0001777319
false
FY
P3Y
P5Y
0
0
0
0
0001777319
2022-01-01
2022-12-31
0001777319
2022-06-30
0001777319
2023-03-27
0001777319
2021-01-01
2021-12-31
0001777319
2022-12-31
0001777319
2021-12-31
0001777319
CISO:SecurityManagedServicesMember
2022-01-01
2022-12-31
0001777319
CISO:SecurityManagedServicesMember
2021-01-01
2021-12-31
0001777319
CISO:ProfessionalServicesMember
2022-01-01
2022-12-31
0001777319
CISO:ProfessionalServicesMember
2021-01-01
2021-12-31
0001777319
CISO:CostofPayrollMember
2022-01-01
2022-12-31
0001777319
CISO:CostofPayrollMember
2021-01-01
2021-12-31
0001777319
CISO:StockbasedCompensationMember
2022-01-01
2022-12-31
0001777319
CISO:StockbasedCompensationMember
2021-01-01
2021-12-31
0001777319
us-gaap:CommonStockMember
2021-12-31
0001777319
us-gaap:PreferredStockMember
2021-12-31
0001777319
us-gaap:AdditionalPaidInCapitalMember
2021-12-31
0001777319
us-gaap:AccumulatedOtherComprehensiveIncomeMember
2021-12-31
0001777319
us-gaap:RetainedEarningsMember
2021-12-31
0001777319
us-gaap:CommonStockMember
2020-12-31
0001777319
us-gaap:PreferredStockMember
2020-12-31
0001777319
us-gaap:AdditionalPaidInCapitalMember
2020-12-31
0001777319
us-gaap:AccumulatedOtherComprehensiveIncomeMember
2020-12-31
0001777319
us-gaap:RetainedEarningsMember
2020-12-31
0001777319
2020-12-31
0001777319
us-gaap:CommonStockMember
2022-01-01
2022-12-31
0001777319
us-gaap:PreferredStockMember
2022-01-01
2022-12-31
0001777319
us-gaap:AdditionalPaidInCapitalMember
2022-01-01
2022-12-31
0001777319
us-gaap:AccumulatedOtherComprehensiveIncomeMember
2022-01-01
2022-12-31
0001777319
us-gaap:RetainedEarningsMember
2022-01-01
2022-12-31
0001777319
us-gaap:CommonStockMember
2021-01-01
2021-12-31
0001777319
us-gaap:PreferredStockMember
2021-01-01
2021-12-31
0001777319
us-gaap:AdditionalPaidInCapitalMember
2021-01-01
2021-12-31
0001777319
us-gaap:AccumulatedOtherComprehensiveIncomeMember
2021-01-01
2021-12-31
0001777319
us-gaap:RetainedEarningsMember
2021-01-01
2021-12-31
0001777319
us-gaap:CommonStockMember
2022-12-31
0001777319
us-gaap:PreferredStockMember
2022-12-31
0001777319
us-gaap:AdditionalPaidInCapitalMember
2022-12-31
0001777319
us-gaap:AccumulatedOtherComprehensiveIncomeMember
2022-12-31
0001777319
us-gaap:RetainedEarningsMember
2022-12-31
0001777319
srt:MinimumMember
2022-01-01
2022-12-31
0001777319
srt:MaximumMember
2022-01-01
2022-12-31
0001777319
srt:OfficeBuildingMember
2022-12-31
0001777319
us-gaap:EmployeeStockOptionMember
2022-01-01
2022-12-31
0001777319
us-gaap:EmployeeStockOptionMember
2021-01-01
2021-12-31
0001777319
us-gaap:WarrantMember
2022-01-01
2022-12-31
0001777319
us-gaap:WarrantMember
2021-01-01
2021-12-31
0001777319
us-gaap:ConvertibleDebtMember
2022-01-01
2022-12-31
0001777319
us-gaap:ConvertibleDebtMember
2021-01-01
2021-12-31
0001777319
CISO:CatapultAcquisitionCorporationMember
CISO:VelocITAcquisitionMember
2021-07-25
2021-07-26
0001777319
CISO:CatapultAcquisitionCorporationMember
CISO:VelocITAcquisitionMember
2021-07-26
0001777319
CISO:AtlanticTechnologySystemsIncMember
CISO:StockPurchaseAgreementMember
2021-09-28
2021-10-01
0001777319
CISO:Red74LLCAcquisitionMember
us-gaap:CommonStockMember
2021-10-05
2021-10-08
0001777319
CISO:OceanPointEquitiesIncArkaviaAcquisitionMember
us-gaap:CommonStockMember
2021-11-30
2021-12-01
0001777319
CISO:TrueDigitalSecurityIncAcquisitionMember
2022-01-16
2022-01-19
0001777319
CISO:CatapultAcquisitionCorporationMember
2022-01-01
2022-12-31
0001777319
CISO:AtlanticTechnologySystemsIncMember
2022-01-01
2022-12-31
0001777319
CISO:Red74LLCAcquisitionMember
2022-01-01
2022-12-31
0001777319
CISO:OceanPointEquitiesIncArkaviaAcquisitionMember
2022-01-01
2022-12-31
0001777319
CISO:TrueDigitalSecurityIncAcquisitionMember
2022-01-01
2022-12-31
0001777319
CISO:CreatrixIncAcquisitionMember
2022-01-01
2022-12-31
0001777319
CISO:CUATROiAcquisitionMember
2022-01-01
2022-12-31
0001777319
CISO:NLTSecureAcquisitionMember
2022-01-01
2022-12-31
0001777319
CISO:CatapultAcquisitionCorporationMember
2021-07-25
2021-07-26
0001777319
CISO:CatapultAcquisitionCorporationMember
2021-07-26
0001777319
CISO:TechvilleMember
us-gaap:TradeNamesMember
2021-07-26
0001777319
CISO:TrueDigitalSecurityIncMember
CISO:IntellectualPropertyTechnologyMember
2021-07-26
0001777319
CISO:TrueDigitalSecurityIncMember
us-gaap:NoncompeteAgreementsMember
2021-07-26
0001777319
CISO:TrueDigitalSecurityIncMember
2021-07-26
0001777319
CISO:AtlanticTechnologySystemsMember
2021-09-28
2021-10-01
0001777319
CISO:AtlanticTechnologySystemsMember
2021-10-01
0001777319
CISO:AtlanticTechnologySystemsMember
us-gaap:TradeNamesMember
2021-10-01
0001777319
CISO:AtlanticTechnologySystemsMember
CISO:IntellectualPropertyTechnologyMember
2021-10-01
0001777319
CISO:AtlanticTechnologySystemsMember
us-gaap:NoncompeteAgreementsMember
2021-10-01
0001777319
CISO:Red74LLCAcquisitionMember
2021-10-05
2021-10-08
0001777319
CISO:Red74LLCAcquisitionMember
2021-10-08
0001777319
CISO:TechvilleMember
us-gaap:TradeNamesMember
2021-10-08
0001777319
CISO:TrueDigitalSecurityIncMember
CISO:IntellectualPropertyTechnologyMember
2021-10-08
0001777319
CISO:Red74LLCAcquisitionMember
CISO:CustomerBaseMember
2021-10-08
0001777319
CISO:TrueDigitalSecurityIncMember
us-gaap:NoncompeteAgreementsMember
2021-10-08
0001777319
CISO:TrueDigitalSecurityIncMember
2021-10-08
0001777319
CISO:OceanPointEquitiesIncArkaviaAcquisitionMember
2021-11-30
2021-12-01
0001777319
CISO:OceanPointEquitiesIncArkaviaAcquisitionMember
2021-12-01
0001777319
CISO:TechvilleMember
us-gaap:TradeNamesMember
2021-12-01
0001777319
CISO:TrueDigitalSecurityIncMember
CISO:IntellectualPropertyTechnologyMember
2021-12-01
0001777319
CISO:OceanPointEquitiesIncArkaviaAcquisitionMember
CISO:CustomerBaseMember
2021-12-01
0001777319
CISO:TrueDigitalSecurityIncMember
us-gaap:NoncompeteAgreementsMember
2021-12-01
0001777319
CISO:TrueDigitalSecurityIncMember
2021-12-01
0001777319
CISO:TrueDigitalSecurityIncAcquisitionMember
2022-01-04
2022-01-05
0001777319
CISO:TrueDigitalSecurityIncAcquisitionMember
2022-01-05
0001777319
CISO:TechvilleMember
us-gaap:TradeNamesMember
2022-01-05
0001777319
CISO:TrueDigitalSecurityIncMember
CISO:IntellectualPropertyTechnologyMember
2022-01-05
0001777319
CISO:TrueDigitalSecurityIncMember
us-gaap:NoncompeteAgreementsMember
2022-01-05
0001777319
CISO:TrueDigitalSecurityIncMember
2022-01-05
0001777319
CISO:CreatrixIncAcquisitionMember
2022-06-01
2022-06-02
0001777319
CISO:CreatrixIncAcquisitionMember
2022-06-02
0001777319
CISO:CUATROiAcquisitionMember
2022-08-24
2022-08-25
0001777319
CISO:CUATROiAcquisitionMember
2022-08-25
0001777319
CISO:CUATROiAcquisitionMember
CISO:CustomerBaseMember
2022-08-25
0001777319
CISO:NLTSecureAcquisitionMember
2022-08-30
2022-09-02
0001777319
CISO:NLTSecureAcquisitionMember
2022-09-02
0001777319
us-gaap:ComputerEquipmentMember
2022-12-31
0001777319
us-gaap:ComputerEquipmentMember
2021-12-31
0001777319
us-gaap:BuildingMember
2022-12-31
0001777319
us-gaap:BuildingMember
2021-12-31
0001777319
us-gaap:LeaseholdImprovementsMember
2022-12-31
0001777319
us-gaap:LeaseholdImprovementsMember
2021-12-31
0001777319
us-gaap:VehiclesMember
2022-12-31
0001777319
us-gaap:VehiclesMember
2021-12-31
0001777319
us-gaap:FurnitureAndFixturesMember
2022-12-31
0001777319
us-gaap:FurnitureAndFixturesMember
2021-12-31
0001777319
us-gaap:SoftwareDevelopmentMember
2022-12-31
0001777319
us-gaap:SoftwareDevelopmentMember
2021-12-31
0001777319
2022-01-01
2022-09-30
0001777319
us-gaap:TrademarksAndTradeNamesMember
2022-12-31
0001777319
CISO:CustomerBaseMember
2022-12-31
0001777319
us-gaap:NoncompeteAgreementsMember
2022-12-31
0001777319
us-gaap:IntellectualPropertyMember
2022-12-31
0001777319
us-gaap:TrademarksAndTradeNamesMember
2021-12-31
0001777319
CISO:CustomerBaseMember
2021-12-31
0001777319
us-gaap:NoncompeteAgreementsMember
2021-12-31
0001777319
us-gaap:IntellectualPropertyMember
2021-12-31
0001777319
CISO:IndependentConsultingAgreementMember
CISO:StephenScottMember
2020-08-15
2020-08-31
0001777319
CISO:IndependentConsultingAgreementMember
CISO:StephenScottMember
2022-01-01
2022-12-31
0001777319
CISO:IndependentConsultingAgreementMember
CISO:StephenScottMember
2021-01-01
2021-12-31
0001777319
us-gaap:UnsecuredDebtMember
2020-12-23
0001777319
us-gaap:UnsecuredDebtMember
