Item 1. Business
Reorganization Agreement
On September 6, 2016, the Company and BlackRidge Technology Holdings, Inc., a Delaware corporation ("BlackRidge") entered into an Agreement and Plan of Reorganization (the "Reorganization Agreement") originally dated as of September 6, 2016, and amended on February 22, 2017 to update the number of common shares, warrants, and options granted and outstanding as of the closing date.
On February 22, 2017, we completed the actions contemplated by the Reorganization Agreement and merged with and into BlackRidge with BlackRidge continuing as the surviving corporation ("Reorganization"). Upon completion of the Agreement, we issued 3,783,791 shares of our newly designated Series A Preferred Stock and 12,825,683 shares of Common Stock to the stockholders of BlackRidge in exchange for all the issued and outstanding shares of Series A Preferred Stock and Common Stock of BlackRidge. Additionally, certain stockholders of the Company returned for cancellation a total of 16,284,330 shares of our Common Stock. Upon the completion of the Reorganization, BlackRidge became a wholly-owned subsidiary of the Company and the Company had a total of 3,783,791 shares of Series A Preferred Stock and 21,790,683 shares of Common Stock outstanding, with the former BlackRidge stockholders owning 3,783,791 shares or 100% of Series A Preferred Stock and 12,825,683 shares or approximately 58.9% of Common Stock. Upon completion of the Reorganization, we also had outstanding warrants entitling the holders to acquire a total of 18,541,579 shares of the Company's Common Stock at an average exercise price of $0.46 per share. The Reorganization resulted in a change of control of the Company. For accounting purposes, BlackRidge will be treated as the acquirer and the historical financial statements of BlackRidge will become the Company's historical financial statements. The acquisition is intended to constitute a tax-free reorganization pursuant to the applicable provisions of the Internal Revenue Code of 1986, as amended.
At the closing of the Reorganization, Robert Graham was appointed as President, and John Bluher was appointed Chief Financial Officer, Treasurer and Secretary. In addition, Bruce Crane resigned from his position as a director and Robert Graham was appointed as a director of the Company to fill the vacancy created by such resignation. John Hofman, our remaining director, resigned from such position effective following our compliance with rule 14f-1 promulgated under the Exchange Act, and John Hayes and Robert Lentz were appointed as directors of the Company effective at such time as Mr. Hofman's resignation became effective.
On March 31, 2017, the Company completed the sale of substantially all assets, other than cash, used in or connection with the Company's home grain mill and kitchen mixer business to John Hofman and Bruce Crane, former officers and directors of the Company, in consideration for the assumption by such persons of substantially all the liabilities incurred by the Company in connection with such business. The assets divested consisted of the non-cybersecurity assets of the Company and included accounts receivable, inventory, deposits, property and equipment and intangible assets. The liabilities divested included the non-cybersecurity liabilities of the Company and included accounts payable and accrued expenses and long and short-term notes payable and accrued interest thereon.
On July 2, 2017, the Company filed Restated Articles with the Secretary of State of Nevada to, among other things, change the Company's name to BlackRidge Technology International, Inc.
Overview
BlackRidge, located in Reno Nevada, was incorporated in April 2010 to commercialize its military grade and patented network security technology.
BlackRidge develops and markets next generation cyber defense solutions that enables our customers to deliver more secure and resilient business services in today's rapidly evolving technology and cyber threat environments. Our network, server, and cloud security products are based on our patented Transport Access Control technology and are designed to isolate, cloak and protect servers and cloud services from cyber-attacks and block unauthenticated access. BlackRidge products are used in enterprise and government computing environments, the industrial Internet of Things (IoT), commercial blockchains, and other cloud service provider and network systems.
The directors of BlackRidge are Robert Graham, John Hayes and Robert Lentz, Thomas Bruderman, Allen Kosowsky, and Robert Zahm. Its officers are Robert Graham, Chief Executive Officer and President, John Hayes, Chief Technology Officer, and John Bluher, Chief Financial Officer, Treasurer and Secretary.
The address of the BlackRidge headquarters is: BlackRidge Technology, 5390 Kietzke Lane, Suite 104, Reno, NV 89511
Blackridge also has engineering offices located at Marist College Hancock Center 0002, 3399 North Road, Poughkeepsie, NY 12601 and 100 Century Center Court, Suite 403, San Jose, CA 95112.
The general telephone number for BlackRidge is 1-855-807-8776 and our website is
www.blackridge.us
.
Business
The Company develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services. With our patented technology, network and server resources located in the enterprise, datacenters and cloud systems, are better protected, less expensive to protect, and less vulnerable to compromise from cyber-attacks and insider threats. We believe that our identity-based approach to network and cloud security offers superior performance compared to legacy network security approaches, and reduces the total cost of ownership for organizations by eliminating malicious and unwanted traffic from their networks and systems.
BlackRidge products provide advanced capabilities compared to advanced firewalls in applications such as network segmentation and isolating cloud services. BlackRidge also cloaks protected network resources from network mapping, reconnaissance and other forms of unauthorized access and attacks which cannot be blocked by advanced firewalls or malware detection systems.
Our proprietary technology, BlackRidge Transport Access Control ("TAC"), authenticates user or device identity and applies security policies across networks and cloud services before application sessions are established. Underlying BlackRidge TAC is our patented First Packet Authentication™ which conveys and authenticates identity in the "first packet" of a TCP network session request. This fundamental invention addresses a security gap in how the Internet operates: the inability to authenticate network traffic sources. Without authentication, unidentified and unauthorized users and devices can scan, probe and access networks and cloud services. This security gap is exploited in all cyber-attacks through the process of network scanning and reconnaissance, and it has been further exposed and magnified by cloud services, mobile connectivity, and the Internet of Things.
The Company's technology is first to market with this approach of enforcing security policy based on cryptographically secured identity on every TCP/IP session.
Our products are protected by multiple U.S. Patents including "First Packet Authentication," "Concealing a Network Connected Device," "Digital Identity Authentication," and "Statistical Object Identification."
Products
BlackRidge and our partners sell network security products and solutions based on our proprietary BlackRidge TAC software. BlackRidge TAC provides high throughput and low latency network security that operates pre-session, in real time, before other security defenses engage. BlackRidge products can be deployed inside a network or a cloud to cloak and protect servers and segment networks, in front of existing security stacks to filter anonymous traffic, or as part of service provider or OEM (as defined below) solution.
The BlackRidge solution is available in the following product configurations, with additional platform support and endpoint under development:
·
|
1U rack-mountable 1GbE or 10GbE network appliance
|
|
|
·
|
1GbE fanless desktop appliance
|
|
|
·
|
VMware ESXi™ virtual appliance
|
|
|
·
|
IBM z Systems™ LPAR and IBM z/VM® software appliances
|
|
|
·
|
Amazon Web Services appliances
|
|
|
·
|
Windows and Linux software endpoints
|
BlackRidge products are priced per appliance or gateway and on the total number of user and device identities supported in an implementation. Enterprise and OEM licensing along with subscription pricing are available. BlackRidge appliances can support up to 100,000 identities and 4,000,000 sessions, providing a highly scalable enterprise solution that operates with low latency and high throughput compared to current network security devices.
