malfunctions, software or hardware failures, loss of data or other information technology assets, adware, natural disasters, terrorism, war, and telecommunication and electrical failures. Ransomware attacks, including by organized criminal threat actors, nation-states, and nation-state-supported actors, are becoming increasingly prevalent and can lead to significant interruptions in our operations, loss of data and income, reputational harm, and diversion of funds. Extortion payments may alleviate the negative impact of a ransomware attack, but we may be unwilling or unable to make such payments due to, for example, applicable laws or regulations prohibiting such payments. Similarly, supply-chain attacks have increased in frequency and severity.
Furthermore, our remote workforce poses increased risks to our information technology systems and data, as most of our employees work from home, utilizing network connections outside our premises.
Any of the previously identified or similar threats could cause a security breach or disruption. While we have not experienced any such security breach or other disruption to date, if such an event were to occur, it could result in unauthorized, unlawful, or accidental acquisition, modification, destruction, loss, alteration, encryption, disclosure of, or access to our sensitive information and cause interruptions in our operations, including material disruptions of our development programs and business operations.
We may expend significant resources or modify our business activities (including our clinical trial activities) to try to protect against security breaches and disruptions. While we have implemented security measures designed to protect against security incidents, there can be no assurance that these measures will be effective. We may be unable in the future to detect vulnerabilities in our information technology systems because such threats and techniques change frequently, are often sophisticated in nature, and may not be detected until after a security breach or disruption has occurred. Despite our efforts to identify and remediate vulnerabilities, if any, in our information technology systems, our efforts may not be successful. Further, we may experience delays in developing and deploying remedial measures designed to address any such identified vulnerabilities.
Applicable data privacy and security obligations may require us to notify relevant parties of certain security breaches and disruptions. Such disclosures are costly, and the disclosure or the failure to comply with such requirements could lead to adverse consequences. If we (or a third party upon whom we rely) experience a security breach or other disruption, or are perceived to have experienced such events, we may experience adverse consequences, including: government enforcement actions (for example, investigations, fines, penalties, audits, and inspections); additional reporting requirements and/or oversight; restrictions on processing sensitive information (including personal data); litigation (including class claims); indemnification obligations; negative publicity; reputational harm; monetary fund diversions; interruptions in our operations (including availability of data); financial loss; and other similar harms. In particular, since we sponsor clinical trials, any breach or disruption that compromises patient data and identities could generate significant reputational damage, which may affect trust in us and our ability to recruit for future clinical trials. Additionally, the loss of clinical trial data from completed or future clinical trials could result in delays in our regulatory approval efforts and significantly increase our costs to recover or reproduce the data.
Our contracts may not contain limitations of liability, and even where they do, there can be no assurance that limitations of liability in our contracts are sufficient to protect us from liabilities, damages, or claims related to our data privacy and security obligations. Furthermore, we cannot be sure that our insurance coverage will be adequate or sufficient to protect us from or to mitigate liabilities arising out of our privacy and security practices, that such coverage will continue to be available on commercially reasonable terms or at all, or that such coverage will pay future claims.
Our business and operations would suffer in the event of system failures, cyber-attacks or a deficiency in our cybersecurity.
Despite the implementation of security measures, our internal computer systems, and those of our current and future CROs and other contractors and consultants, are vulnerable to damage from computer viruses, unauthorized access, natural disasters, terrorism, war and telecommunication and electrical failures. Although we have not suffered any material incidents to date, the risk of a security breach or disruption, particularly through cyber-attacks or cyber-intrusion, including by computer hackers, foreign governments, and cyber-terrorists, has generally increased as the number, intensity and sophistication of attempted attacks and intrusions from around the world have increased. While we have not experienced any such material system failure, accident or security breach to date, if such an event were to occur and cause interruptions in our operations, it could result in a material disruption of our development programs and our business operations. In addition, since we sponsor clinical trials, any breach that compromises patient data and identities causing a breach of privacy could generate significant reputational damage and legal liabilities and costs to recover and repair, including affecting trust in us to recruit for future clinical trials. For example, the loss of clinical trial data from completed or future clinical trials could result in delays in our regulatory approval efforts and significantly increase our costs to recover or reproduce the data. To the extent that any disruption or security breach