Cybersecurity Risk Management and Strategy

We recognize the importance of assessing, identifying, and managing material risks associated with cyber security threats, as such term is defined in Item 106(a) of Regulation S-K. We have certain processes for assessing, identifying and managing cyber security risks, which are built into our overall information technology function and are designed to help protect our information assets and operations from internal and external cyber threats, and protect employee information from unauthorized access or attack, as well as secure our networks and systems. Such processes include physical, procedural and technical safeguards and routine review of our policies and procedures to identify risks and refine our practices. We consider the internal risk oversight programs of third-party service providers before engaging them in order to help protect us from any related vulnerabilities.

We have not encountered cyber security challenges that have materially impaired our operations or financial condition. Additional information regarding risks from cyber security threats is provided at “Item 1A. Risk Factors.”

Governance; Board Oversight

The Audit Committee of our Board provides direct oversight over cyber security risk and provides updates to the Board of Directors regarding such oversight, when and if appropriate. Management provides periodic updates to the Audit Committee regarding cyber security matters including significant new cyber security threats or incidents, when and if appropriate.