2020-12-22
2020-12-23
0001777319
us-gaap:UnsecuredDebtMember
CISO:HensleyandCompanyMember
2021-01-01
2021-12-31
0001777319
us-gaap:UnsecuredDebtMember
2021-12-31
0001777319
CISO:OneYearManagedServicesAgreementMember
CISO:HensleyBeverageCompanyMember
2022-01-01
2022-12-31
0001777319
CISO:OneYearManagedServicesAgreementMember
CISO:HensleyBeverageCompanyMember
2021-01-01
2021-12-31
0001777319
CISO:OneYearManagedServicesAgreementMember
CISO:HensleyBeverageCompanyMember
2022-12-31
0001777319
CISO:OneYearManagedServicesAgreementMember
CISO:HensleyBeverageCompanyMember
2021-12-31
0001777319
CISO:InvestorsMember
2022-01-01
2022-12-31
0001777319
CISO:InvestorsMember
2021-01-01
2021-12-31
0001777319
CISO:InvestorsMember
2021-01-01
2021-12-31
0001777319
CISO:ConsultantsMember
2022-01-01
2022-12-31
0001777319
CISO:ConsultantsMember
2021-01-01
2021-12-31
0001777319
us-gaap:IPOMember
CISO:UnderwriterMember
2022-01-17
2022-01-18
0001777319
us-gaap:IPOMember
CISO:UnderwriterMember
2022-01-18
0001777319
us-gaap:WarrantMember
2021-12-31
0001777319
us-gaap:WarrantMember
2022-01-01
2022-12-31
0001777319
us-gaap:WarrantMember
2022-12-31
0001777319
srt:MaximumMember
2022-10-17
0001777319
CISO:TwoThousandNineteenEquityIncentivePlanMember
2022-01-01
2022-12-31
0001777319
CISO:TwoThousandNineteenEquityIncentivePlanMember
2021-01-01
2021-12-31
0001777319
srt:MinimumMember
2021-01-01
2021-12-31
0001777319
srt:MaximumMember
2021-01-01
2021-12-31
0001777319
CISO:MaximSettlementAgreementMember
2021-12-31
0001777319
CISO:MaximSettlementAgreementMember
2022-01-01
2022-12-31
0001777319
srt:DirectorMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansOneMember
srt:MinimumMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansOneMember
srt:MaximumMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansOneMember
2022-12-31
0001777319
CISO:TermLoansOneMember
2021-12-31
0001777319
CISO:TermLoansTwoMember
srt:MinimumMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansTwoMember
srt:MaximumMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansTwoMember
2022-12-31
0001777319
CISO:TermLoansTwoMember
2021-12-31
0001777319
us-gaap:BridgeLoanMember
2022-12-31
0001777319
us-gaap:BridgeLoanMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansOneMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansOneMember
2021-01-01
2021-12-31
0001777319
CISO:TermLoansTwoMember
2022-01-01
2022-12-31
0001777319
CISO:TermLoansTwoMember
2021-01-01
2021-12-31
0001777319
CISO:ConvertibleNotePayableMember
2020-12-23
0001777319
CISO:ConvertibleNotePayableMember
2020-12-23
2020-12-23
0001777319
2020-01-01
2020-12-31
0001777319
CISO:ConvertibleNotePayableMember
2022-01-01
2022-12-31
0001777319
CISO:ConvertibleNotePayableMember
2021-01-01
2021-12-31
0001777319
CISO:ConvertibleNotePayableMember
2021-10-27
0001777319
CISO:ConvertibleNotePayableMember
2021-10-27
2021-10-27
0001777319
CISO:ConvertibleNotePayableMember
2022-03-10
2022-03-10
0001777319
CISO:ConvertibleNotePayableMember
2022-12-31
0001777319
CISO:ConvertibleNotePayableMember
2021-12-31
0001777319
CISO:UnsecuredConvertibleNotePayableMember
2022-06-30
0001777319
CISO:UnsecuredConvertibleNotePayableMember
2022-06-30
0001777319
CISO:UnsecuredConvertibleNotePayableMember
2022-01-01
2022-12-31
0001777319
CISO:UnsecuredConvertibleNotePayableMember
2022-12-31
0001777319
CISO:OffsettingROUMember
2022-12-31
0001777319
CISO:OffsettingROUMember
2021-12-31
0001777319
CISO:DomesticMember
2022-12-31
0001777319
CISO:DomesticMember
2021-12-31
0001777319
country:CL
2022-12-31
0001777319
country:CL
2021-12-31
0001777319
country:PE
2022-12-31
0001777319
country:PE
2021-12-31
0001777319
country:CO
2022-12-31
0001777319
country:CO
2021-12-31
0001777319
us-gaap:SalesRevenueNetMember
us-gaap:CustomerConcentrationRiskMember
CISO:NoSingleCustomerMember
2022-01-01
2022-12-31
0001777319
us-gaap:SalesRevenueNetMember
us-gaap:CustomerConcentrationRiskMember
CISO:OneClientsMember
2021-01-01
2021-12-31
0001777319
country:US
2022-01-01
2022-12-31
0001777319
country:US
2021-01-01
2021-12-31
0001777319
country:CL
2022-01-01
2022-12-31
0001777319
country:CL
2021-01-01
2021-12-31
0001777319
CISO:AllOtherCountriesMember
2022-01-01
2022-12-31
0001777319
CISO:AllOtherCountriesMember
2021-01-01
2021-12-31
0001777319
country:US
2022-12-31
0001777319
country:US
2021-12-31
0001777319
CISO:AllOtherCountriesMember
2022-12-31
0001777319
CISO:AllOtherCountriesMember
2021-12-31
0001777319
us-gaap:ForeignCurrencyGainLossMember
2021-12-31
0001777319
us-gaap:ForeignCurrencyGainLossMember
2022-01-01
2022-12-31
0001777319
us-gaap:ForeignCurrencyGainLossMember
2022-12-31
0001777319
srt:MinimumMember
CISO:BellBankNoteMember
2022-12-13
2022-12-14
0001777319
srt:MaximumMember
CISO:BellBankNoteMember
2022-12-13
2022-12-14
0001777319
CISO:CedarAdvanceLLCMember
CISO:CashAdvanceAgreementMember
us-gaap:SubsequentEventMember
2023-03-15
2023-03-15
0001777319
us-gaap:SubsequentEventMember
CISO:CashAdvanceAgreementMember
2023-03-15
2023-03-15
0001777319
us-gaap:SubsequentEventMember
CISO:PurchaseAgreementMember
2023-03-20
0001777319
us-gaap:SubsequentEventMember
CISO:PurchaseAgreementMember
2023-03-20
2023-03-20
0001777319
us-gaap:SubsequentEventMember
2025-03-20
2025-03-20
0001777319
us-gaap:SubsequentEventMember
2023-03-20
0001777319
us-gaap:SubsequentEventMember
2023-03-20
2023-03-20
0001777319
us-gaap:SubsequentEventMember
CISO:LetterAgreementMember
CISO:NeilStinchcombeMember
2023-03-27
0001777319
us-gaap:SubsequentEventMember
CISO:LetterAgreementMember
CISO:NeilStinchcombeMember
2023-03-27
2023-03-27
0001777319
us-gaap:SubsequentEventMember
2023-03-29
0001777319
us-gaap:SubsequentEventMember
srt:MinimumMember
2023-03-29
iso4217:USD
xbrli:shares
iso4217:USD
xbrli:shares
xbrli:pure
PART
I
ITEM
1. BUSINESS
Unless
otherwise indicated or the context requires otherwise, the terms “we,” “us,” “our,” and “our
company” refer to Cerberus Cyber Sentinel Corporation, a Delaware corporation, and our wholly owned subsidiaries. Unless otherwise specified, all dollar amounts are expressed in United States dollars.
Our
Business
General
We
are a cybersecurity and compliance company comprised of highly trained and seasoned security professionals who work with clients to enhance
or create a better cyber posture in their organization. Cybersecurity, also known as computer security or information technology security,
is the protection of computer systems and networks from information disclosure, theft of or damage to their hardware, software, or electronic
data, as well as from the disruption or misdirection of the services they provide. The cybersecurity industry has a supply and demand
issue wherein there is more demand for cybersecurity services than there are expert and seasoned compliance and cybersecurity professionals
available in the market. We seek to identify, attract, and retain highly skilled cyber and compliance teams and bring them together to
provide holistic cyber services. We accomplish this through acquisitions, direct hiring, and incentivizing employees with stock options
to help retain them. On an ongoing basis, we seek to identify cyber talent that is culturally aligned and that offers operating leverage
through both existing customer revenue and relationships. We have invested in enterprise solutions and executive talent to integrate
our different organizations into an ecosystem that works together to provide complete and holistic cybersecurity through cross pollination
of solutions. The ecosystem is intended to provide additional revenue opportunities and drive overall recurring revenue.
We
emphasize to clients the critical nature of having their work force create a continuously aware security culture. Once engaged, we strive
to become the trusted advisors for customers’ cybersecurity and compliance needs by providing tailored security solutions based
upon their organizational needs. We do not focus on selling cybersecurity products; we are product-agnostic so that we can provide solutions
that fit the customer’s security needs, financial realities, and future strategy. Our approach is to evaluate the client’s
organization holistically, identify compliance requirements, and secure the infrastructure while helping to create a culture of security.
