We recognize the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data.

Managing Material Risks & Integrated Overall Risk Management

We have strategically integrated cybersecurity risk management into our broader risk management framework to promote a company-wide culture of cybersecurity risk management. This integration ensures that cybersecurity considerations are an integral part of our decision-making processes at every level. Our management team works closely with our IT department to continuously evaluate and address cybersecurity risks in alignment with our business objectives and operational needs.

Oversee Third-party Risk

Because we are aware of the risks associated with third-party service providers, we have implemented stringent processes to oversee and manage these risks. We conduct thorough security assessments of all third-party providers before engagement and maintain ongoing monitoring to ensure compliance with our cybersecurity standards. The monitoring includes annual assessments of the SOC reports (or international equivalent) of our providers and implementing complementary controls. This approach is designed to mitigate risks related to data breaches or other security incidents originating from third parties.

Governance

Cybersecurity risk management is an integral part of the Company’s enterprise risk management framework and is overseen at both the Board and management levels.

Board Oversight

The Company’s Board of Directors maintains ultimate oversight of cybersecurity risks. The Audit Committee, which is composed entirely of independent directors, has primary responsibility for overseeing cybersecurity risk as part of its broader oversight of information technology and risk management. The Audit Committee receives regular briefings—at least quarterly—from management on cybersecurity matters.

The full Board is also periodically briefed on material cybersecurity risks, incident response preparedness, and significant security incidents, if any.

Management Oversight

Day-to-day responsibility for assessing, managing, and mitigating cybersecurity risk lies with the Company’s Chief Financial Officer and Chief Operating Officer (the CFOO), who reports to the President and has a dotted-line reporting relationship to the Audit Committee.

As of the date of this filing, the Company has not experienced a cybersecurity incident that has materially affected, or is reasonably likely to materially affect, its business, financial condition, or results of operations.