Cybersecurity Risk Management and Strategy

We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information.

We have implemented a number of security measures designed to protect its systems and data, including firewalls, antivirus and malware detection tools, patches, log monitors, routine back-ups, system audits, system hardening, penetration testing and privileged access session management. In addition, we have continued its efforts to migrate its platforms to cloud-based computing, which is designed to further strengthen its security posture. We also hired a information technology manager to oversee and identify any risks from cybersecurity threats associated with our use of third-party service providers.

Our cybersecurity risk management program is integrated into our overall enterprise risk management program and shares common methodologies, reporting channels, and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.

Our cybersecurity risk management program includes the following:

There can be no assurance that our cybersecurity risk management program and processes, including our policies, controls or procedures, will be fully implemented, complied with or effective in protecting our systems and information.