Network and cloud deployments options include deploying in-line as a Layer 2 transparent bridge or logically inline as a Layer 3 gateway for cloud deployments. BlackRidge software and systems are designed to be highly resilient and can be configured for high availability and failover. Security policies can be verified during deployment with progressive modes of bridge, monitor and audit, and then enforce policy.
Support and Maintenance
BlackRidge offers standard and premium support to our end-customers and channel partners, where our channel partners typically deliver level one support and we provide level two and level three support. The support for our end customers includes ongoing maintenance services for both hardware and software to receive software upgrades, bug fixes, and repairs. End customers typically purchase these services for a one year or longer term at the time of the initial product sale and typically renew for successive one year or longer periods.
Professional Services.
Professional services are primarily delivered through our channel partners and include experts who plan, design, and deploy effective security solutions tailored to our end-customers' specific requirements. These services include solution design and planning, configuration, and installation. Our education services provide online and classroom-style training and are also primarily delivered through our internal team.
Technology Alliance Partners
BlackRidge participates in an ecosystem of technology alliance partners to extend the breadth and depth of our products and partner solutions. By helping to ease the complications that organizations face when implementing multi-layered security solutions, our technology alliances facilitate integrated solution design, accelerate the time to realize value, and enhance our role as a strategic security partner.
Markets, Customers and Distribution Channels
The BlackRidge network security and adaptive cyber defense solution is broadly applicable to virtually all enterprise, government and industrial control market segments. Whether deployed directly in a customer's environment or embedded as part of partner cloud service or solution, BlackRidge provides a new level of cyber defense not available in the market today.
BlackRidge markets and sells its products through multiple channels, including direct sales, integrator and reseller channel partners, cloud and managed service providers, and through strategic Original Equipment Manufacturer ("OEM") partners to both government and commercial users. The initial sales focus and market entry strategy for BlackRidge was the US Department of Defense, which is a key leverage point for the company's current commercial, government, and international sales efforts. Our customers and partners include IBM, Ciena, Crimson Logic, the US Department of Defense, the US Department of Energy, Marist College, Nihon Cornet Technology, Splunk and healthcare providers.
Within the commercial markets, BlackRidge sells both direct and through our strategic partners to large enterprise accounts, and indirectly through certain channel partners to specific verticals and international market segments. Our initial market entry strategy for the commercial market is to sell directly in order to establish customer references with large enterprises in North America that have high security and compliance requirements. These include more complex regulated enterprises such as Financial Services, Healthcare, Insurance and Utility companies. Our channel partners are recruited to assist with expanding enterprise sales, commercializing specific vertical markets, and penetrating the international markets. Revenue from commercial sales includes product licensing fees, installation services, and annual support based on a standard price list.
In the government markets, BlackRidge sells its standard commercial products through a wholly owned subsidiary, BlackRidge Technology Government, to government resellers, integrators and contractors who resell to the Department of Defense (DOD) and civilian agencies. BlackRidge has been involved with the DOD for over six years, including our initial product development funding which was provided by the U.S. DOD. The BlackRidge products have been designed for several large DOD programs and they have been extensively tested and validated for use by the Defense Information Systems Agency (DISA) labs. The timing of the DOD adoption of BlackRidge products depends on approval of budgets and final product testing approvals from DISA. BlackRidge Government revenue is net of government discounts, contracting fees, and channel and service partner discounts.
The BlackRidge OEM and service provider partnership strategy is to make targeted investments to capitalize on opportunities in specific market segments such as the industrial Internet of Things (IoT), blockchain networks, and cloud solution providers. For these markets and our partners, BlackRidge TAC can be deployed as an integrated or embedded capability in the partners' equipment and vertical market solutions, and sold and supported by our partner. BlackRidge provides unique, integrated identity-based cyber defense for these OEM products or service offerings that provides their end user customer with a competitive market advantage in the face of today's advanced cyber threats. Revenue from OEM offerings flows from embedded product licensing fees and support fees that are somewhat unique to each OEM offering.
Marketing
Our marketing is focused on building our brand reputation and market awareness for our company and our unique technology capabilities and platform, driving customer demand and building a strong sales pipeline, and working with our channel and OEM partners. Our marketing team consists of corporate marketing, product marketing and product management, marketing operations, and corporate communications. Marketing activities include sales training and enablement, demand generation programs, digital marketing programs, product launch activities, managing our corporate and investor website, social media, trade shows and conferences, and press and analyst relations.
Research and Development
We continue to enhance our BlackRidge TAC software, the core software used in the BlackRidge products. This software is responsible for the TAC token generation, token validation, the token cache, packet processing and the insertion of TAC tokens into TCP connection requests. The TAC software has been developed domestically within the U.S. using only U.S. citizens. This software includes implementations of granted and pending patents owned by BlackRidge.
We continue to pursue research and development to improve our existing products. These improvements include making our products easier to manage, easier to deploy in large numbers, and improvements in our integrations with 3rd party products that communicate with BlackRidge products.
Our product development efforts release software with new features from time to time. When a new feature is significant enough, we produce a major software release. In between major software releases, there may be one or more minor software releases that also introduce less significant new features.
Intellectual Property
BlackRidge focuses on developing patent protection for products it develops and for products and features that are anticipated. We constantly perfect and file new applications. We continue to develop our products; we will continue to file additional patent applications where appropriate.
The granted patents focus on the communication of identity tokens at the network layer (6,973,496, 8,346,951), combining Identity authentication at different security layers (8,281,127, 8,635,445), insuring the integrity of token authentication (8,572,697) and using identity to select amongst a set of trusted resources (9,118,644). The pending applications focus on extending the above protections (13/987,747, 14/544,987, 14/998,645), using network identity in a firewall (14/545,988), making network routing policy decisions using identity (14/999,317) and detecting tampering of hardware and software systems (13/199,050).
As of release 3.0, our products use the technology described in patents 6,973,496, 8,346,951 and 8,572,697 as well as technology described in some of our pending applications. As we continue to add products and features, we will be incorporating technology described in additional patents and applications. All patents and completed applications are assigned to BlackRidge Technology Holdings, Inc.
Granted Patents
Concealing a Network Connected Device US Patent number 6,973,496, Patent Application U.S. Ser. No. 10/094,425. Filed 5 March 2002, Granted 6 December 2005, 1 Claim.
Method for Digital Identity Authentication US Patent number 8,281,127, Patent Application U.S. Ser. No. 12/658,113. Filed 1 February 2010, Granted 2 October 2012, 20 Claims.
Method for First Packet Authentication US Patent number 8,346,951, Patent Application U.S. Ser. No. 11/242,637. Filed 30 Sept 2005, Granted 1 January 2013, 25 Claims.
Method for Statistical Object Identification US Patent number 8,572,697, Patent Application U.S. Ser. No. 13/373,586. Filed 18 November 2011, Granted 29 October 2013, 43 Claims.
Method for Digital Identity Authentication US Patent number 8,635,445, Patent Application U.S. Ser. No. 13/573,077. Filed 16 August 2012, Granted 21 January 2014, 23 Claims.
Method for Directing Requests to Trusted Resources US Patent number 9,118,644, Patent Application U.S. Ser. No. 13/573,238. Filed 30 August 2012, Granted 25 August 2015, 27 Claims.
Published Pending Applications
Method for Statistical Object Identification Patent Application U.S. Ser. No. 13/987,747, filed 27 August 2013, continuation-in-part of Patent 8,572,697.