We
provide a full range of cybersecurity consulting and related services, encompassing all three pillars of compliance, cybersecurity, and
culture. Our services include compliance services, secured managed services, security operations center (“SOC”) services,
virtual Chief Information Security Officer (“vCISO”) services, incident response, certified forensics, technical assessments,
and cybersecurity training. We believe that culture is the foundation of every successful cybersecurity and compliance program. To deliver
that outcome, we developed our unique offering of MCCP+ (“Managed Compliance & Cybersecurity Provider + Culture”), which
is the only holistic solution that provides all three of these pillars under one roof from a dedicated team of subject matter experts.
In contrast to the majority of cybersecurity firms that are focused on a specific technology or service, we seek to differentiate ourselves
by remaining technology agnostic, focusing on accumulating highly sought-after topic experts. We continually seek to identify and acquire
cybersecurity talent to expand our service scope and geographical coverage to provide the best possible service for our clients. We believe
that bringing together a world-class team of technological experts with multi-faceted expertise in the critical aspects of cybersecurity
is key to providing technology agnostic solutions to our clients in a business environment that has suffered from a chronic lack of highly
skilled professionals, thereby setting us apart from competitors and in-house security teams. Our goal is to create a culture of security
and to help quantify, define, and capture a return on investment from information technology and cybersecurity spending. Our brand rallies
around the battle cry: “Cyber security is a Culture, not a Product.”
Offering
this set of cybersecurity services allows us to capture more revenue with greater efficiency, facilitating greater profitability and
stronger customer retention. The benefit to our customers is that they receive an efficient engagement from a single provider that covers
a wide range of their needs. This means their challenges are addressed more thoroughly and problems are resolved more rapidly when compared
to working with multiple vendors. This leads to the best possible outcome, which enables our customers to commit to us for the long term.
We
believe that our business model is differentiated from other companies in the industry in that our employees are not consultants; they
are dedicated partners available on a recurring monthly contract. Due to the numerous challenges in hiring experienced cybersecurity
and compliance professionals, assimilating our team of industry and subject matter experts into our clients’ teams is the ideal
solution.
We
are technology agnostic. Whereas, most cybersecurity firms are locked into working with a single technology, we seek to differentiate
ourselves by remaining technology agnostic. This approach enables us to work with any business, no matter what systems or tools they
use. For our customers, the benefit is equally valuable as they are able to choose the best tools and technology for their business needs
without affecting their relationship with us.
We
believe that building a world-class technology team with industry-specific and subject-matter expertise is the key to providing cutting-edge
solutions to our clients. We will continue to identify and acquire cybersecurity talent to expand our scope of services and geographical
footprint to fortify our capability to deliver excellence to our customers. Furthermore, our goal is to stay a step ahead of threat actors
and regulatory obligations to keep our customers safe and compliant.
The
Cybersecurity Challenge
As
the world has become increasingly connected through the Internet and the Internet of Things (“IoT”), cyberattacks have
prevailed and evolved, in different forms, causing uncontainable threats to the integrity and privacy of enterprise and personal
data and resulted in significant economic losses globally. The McKinsey Global Institute has estimated that approximately 127 new
IoT devices connect to the Internet every second. A report published by Cybersecurity Ventures stated that damages from global
cybercrime is predicted to hit $10.5 trillion annually by 2025. Cybersecurity Ventures estimated that a business fell victim to a
ransomware attack every 11 seconds in 2021, up from every 14 seconds in 2019. As a result, ransomware is one of the fastest growing
types of cybercrime. Moreover, an Accenture survey reported that 68% of business leaders feel their cybersecurity risks are
increasing. Cybersecurity Ventures has also predicted that worldwide global cybersecurity spending will exceed $1.75 trillion
cumulatively from the fiscal years 2021 to 2025. The New York Times reported that in 2021 there would be 3.5 million unfilled job
openings in the cybersecurity field. Two years later, despite widespread university and government investments into education programs
and recruitment efforts, the rates are roughly the same. Continued efforts to bridge the workforce and skills gaps simply
can’t keep up with the ongoing increase in demand.
In
response to the increasing economic damage caused by heightened cybersecurity risks, regulatory bodies have pushed the
implementation of new cybersecurity legislations, and cyber insurance companies have increased minimum cybersecurity underwriting
requirements, as well as premium costs. We believe that we are well positioned in a fast-growing industry to provide businesses with a wide scope of
cybersecurity services and with significant opportunities for growth.
Service
Offering
We
currently offer two major types of services to clients including security managed services and professional services.
Security
Managed Services
Our security managed services
include cybersecurity and compliance solutions. Through our consultative approach, we evaluate the cybersecurity posture and ecosystem
of our clients to expose risks, optimize resources and implement best-fit solutions that are tailored to the business and address their
unique challenges.
We
offer multiple services in the security managed services portfolio, including the following:
● |
Compliance:
Our compliance practice ensures the customers are implementing the right
controls, properly prioritizing risks, and investing in the appropriate remediation in order to comply and adhere to applicable industry
standards and guidelines, and manage continuous monitoring over time. We provide the combination of integrated processes and systems,
experienced staff, and innovative technology to help our customers meet those goals. Our seasoned experts possess the stringent industry
certifications and accreditations that indicate their depth of knowledge in security compliance regulations, frameworks, and controls.
As an authorized Federal Risk and Authorization Management Program (“FedRAMP”) vendor, we bring an insider’s perspective
to the process in the following standards: |
|
○ |
FedRAMP: provides standardization
to cloud security for Cloud Service Providers. |
|
○ |
FISMA 2014: codifies the
Department of Homeland Security’s role in administering the implementation of information security policies for federal Executive
Branch civilian agencies, overseeing agencies’ compliance with those policies, and assisting the U.S. Office of Management
and Budget in developing those policies. |
|
○ |
ISO 17021 and ISO 27001:
international standard providing certification bodies with a set of requirements that will enable them to ensure that their management
system certification process is carried out in a competent, consistent, and impartial manner. |
|
○ |
Health Insurance Portability
and Accountability Act (“HIPAA”) and Technology for Economic and Clinical Health Act of 2009: laws regulated by the Department
of Health and Human Services to secure the privacy and confidentiality of protected health information. |
|
○ |
PCI: a standard administered
by the Payment Card Industry Security Standards Council. |
|
○ |
Cybersecurity Framework:
a set of cybersecurity activities, desired outcomes, and applicable informative references common across critical infrastructure
sectors. |
|
○ |
The National Institute
of Standards and Technology (“NIST”): formally known as a National Bureau of Standards, NIST is a federal agency that
promotes and maintains measurement standards while encouraging and assisting industry and science to develop and use these standards. |
|
○ |
Cybersecurity Maturity
Model Certification: intended to serve as a verification mechanism to ensure that defense industrial base companies implement appropriate
cybersecurity practices and processes to protect federal contract information and controlled unclassified information within their
unclassified networks. |
|
○ |
General Data Protection
Regulation: intended to standardize data protection law across the single market and give people in a growing digital economy greater
control over how their personal information is used. |
|
○ |
Service Organization 2:
an auditing procedure that focuses on a business’ non- financial reporting controls related to security, availability, processing,
integrity, confidentiality, and privacy of a system. |
|
○ |
Health Information Trust
Alliance comprehensive security framework: developed in collaboration with healthcare, technology, and information security leaders
to create, access, store, and exchange sensitive and/or regulated data. |
● |
Secured
Managed Services: Our team has extensive experience in identifying and remediating security
issues in a holistic fashion to quickly affect change on an organizational scale. We partner with our clients to address the items that
are identified through the course of routine network hygiene or from a security review, penetration test, or incident response. Our remediation
services resolve vulnerabilities that may introduce risk and lead to adverse outcomes if not addressed. Examples of issues that we remediate
include rearchitecting computer networks to minimize attack surface, implementing high security password requirements and multi-factor
authentication, applying missing security patches that expose an organization to security attack, or correcting misconfigurations that
can lead to unauthorized access such. Our services provide customers with a mature methodology for the heavy lifting needed to ensure
that implementing solutions to minimize security risk are done efficiently and effectively. |
|
|
● |
SOC
Managed Services: We offer SOC-as-a-service, which is a subscription-based service that provides
24x7x365 coverage and overwatch including threat monitoring, alerting, validation, and proactive threat hunting to defend against cyber
threats. |
|
|
● |
vCISO
Service: Organizations are in need of a cybersecurity program to reduce cyber risk
to the business, but many do not have the capital resources or knowledge base to hire a Chief Information Security Officer to lead the
effort. We offer this to companies on an ongoing managed service basis as a resource to augment their management team. vCISO services
include road mapping the future state for the client and providing our knowledgeable expertise to help them achieve their security needs. |
Professional
Services
Our professional services include
an extensive portfolio of tailored advisory solutions. Our in-depth and uniquely acquired industry expertise allows us to act as a trusted
advisor of our clients to help them lower their risk profile, minimize cost impact, and meet regulatory compliance demands. We specialize
in:
● |
Incident
Response and Forensics: We focus on identification, investigation, and remediation of cyberattacks. |
|
|
● |
Technical
Assessments: We specialize in advanced cybersecurity assessments that highlight the
skills and experience of our team’s top-tier talent. Our customers love us because we routinely identify issues that no one else
does due to our emphasis on real-world manual testing techniques and custom exploit development to uncover new avenues of attack. Our
approach to penetration testing services strikes the perfect equilibrium between cost, time, and results. The team of highly skilled testers
utilize the same tools and techniques a malicious cybercriminal would use to try to gain unauthorized access to highly guarded corporate
systems and data to evaluate technical controls and quantify business risks in a meaningful way. This level of analysis provides business
leaders the knowledge required to not only understand the impact a successful attack might have on their business operations, but also
can validate the effectiveness of existing security controls and justify additional security related investment. |
|
|
● |
Training:
We provide security awareness training that can build a cyber vigilant
culture by equipping users with the tools and techniques required to spot a potential cyberattack in the early stages. This targets the
root cause for 75% of cyber breach events by starting with a culture of security-first forward thinking. |
|
|
● |
Other
Cybersecurity Services: |
|
◌ |
Cyber Vigilance: Bringing the culture of cybersecurity to an organization is a critical first step of building any resilience to cyber threats. Through our consulting service, we dive into both the cultural and technical aspects of cybersecurity within the organization, providing meaningful recommendations to rapidly improve cybersecurity posture. We help our clients build effective policies and best practices, design or enhance a cybersecurity system, and train the executive management team to foster a top-down culture of cybersecurity in order to facilitate diligent implementation of cybersecurity awareness. |
|
◌ |
Gap
and Risk Assessment: We combine decades of security expertise and in-depth knowledge of how
cyberattackers operate to deliver a thorough security risk gap analysis that identifies real world threats and issues guidance for protection.
