Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Management and Strategy

We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program is designed to assess, identify, and manage material risks from cybersecurity threats and includes a cybersecurity incident response plan. Our cybersecurity risk management program has been designed to follow our industry’s best practices and consists of a comprehensive set of enterprise security policies and procedures.

Cybersecurity represents an important component of the Company’s overall approach to risk management. The Company’s cybersecurity policies, standards and practices are integrated into the Company’s enterprise risk management approach, and cybersecurity risks are one of the enterprise risks that are subject to oversight by the Company’s Board of Directors.

Our cybersecurity risk management program includes the following:

●

risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment;

●

a security team principally responsible for managing (i) our cybersecurity risk assessment processes, (ii) our security controls, and (iii) our response to cybersecurity incidents;

●

the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security controls;

●

periodic cybersecurity awareness training of our employees;

●

a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and

●

maintaining ISO/IEC 27001 certification since 2022.

We also engage our internal auditor to conduct internal reviews of our cybersecurity policies and practices and penetration testing. In addition, in 2024, we conducted a tabletop exercise as part of a disaster preparedness activity, the purpose of which was to examine the Company’s readiness for business continuity processes and emergency preparedness, which includes complex and diverse cyber attacks.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

During 2024, we did not identify any cybersecurity threats or incidents that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition.

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Governance

Our Board of Directors considers cybersecurity risk as part of its risk oversight function. The Company’s Board of Directors receives presentations on cybersecurity risks during the year, which address a wide range of topics including, for example, recent developments, third-party reviews, the threat environment, technological trends and information security considerations arising with respect to the Company. The Board of Directors will receive prompt and timely information regarding significant cybersecurity incidents, as well as ongoing updates regarding such incidents until they have been addressed. The Board of Directors also regularly discuss the Company’s approach to cybersecurity risk management with the Company’s senior management.

We utilize third-party cybersecurity experts, or Third-Party Experts, for information security services. Our Third-Party Expert works with our IT Manager, and both are supervised by members of our senior management, including our Chief Operating Officer, Chief Technology Officer, and Chief Financial Officer. Together, they oversee our cybersecurity risk management and have primary responsibility for identifying, assessing, remediating, and managing cybersecurity risks, threats, and incidents. Our Third-Party Experts and the dedicated personnel in its team are certified and experienced information systems security professionals and information security managers with over 20 years of cybersecurity experience. Our Third-Party Experts regularly provides our senior management team with updates on the performance of the cybersecurity risk management program and provides updates and presentations to our Board of Directors as necessary throughout the year.

As of the date of this report, we are not aware of any material risks from cybersecurity threats that have materially affected or are reasonably likely to affect us, including our business strategy, results of operations or financial condition.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board of Directors will receive prompt and timely information regarding significant cybersecurity incidents, as well as ongoing updates regarding such incidents until they have been addressed. The Board of Directors also regularly discuss the Company’s approach to cybersecurity risk management with the Company’s senior management.