A consistent and holistic approach to cybersecurity is important to achieving our strategic business objectives and protecting our intellectual property. Because we sell many of our products through e-commerce platforms, we would be indirectly affected by a variety of cybersecurity threats such as ransomware and denial-of-service attacks that affect most industry sectors. Our customers, suppliers and other business partners face similar cybersecurity threats, and a cybersecurity incident impacting us or any of these entities could materially adversely affect our operations, performance and results of operations. We are continually evaluating best practices and methods to protect us from a wide range of potential threats.

The Board oversees our processes for identifying and mitigating risks, including cybersecurity risks. Our management periodically briefs the Board on our cybersecurity and information security policies and plans. In the event of an incident, we have developed an incident response plan, which sets forth the steps to be followed from incident detection and assessment to mitigation, recovery and notification and reporting, including notifying functional areas, as well as senior leadership and the Board, as appropriate.

40 

We continue to evaluate our cybersecurity requirements to address the evolving cybersecurity risks that we face in an increasingly technically capable environment. Our management manages our cybersecurity policies, with the goal of preventing cybersecurity incidents, if possible, while also maintaining IT system performance and data integrity to minimize the business impact should an incident occur.

Although we take cybersecurity risks seriously, we may not be successful in preventing or mitigating a cybersecurity incident that could have a material adverse effect on us.