Risk Management and Strategy

We have implemented robust processes for assessing, identifying and managing material risks from cybersecurity threats and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incident. We have also integrated cybersecurity risk management into our overall enterprise risk management system.

We have established a dynamic and multi-layered cybersecurity defense system to effectively mitigate both internal and external cyber threats. This comprehensive system spans multiple security domains, including network, host, and application layers. It integrates a range of security capabilities such as threat defense, continuous monitoring, in-depth analysis, rapid response, as well as strategic deception and countermeasures. Our approach to managing cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a rigorous program of surveillance on our corporate network, ongoing internal and external evaluations of our security measures, a solid incident response framework, and regular cybersecurity training sessions for our employees. Our IT department is actively engaged in continuous monitoring of our applications, platforms and infrastructure to ensure prompt identification and response to potential issues, including emerging cybersecurity threats.

As of the date of this annual report, we have not experienced any material cybersecurity incidents or identified any material cybersecurity threats that have affected or are reasonably likely to materially affect us, our business strategy, results of operations or financial condition.

We have implemented robust processes for assessing, identifying and managing material risks from cybersecurity threats and monitoring the prevention, detection, mitigation and remediation of material cybersecurity incident. We have also integrated cybersecurity risk management into our overall enterprise risk management system.

We have established a dynamic and multi-layered cybersecurity defense system to effectively mitigate both internal and external cyber threats. This comprehensive system spans multiple security domains, including network, host, and application layers. It integrates a range of security capabilities such as threat defense, continuous monitoring, in-depth analysis, rapid response, as well as strategic deception and countermeasures. Our approach to managing cybersecurity risks and safeguarding sensitive data is multi-faceted, involving technological safeguards, procedural protocols, a rigorous program of surveillance on our corporate network, ongoing internal and external evaluations of our security measures, a solid incident response framework, and regular cybersecurity training sessions for our employees. Our IT department is actively engaged in continuous monitoring of our applications, platforms and infrastructure to ensure prompt identification and response to potential issues, including emerging cybersecurity threats.

Our board of directors is responsible for overseeing our cybersecurity risk management. Our board of directors shall (i) maintain oversight of the disclosure related to cybersecurity matters in current reports or periodic reports of our company, (ii) review updates to the status of any material cybersecurity incidents or material risks from cybersecurity threats to our company, and the relevant disclosure issues, if any, presented by our chief executive officer, chief financial officer and cybersecurity officer, or Cybersecurity Risk Management Officers, on a quarterly basis, and (iii) review disclosure concerning cybersecurity matters in our annual report on Form 20-F presented by our Cybersecurity Risk Management Officers.