Safeguarding the Company’s information technology (“IT”) systems, intellectual property, and the confidential information and personal data that customers, suppliers, business partners, employees and others share is a critical concern. As such, the Company has processes in place to assess, identify, and manage material cybersecurity threats and incidents. The Company’s cybersecurity strategy includes policies, procedures, and technology that proactively safeguard its operations against cybersecurity threats. The Company utilizes IT that enables its team to access operational and financial performance data in real time, while identifying and helping to prevent cybersecurity threats and risks. The Company aims to incorporate industry best practices throughout its cybersecurity processes and its cybersecurity framework leverages internationally recognized standards, including the National Institute of Standards and Technology’s (“NIST”) Cybersecurity Framework (Identify, Protect, Detect, Respond and Recover). These processes incorporate preventative, detective and corrective controls to identify relevant cyber risks and include network and endpoint protection technologies that are designed to block and detect security events at the perimeter and within its network as well as evaluation and monitoring of detected security events. The Company continuously monitors activity and frequently scans applications and systems for vulnerabilities to cybersecurity threats. Continuous monitoring of the Company’s networks and systems for threats and vulnerabilities is a key component of the Company’s strategy, supported by the analysis of threat intelligence from external sources. This multi-layered approach enables early detection and facilitates prompt response to potential cybersecurity threats.

Management reviews the Company’s IT, data security and other systems, processes, policies, procedures and controls at least annually to (a) identify, assess, monitor and mitigate cybersecurity risks; and (b) identify measures to protect and safeguard against cybersecurity threats and breaches of confidential information and data and IT infrastructure and its other assets or assets of its customers or other third parties in the Company’s possession or custody.

The Company has not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected it or are reasonably likely to materially affect it, including its operations, business strategy, results of operations, or financial condition.

The Company’s management supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefings from internal security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by it; and alerts and reports produced by security tools deployed in the IT environment.

The Board of Directors oversees cybersecurity risk as part of its overall risk oversight function, and management reports cybersecurity matters to the Board of Directors from time to time.