Item 1C. Cybersecurity

 

Our processes for assessing, identifying, and managing material risks from cybersecurity threats are not advanced. None of our personnel are trained specialists in cybersecurity; we rely on off-the-shelf” security software. We have not conducted employee training regarding cybersecurity or conducted internal tests or simulations. Nonetheless, we believe that, due to the nature and status of our business, our cybersecurity position is currently satisfactory for our situation. We do not believe that cybersecurity risks have materially affected (or are reasonably likely to materially affect) us.

 

We have only four employees and so disclosure of cybersecurity events to management would occur organically, or would in the first instance be observed by management.

 

For information of ours which resides on our CROs’ computer systems, we rely on the CROs’ own cybersecurity processes and systems.