At present the Company has minimal risk related to Cybersecurity as no operational business is conducted on the internet or available through the internet.

Cybersecurity risk management will be an integral part of our overall enterprise risk management efforts once the Company has determined how and what security measures will need to be deployed. No enterprise risk can be eliminated entirely. We will seek to mitigate as much risk as possible and manage the remaining financial risk through a cyber insurance policy. The Company has chosen the National Institute of Standards (NIST) for its base framework because it is compatible with certain risk management business functions required by customers and US Government oversight. Controls in the SP 800-53 catalog will be tailored-in based on governance found in SP 800-171, internally determined IT General Controls and industry best practices to create a balanced approach protecting confidentiality, integrity, and availability.