Unpublished Pending Applications
U.S. Patent Applications are published by the patent office 18 months after filing.
Method for Network Security Using Statistical Object Identification Patent Application U.S. Ser. No. 14/544,987, filed 11 March 2015, continuation-in-part of Patent 8,572,697.
Method for Attribution Security System Patent Application U.S. Ser. No. 14/545,988, filed 13 July 2015.
Method for Statistical Object Identification Patent Application U.S. Ser. No. 14/998,645, filed 16 January 2016, continuation-in-part of Patent 8,572,697.
Method for Using Authenticated Requests to Select Network Routes Patent Application U.S. Ser. No. 14/999,317, filed 22 April 2016.
Secure Cloud Computing System Patent Application U.S. Ser. No. pending, filed 6 August 2016, continuation-in-part of Patent Applications U.S. Ser. No. 13/199,050 and 13/999,757.
Competition
BlackRidge TAC operates at the Transport Layer to provide a highly scalable, non-interactive authentication protocol that does not rely on signatures, sandboxing, or deep packet inspection. This provides key competitive differentiators including high through-put with very low latency, compatibility with existing network and security technologies and middle boxes, address and topology independent, and supports it network address translation (NAT).
We compete with other technology research and development, and sales companies for enterprise security spending and for financing from a limited number of investors that are prepared to invest in such companies. The presence of competing companies in our field of endeavor may impact our ability to raise additional capital to fund our operations or further acquisitions, if investors perceive that investments in our competitors are more attractive based on the merit of their technologies, or the advanced stage of marketing or development or the price of the investment opportunity. We face competition from many companies, major universities and research institutions in the United States and abroad. Many of our competitors have substantially greater resources, experience in conducting research, experience in obtaining regulatory approvals for their products, operating experience, research and development and marketing capabilities, name recognition and production capabilities. We will face competition from companies marketing existing products or developing new products which may render our technologies (and products) obsolete.
These companies may have numerous competitive advantages, including:
·
|
significantly greater name recognition;
|
|
|
·
|
established distribution networks;
|
|
|
·
|
more advanced technologies and product development;
|
|
|
·
|
additional lines of products, and the ability to offer rebates, higher discounts or incentives; and
|
|
|
·
|
greater experience in conducting research and development, manufacturing, obtaining regulatory approval for products
|
Our commercial success depends on our ability to compete effectively in product development areas such as, but not limited to, safety, price, marketing and distribution. There can be no assurance that competitors will not succeed in developing products that are more effective than our cyber security technology, therefore rendering our products obsolete and noncompetitive. Accordingly, in addition to our research and development efforts, we believe we need to create a public relations/advertising program designed to establish our "brand" name recognition; we intend to continue to develop and market our brand name pending commercialization of products, if any, we may derive from our research and development efforts.
Our strategy drives the marketing, distribution and public acceptance of any products we may derive from our research and development. Competition with respect to our technologies is and will be based, among other things, on effectiveness, latency, reliability, availability, price, marketing, distribution and patent position. Another important factor will be the timing of market introduction of any new versions of the software or development of new products and cyber security solutions new markets such industrial control systems (ICS) and the Industrial Internet of Things ("IIoT").
Accordingly, the speed with which we can distribute and sell products and the speed to market with new or updated versions of the existing software, complete testing and proof of concept processes and ultimately supply commercial quantities of our products to the market and channels is expected to be an important competitive factor.
Our competitive position will also depend upon our ability to attract and retain qualified personnel, to obtain patent protection or otherwise develop proprietary products or processes, and to secure sufficient capital resources for the often-substantial period between technological conception and commercial sales.
Government Regulations
BlackRidge exports products in compliance with the International Traffic in Arms Regulations that control the export and import of defense-related articles and services on the United States Munitions List. BlackRidge is authorized to export and re-export encryption products as described in Part 740-17 (b) (1) of the Export Administration Regulations EAR and mass market encryption products as described in Part 74215 (b) (1).
Environmental Regulations
We comply with all applicable laws, rules and regulations relating to our business, and at this time, we do not anticipate incurring any material capital expenditures to comply with any environmental regulations or other requirements. While our products, intended projects and business activities do not currently violate any laws, any regulatory changes that impose additional restrictions or requirements on us or on our potential customers could adversely affect us by increasing our operating costs or decreasing demand for our products or services, which could have a material adverse effect on our results of operations.
Employees of BlackRidge
As of March 30, 2018, we have 44 full time employees. We also engage a number of independent contractors as engineers, system architects, or developers. The Blackridge employees are not represented by unions and it considers its relationship with its employees to be good.
Item 1A. Risk Factors
Risk Factors
Blackridge has had operating losses each year since its inception, and may not achieve or maintain profitability in the future.
Blackridge has incurred operating losses each year since its inception, including net losses of $15,345,644 and $7,215,820 for the years ended December 31, 2017 and 2016, respectively. Our operating expenses have increased as we have expanded our sales and marketing efforts and we continue to invest in research and development of our technologies. These efforts may be more costly in the future than we expect, and we may not be able to increase our revenue to offset our increased operating expenses. Our revenue growth may slow or our revenue may decline for a number of other reasons, including reduced demand for our platform, increased competition, a decrease in the growth or size of the IT security market, particularly the market for solutions that target the next generation of advanced cyber-attacks, or any failure to capitalize on growth opportunities. Any failure to increase our revenue as we grow our business could prevent us from achieving or maintaining profitability. If we are unable to meet these risks and challenges as we encounter them, our business, financial condition and results of operations may suffer.
The Blackridge audited financial statements contain a "going concern" qualification noting that during the year ended December 31, 2017, we incurred a net loss of $15,345,644 and inception to date losses are $49,896,376, which factors raise substantial doubt about our ability to continue as a going concern.
The independent registered public accounting firm for Blackridge for the fiscal year ended December 31, 2017, has included an explanatory paragraph in their opinion that accompanies the Blackridge audited consolidated financial statements as of and for the year ended December 31, 2017, indicating that we incurred a net loss of $15,345,644 and inception to date losses are $49,896,376, which factors raise substantial doubt about our ability to continue as a going concern. In this regard, management is proposing to raise any necessary additional funds not provided by operations through investment capital. There is no assurance that we will be successful in raising this additional capital or in achieving profitable operations. The accompanying consolidated financial statements of Blackridge do not include any adjustments that might result if we are unable to continue as a going concern and, therefore, be required to realize our assets and discharge our liabilities other than in the normal course of business which could cause investors to suffer the loss of all or a substantial portion of their investment.
We may be unsuccessful in raising additional capital. If we are unable to raise additional financing, we will be under-capitalized and will not be able to execute our business plan as forecast. Such financing difficulties would likely reduce the value of your investment in the Registrant.
BlackRidge is a recently formed company, with limited operating history. BlackRidge was formed in 2010 and has generated limited revenue. To date, BlackRidge has operated at a loss. Prior to BlackRidge, management of BlackRidge has not previously worked together in a company. There is, therefore, no guarantee that management will work well together and execute the business plan of BlackRidge successfully.
BlackRidge is likely to lose money for a period of time.
BlackRidge, like many early stage companies, is projected to lose money for several months before it reaches cash-flow break even. Such projections may turn out to be too optimistic and BlackRidge may lose more money or for longer than forecast, hurting the value of an investment.