We first familiarize ourselves with the customer’s environment, business model, operations, and business drivers to best determine
a customer’s cybersecurity posture in an ever evolving threat landscape. We then use our advanced threat intelligence, data breach
experience, and analytics to accurately assess the customers unique cybersecurity risk based on their “as is” state. We then
operate with a holistic mindset, considering every link in the cybersecurity chain from people, processes, and technology, to determine
their ideal “to be” state, aligned with their business goals, compliance requirements, and risk tolerance. Finally, we collaboratively
devise and develop a strategic cybersecurity plan that takes into account critical priorities to effectively reduce cybersecurity risk
by closing the gap between their “as is” and “to be” states. This comprehensive awareness of internal systems
and policies provides our customers with a clear understanding of their overall risk as well as the strategies and tools they need to
protect their most valuable assets: their data and brand reputation. |
Growth
Strategy
Cybersecurity
service and consulting firms operate on various forms of business models. We do not focus on selling products; we promote a cybersecurity
culture. Our growth strategy focuses on external acquisition and internal scalability to drive that culture within our customers’
organizations. Therefore, our revenue streams mainly come from security managed service and professional service fees. As the cybersecurity
market grows over the years, we continue to see an increasing number of players entering the market with different sets of qualifications.
However, organizations facing cybersecurity issues also usually lack the expertise to identify the right service provider or do not have
the capital resources to hire a qualified CISO. We believe that this is where our growth opportunity lies since the lack of expertise
leads to information asymmetry, which causes additional noise in the cybersecurity marketplace and exposes organizations to greater risks
if found issues are not mitigated with the right group of experts. Furthermore, the industry is in need of highly qualified technology
professionals in the cybersecurity field. A limited pool of talent results in increasing compensation and cost to retain such talent,
which in turn compromises companies’ bottom line profitability and then increases the need to work externally with a partner such
as our company. According to a Cybersecurity Jobs Report released in 2017 by Herjavec Group, unfilled cybersecurity positions were to be
approximately 3.5 million by 2021. It has been our intention to capitalize on this gap as our growth opportunity.
Our
external acquisition strategy targets engineer-owned cybersecurity firms in the top U.S. and international markets with existing revenue
in the range of $2 million to $25 million and profit margin of at least 15% to 25%, although there could be opportunities beyond the
larger end of this range. We expect each acquisition to be strategic and accretive, and we expect to obtain direct access to a pool of
ready-to-deploy and seasoned cybersecurity talent and enhanced access to a larger client base geographically.
Our
internal scalability strategy will focus on exploring and materializing synergies with the acquired targets. With strategic acquisitions,
on the topline, we expect to provide a broadened service offering, which translates into more diverse revenue streams and a larger client
base. We also anticipate that we will be able to broaden our geographical sales coverage and reduce client acquisition costs. We also
intend to synergize best practices across the platform, which will enhance client experience and client loyalty. On the bottom line,
we plan to centralize general and administrative support functions in one location, which will significantly improve net margin for all
the service lines. This will allow our management to focus on sales initiatives and achieve internal operations scalability in a relatively
short period of time. We estimate that with a typical acquisition, we will realize annual savings on centralized operations, generate
additional revenue from upselling to existing clients, and add revenue from new clients. In the long term, we expect to become a pure-play
cybersecurity consolidator in the United States.
Our
Corporate and Acquisition History
We
were formed on March 5, 2019 as a Delaware corporation. Our principal offices are located at 6900 East Camelback Road, Suite 240, Scottsdale,
Arizona 85251.
On October 2, 2019, we filed a registration statement on Form 10-12G with the Securities and Exchange Commission
(“SEC”) to effect registration of our common stock, par value $0.00001 per share, under the Exchange Act. The registration
statement became effective on December 1, 2019.
We have
substantially expanded our business in recent years through a number of acquisitions. The following table sets for certain information
regarding such acquisitions:
Acquired
Company, Location |
|
Type
of Acquisition |
|
Date |
|
Services
Provided by Acquired Company |
|
|
|
|
|
|
|
GenResults,
LLC (“GenResults”)
Arizona(1) |
|
Stock |
|
April 12, 2019 |
|
Cybersecurity services. |
|
|
|
|
|
|
|
VCAB
Six Corporation (“VCAB”)
Texas |
|
Merger |
|
April 12, 2019 |
|
N/A(2) |
|
|
|
|
|
|
|
TalaTek,
LLC (“TalaTek”)
Virginia |
|
Merger |
|
October 1, 2019 |
|
Integrated risk management services, including risk
assessments, IT audits, cybersecurity services, and managed compliance services. |
|
|
|
|
|
|
|
Technologyville,
Inc.
Illinois |
|
Stock |
|
May 25, 2020 |
|
Managed IT services. |
|
|
|
|
|
|
|
Clear
Skies Security, LLC
Georgia |
|
Stock |
|
August 1, 2020 |
|
Security assessment and penetration testing. |
|
|
|
|
|
|
|
Alpine
Security, LLC
Missouri |
|
Merger |
|
December 16, 2020 |
|
Integrated risk management services. |
|
|
|
|
|
|
|
Catapult
Acquisition Corporation (“VelocIT”)
New
Jersey |
|
Merger |
|
August 12, 2021 |
|
Integrated risk management services. |
|
|
|
|
|
|
|
Atlantic
Technology Systems, Inc., and
Atlantic
Technology Enterprises, Inc. (collectively, “Atlantic”)
New
Jersey |
|
Stock |
|
October 1, 2021 |
|
Integrated risk management services. |
|
|
|
|
|
|
|
RED74
LLC (“RED74”)
New
Jersey |
|
Merger |
|
November 9, 2021 |
|
Integrated risk management services. |
|
|
|
|
|
|
|
Ocean
Point Equities, Inc. (“Arkavia”)
Santiago,
Chile |
|
Stock |
|
December 1, 2021 |
|
Cybersecurity services. |
|
|
|
|
|
|
|
True
Digital Security, Inc. (“True Digital”)
New
York
Florida
Oklahoma |
|
Stock |
|
January 19, 2022 |
|
Cybersecurity and compliance. |
|
|
|
|
|
|
|
Creatrix,
Inc.
Tennessee
Maryland |
|
Stock |
|
June 1, 2022 |
|
Identity management, systems integration and software
engineering, biometrics, vetting, credentialing, and case management. |
|
|
|
|
|
|
|
CyberViking,
LLC
Georgia
Oregon |
|
Stock |
|
July 1, 2022 |
|
Application security services, incident response, threat
hunting, and creation and management of security operation centers. |
|
|
|
|
|
|
|
Servicios
Informaticos CUATROi, S.P.A.,
Comercializadora
CUATROi S.P.A.,
CUATROi
Peru, S.A.C., and
CUATROi
S.A.S.
Santiago,
Chile
Bogota,
Columbia, and Lima, Peru
|
|
Stock |
|
August 25, 2022 |
|
Managed services and cybersecurity. |
|
|
|
|
|
|
|
NLT
Networks, S.P.A.,
NLT
Technologias, Limitada,
NLT
Servicios Profesionales, S.P.A., and
White
and Blue Solutions, LLC
Providencia,
Chile
Florida |
|
Stock |
|
September 1, 2022 |
|
Security solutions and managed services. |
RAN
Security
Buenos
Aires, Argentina
Chile,
Peru, Bolivia, and Paraguay |
|
Stock |
|
Expected 2023(3) |
|
Secured managed services. |
| (1) | Prior
to our acquisition of GenResults, GenResults was wholly owned by an entity affiliated with
David G. Jemmett, our Chief Executive Officer and a director of our company. Due to the companies
being under common control, we accounted for the acquisition as a reorganization. |
| (2) | At
the time of the VCAB Merger, VCAB was subject to a bankruptcy proceeding and had minimal
assets, no equity owners, and no liabilities, except for approximately 1,500 holders of Class
5 Allowed General Unsecured Claims and a holder of allowed administrative expenses (collectively
the “Claim Holders”). Pursuant to the terms of the VCAB Merger, and in accordance
with the bankruptcy plan, we issued an aggregate of 2,000,000 shares of our common stock
(the “Plan Shares”) to the Claim Holders as full settlement and satisfaction
of their respective claims. As provided in the bankruptcy plan, the Plan Shares were issued
pursuant to Section 1145 of the United States Bankruptcy Code. We entered into the VCAB Merger
to increase our stockholder base to, among other things, assist us in satisfying the listing
standards of a national securities exchange. |
| (3) | On
January10, 2023, we entered into a definitive agreement for the acquisition of RAN Security, which is expected
to close later in the year, subject to the satisfaction of customary closing conditions, including applicable
regulatory approvals. |
Customers
Our
recent acquisitions have resulted in expansion of our customer base and increased usage within existing customers. None of our customers
individually accounted for more than 10.0% of our consolidated revenue for the year ended December 31, 2022, nor are we dependent upon
a few major customers. One of our customers accounted for an aggregate of 20.4% of our consolidated revenue for the year ended December
31, 2021.
Competition
The
cybersecurity market is highly fragmented. In the top quartile, the market is dominated by several major global players, including IBM
Corporation, Cisco Systems, AVG Technologies, Broadcom, and Dell. The rest of the market is highly competitive without dominant players.
According to MarketsandMarkets.com, North America is expected to continue its hold as the largest market size in the cybersecurity market
through the year 2023. A report from Statista forecasted the cybersecurity market to grow to $345.4 billion by 2026. An increasing awareness
of cyber threats has led to a rising investment in cybersecurity infrastructure worldwide.
We
face direct competition from all small-to-medium-sized cybersecurity service providers nationwide given the broad service scope we currently
provide. Many competitors provide cloud-based services, which means our competition is not restricted by regions. It is critical for
our executive management team to identify and attract strategic acquisition targets in order to strengthen our competitive advantage
as a cybersecurity consolidator, which we believe brings higher service quality, more diverse service scope, and broader geographical
coverage at a lower cost.
Intellectual
Property
We
intend to take appropriate steps to protect our intellectual property. We have registered the trademark “Cyber security is a culture,
not a product,” which has been approved with a registration date of October 29, 2019.
We
have non-disclosure, confidentiality, and license agreements with employees, contractors, customers and other third parties, which limit
access to and use of our proprietary information. Though we rely in part upon these legal and contractual protections, as well as various
procedural safeguards, we believe the skill and ingenuity of our employees, and the functionality and frequent enhancements to our solutions
are more important to maintaining our competitive position in the marketplace.
Government
Regulation
We
are not aware of any specific regulations that govern cybersecurity firms or the areas in which we operate. While there are a few federal
cybersecurity regulations, they govern industries that we serve and exist to focus on specific industries.
Three
of the main cybersecurity regulations are HIPAA, the 1999 Gramm-Leach-Bliley Act, and the 2002 Homeland Security Act, which included
the Federal Information Security Management Act (“FISMA”). The three regulations mandate that healthcare organizations, financial
institutions, and federal agencies, respectively, should protect their systems and information. FISMA, which applies to every government
agency, requires the development and implementation of mandatory policies, principles, standards, and guidelines on information security.
However, the regulations do not address numerous computer related industries, such as Internet Service Providers and software companies.
Furthermore, the regulations do not specify what cybersecurity measures must be implemented and require only a “reasonable”
level of security.
In
addition, the National Cybersecurity Division is another regulatory body that is a division of the Office of Cybersecurity & Communications
within the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
Human
Capital Management
We
believe that our future success will depend, in part, on our continued ability to attract, hire, and retain qualified personnel. In particular,
we depend on the skills, experience, and performance of our senior management and engineering and technical personnel. We compete for
qualified personnel with other cyber security companies and industry experts.
We
provide competitive compensation and benefits programs to help meet the needs of our employees. In addition to salaries, these programs
(which vary by country/region and employment classification) include incentive compensation plan, pension, healthcare and insurance benefits,
paid time off, family leave, and on-site services, among others. We also use targeted equity-based grants with vesting conditions to
facilitate retention of personnel, particularly for our key employees.
The
success of our business is fundamentally connected to the well-being of our people. Accordingly, we are committed to the health and safety
of our employees. In response to the COVID-19 pandemic, we implemented significant changes that we determined were in the best interest
of our employees, as well as the communities in which we operate, and which comply with government regulations. This includes having
employees work from home, while implementing additional safety measures for employees continuing critical on-site work.
Environmental,
Social, and Governance Efforts
Environmental
Commitment
We
are committed to protecting the environment and attempt to mitigate any negative impact of our operations. We monitor resource use, improve
efficiency, and at the same time reduce our emissions and waste.
Social
Responsibility
We
are a trusted cybersecurity expert providing safe, efficient, and sustainable services to our existing and new communities. Our success
is the direct result of the dedication and strength of our team and promotes equity, diversity, integrity, inclusion, reliability and
accountability. We believe that a combination of diverse team members and an inclusive culture contributes to our success. Each member
is a valued part of our team bringing a diverse perspective to help grow business and achieve our goals. Our tradition of serving employees,
customers, and investors is at the core of our culture. For third-party vendor selection and oversight, we have standard operating procedures
that apply to employees and subcontractors who, on our behalf, oversee and conduct technical protocols.
Employees
As
of December 31, 2022, we had 449 employees, of which 443 were full-time. In addition, we utilize independent contractors for projects
of short duration or where specialized knowledge or experience is needed for a complex project. We are not dependent on any independent
contractor, and we believe adequate replacements would be available in the event any such independent contractor becomes unavailable
to us. We believe our relations with our employees is good.
Available
Information
Our
Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, our proxy and information statements and all
amendments to those reports will be available free of charge through our website at www.ciso.inc as soon as practicable after such material
is electronically filed with, or furnished to, the SEC. Except as otherwise stated in these documents, the information contained on our
website or available by hyperlink from our website is not incorporated by reference into this report or any other documents we file,
with or furnish to, the SEC.
Implications
of Being an Emerging Growth Company
We
qualify as an “emerging growth company” as the term is used in The Jumpstart Our Business Startups Act of 2012 (the “JOBS
Act”), and therefore, we may take advantage of certain exemptions from various public company reporting requirements, including:
|
● |
a
requirement to only have two years of audited financial statements and only two years of related selected financial data and management’s
discussion and analysis; |
|
|
|
|
● |
exemption
from the auditor attestation requirement on the effectiveness of our internal controls over financial reporting; |
|
|
|
|
● |
reduced
disclosure obligations regarding executive compensation; and |
|
|
|
|
● |
exemptions
from the requirements of holding a nonbinding advisory stockholder vote on executive compensation and any golden parachute payments. |
We
may take advantage of these provisions for up to five years or such earlier time that we are no longer an emerging growth company. We
would cease to be an emerging growth company if we have more than $1.07 billion in annual revenue, issue more than $1.0 billion of non-convertible
debt over a three-year period, or become a large accelerated filer. So long as we remain an emerging growth company, we may choose to
take advantage of some, but not all, of the available benefits of the JOBS Act. We have taken advantage of some of the reduced reporting
requirements in our filings. Accordingly, the information contained herein may be different than the information you receive from other
public companies in which you hold stock. In addition, the JOBS Act provides that an emerging growth company can delay adopting new or
revised accounting standards until such time as those standards apply to private companies. We have elected to avail ourselves of this
exemption from new or revised accounting standards and, therefore, we will not be subject to the same new or revised accounting standards
as other public companies that are not emerging growth companies.
ITEM
1A. RISK FACTORS
An
investment in our common stock involves a number of very significant risks. Readers of this Annual Report on Form 10-K should carefully
consider the following risks and uncertainties in addition to other information in this Annual Report on Form 10-K in evaluating our
company and its business before purchasing shares of our common stock. Our business, operating results and financial condition could
be seriously harmed due to any of the following risks. An investor in our common stock could lose all or part of their investment due
to any, or a combination of these risks.
Risk
Factor Summary
Risks
Related to Our Business and Industry
| ● | We
will need to raise capital in order to realize our business plan and growth strategy, the
failure of which could adversely impact our operations. |
| ● | We
incurred significant operating losses during the years ended December 31, 2022 and December
31, 2021, and we have limited cash flow. Unless we increase revenue and cash flow or raise
additional capital, we may be unable to take advantage of any acquisition opportunities that
arise or expand our business, all of which could adversely impact us. |
| ● | We
will need to grow the size and capabilities of our organization, and we may experience difficulties
in managing this growth. |
| ● | We
depend on key personnel who would be difficult to replace, and our business plans will likely
be harmed if we lose their services or cannot hire additional qualified personnel. |
| ● | We
operate in an industry that is experiencing a shortage of qualified compliance and cybersecurity
professionals. If we are unable to recruit and retain key management and technical and sales
personnel, our business would be negatively affected. |
| ● | We
depend on independent contractors to provide certain services for which we do not have the
expertise internally. Any compromise in the service quality may delay our business processes
and cause economic loss. |
| ● | We
have recently acquired multiple businesses. Our growth strategy is driven by successful acquisitions
and integration of additional businesses that provide comparable or complementary services.
Our ability to grow is limited if we fail to identify and consummate acquisitions. |
| ● | We
intend to grow our client base significantly through acquisitions of other service providers.
If we fail to retain existing clients and attract new clients through acquisitions, we may
never achieve profitability. |
| ● | Our
business strategy may impose limitations in our ability to accurately forecast future revenue
and operating results. |
| ● | Our
future results may be affected by various legal and regulatory proceedings and legal compliance
risks, including those involving intellectual property, governmental regulations, the U.S.
Foreign Corrupt Practices Act, and other anti-bribery, anti-corruption, or other matters. |
| ● | We
are subject to risks from operating internationally. |
| ● | Our
operations in certain emerging markets expose us to political, economic and regulatory risks. |
| ● | Adverse
economic conditions in the United States and international economies may adversely impact our business
operating units. |
| ● | Breaches
of network or information technology security could have an adverse effect on our business. |
| ● | If
we fail to meet our service level obligations under our service level agreements, we may
be subject to certain penalties and could lose clients. |
| ● | The
nature of our business involves significant risks and uncertainties that may not be covered
by insurance or indemnification. |
| ● | We
indemnify our officers and directors against liability to us and our security holders, and
such indemnification could increase our operating costs. |
| ● | Our
industry is highly competitive, and there is no assurance that we will compete successfully. |
| ● | Our
success depends on our ability to protect our intellectual property and our proprietary technologies. |
| ● | Increasingly
complex cybersecurity regulations and standards may have significant impact on our business,
and it may require us to substantially invest in our development capabilities to meet compliance
requirements and may negatively impact our ability to offer certain services and remain profitable. |
| ● | We
may become subject to disputes, including litigation, that could negatively impact our business,
profitability, and financial condition. |
| ● | If
we incur additional debt, we will be subject to restrictive covenants and debt service obligations
that could negatively impact our operations. |
| ● | The requirements of being a public company, including compliance with the reporting requirements of the Exchange Act and the requirements
of the Sarbanes-Oxley Act and Nasdaq, may strain our resources, increase our costs and divert management’s attention, and we may
be unable to comply with these requirements in a timely or cost-effective manner. |
| ● | The
preparation of our financial statements involves use of estimates, judgments, and assumptions,
and our financial statements may be materially affected if our estimates prove to be inaccurate. |
| ● | The auditor’s opinion on our audited financial statements for the year ended December 31, 2022, included in this annual report on
Form 10-K, contain an explanatory paragraph relating to our ability to continue as a going concern. |
| | |
Risks Related to Our Common Stock |
| | |
| ● | The
market price of our common stock is volatile and may fluctuate in a way that is disproportionate
to our operating performance. |
| ● | Future
sales of shares of our common stock by existing stockholders could depress the market price
of our common stock. |
| ● | Provisions
in our certificate of incorporation, our by-laws and Delaware law might discourage, delay,
or prevent a change in control of our company or changes in our management and, therefore,
depress the trading price of our common stock. |
| ● | FINRA
sales practice requirements may limit a stockholder’s ability to buy and sell our stock. |
| ● | If
we issue additional shares in the future, it will result in the dilution of our existing
stockholders. |
| ● | Our
directors and executive officers beneficially own a substantial majority of our outstanding
capital stock and will have the ability to control our affairs. |
| ● | We
are eligible to be treated as an “emerging growth company,” as defined in the
JOBS Act, and we cannot be certain if the reduced disclosure requirements applicable to emerging
growth companies will make our common stock less attractive to investors. |
| ● | Our
failure to meet the continued listing requirements of Nasdaq could result in a delisting
of our common stock. |
| ● | We
do not intend to pay dividends on our common stock. |
| ● | Our
business could be negatively impacted by shareholder activism. |
| ● | Our
share price may be volatile, and you may be unable to sell your shares. |
Risks
Related to Our Business and Industry
We
will need to raise capital in order to realize our business plan and growth strategy, the failure of which could adversely impact our
operations.
