ITEM 1C. CYBERSECURITY

 

Risk Management and Strategy

 

We periodically assess risks from cybersecurity threats, and monitor our information systems for potential vulnerabilities. However, to date, given the small size of our company and the nature of our operations, our reliance on information systems has been limited to the use of standard off-the-shelf software (such as Google, QuickBooks and Microsoft Office) and the use by our employees of standard personal computers. Accordingly, management has not implemented any formal process for assessing, identifying, and managing risks from cybersecurity threats.

 

Risks from cybersecurity threats have, to date, not materially affected us, our business strategy, results of operations or financial condition. We discuss how cybersecurity incidents could materially affect us in our risk factor disclosures in Item 1A of this Annual Report on Form 10-K.

 

Governance

 

As discussed above, given the nature of our current operations and our experience to date, we do not currently perceive cybersecurity as a particularly significant risk to our business. Accordingly, we have not tasked our Board of Directors with any additional cybersecurity oversight duties, or designated any committee of the Board of Directors to specifically oversee cybersecurity risks to our business.