We periodically assess risks from cybersecurity threats and monitor our information systems for potential vulnerabilities. Our information technology environment is relatively limited and consists primarily of standard, commercially available software and cloud-based platforms, including tools used for financial reporting, communications, and general business operations. Despite the limited scale of our systems, we face cybersecurity risks common to most organizations, including unauthorized access, ransomware, phishing, and other cyber incidents.

Our processes for assessing, identifying, and managing cybersecurity risks are managed by our management team and are integrated into our overall risk management activities. These processes include periodic evaluation of system access, use of security features provided by third-party software platforms, employee awareness, and monitoring for potential cybersecurity events. We also rely on third-party service providers for certain information technology and data processing functions and consider cybersecurity risks associated with these providers as part of our risk assessment.

To date, risks from cybersecurity threats have not materially affected our business strategy, results of operations, or financial condition. However, cybersecurity threats continue to evolve, and a future incident could result in operational disruption, data loss, increased costs, or impacts to financial reporting. We discuss how cybersecurity incidents could materially affect us in Item 1A, “Risk Factors.”

Cybersecurity risk management is overseen by our management team, including personnel responsible for finance, operations, and information systems. Management is responsible for monitoring cybersecurity risks, evaluating potential incidents, and determining whether disclosure or other actions are required.

Our Board of Directors oversees our overall risk management processes, including cybersecurity risk. To the extent applicable, the Board receives updates from management regarding material risks, including cybersecurity matters, as appropriate. Cybersecurity is considered as part of the Board’s broader oversight of business risk rather than through a separate committee or dedicated cybersecurity function.