The Company recognizes the importance of assessing, identifying and managing material risks associated with cybersecurity threats. These risks include, among other things: operational risks, intellectual property theft, fraud, extortion, harm to employees or customers and violation of data privacy and security laws.

We maintain various cybersecurity measures and protocols to safeguard our systems and data and continuously monitor and assess potential threats to pre-emptively address any emerging cyber risks. We have implemented various processes for assessing, identifying, and managing material risks from cybersecurity threats, which are integrated into our overall risk management framework. These processes include access controls to organizational systems, data encryption, and security awareness campaigns, and are designed to systematically evaluate potential vulnerabilities and cybersecurity threats and minimize their potential impact on our organization’s operations, assets, and stakeholders. Our cybersecurity risk management processes share common methodologies, reporting channels and governance processes with our broader risk management processes. By embedding cybersecurity risk management into and aligning it with our broader risk management processes, we aim to ensure a comprehensive and proactive approach to safeguarding our assets and operations.

We engage third-party consultants and specialists to enhance the effectiveness of our cybersecurity processes, augment our internal capabilities, validate our controls, and stay abreast of evolving cybersecurity risks and best practices.

For the year ended December 31, 2024, we did not detect any cybersecurity incidents that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition.

Our third-party service providers currently comprise IT professionals with expertise in risk management, cybersecurity, and information technology. These individuals have, and any future individuals are expected to have credentials relevant to their role, which includes prior experience working in similar roles and formal education. The third-party service providers are also expected to keep abreast of cybersecurity best practices and procedures. The third-party service providers are responsible for assessing, identifying and mitigating material cybersecurity risks, including at a strategic level, monitoring for, defending against and remediating cybersecurity incidents and implementing and making improvements to our overall cybersecurity strategy.

We maintain various cybersecurity measures and protocols to safeguard our systems and data and continuously monitor and assess potential threats to pre-emptively address any emerging cyber risks. We have implemented various processes for assessing, identifying, and managing material risks from cybersecurity threats, which are integrated into our overall risk management framework. These processes include access controls to organizational systems, data encryption, and security awareness campaigns, and are designed to systematically evaluate potential vulnerabilities and cybersecurity threats and minimize their potential impact on our organization’s operations, assets, and stakeholders. Our cybersecurity risk management processes share common methodologies, reporting channels and governance processes with our broader risk management processes. By embedding cybersecurity risk management into and aligning it with our broader risk management processes, we aim to ensure a comprehensive and proactive approach to safeguarding our assets and operations.

As we do not have a dedicated board committee solely focused on cybersecurity, our full board oversees the implementation of our cybersecurity strategy, as well as cybersecurity risks, with the aim of protecting our interests and assets. Our cybersecurity strategy was developed by our management team, the third-party service providers and approved by our management. The board receives reports from our third-party service providers should any irregularities relating to cybersecurity noted.