Cybersecurity Risk Management and Strategy

The Company is committed to ensuring that it has processes in place to detect, mitigate, and respond to cybersecurity risks. We approach cybersecurity by implementing best practices based on known frameworks. These frameworks include highly developed security checklists that serve as a guide to addressing critical cybersecurity needs. We augment our internal controls to include industry-standard security measures that protect against unauthorized access to our systems and proprietary information. These controls consider cybersecurity risks like potential breaches, technological disruptions, regulatory non-compliance, data theft, and third-party cybersecurity threats.

The Company reviews cybersecurity risks within their risk management function, which is led by our senior leadership team, including the Chief Legal Officer, Chief Financial Officer, and Vice President of Information Technology.

Cybersecurity Governance

Our Board, as part of our risk management function, receives periodic updates on internal controls around information technology and evaluates incidents at least once a year. Our information technology team is led by our Vice President of Information Technology who has extensive experience working with information security systems. Management is responsible for developing and maintaining cybersecurity policies and standards, monitoring ongoing compliance, and ensuring our information security is aligned with our business objectives and strategies.

The Company has entered into agreements with third parties for hardware, software, telecommunications, and other information technology services in connection with our operations and is exploring other third-party vendors to support our cybersecurity needs.

Cybersecurity Risk

As of December 31, 2023, the Company is not aware of any material cybersecurity incidents that impacted the Company. However, we routinely face risks of potential incidents, whether through cyberattacks or cyber intrusions over the internet, ransomware, and other forms of malware, computer viruses, attachments to emails, phishing attempts, extortion, or other scams. Notwithstanding our risk management efforts related to cybersecurity, we may not be successful in preventing or mitigating a cybersecurity incident that could have a material or other adverse effect on us. See Item 1A. “Risk Factors” for a discussion of our information technology and cybersecurity risks.