Cybersecurity Risk Management and Strategy

We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program is designed to identify, assess, and manage material risks from cybersecurity threats and includes a cybersecurity incident response plan. Our cybersecurity risk management program has been designed to follow our industry’s best practices and is supported by a comprehensive set of enterprise security policies and procedures.

Cybersecurity is an important component of the Company’s overall risk management approach. The Company’s cybersecurity policies, standards and practices are integrated into the Company’s enterprise risk management approach, and cybersecurity risks are one of the enterprise risks that are subject to oversight by the Company’s Board of Directors.

Our cybersecurity risk management program includes the following:

We also engage our internal auditor to conduct internal reviews of our cybersecurity policies and practices. In addition, in 2025, we conducted a business impact analysis (BIA) process and an operational and technical backup exercise as part of our business continuity management and disaster preparedness activity, the purpose of which was to examine the Company’s readiness for business continuity processes and emergency response, including preparedness, for complex and varied cyber attacks and severe disruption scenarios.

Cybersecurity Governance

Our Board of Directors considers cybersecurity risk as part of its risk oversight function. The Company’s Board of Directors receives periodic presentations on cybersecurity risks during the year, which address a wide range of topics including, for example, recent developments, third-party reviews, the threat environment, technological trends and information security considerations arising with respect to the Company. The Board of Directors will receive prompt and timely information regarding any significant cybersecurity incidents, as well as ongoing updates regarding such incidents until they have been addressed. The Board of Directors also regularly discusses the Company’s approach to cybersecurity risk management with the Company’s senior management.

We utilize third-party cybersecurity experts, or Third-Party Experts, for information security services. Our Third-Party Expert works with our IT Manager, and both are supervised by members of our senior management, including our Chief Operating Officer, Chief Technology Officer, and Chief Financial Officer. Together, they oversee our cybersecurity risk management and have primary responsibility for identifying, assessing, remediating, and managing cybersecurity risks, threats, and incidents. Our Third-Party Experts and the dedicated personnel in their team are certified and experienced information systems security professionals and information security managers with over 20 years of cybersecurity experience. Our Third-Party Experts regularly provide our senior management team with updates on the performance of the cybersecurity risk management program and provides updates and presentations to our Board of Directors as necessary throughout the year.

As of the date of this report, we are not aware of any material risks from cybersecurity threats that have materially affected or are reasonably likely to affect us, including our business strategy, results of operations or financial condition.