To the extent that BlackRidge's business plan relies on future access to financing, you are incurring the risk of future dilution.
The market for raising capital for small public companies is currently challenging and may remain challenging for the indefinite future. Therefore, future financings by the Registrant may either be not possible or only done on terms that are detrimental to existing debt and equity holders of the Company.
Our business plan is dependent on the success of Blackridge's existing technologies and new technologies which may be developed by BlackRidge's engineering team.
There is no guarantee that BlackRidge's technologies will achieve wide acceptance at an economically attractive price point or that BlackRidge's engineering department will develop new technologies which are commercially feasible. BlackRidge's technologies also run the risk of technological obsolescence as they are based on the current architecture of the internet.
Real or perceived defects, errors or vulnerabilities in our platform or the failure of our platform to block DDOS attacks, malware or prevent a security breach could harm our reputation and adversely impact our business, financial position and results of operations.
Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, there is a risk that an advanced attack could emerge that our platform is unable to detect or prevent. Moreover, as our platform is adopted by an increasing number of enterprises and governments, it is possible that the individuals and organizations behind advanced malware attacks will begin to focus on finding ways to defeat our software. If this happens, our networks, products, subscriptions and services could be targeted by attacks specifically designed to disrupt our business and undermine the perception that our platform is capable of providing superior IT security, which, in turn, could have a serious impact on our reputation as a provider of virtual machine-based security solutions.
If any of our customers becomes infected with malware after adopting our platform, even if our platform has blocked the theft of any of such customer's data, such customer could nevertheless be disappointed with our platform. Furthermore, if any enterprises or governments that are publicly known to use our platform are the subject of an advanced cyber-attack that becomes publicized, our other current or potential customers may look to our competitors for alternatives to our platform. Real or perceived security breaches of our customers' networks could cause disruption or damage to their networks or other negative consequences and could result in negative publicity to us, damage to our reputation, declining sales, increased expenses and customer relations issues.
Furthermore, our software may fail to detect or prevent malware, viruses, worms or similar threats for any number of reasons, including our failure to enhance and expand our software to reflect industry trends, new technologies and new operating environments. Failure to keep pace with technological changes in the IT security industry and changes in the threat landscape could adversely affect our ability to protect against security breaches and could cause us to lose customers.
Any real or perceived defects, errors or vulnerabilities in our software, or any other failure of our software to detect an advanced threat, could result in:
•
|
a loss of existing or potential customers or channel partners;
|
|
|
•
|
delayed or lost revenue;
|
|
|
•
|
a delay in attaining, or the failure to attain, market acceptance;
|
|
|
•
|
the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects, to address and eliminate vulnerabilities, or to identify and ramp up production with alternative third-party manufacturers;
|
|
|
•
|
an increase in warranty claims, or an increase in the cost of servicing warranty claims, either of which would adversely affect our gross margins;
|
|
|
•
|
harm to our reputation or brand; and
|
|
|
•
|
litigation, regulatory inquiries, or investigations that may be costly and further harm our reputation.
|
Our CEO and CTO have limited prior experience with government sales.
BlackRidge's business plan is, in part, to sell to government contractors, the Department of Defense and other "government" clients as well as to the commercial marketplace. Mr. Graham, the Company's CEO and co-founder of Blackridge has past experience in government sales and contracting groups.Mr. Hayes, the Company's CTO and co-founder of Blackridge, has no prior experience selling to the government. Government sales have several unique aspects which require a different approach than commercial sales and may have a longer sales cycle. In order to mitigate this risk, we have appointed an advisory counsel with experience in government sales, as well partnered with companies experienced in government contracts.
Pending patent applications may be denied.
While BlackRidge owns issued U.S. patents on its core technology, there is no guarantee that other applications will result in granted patents. Furthermore, given the nature of the US Patent Office, the determination of patentability may take several years. Even with its existing patents, enforcing patent rights can be an expensive and time-consuming process, involving years of litigation and large legal fees.
Fluctuating economic conditions make it difficult to predict revenue for a particular period, and a shortfall in revenue may harm our operating results.
Our revenue depends significantly on general economic conditions and the demand for products in the IT security market. Economic weakness, customer financial difficulties, and constrained spending on IT security may result in decreased revenue and earnings. Such factors could make it difficult to accurately forecast our sales and operating results and could negatively affect our ability to provide accurate forecasts to our contract manufacturers and manage our contract manufacturer relationships and other expenses. In addition, concerns regarding the impact of tight budgetary constraints and the new Trump Administration on the IT budgets of various agencies of the U.S. government, as well as continued budgetary challenges in the United States and geopolitical turmoil in many parts of the world have and may continue to put pressure on global economic conditions and overall spending on IT security. Currently, most enterprises and governments have not allocated a fixed portion of their budgets to protect against next-generation advanced cyber-attacks. If we do not succeed in convincing customers that our platform should be an integral part of their overall approach to IT security and that a fixed portion of their annual IT budgets should be allocated to our platform, general reductions in IT spending by our customers are likely to have a disproportionate impact on our business, results of operations and financial condition. General economic weakness may also lead to longer collection cycles for payments due from our customers, an increase in customer bad debt, restructuring initiatives and associated expenses, and impairment of investments.
Uncertainty about future economic conditions also makes it difficult to forecast operating results and to make decisions about future investments. Future or continued economic weakness for us or our customers, failure of our customers and markets to recover from such weakness, customer financial difficulties, and reductions in spending on IT security could have a material adverse effect on demand for our platform and consequently on our business, financial condition and results of operations.
Our results of operations are likely to vary significantly from period to period, which could cause the trading price of our common stock to decline.
Our results of operations have varied significantly from period to period, and we expect that following the Reorganization, our results of operations will continue to vary as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:
•
|
our ability to attract and retain new customers;
|
|
|
•
|
the budgeting cycles, seasonal buying patterns and purchasing practices of customers;
|
|
|
•
|
the timing of shipments of our products and length of our sales cycles;
|
|
|
•
|
changes in customer or reseller requirements or market needs;
|
|
|
•
|
changes in the growth rate of the IT security market, particularly the market for threat protection solutions like ours that target next-generation advanced cyber-attacks;
|
|
|
•
|
the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape of the IT security market, including consolidation among our customers or competitors;
|
|
|
•
|
the level of awareness of IT security threats, particularly advanced cyber-attacks, and the market adoption of our software;
|
|
|
•
|
deferral of orders from customers in anticipation of new products or product enhancements announced by us or our competitors;
|
|
|
•
|
our ability to successfully expand our business domestically and internationally;
|
|
|
•
|
reductions in customer renewal rates for our subscriptions;
|
|
|
•
|
decisions by organizations to purchase IT security solutions from larger, more established security vendors or from their primary IT equipment vendors;
|
|
|
•
|
changes in our pricing policies or those of our competitors;
|
|
|
•
|
any disruption in, or termination of, our relationship with channel partners;
|
|
|
•
|
decreases in our customers' subscription renewal rates;
|
|
|
•
|
our inability to fulfill our customers' orders due to supply chain delays or events that impact our manufacturers or their suppliers;
|
|
|
•
|
insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our products, subscriptions and services, or confronting our key suppliers, particularly our sole source suppliers, which could disrupt our supply chain;
|
|
|
•
|
the cost and potential outcomes of existing and future litigation;
|
|
|
•
|
seasonality in our business;
|
|
|
•
|
general economic conditions, both domestic and in our foreign markets;
|
|
|
•
|
future accounting pronouncements or changes in our accounting policies or practices;
|
|
|
•
|
the amount and timing of operating costs and capital expenditures related to the expansion of our business;
|
|
|
•
|
a change in our mix of products, subscriptions and services; and
|
|
|
•
|
increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.
|
Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. As a result of this variability, our historical results of operations should not be relied upon as an indication of future performance. Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, the market price of our common stock could fall substantially, and we could face costly lawsuits, including securities class action suits.
We face intense competition and could fail to gain market share from our competitors, which could adversely affect our business, financial condition and results of operations.
The market for security products and services is intensely competitive and characterized by rapid changes in technology, customer requirements, industry standards and frequent new product introductions and improvements. We anticipate continued challenges from current competitors, which in many cases are more established and enjoy greater resources than us, as well as by new entrants into the industry. If we are unable to anticipate or effectively react to these competitive challenges, our competitive position could weaken, and we could experience a decline in our growth rate or revenue that could adversely affect our business and results of operations.
Our competitors and potential competitors include large networking vendors such as Cisco Systems, Inc. and Juniper Networks, Inc. that may emulate or integrate features similar to ours into their own products; large companies such as Intel and HP that have acquired large IT security specialist vendors in recent years and have the technical and financial resources and broad customer bases needed to bring competitive solutions to the market; independent IT security vendors such as FireEye, Symantec, and Palo Alto Networks that offer products that claim to perform similar functions to our platform; and small and large companies that offer point solutions that compete with some of the features present in our platform. Other IT providers offer, and may continue to introduce, security features that compete with our platform, either in stand-alone security products or as additional features in their network infrastructure products. Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:
•
|
greater name recognition, longer operating histories and larger customer bases;
|
|
|
•
|
larger sales and marketing budgets and resources;
|
|
|
•
|
broader distribution and established relationships with channel and distribution partners and customers;
|
|
|
•
|
greater customer support resources;
|
|
|
•
|
greater resources to make acquisitions;
|
|
|
•
|
lower labor and research and development costs;
|
|
|
•
|
larger and more mature intellectual property portfolios; and
|
|
|
•
|
substantially greater financial, technical and other resources.
|
In addition, some of our larger competitors have substantially broader product offerings and may be able to leverage their relationships with distribution partners and customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products, subscriptions and services, including by selling at zero or negative margins, product bundling or offering closed technology platforms. Potential customers may also prefer to purchase from their existing suppliers rather than a new supplier regardless of product performance or features. As a result, even if the features of our platform are superior, customers may not purchase our products. In addition, new innovative start-up companies, and larger companies that are making significant investments in research and development, may invent similar or superior products and technologies that compete with our platform. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. If we are unable to compete successfully, or if competing successfully requires us to take costly actions in response to the actions of our competitors, our business, financial condition and results of operations could be adversely affected.
Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense. As a result, our sales and revenue are difficult to predict and may vary substantially from period to period, which may cause our results of operations to fluctuate significantly.
Our results of operations may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of our sales cycle and the short-term difficulty in adjusting our operating expenses. Our results of operations depend in part on sales to large organizations. The length of our sales cycle, from proof of concept to delivery of and payment for our platform, is typically three to six months but can be more than a year. To the extent our competitors develop products that our prospective customers view as equivalent to ours, our average sales cycle may increase. Because the length of time required to close a sale varies substantially from customer to customer, it is difficult to predict exactly when, or even if, we will make a sale with a potential customer. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. The loss or delay of one or more large transactions in a quarter could impact our results of operations for that quarter and any future quarters for which revenue from that transaction is delayed. As a result of these factors, it is difficult for us to forecast our revenue accurately in any quarter. Because a substantial portion of our expenses are relatively fixed in the short term, our results of operations will suffer if our revenue falls below our or analysts' expectations in a particular quarter, which could cause the price of our common stock to decline.
If we do not accurately anticipate and respond promptly to changes in our customers' technologies, business plans or security needs, our competitive position and prospects could be harmed.
Many of our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to add numerous network access points and adapt to increasingly complex IT networks, incorporating a variety of hardware, software applications, operating systems and networking protocols. As their technologies and business plans grow more complex, we expect these customers to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our platform effectively identifies and responds to these advanced and evolving attacks without disrupting our customers' network performance. As a result of the continued rapid innovations in the technology industry, including the rapid growth of smart phones, tablets and other devices and the trend of "bring your own device" in enterprises, we expect the networks of our customers to continue to change rapidly and become more complex.
We have identified a number of new products and enhancements to our platform that we believe are important to our continued success in the IT security market. There can be no assurance that we will be successful in developing and marketing, on a timely basis, such new products or enhancements, or that our new products or enhancements will adequately address the changing needs of the marketplace. In addition, some of our new products and enhancements may require us to develop new hardware architectures that involve complex, expensive and time-consuming research and development processes. Although the market expects rapid introduction of new products and enhancements to respond to new threats, the development of these products and enhancements is difficult and the timetable for commercial release and availability is uncertain, as there can be significant time lags between initial beta releases and the commercial availability of new products and enhancements. We may experience unanticipated delays in the availability of new products and enhancements to our platform and fail to meet customer expectations with respect to the timing of such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our customers by developing, releasing and making available on a timely basis new products and enhancements to our platform that can adequately respond to advanced threats and our customers' needs, our competitive position and business prospects will be harmed. Furthermore, from time to time, we or our competitors may announce new products with capabilities or technologies that could have the potential to replace or shorten the life cycles of our existing products. There can be no assurance that announcements of new products will not cause customers to defer purchasing our existing products.
Additionally, the process of developing new technology is expensive, complex and uncertain. The success of new products and enhancements depends on several factors, including appropriate component costs, timely completion and introduction, differentiation of new products and enhancements from those of our competitors, and market acceptance. To maintain our competitive position, we must continue to commit significant resources to developing new products or enhancements to our platform before knowing whether these investments will be cost-effective or achieve the intended results. There can be no assurance that we will successfully identify new product opportunities, develop and bring new products or enhancements to market in a timely manner, or achieve market acceptance of our platform, or that products and technologies developed by others will not render our platform obsolete or noncompetitive. If we expend significant resources on researching and developing products or enhancements to our platform and such products or enhancements are not successful, our business, financial position and results of operations may be adversely affected.
If we are unable to sell additional products, licenses, subscriptions and services, as well as renewals of our licenses, subscriptions and services, to our customers, our future revenue and operating results will be harmed.
Our future success depends, in part, on our ability to expand the deployment of our platform with existing customers by selling them additional products, subscriptions and services. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our customers purchase additional products, subscriptions and services depends on a number of factors, including the perceived need for additional IT security as well as general economic conditions. If our efforts to sell additional products, subscriptions and services to our customers are not successful, our business may suffer.
Further, existing customers that purchase our platform have no contractual obligation to renew their subscriptions and support and maintenance services after the initial contract period, and given our limited operating history, we may not be able to accurately predict our renewal rates. Our customers' renewal rates may decline or fluctuate as a result of a number of factors, including the level of their satisfaction with our platform, our customer support, customer budgets and the pricing of our platform compared with the products and services offered by our competitors. If our customers renew their subscriptions, they may renew for shorter contract lengths or on other terms that are less economically beneficial to us. We cannot assure you that our customers will renew their subscriptions, and if our customers do not renew their subscriptions or renew on less favorable terms, our revenue may grow more slowly than expected, if at all.
If we are unable to increase sales of our platform to large organizations while mitigating the risks associated with serving such customers, our business, financial position and results of operations may suffer.
Our growth strategy is dependent, in part, upon increasing sales of our platform to large enterprises and governments. Sales to large customers involve risks that may not be present (or that are present to a lesser extent) with sales to smaller entities. These risks include:
•
|
increased purchasing power and leverage held by large customers in negotiating contractual arrangements with us;
|
|
|
•
|
more stringent or costly requirements imposed upon us in our support service contracts with such customers, including stricter support response times and penalties for any failure to meet support requirements;
|
|
|
•
|
more complicated implementation processes;
|
|
|
•
|
longer sales cycles and the associated risk that substantial time and resources may be spent on a potential customer that ultimately elects not to purchase our platform or purchases less than we hoped;
|
|
|
•
|
closer relationships with, and dependence upon, large technology companies who offer competitive products; and
|
|
|
•
|
more pressure for discounts and write-offs.
|
In addition, because security breaches with respect to larger, high-profile enterprises are likely to be heavily publicized, there is increased reputational risk associated with serving such customers. If we are unable to increase sales of our platform to large enterprise and government customers while mitigating the risks associated with serving such customers, our business, financial position and results of operations may suffer.
Our current research and development efforts may not produce successful products or enhancements to our platform that result in significant revenue, cost savings or other benefits in the near future, if at all.
We must continue to dedicate significant financial and other resources to our research and development efforts if we are to maintain our competitive position. However, developing products and enhancements to our platform is expensive and time consuming, and there is no assurance that such activities will result in significant new marketable products or enhancements to our platform, design improvements, cost savings, revenue or other expected benefits. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected.
We may be unable to protect our intellectual property adequately, which could harm our business, financial condition and results of operations.
We believe that our intellectual property is an essential asset of our business. We rely on a combination of patent, copyright, trademark and trade secret laws, as well as confidentiality procedures and contractual provisions, to establish and protect our intellectual property rights in the United States and abroad. The efforts we have taken to protect our intellectual property may not be sufficient or effective, and our trademarks, copyrights and patents may be held invalid or unenforceable. Any U.S. or other patents issued to us may not be sufficiently broad to protect our proprietary technologies. We may not be effective in policing unauthorized use of our intellectual property, and even if we do detect violations, litigation may be necessary to enforce our intellectual property rights. Any enforcement efforts we undertake, including litigation, could be time-consuming and expensive, could divert management's attention and may result in a court determining that our intellectual property rights are unenforceable. If we are not successful in cost-effectively protecting our intellectual property rights, our business, financial condition and results of operations could be harmed.
Claims by others that we infringe their proprietary technology or other rights could harm our business.
Technology companies frequently enter into litigation based on allegations of patent infringement or other violations of intellectual property rights. In addition, patent holding companies seek to monetize patents they have purchased or otherwise obtained. As we face increasing competition and gain an increasingly higher profile, the possibility of intellectual property rights claims against us grows. From time to time, we expect that third parties may assert, claims of infringement of intellectual property rights against us. Third parties may in the future also assert claims against our customers or channel partners, whom our standard license and other agreements obligate us to indemnify against claims that our products infringe the intellectual property rights of third parties. While we intend to increase the size of our patent portfolio, many of our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, future litigation may involve patent holding companies or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. Any claim of intellectual property infringement by a third party, even a claim without merit, could cause us to incur substantial costs defending against such claim, could distract our management from our business and could require us to cease use of such intellectual property. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by the discovery process.
Although third parties may offer a license to their technology or other intellectual property, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, financial condition and results of operations to be materially and adversely affected. In addition, some licenses may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. If a third party does not offer us a license to its technology or other intellectual property on reasonable terms, or at all, we could be enjoined from continued use of such intellectual property. As a result, we may be required to develop alternative, non-infringing technology, which could require significant time (during which we could be unable to continue to offer our affected products, subscriptions or services), effort, and expense and may ultimately not be successful. Furthermore, a successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products, providing certain subscriptions or performing certain services or that requires us to pay substantial damages, royalties or other fees. Any of these events could harm our business, financial condition and results of operations.
We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to attract and retain qualified personnel could harm our business.
Our future success is substantially dependent on our ability to attract, retain and motivate the members of our management team and other key employees throughout our organization. We may not be successful in attracting qualified personnel to fulfill our current or future needs. Our competitors may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. Also, to the extent we hire employees from mature public companies with significant financial resources, we may be subject to allegations that such employees have been improperly solicited, or that they have divulged proprietary or other confidential information or that their former employers own such employees' inventions or other work product.
In addition, we believe that it is important to establish and maintain a corporate culture that facilitates the maintenance and transfer of institutional knowledge within our organization and also fosters innovation, teamwork, a passion for customers and a focus on execution. Our Chief Executive Officer and certain other key members of our management and finance teams have only been working together for a relatively short period of time, and we expect to add additional vice presidents and other members of management in the foreseeable future. If we are not successful in integrating these key employees into our organization, such failure could delay or hinder our product development efforts and the achievement of our strategic objectives, which could adversely affect our business, financial condition and results of operations.
Most of our employees, including some of our executive officers, work for us on an "at-will" basis, which means they may terminate their employment with us at any time. We do not maintain key person life insurance policies on any of our key employees. If one or more of our key employees resigns or otherwise ceases to provide us with their service, our business could be harmed.
If we are unable to maintain successful relationships with our channel partners and technology alliance partners, or if our channel partners or technology alliance partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, financial position and results of operations will be harmed.
In addition to our direct sales force, we rely on our indirect channel partners to sell and support our platform. We expect that sales through channel partners will be a significant percentage of our revenue. We also partner with our technology alliance partners to design go-to-market strategies that combine our platform with products or services provided by our technology alliance partners.
Our agreements with our channel partners and our technology alliance partners are generally non-exclusive, meaning our partners may offer customers products from several different companies, including products that compete with ours. If our channel partners do not effectively market and sell our platform, choose to use greater efforts to market and sell their own products or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our platform may be adversely affected. Our channel partners and technology alliance partners may cease marketing our platform with limited or no notice and with little or no penalty, and new channel partners require extensive training and may take several months or more to achieve productivity. The loss of a substantial number of our channel partners, our possible inability to replace them, or the failure to recruit additional channel partners could materially and adversely affect our results of operations. In addition, sales by channel partners are more likely than direct sales to involve collectability concerns, particularly in developing markets. Our channel partner structure could also subject us to lawsuits or reputational harm if, for example, a channel partner misrepresents the functionality of our platform to customers or violates applicable laws or our corporate policies.
Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our channel partners, and to train our channel partners to independently sell and deploy our platform. If we are unable to maintain our relationships with these channel partners or otherwise develop and expand our indirect sales channel, or if our channel partners fail to perform, our business, financial position and results of operations could be adversely affected.
U.S. federal, state and local government sales are subject to a number of challenges and risks that may adversely impact our business.