Our
growth strategy is based upon increasing the number of our clients and our consolidated revenue by making successful acquisitions and
integrating businesses that provide comparable or complementary cyber security services. As of December 31, 2022, our business was not
profitable. Without adequate funding, a significant increase in revenue, and continued successful integration of our acquired targets,
we may not be able to achieve profitability in the existing lines of business and attract further capital. As of March 27, 2023, we had
available cash resources of approximately $4,254,000.
We
expect to continue to finance our operations with available net operating cash flows and will need to raise additional capital in the
future by issuing equity or other forms of securities, which could have significant dilutive impact on the ownership interest of existing
stockholders. Furthermore, any newly issued securities could have rights, preferences, and privileges senior to those of our existing
common stock.
We
may have difficulty obtaining additional funds as and when needed, and we may have to accept terms that would adversely affect our stockholders.
In addition, any adverse conditions in the credit and equity markets may adversely affect our ability to raise funds when needed. Any
failure to achieve adequate funding will delay our acquisition efforts and could lead to abandonment of one or more of our acquisition
initiatives, as well as prevent us from responding to competitive pressures or take advantage of unanticipated acquisition opportunities.
Any additional equity financing will likely be dilutive to stockholders, and certain types of equity financing, if available, may involve
restrictive covenants or other provisions that would limit how we conduct our business or finance our operations.
We
incurred significant operating losses during the years ended December 31, 2022 and December 31, 2021, and we have limited cash flow.
Unless we increase revenue and cash flow or raise additional capital, we may be unable to take advantage of any acquisition opportunities
that arise or expand our business, all of which could adversely impact us.
We
are unable to predict if and when we will be able to generate significant positive cash flow or achieve profitability. Our plan regarding
these matters is to strengthen our revenue and continue improving operational efficiencies across the business. There can be no assurances
that we will be successful in increasing revenue, improving operational efficiencies or that financing will be available or, if available,
that such financing will be available under favorable terms. In the event that we are unable to generate adequate revenue to cover expenses
and cannot obtain additional financing, we may need to cut back or curtail our expansion plans.
We
will need to grow the size and capabilities of our organization, and we may experience difficulties in managing this growth.
As
our acquisition strategies develop, we must carefully integrate managerial, operational, sales, marketing, financial, and other personnel
in the expanded organization and manage costs. Future growth will impose significant added responsibilities on members of management,
including the following:
● |
identifying,
integrating, managing, and motivating qualified employees, particularly strong sales force and cybersecurity talent; |
● |
executing
post-acquisition integration effectively, and managing integration costs; and |
● |
improving
our operational, financial, and management controls, reporting systems, and procedures. |
Our
future financial performance and our ability to commercialize our strategic acquisitions will depend, in part, on our ability to effectively
manage any future growth. Our management may also have to divert a disproportionate amount of its attention away from day-to-day activities
in order to devote a substantial amount of time to managing these growth activities. This lack of long-term experience working together
may adversely impact our senior management team’s ability to effectively manage our business and growth.
We
depend on key personnel who would be difficult to replace, and our business plans will likely be harmed if we lose their services or
cannot hire additional qualified personnel.
Our
success depends substantially on the efforts and abilities of our senior management and executive officers. We currently do not maintain
key man insurance for any of our senior management or key personnel. The competition for qualified management and key personnel is intense.
The loss of services of one or more of our key employees, or the inability to hire, train, and retain key personnel, especially executive
managers with cybersecurity industry knowledge, could delay the execution of new acquisitions and launch of new service programs, disrupt
our business, and interfere with our ability to execute our business plan.
We
operate in an industry that is experiencing a shortage of qualified compliance and cybersecurity professionals. If we are unable to recruit
and retain key management and technical and sales personnel, our business would be negatively affected.
To
execute our growth strategy, we must continue to attract and retain highly skilled compliance and cybersecurity experts. Competition
for these employees is intense, especially for compliance experts and cybersecurity professionals, as there is a global shortage of these
professionals who can provide the technical and strategic skills required for us to deliver high levels of services to our clients and
potential clients. We may not be successful in attracting and retaining qualified employees. We have from time-to-time experienced, and
we expect to continue to experience, difficulty in hiring and retaining highly skilled employees with appropriate qualifications. Many
of the companies with which we compete for these highly skilled employees have greater resources than we have. In addition, in making
employment decisions, particularly in the high- technology industry, job candidates often consider the value of the stock options, restricted
stock grants, or other stock-based compensation they are to receive in connection with their employment. Declines in the value of our
stock could adversely affect our ability to attract or retain key employees and result in increased employee compensation expenses. If
we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects could
be severely harmed.
We
depend on independent contractors to provide certain services for which we do not have the expertise internally. Any compromise in the
service quality may delay our business processes and cause economic loss.
We
currently rely, and for the foreseeable future will continue to rely, in substantial part on certain independent organizations, advisors,
and consultants to provide certain services. There can be no assurance that the services of these independent organizations, advisors,
and consultants will continue to be available to us on a timely basis when needed, or that we can find qualified replacements. In addition,
if we are unable to effectively manage our outsourced activities or if the quality or accuracy of the services provided by consultants
is compromised for any reason, some of our business activities may be delayed or terminated, and we may not be able to mitigate negative
impacts or otherwise advance our business. There can be no assurance that we will be able to manage our existing consultants or find
other competent outside contractors and consultants on economically reasonable terms, if at all. If we are not able to effectively expand
our organization by hiring new employees and expanding our groups of consultants and contractors, we may not be able to successfully
implement the tasks necessary to further expand and, accordingly, may not achieve our business goals.
We
have recently acquired multiple businesses. Our growth strategy is driven by successful acquisitions and integration of additional businesses
that provide comparable or complementary services. Our ability to grow is limited if we fail to identify and consummate acquisitions.
We
have completed the acquisition of certain complementary businesses, and we intend to consider additional potential strategic transactions,
which could involve acquisitions of businesses or assets, joint ventures, or investments in businesses or technologies that expand, complement,
or otherwise relate to our business. We may also consider, from time to time, opportunities to engage in joint ventures or other business
collaborations with third parties. Should our relationships fail to materialize into significant agreements, or should we fail to work
efficiently with these companies, we may lose sales and marketing opportunities and our business, results of operations, and financial
condition could be adversely affected.
Any
business acquisition creates risks such as, among others: (i) the need to integrate and manage the businesses acquired with our own business;
(ii) additional demands on our resources, systems, procedures, and controls; (iii) disruption of our ongoing business; and (iv) diversion
of management’s attention from other business concerns. Moreover, these transactions could involve: (a) substantial investment
of funds or financings by issuance of debt or equity securities; (b) substantial investment with respect to technology transfers and
operational integration; and (c) the acquisition or disposition of lines of businesses. Also, such activities could result in one-time
charges and expenses and have the potential to either dilute the interests of our existing stockholders or result in the issuance of,
or assumption of debt. Such acquisitions, investments, joint ventures, or other business collaborations may involve significant commitments
of financial and other resources. Any such activities may not be successful in generating revenue, income, or other returns, and any
resources we committed to such activities will not be available to us for other purposes. Moreover, if we are unable to access the capital
markets on acceptable terms or at all, we may not be able to consummate acquisitions, or may have to do so on the basis of a less than
optimal capital structure. Our inability to take advantage of growth opportunities or address risks associated with acquisitions or investments
in businesses may negatively affect our operating results.
Additionally,
any impairment of goodwill or other intangible assets acquired in an acquisition or in an investment, or charges to earnings associated
with any acquisition or investment activity, may materially reduce our earnings. Future acquisitions or joint ventures may not result
in their anticipated benefits and we may not be able to properly integrate acquired technologies or businesses with our existing operations
or successfully combine personnel and cultures. Failure to do so could deprive us of the intended benefits of those acquisitions.
We
intend to grow our client base significantly through acquisitions of other service providers. If we fail to retain existing clients and
attract new clients through acquisitions, we may never achieve profitability.
Through
acquisition of other service providers, we will inherit an increasingly larger client base, which creates cross-selling and up-selling
opportunities. We need high-quality service and exemplary client management to retain and grow our client base. We also plan to launch
sales and marketing efforts, including trade show appearances, sales demos, and advertising campaigns in various forms to promote our
brand name. If our marketing efforts do not materialize, we may lose existing clients or fail to obtain new clients. Our inability to
grow sales as we expand in operations may result in continuing losses, and we may not be profitable for an extended period of time. In
addition, even if we are able to make future acquisitions, we will incur additional costs to consummate them, which may result in a shortage
in our capital resources. We may also incur difficulties in integrating new businesses with our current operations.
Our
business strategy may impose limitations in our ability to accurately forecast future revenue and operating results.
Our
operating results are dependent on a variety of factors, including purchasing patterns of our clients, competitive pricing, debt servicing,
and general economic trends. Our revenue and operating results may fluctuate if our sales targets are not met, new service offerings
receive poor client response, or client acquisition costs increase due to competition. In addition to these factors, our acquisition
strategy may impose additional risks to the predictability of our operating results. Revenue streams may be volatile due to the uncertainty
in identifying attractive acquisition candidates and our ability to consummate new acquisitions. Unexpected expenses may be incurred
during due diligence and post-acquisition. Management intends to manage risk carefully with the acquisitions; however, there can be no
assurance that we will be able to identity and consummate acquisitions that improve our results of operations.
Our
future results may be affected by various legal and regulatory proceedings and legal compliance risks, including those involving intellectual
property, governmental regulations, the U.S. Foreign Corrupt Practices Act, and other anti-bribery, anti-corruption, or other matters.
