Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2024 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
Risk Assessment and Management – We comply with the international standard ISO 27001, an Information Security Management System (ISMS), which helps safeguard the confidentiality, integrity, and availability of information through a structured risk management process. This approach assures stakeholders that cybersecurity risks are effectively managed. To support this commitment, we conduct regular risk assessments to identify, evaluate, and mitigate potential threats.
Internal training and awareness – We provide training to our employees to help identify, avoid, and mitigate the risk from cybersecurity threats. Our employees are required to complete mandatory cybersecurity awareness training upon hiring and also participate annually in required cybersecurity awareness training, unless on a leave of absence.
Technical Security Controls – We employ layered security controls, including Managed Endpoint Detection and Response, firewalls, intrusion detection systems, encryption technologies, and a Security Operations Center that is operated 24 hours a day, seven days a week.
Vendor risk management program – We have implemented processes to oversee, identify and manage risks from cybersecurity threats associated with our use of third-party service providers. Our vendor risk management program establishes governance, processes and tools for managing various risks related to third-party service providers, including information security and supplier-related risks. As a condition of working with KORE, suppliers who access sensitive business or customer information are expected to meet certain information security requirements.
Incident Response – We have put in place a formal incident response plan to address and mitigate potential security breaches in a timely and effective manner. Communication protocols have been established to notify relevant stakeholders, including regulators and customers, as required. Our incident response team conducts regular simulations and exercises to ensure readiness and effectiveness.
Internal Audit Program – We operate an internal audit program. On an annual basis, our internal audit team conducts an overall business risk assessment, which includes an evaluation of cybersecurity risks. Included in this evaluation is a report on our cybersecurity posture and related matters that is presented to the leaders of the relevant business teams, who are responsible for prioritizing and addressing the risks identified.
As of December 31, 2024, we have not identified risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. We are committed to investing in cybersecurity and to enhancing our internal controls and processes, which are designed to help protect our systems and information. For more information regarding the risks we face from cybersecurity threats, please see Part I, Item 1A, — “Risk Factors”.
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] |
We recognize the critical importance of maintaining the safety and security of our systems and data and have a program for overseeing and managing cybersecurity and related risks, which is supported by both management and our Board.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our Board is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in its role of risk oversight. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Board is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in its role of risk oversight. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The full Board receives an update on the Company’s risk management process and the risk trends related to cybersecurity at least annually from the COO. |
| Cybersecurity Risk Role of Management [Text Block] |
Our cybersecurity functions are led by our Chief Operating Officer (“COO”), who reports to our Chief Executive Officer. Our COO’s relevant experience in cybersecurity includes previous experience, such as having previously served as Chief Executive Officer of a company that provides geospatial intelligence software and as Chief Technology Officer at a global cloud-based enterprise software company. Our Vice President - IT Security & Compliance (“VPITSC”), under the direction of the COO, is responsible for overseeing our cybersecurity management program and the protection and defense of our networks and systems. The VPITSC’s relevant experience in cybersecurity includes over twelve years of extensive experience at the Company in cybersecurity, in various progressive roles. The VPITSC manages a team of cybersecurity professionals with broad experience and expertise, including in cybersecurity threat assessments and detection, mitigation technologies, cybersecurity training, incident response, cyber forensics, insider threats and regulatory compliance.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] |
Our cybersecurity functions are led by our Chief Operating Officer (“COO”), who reports to our Chief Executive Officer. Our COO’s relevant experience in cybersecurity includes previous experience, such as having previously served as Chief Executive Officer of a company that provides geospatial intelligence software and as Chief Technology Officer at a global cloud-based enterprise software company. Our Vice President - IT Security & Compliance (“VPITSC”), under the direction of the COO, is responsible for overseeing our cybersecurity management program and the protection and defense of our networks and systems. The VPITSC’s relevant experience in cybersecurity includes over twelve years of extensive experience at the Company in cybersecurity, in various progressive roles. The VPITSC manages a team of cybersecurity professionals with broad experience and expertise, including in cybersecurity threat assessments and detection, mitigation technologies, cybersecurity training, incident response, cyber forensics, insider threats and regulatory compliance.
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | The VPITSC’s relevant experience in cybersecurity includes over twelve years of extensive experience at the Company in cybersecurity, in various progressive roles. The VPITSC manages a team of cybersecurity professionals with broad experience and expertise, including in cybersecurity threat assessments and detection, mitigation technologies, cybersecurity training, incident response, cyber forensics, insider threats and regulatory compliance. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The VPITSC’s relevant experience in cybersecurity includes over twelve years of extensive experience at the Company in cybersecurity, in various progressive roles. The VPITSC manages a team of cybersecurity professionals with broad experience and expertise, including in cybersecurity threat assessments and detection, mitigation technologies, cybersecurity training, incident response, cyber forensics, insider threats and regulatory compliance. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |