Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

ITEM 1C.

CYBERSECURITY

We have policies and procedures for identifying, assessing, and managing material risks associated with cybersecurity threats. We seek to address cybersecurity risks through a comprehensive approach focused on preserving the confidentiality, security, and availability of the information that we collect and store by identifying, preventing, and mitigating cybersecurity threats and effectively responding to cybersecurity incidents when they occur. We implement and maintain technical and physical safeguards and other organizational measures, including, for example, the use of antivirus software, intrusion prevention and detection systems, virtual private networks, firewalls, email security, link protection, the regular deployment of updates and patches as they become available, a general policy against providing access to our network to any third party (with the exception of our third‑party information technology vendor), the use of a third‑party service to conduct mandatory online training for all employees regarding identifying and mitigating cybersecurity risks, regular phishing testing, regular reviews of access to systems and networks, and routine monitoring of compliance with our written information security plan. We also maintain cybersecurity insurance that provides for certain protection against potential losses arising from a cybersecurity incident.

We have an Information Technology committee that meets at least quarterly and includes members of our management team and compliance team. The members of the Information Technology committee have gained cybersecurity experience through years of training, internal and external discussions, and the development, implementation, and periodic evaluation of our cybersecurity policies.

We have not experienced a material cybersecurity incident, any expenses we have incurred from cybersecurity breaches have been immaterial, and we are not aware of any cybersecurity incidents that are reasonably likely to materially affect our business. Our business strategy, results of operations and financial condition have not been materially affected by risks from cybersecurity threats, including as a result of previously identified cybersecurity incidents. However, future incidents could have a material and adverse impact on our business strategy, results of operations, or financial condition. For additional discussion of the risks posed by cybersecurity threats, see Item 1A, “Risk Factors.”

Our Board of Directors oversees cybersecurity risk management as part of its general oversight function. The Company’s management team provides updates to the Board of Directors regarding cybersecurity as appropriate.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

We have an Information Technology committee that meets at least quarterly and includes members of our management team and compliance team. The members of the Information Technology committee have gained cybersecurity experience through years of training, internal and external discussions, and the development, implementation, and periodic evaluation of our cybersecurity policies.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true