Sales to U.S. federal, state, and local governmental agencies have in the past accounted for, and may in the future account for, a significant portion of our revenue. Sales to such government entities are subject to the following risks:
•
|
selling to governmental agencies can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;
|
|
|
•
|
government certification requirements applicable to our products may change and in doing so restrict our ability to sell into the U.S. federal government sector until we have attained the revised certification;
|
|
|
•
|
government demand and payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products and services;
|
|
|
•
|
we sell our software to governmental agencies through our indirect channel partners, and these agencies may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future results of operations; and
|
|
|
•
|
governments routinely investigate and audit government contractors' administrative processes, and any unfavorable audit could result in the government refusing to continue buying our platform, which would adversely impact our revenue and results of operations, or institute fines or civil or criminal liability if the audit uncovers improper or illegal activities.
|
Our failure to adequately protect personal information could have a material adverse effect on our business.
A wide variety of provincial, state, national, and international laws and regulations apply to the collection, use, retention, protection, disclosure, transfer and other processing of personal data. These data protection and privacy-related laws and regulations are evolving and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. Our failure to comply with applicable laws and regulations, or to protect such data, could result in enforcement action against us, including fines, imprisonment of company officials and public censure, claims for damages by customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our operations, financial performance and business. Evolving and changing definitions of personal data and personal information within the European Union, the United States, and elsewhere, especially relating to classification of IP addresses, machine identification, location data and other information, may limit or inhibit our ability to operate or expand our business, including limiting technology alliance partners that may involve the sharing of data. Even the perception of privacy concerns, whether or not valid, may harm our reputation and inhibit adoption of our products by current and future customers.
If the general level of DDOS and advanced cyber-attacks declines, or is perceived by our current or potential customers to have declined, our business could be harmed.
Our business is substantially dependent on enterprises and governments recognizing that DDOS and advanced cyber-attacks are pervasive and are not effectively prevented by legacy security solutions. High visibility attacks on prominent enterprises and governments have increased market awareness of the problem of DDOS and advanced cyber-attacks and help to provide an impetus for enterprises and governments to devote resources to protecting against DDOS and advanced cyber-attacks, such as testing our platform, purchasing it, and broadly deploying it within their organizations. If DDOS and advanced cyber-attacks were to decline, or enterprises or governments perceived that the general level of DDOS and advanced cyber-attacks have declined, our ability to attract new customers and expand our offerings within existing customers could be materially and adversely affected. A reduction in the threat landscape could increase our sales cycles and harm our business, results of operations and financial condition.
We are exposed to the credit risk of some of our distributors and resellers and to credit exposure in weakened markets, which could result in material losses.
Most of our sales are on an open credit basis. Although we have programs in place that are designed to monitor and mitigate these risks, we cannot assure you these programs will be effective in reducing our credit risks, especially as we expand our business internationally. If we are unable to adequately control these risks, our business, results of operations and financial condition could be harmed.
We may acquire other businesses, which could require significant management attention, disrupt our business, dilute stockholder value, and adversely affect our results of operations.
As part of our business strategy, we may acquire or make investments in complementary companies, products or technologies. However, we have not made any large acquisitions to date, and as a result, our ability as an organization to acquire and integrate other companies, products or technologies in a successful manner is unproven. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewed negatively by our customers, analysts and investors. In addition, if we are unsuccessful at integrating such acquisitions or the technologies associated with such acquisitions, our revenue and results of operations could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition or the value of our common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products could reduce our ability to compete and could harm our business.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new products and enhancements to our platform, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in debt financing, the holders of debt would have priority over the holders of common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness. We may also be required to take other actions that would otherwise be in the interests of the debt holders and force us to maintain specified liquidity or other ratios, any of which could harm our business, results of operations, and financial condition. If we need additional capital and cannot raise it on acceptable terms, we may not be able to, among other things:
•
|
develop or enhance our products and subscriptions;
|
|
|
•
|
continue to expand our sales and marketing and research and development organizations;
|
|
|
•
|
acquire complementary technologies, products or businesses;
|
|
|
•
|
expand operations, in the United States or internationally;
|
|
|
•
|
hire, train and retain employees; or
|
|
|
•
|
respond to competitive pressures or unanticipated working capital requirements.
|
Our failure to do any of these things could harm our business, financial condition and results of operations.
If our products do not effectively interoperate with our customers' IT infrastructure, installations could be delayed or cancelled, which would harm our business.
Our products must effectively interoperate with our customers' existing or future IT infrastructure, which often has different specifications, utilizes multiple protocol standards, deploys products from multiple vendors, and contains multiple generations of products that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. If we find errors in the existing software or defects in the hardware used in our customers' infrastructure or problematic network configurations or settings, we may have to modify our software or hardware so that our products will interoperate with our customers' infrastructure. In such cases, our products may be unable to provide significant performance improvements for applications deployed in our customers' infrastructure. These issues could cause longer installation times for our products and could cause order cancellations, either of which would adversely affect our business, results of operations and financial condition. In addition, government and other customers may require our products to comply with certain security or other certifications and standards. If our products are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our products to such customers, or may otherwise be at a competitive disadvantage, either of which would harm our business, results of operations, and financial condition.
Failure to comply with governmental laws and regulations could harm our business.
Our business is subject to regulation by various U.S. federal, state, local and foreign governments. In certain jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties, or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management's attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, results of operations and financial condition.
Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.
In general, under Section 382 of the Internal Revenue Code of 1986, as amended, or the Code, a corporation that undergoes an "ownership change" is subject to limitations on its ability to utilize its pre-change net operating losses, or NOLs, to offset future taxable income. Our existing NOLs may be subject to limitations arising from previous ownership changes, and if we undergo an ownership change, our ability to utilize NOLs could be further limited by Section 382 of the Code. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code. Furthermore, our ability to utilize NOLs of companies that we may acquire in the future may be subject to limitations. There is also a risk that due to regulatory changes, such as suspensions on the use of NOLs, or other unforeseen reasons, our existing NOLs could expire or otherwise be unavailable to offset future income tax liabilities. There is also a risk that due to regulatory changes in the tax rates, the value of our NOLs could change substantially. For these reasons, we may not be able to utilize a material portion of our NOLs, even if we attain profitability.
Risks Related to the Securities Markets and Ownership of Our Common Stock
The price of our common stock may be volatile, and the value of your investment could decline.
Technology stocks have historically experienced high levels of volatility. The trading price of our common stock following the Reorganization may fluctuate substantially, depending on many factors, some of which are beyond our control and may not be related to our operating performance. These fluctuations could cause you to lose all or part of your investment in our common stock. Factors that could cause fluctuations in the trading price of our common stock include the following:
•
|
announcements of new products, services or technologies, commercial relationships, acquisitions or other events by us or our competitors;
|
|
|
•
|
changes in how customers perceive the effectiveness of our platform in protecting against advanced cyber-attacks or other reputational harm;
|
|
|
•
|
price and volume fluctuations in the overall stock market from time to time;
|
|
|
•
|
significant volatility in the market price and trading volume of technology companies in general and of companies in the IT security industry in particular;
|
|
|
•
|
fluctuations in the trading volume of our shares or the size of our public float;
|
|
|
•
|
actual or anticipated changes or fluctuations in our results of operations;
|
|
|
•
|
whether our results of operations meet the expectations of securities analysts or investors;
|
|
|
•
|
actual or anticipated changes in the expectations of investors or securities analysts;
|
|
|
•
|
litigation involving us, our industry, or both;
|
|
|
•
|
regulatory developments in the United States, foreign countries or both;
|
|
|
•
|
general economic conditions and trends;
|
|
|
•
|
major catastrophic events;
|
|
|
•
|
sales of large blocks of our common stock; or
|
|
|
•
|
departures of key personnel.
|
In addition, if the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, results of operations or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us. In the past, following periods of volatility in the market price of a company's securities, securities class action litigation has often been brought against that company. If our stock price is volatile, we may become the target of securities litigation. Securities litigation could result in substantial costs and divert our management's attention and resources from our business. This could have a material adverse effect on our business, results of operations and financial condition.
