We operate in the technology sector, which is subject to various cybersecurity risks that could adversely affect our business, financial condition, and results of operations, including intellectual property theft, fraud, violation of privacy laws, other litigation and legal risk, and reputational risk. We have implemented a risk-based approach to identify and assess the cybersecurity threats that could affect our business and information systems. We use various tools and methodologies to manage cybersecurity risks that are tested on a regular cadence to the best of our ability.

Our business depends on the availability, reliability, and security of our information systems, networks, data, and intellectual property. Any disruption, compromise, or breach of our systems or data due to a cybersecurity threat or incident could adversely affect our operations, research, product development, and competitive position. They may also result in a breach of our contractual obligations or legal duties to protect the privacy and confidentiality of our stakeholders. Such a breach could expose us to business interruption, future lost revenue, ransom payments, remediation costs, liabilities to affected parties, cybersecurity protection costs, lost assets, litigation, regulatory scrutiny and actions, and reputational harm.

Our Chief Information Officer works with others in our information technology department (IT) to assess any reasonably foreseeable internal and external risks to our information systems, including the likelihood of malware, ransomware, cyber espionage, and any other cybersecurity threats. Through these risk assessments, management seeks to determine the likelihood of, and potential damage that could result from, such risks, and the sufficiency of existing systems and safeguards in place to manage them. Our IT continually monitors our systems for any attempted unauthorized entries or breaches. Information gathered from these processes enables our IT to make any necessary adjustments to our systems and address any identified gaps in existing safeguards.

Our IT also provides guidance and support with respect to protecting our information systems from these various threats.

The Company is currently in the process of implementing a more formalized cybersecurity program.