We
may be subject to various legal and regulatory proceedings, and are subject to certain legal compliance risks in the areas of intellectual
property, governmental regulation, U.S. Foreign Corrupt Practices Act, and related anti-bribery and anti-corruption regulations. The
outcome of any such legal proceedings may differ from our expectations because the outcomes of litigation, including regulatory matters,
are often difficult to reliably predict. Various factors or developments can lead us to change current estimates of liabilities and related
insurance requirements where applicable, or make such estimates for matters previously not susceptible of reasonable estimates, such
as a significant judicial ruling or judgment, a significant settlement, significant regulatory developments, or changes in applicable
law. A future adverse ruling, settlement, or unfavorable development could result in future charges that could have a material adverse
effect on our results of operations or cash flows in any particular period.
We
are subject to risks from operating internationally.
We
operate internationally, and our growth strategy depends in part on our ability to expand our operations in foreign markets, including
by way of acquisitions. International operations and business expansion plans are subject to numerous risks, including the following:
● |
the
burden of complying with complex and changing foreign regulatory, tax, accounting and legal requirements; |
● |
political
and economic instability, civil unrest, acts of terrorism, force majeure, war, or other armed conflict, including the current military
conflict between Russia and the Ukraine; |
● |
changes
in U.S. and other national government trade policies affecting the markets for our services; |
● |
changes
in regulatory practices, tariffs and taxes; |
● |
the
need to develop superior products or services, thereby gaining greater market acceptance and expanding their product and service
offerings more efficiently or rapidly; |
● |
Potential
non-compliance with a wide variety of laws and regulations, including anti-corruption, export control and anti-boycott laws and similar
non-U.S. laws and regulations |
● |
increased
sovereign risk, such as defaults by or deterioration in the economies and credit ratings of governments, particularly in emerging
markets; |
● |
logistical
and communication challenges; |
● |
the
interpretation of contractual provisions governed by foreign laws in the event of a contract dispute; and |
● |
currency
exchange rate fluctuations, devaluations and other conversion restrictions. |
Any
of these factors could have a material adverse effect on our reputation, financial condition, results of operations and stock price.
Our
operations in certain emerging markets expose us to political, economic and regulatory risks.
Our
growth strategy depends in part on our ability to expand our operations in emerging markets, including, among others, countries in South
America, and Europe. However, some emerging markets have greater political, economic and currency volatility and greater vulnerability
to infrastructure and labor disruptions than more established markets. In many countries, particularly those with emerging economies,
engaging in business practices prohibited by laws and regulations with extraterritorial reach, such as the Foreign Corrupt Practices
Act of 1977 and the U.K. Bribery Act, or local anti-bribery laws may be more common. These laws generally prohibit companies and their
employees, contractors or agents from making improper payments to government officials, including in connection with obtaining permits
or engaging in other actions necessary to do business. Failure to comply with these laws could subject us to civil and criminal penalties
that could materially and adversely affect our reputation, financial condition, results of operations and stock price. Failure to manage
political, economic and regulatory risks in emerging markets could adversely affect our sales, financial condition, results of operations,
cash flows and stock price.
Adverse
economic conditions in the United States and international economies may adversely impact our business operating units.
General
macro-economic conditions, such as a rise in interest rates, inflation in the cost of goods and services including labor, a recession
or an economic slowdown in the United States or internationally, including as a result of continuing uncertainty from the COVID-19 pandemic
or the Russia-Ukraine military conflict, could adversely affect demand for our services and make it difficult to accurately forecast
and plan our future business activities. U.S. and global markets have recently been experiencing volatility and disruption due to new
interest rate and inflation increases as well as the continued escalation of geopolitical tensions. For example, inflation in the United
States began to rise in the second half of 2021 and have remained at high levels through 2022. Although our business has not yet been
materially negatively impacted by such inflationary pressures, we cannot be certain that neither we nor our customers will be materially
impacted by continued pressures. Additionally, on February 24, 2022, Russian troops engaged in a full-scale military invasion of Ukraine.
Although the length and impact of the ongoing military conflict is highly unpredictable, it could lead to market disruptions, including
significant volatility in commodity prices, credit and capital markets, as well as supply chain interruptions. This military conflict
has led to sanctions and other penalties being levied by the United States and European Union, and other countries against Russia, and
other potential sanctions and penalties have also been proposed and/or threatened. Russian military actions and the resulting sanctions
could adversely affect the global economy and financial markets and lead to instability and lack of liquidity in capital markets, potentially
making it more difficult for us to obtain additional funds. We do not have employees or facilities in Russia or Ukraine, nor do we have
customers and contractors in these locations. Our business has not yet been materially negatively impacted by this military conflict
to date. However, we cannot be certain that this will not impact our position in the credit market or our ability to acquire cybersecurity
businesses in the short and long term.
To
the extent conditions in the domestic and global economy change, our business could be harmed as current and potential customers may
reduce or postpone spending or choose not to purchase or renew our services, which they may consider discretionary. If our customers
face decreased consumer demand, increased regulatory burdens, or more limited access to international markets, we may face a decline
in the demand for our services and our operating results could be adversely impacted.
Uncertain
and adverse economic conditions may also lead to a decline in the ability of our customers to use or access credit, which could adversely
affect our business. In addition, changing economic conditions may also adversely affect third parties with which we have entered into
relationships and upon which we depend in order to grow our business. As a result, we may be unable to continue to grow in the event
of future economic slowdowns.
Breaches
of network or information technology security could have an adverse effect on our business.
Cyber-attacks
or other breaches of network or IT security may cause equipment failures or disrupt the systems and operations of us and our clients.
The potential liabilities associated with these events could exceed the insurance coverage we or our clients maintain, if any. An inability
to operate as a result of such events, even for a limited period of time, may result in significant expenses or loss of market share
to other competitors in the market we serve. In addition, a failure to protect our, or our client’s, enterprises, networks, privacy
of customer, and employee confidential data against breaches of network or IT security could result in damage to our reputation. To date,
we have not been subject to cyber-attacks or other cyber incidents which, individually or in the aggregate, resulted in a material adverse
effect on our business, operating results, or financial condition.
Security
threats to our own IT infrastructure may affect our clients indirectly. A party who is able to compromise the security measures on our
networks or the security of our infrastructure could misappropriate our proprietary information or the personal information of our clients,
cause interruptions or malfunctions in our operations or our clients’ operations, or damage our computers or systems and those
of our clients. As security is a primary competitive factor in our industry, such a compromise could be particularly harmful to our brand
and reputation. We may be required to expend significant resources to protect against such threats or to alleviate problems caused by
breaches in security. As techniques used to breach security change frequently, and are generally not recognized until launched against
a target, we may not be able to implement security measures in a timely manner or, if and when implemented, we may not be able to determine
the extent to which these measures could be circumvented. If we are unable to protect sensitive information, our clients or governmental
authorities could question the adequacy of our threat mitigation and detection processes and procedures. Any breaches that may occur
could expose us to increased risk of lawsuits, regulatory penalties, loss of existing or potential customers, harm to our reputation,
and increases in our security costs, which may not be fully insured or indemnified by other means. Additionally, breaches of our, or
our clients’, systems could similarly result in a loss of confidence in our services or damage to our brand and reputation. Occurrence
of any of these events could have a material adverse effect on our business, financial condition, operating results, or prospects.
Because
our services are aimed at protecting clients from, and limiting the impact of, critical business interruptions and losses related to
cyber-attacks, if our client’s experience losses related to cyber-attacks that result in lost profits or other indirect or consequential
damages to our clients, our clients may expose us to lawsuits. Our service agreements with our clients typically contain provisions limiting
our liability. However, we cannot provide assurances that a court would enforce any contractual limitations on our liability. The outcome
of any such lawsuit would depend on the specific facts of the case and any legal and policy considerations that we may not be able to
mitigate. In such cases, we could be liable for substantial damage awards that may exceed our liability insurance coverage by unknown
but significant amounts, which could materially impair our financial condition.
If
we fail to meet our service level obligations under our service level agreements, we may be subject to certain penalties and could lose
clients.
We
have service level agreements with many of our managed services clients under which we guarantee specified levels of service availability.
These arrangements require us to estimate the level of service we will provide. If we fail to meet our service level obligations under
these agreements, we may be subject to penalties, which could result in higher than expected costs, and we may lose clients, which could
lead to decreased revenue and decreased gross and operating margins. If we fail to meet our service level obligations under these agreements,
our reputation may suffer as a result.
The
nature of our business involves significant risks and uncertainties that may not be covered by insurance or indemnification.
We
provide services in circumstances where insurance or indemnification may be not available to us. Our existing insurance coverages may
not be sufficient or additional insurance may not be available to protect us against operational risks and other uncertainties that we
face. Liabilities or claims arising from our services in excess of any indemnity or insurance coverage (or for which indemnity or insurance
coverage is not available or is not obtained) could harm our financial condition, cash flows, and operating results. Any claim, even
if fully covered or insured, could negatively affect our reputation in the marketplace and make it more difficult for us to compete effectively.
The defense of such claims may be costly and time-consuming and could divert the attention of management.
We
indemnify our officers and directors against liability to us and our security holders, and such indemnification could increase our operating
costs.
Our
certificate of incorporation and bylaws allow us to indemnify our officers and directors against claims associated with carrying out
the duties of their offices. Our bylaws also allow us to reimburse them for the costs of certain legal defenses. Insofar as indemnification
for liabilities arising under the Securities Act may be permitted to our officers, directors, or control persons, the SEC has advised
that such indemnification is against public policy and is therefore unenforceable.
Our
industry is highly competitive, and there is no assurance that we will compete successfully.