Sales of substantial amounts of our common stock in the public markets, or the perception that such sales might occur, could reduce the price that our common stock might otherwise attain and may dilute your voting power and your ownership interest in us.
We may issue our shares of common stock or securities convertible into our common stock from time to time in connection with a financing, acquisition or otherwise. Any such issuance could result in substantial dilution to our existing stockholders and cause the trading price of our common stock to decline.
Our securities are illiquid meaning that you may not be able to sell your securities when you wish or for a price you like
.
Although the Registrant is a publicly traded company, the current market for its securities is limited and relatively illiquid. Therefore, you may incur higher trading costs in the form of wider than typical bid-ask spreads and may have difficulty selling a large block of shares in a short period of time.
Our common stock is currently considered a "penny" stock and therefore is subject to limitations on trading
.
Stocks that trade below $5.00 per share and are not listed on a major national securities exchange such as the NYSE or NASDAQ, are subject to restrictions on how broker-dealers may handle such stocks including limitations on solicitation and more onerous record-keeping requirements. As a result, penny stocks tend to have less trading volume and liquidity than stocks which are not subject to penny stock rules. We do not intend to pay dividends for the foreseeable future.
We have never declared or paid any dividends on our common stock. We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the future. As a result, you may only receive a return on your investment in our common stock if the market price of our common stock increases.
We are an "emerging growth company," and we cannot be certain if the reduced disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.
For so long as we remain an "emerging growth company," as defined in the Jumpstart Our Business Startups Act, or the JOBS Act, we may take advantage of certain exemptions from various requirements that are applicable to public companies that are not "emerging growth companies," including not being required to comply with the independent auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. We will remain an "emerging growth company" until the earliest of (i) the last day of the fiscal year following the fifth anniversary of the completion of this offering, (ii) the last day of the first fiscal year in which our annual gross revenue is $1 billion or more, (iii) the date on which we have, during the previous rolling three-year period, issued more than $1 billion in non-convertible debt securities or (iv) the date on which we are deemed to be a "large accelerated filer" as defined in the Exchange Act. We cannot predict if investors will find our common stock less attractive because we may rely on these exemptions. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock, and our stock price may be more volatile and may decline.
We are obligated to implement and maintain proper and effective internal control over financial reporting. We may not complete our analysis of our internal control over financial reporting in a timely manner, or these internal controls may not be determined to be effective, which may adversely affect investor confidence in our company and, as a result, the value of our common stock.
We are required, pursuant to the Exchange Act, to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting. This assessment needs to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting.
We are currently evaluating our internal controls, identifying and remediating deficiencies in those internal controls and documenting the results of our evaluation, testing and remediation. We may not be able to complete our evaluation, testing and any required remediation in a timely fashion. During the evaluation and testing process, if we identify one or more material weaknesses in our internal control over financial reporting that we are unable to remediate before the end of the same fiscal year in which the material weakness is identified, we will be unable to assert that our internal controls are effective. If we are unable to assert that our internal control over financial reporting is effective, or if our auditors, when required, are unable to attest to management's report on the effectiveness of our internal controls, we could lose investor confidence in the accuracy and completeness of our financial reports, which would cause the price of our common stock to decline.
As a public company, we will be required to disclose material changes made in our internal control and procedures on a quarterly basis. However, our independent registered public accounting firm will not be required to formally attest to the effectiveness of our internal control over financial reporting pursuant to Section 404 of the Sarbanes-Oxley Act until the later of the year following our first annual report required to be filed with the SEC or the date we are no longer an "emerging growth company" as defined in the JOBS Act, if we take advantage of the exemptions contained in the JOBS Act. To comply with the requirements of being a public company, we may need to undertake various actions, such as implementing new internal controls and procedures and hiring accounting or internal audit staff
If securities or industry analysts do not publish research or reports about our business, or publish inaccurate or unfavorable research reports about our business, our share price and trading volume could decline.
The trading market for our common stock will, to some extent, depend on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If one or more of the analysts who cover us should downgrade our shares or change their opinion of our shares, our share price would likely decline. If one or more of these analysts ceases coverage of our company or fails to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our share price or trading volume to decline.
There may be other risks which the Company has not identified which could negatively affect the value of your investment in the Company.
While we believe that the risks identified herein are the major risks we face, there are likely other risks which could occur and negatively affect the value of your investment in the company. Therefore, you should only purchase our securities if you are able to afford to lose part or all of the value of your investment.
Our officers, directors and principal stockholders own a large percentage of our issued and outstanding shares and other stockholders have little or no ability to elect directors or influence corporate matters
As of March 30, 2018, our officers, directors and principal stockholders were deemed to the beneficial owners of approximately 55% of our issued and outstanding shares of Common Stock, including Series A Preferred Stock and warrants on an "as converted" basis. As a result, such persons will able to determine the outcome of any actions taken by us that require stockholder approval. For example, they will be able to elect all of our directors and control the policies and practices of the Registrant.
We have the ability to issue additional shares of common stock and to issue shares of preferred stock without stockholder approval
The Company is authorized to issue up to 200,000,000 shares of Common Stock, 77,610,171 of which have been issued and are outstanding. The Company is also authorized to issue up to 5,000,000 shares of Preferred Stock, 3,783,818 of which have been issued and 3,639,783 are outstanding, and all of which have been designated as Series A Preferred Stock. To the extent of such authorization, the officers of the Registrant have the ability, without seeking stockholder approval, to issue additional shares of Common Stock in the future for such consideration as they believe to be sufficient. The issuance of additional Common Stock in the future will reduce the proportionate ownership and voting power of the Registrant's current stockholders.
The shares of common stock available for sale in the future could adversely affect the market price for the Company's common stock.
Of the 77,610,171 shares of Common Stock outstanding, approximately 33,121,000 shares are freely tradable if held by non-affiliates or eligible for resale under Rule 144 promulgated under the Securities Act of 1933, as amended, if held by affiliates. Sales of substantial amounts of this Common Stock in the public market could adversely affect the market price for the Registrant's common stock. The approximately 44,481,000 remaining shares will become available for sale under Rule 144 around within one year if held by non-affiliates, and the availability of those shares for sale could also adversely affect the market price for the Registrant's Common Stock. In addition, the Registrant's outstanding shares of Series A Preferred Stock are convertible into shares of the Registrant's Common Stock at the rate of 10 shares (subject to certain anti-dilution adjustments) of Common Stock for each one share of Series A Preferred Stock. If the Series A Preferred Stock is converted, and the shares are placed for sale, such sales could adversely affect the market price for the Registrant's Common Stock.