testing, independent audits, or consulting on best practices to address new challenges. Assessing, identifying, and managing cybersecurity related risks are factored into our overall business approach
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We believe cybersecurity is critical to achieving our drug development advancements. As a biotechnology company, we face a multitude of cybersecurity threats that range from attacks common to most industries, such as ransomware and denial-of service. Our suppliers, subcontractors, and business partners face similar cybersecurity threats, and a cybersecurity incident impacting us or any of these entities could materially adversely affect our operations, performance, and results of operations. These cybersecurity threats and related risks make it imperative that we expend resources on cybersecurity.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true