Our approach consists of, among other things, cybersecurity threat and vulnerability prevention, detection, mitigation and remediation of potential cybersecurity risks. We employ cybersecurity intrusion detection systems and continuous monitoring, in order to help defend against unauthorized access. We also employ identity-based access controls and identity authentication requirements. Access to the Company’s data is monitored and controlled according to access control policies. Data protection and privacy practices, including data loss prevention, help to safeguard sensitive information. We have also outsourced significant elements of our information technology infrastructure; as a result, we manage independent vendor relationships with third parties who are responsible for maintaining significant elements of our information technology systems and infrastructure.

Our Board of Directors is responsible for oversight of our cyber-risk management program and management’s role is to assist the Board of Directors in identifying and considering material cybersecurity risks, ensure implementation of management and employee level cybersecurity practices and training and provide the Board of Directors with regular reports regarding any cybersecurity attacks or vulnerabilities.

As of the date of this Annual Report on Form 10-K, we have not experienced any significant cybersecurity attacks and, to date, the risks from cybersecurity threats have not materially affected, or are reasonably likely to materially affect, our business strategy, results of operations, or financial condition.