The Company has implemented cybersecurity risk management measures intended to protect the confidentiality, integrity, and availability of its critical systems and information. The Company’s cybersecurity risk management measures are integrated into its overall enterprise risk management program, and shares common methodologies, reporting channels and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.

The cybersecurity risk management measures set out the foundation of the process for assessing, identifying and managing material risks from cybersecurity threats and provide guidance for response plan when facing cybersecurity threats. The Company has not engaged assessors or other third parties in connection with such processes.

There can be no assurance that the Company’s cybersecurity risk management measures and processes, including its policies, controls or procedures, will be fully implemented, complied with or effective in protecting the Company’s systems and information. The Company has not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected the Company, including its operations, business strategy, results of operations, or financial condition. The Company faces risks from cybersecurity threats that, if realized, are reasonably likely to materially affect it, including the Company’s operations, business strategy, results of operations, or financial condition. Many of the laws and regulations regarding cybersecurity, information security, privacy and data protection applicable to the Company are subject to change and uncertain interpretation, and any failure or perceived failure to comply with such laws and regulations could result in negative publicity, legal proceedings, suspension or disruption of operations, increased cost of operations, or otherwise harm the business of the Company.

Cybersecurity Governance

The Board has general oversight power over cybersecurity issues and has delegated daily supervision responsibility to the Company’s Finance department. The Finance department, consisting of personnel with relevant expertise in cybersecurity management, oversees the implementation of the Company’s cybersecurity risk management measures and reports to the Board any material cybersecurity incidents. The Finance department supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefings from internal and external security personnel, threat intelligence and other information obtained from governmental, public or private sources, and alerts and reports produced by security tools deployed in the IT environment.