Our
current and potential competitors vary by size, service offerings, and geographic location. Competitors include technology companies,
consulting companies, telecommunication companies, technology resellers, hardware and software companies, and others. Many of our competitors
have entrenched relationships in particular industries or have gained a reputation for expertise in a specific sector of the cybersecurity
market, including services, software, and hardware. Primary competitive factors in our market include security, reliability and functionality;
customer service and technical expertise; reputation and brand recognition; financial strength; breadth of products and services offered;
price; and scalability. Many of our current and potential competitors have substantially greater financial, technical, and marketing
resources; more diversified product and service offerings; larger customer bases; longer operating histories; greater brand recognition;
and more established relationships in the industry than we do. As a result, some of these competitors may be able to:
● |
adapt
more rapidly to new or emerging technologies and changes in customer requirements; |
● |
develop
superior products or services, thereby gaining greater market acceptance and expanding their product and service offerings more efficiently
or rapidly; |
● |
bundle
products and services that we may not offer or in a manner that provides our competitors with a price advantage; |
● |
take
advantage of acquisitions and other opportunities more readily; |
● |
maintain
a lower cost basis; |
● |
adopt
more aggressive pricing policies and devote greater resources to the promotion, marketing, and sales of their products and services;
and |
● |
devote
greater resources to the research and development of their products and services. |
Many
of these companies have significantly greater financial, technical, marketing, and other resources than we do and may be better positioned
to acquire, offer, and service complementary products and technologies. These companies and alliances resulting from possible combinations
may create more compelling product and service offerings; be able to offer greater pricing flexibility than we can; or engage in business
practices that make it more difficult for us to compete effectively, including on the basis of sales and marketing programs (such as
providing greater incentives to our channel partners to sell a competitor’s product), technology, or product functionality. Competition
could result in, among other things, a substantial loss of customers, reduction in revenue, or increase in expenses, which could materially
adversely affect our business, financial condition, results of operations, or prospects.
Our
success depends on our ability to protect our intellectual property and our proprietary technologies.
We
rely on trade secrets to protect intellectual property, proprietary technology, and processes, which we have or may develop in the future.
There can be no assurances that secrecy obligations will be honored or that others will not independently develop similar or superior
technology. The protection of intellectual property and/or proprietary technology through claims of trade secret status has been the
subject of increasing claims and litigation by various companies both in order to protect proprietary rights as well as for competitive
reasons even where proprietary claims are unsubstantiated. The prosecution of proprietary claims or the defense of such claims is costly
and uncertain given the uncertainty and rapid development of the principles of law pertaining to this area. We may also be subject to
claims by other parties regarding the use of intellectual property, technology information, and data, which may be deemed proprietary
to others.
Increasingly
complex cybersecurity regulations and standards may have significant impact on our business, and it may require us to substantially invest
in our development capabilities to meet compliance requirements and may negatively impact our ability to offer certain services and remain
profitable.
Federal
and state legislatures continue to advance policy proposals in recent years to address cyber threats directed at governments and private
businesses. As threats continue to evolve and expand and as the pace of new technologies accelerates, legislatures are making cybersecurity
measures a high priority. At the federal and state level, hundreds of bills or resolutions have been introduced and considered that deal
significantly with cybersecurity. These proposals are at multiple stages of development and may shape out new standards concerning different
areas. Our business expansion strategy focuses on accretive acquisitions of other cybersecurity service providers in the top thirty U.S.
markets to achieve greater service coverage. The complex regulatory environment in each state may require us to dedicate additional resource
to ensure our service scope and service quality are in compliance with the standards enacted in each state we operate business in. We
may incur additional legal and compliance costs, and our service scope may be restrained due to compliance requirements. This will cause
a delay in our service launch and negatively impact our operating results. We may also face litigations if we fail to respond accordingly
to these regulatory measures in certain states.
We
may become subject to disputes, including litigation, that could negatively impact our business, profitability, and financial condition.
We
may become subject to disputes with third parties from time to time. Any such dispute could result in litigation between us and the other
parties. Whether or not any dispute actually proceeds to litigation, we may be required to devote significant management time and attention
and financial resources to its resolution (through litigation, settlement, or otherwise), which would detract from our management’s
ability to focus on our business. Any such resolution could involve the payment of damages or expenses by us, which may be significant.
In addition, any such resolution could involve our agreement with terms that restrict the operation of our business.
If
we incur additional debt, we will be subject to restrictive covenants and debt service obligations that could negatively impact our operations.
If
we incur additional debt for operations or acquisitions, a portion of our cash flow will have to be dedicated to the payment of principal
and interest on such indebtedness. Typical loan agreements also might contain restrictive covenants, which may impair our operating flexibility.
Such loan agreements would also provide for default under certain circumstances, such as failure to meet certain financial covenants.
A default under a loan agreement could result in the loan becoming immediately due and payable and, if unpaid, a judgment in favor of
such lender which would be senior to the rights of our stockholders. A judgment creditor would have the right to foreclose on any of
our assets resulting in a material adverse effect on our business, operating results, or financial condition.
The
requirements of being a public company, including compliance with the reporting requirements of the Exchange Act and the requirements
of the Sarbanes-Oxley Act and Nasdaq, may strain our resources, increase our costs, and divert management’s attention, and we may
be unable to comply with these requirements in a timely or cost-effective manner.
As
a public company, we are subject to the reporting requirements of the Exchange Act, and the corporate governance standards of the Sarbanes-Oxley
Act and Nasdaq. We have a limited operating history as a public company, and these requirements may place a strain on our management,
systems, and resources. In addition, we have incurred, and expect to continue to incur, significant legal, accounting, insurance, and other
expenses. The Exchange Act requires us to file annual, quarterly, and current reports with respect to our business and financial condition
within specified time periods and to prepare a proxy statement with respect to our annual meeting of stockholders. The Sarbanes-Oxley
Act requires that we maintain effective disclosure controls and procedures and internal control over financial reporting. Nasdaq requires
that we comply with various corporate governance requirements. To maintain and improve the effectiveness of our disclosure controls and
procedures and internal control over financial reporting and comply with the Exchange Act and Nasdaq requirements, significant resources
and management oversight are required. This may divert management’s attention from other business concerns and lead to significant
costs associated with compliance, which could have a material adverse effect on us and the market price of our common stock.
The
expenses incurred by public companies generally for reporting and corporate governance purposes have been increasing. We expect these
rules and regulations to continue to increase our legal and financial compliance costs and to make some activities more time-consuming
and costly. These laws and regulations could also make it more difficult or costly for us to obtain certain types of insurance, including
director and officer liability insurance, and we may be forced to accept reduced policy limits and coverage or incur substantially higher
costs to obtain the same or similar coverage. These laws and regulations could also make it more difficult for us to attract and retain
qualified persons to serve on our Board of Directors or its committees or as our executive officers. Advocacy efforts by stockholders
and third parties may also prompt even more changes in governance and reporting requirements. We cannot predict or estimate the amount
of additional costs we may incur or the timing of these costs. Furthermore, if we are unable to satisfy our obligations as a public company,
we could be subject to delisting of our common stock, fines, sanctions, and other regulatory action and potentially civil litigation.
The
preparation of our financial statements involves use of estimates, judgments, and assumptions, and our financial statements may be materially
affected if our estimates prove to be inaccurate.
Financial
statements prepared in accordance with accounting principles generally accepted in the United States require the use of estimates, judgments,
and assumptions that affect the reported amounts. Different estimates, judgments, and assumptions reasonably could be used that would
have a material effect on the financial statements, and changes in these estimates, judgments, and assumptions are likely to occur from
period to period in the future. These estimates, judgments, and assumptions are inherently uncertain, and, if they prove to be wrong,
then we face the risk that charges to income will be required.
The
auditor’s opinion on our audited financial statements for the year ended December 31, 2022, included in this annual report on Form
10-K, contain an explanatory paragraph relating to our ability to continue as a going concern.
The
auditor’s opinion on our audited financial statements for the year ended December 31, 2022 includes an explanatory paragraph stating
that our losses and negative cash flows from operations and uncertainty in generating sufficient cash to meet our operating obligations
raise substantial doubt about our ability to continue as a going concern. While we are pursuing a variety of funding sources and transactions
that could raise capital, there can be no assurances that we will be successful in these efforts or will be able to resolve our liquidity
issues or eliminate our operating losses. If we are unable to obtain sufficient funding, we would need to significantly reduce our operating
plans and curtail some or all of our strategic plans. Accordingly, our business, prospects, financial condition, and results of operations
will be materially and adversely affected, and we may be unable to continue as a going concern. If we are unable to continue as a going
concern, we may have to liquidate our assets and may receive less than the value at which those assets are carried on our audited consolidated
financial statements, and it is likely that investors will lose all or a part of their investment. If we seek additional financing to
fund our business activities in the future and there remains substantial doubt about our ability to continue as a going concern, investors
or other financing sources may be unwilling to provide additional funding on commercially reasonable terms or at all.
Risks
Related to our Common Stock
The
market price of our common stock is volatile and may fluctuate in a way that is disproportionate to our operating performance.
Our
stock price may experience substantial volatility as a result of a number of factors, including, among others:
● |
sales
or potential sales of substantial amounts of our common stock; |
● |
announcements
about us or about our competitors or new product introductions; |
● |
the
loss or unanticipated underperformance of our global distribution channels; |
● |
litigation
and other developments relating to our patents or other proprietary rights or those of our competitors; |
● |
conditions
in the cybersecurity and IT services industries; |
● |
governmental
regulation and legislation; |
● |
variations
in our anticipated or actual operating results; |
● |
changes
in securities analysts’ estimates of our performance, or our failure to meet analysts’ expectations; |
● |
foreign
currency values and fluctuations; and |
● |
overall
political and economic conditions. |
Many
of these factors are beyond our control. In addition to recent events, the stock markets have historically experienced substantial price
and volume fluctuations. These fluctuations often have been unrelated or disproportionate to the operating performance of these companies.
These broad market and industry factors could reduce the market price of our common stock, regardless of our actual operating performance.
Future
sales of shares of our common stock by existing stockholders could depress the market price of our common stock.
We
had an aggregate of 146,395,807 issued and outstanding shares of common stock as of December 31, 2022. Approximately 29,696,079
shares were in street name. The remainder of the outstanding shares may be sold, subject to certain volume limitations, pursuant to Rule
144 or other available exemptions. Also, in the future, we may issue additional securities in connection with financings and acquisitions.
The amount of our common stock issued in connection with an investment or acquisition could constitute a material portion of our then
outstanding stock. Due to these factors, sales of a substantial number of shares of our common stock in the public market could occur
at any time. These sales, or the perception in the market that the holders of a large number of shares intend to sell shares, could reduce
the market price of our common stock.
Provisions
in our certificate of incorporation, our by-laws, and Delaware law might discourage, delay, or prevent a change in control of our company
or changes in our management and, therefore, depress the trading price of our common stock.
Provisions
of our amended and restated certificate of incorporation, our amended and restated by-laws, and Delaware law may have the effect of deterring
unsolicited takeovers or delaying or preventing a change in control of our company or changes in our management, including transactions
in which our stockholders might otherwise receive a premium for their shares over then current market prices. In addition, these provisions
may limit the ability of stockholders to approve transactions that they may deem to be in their best interests. These provisions include
the ability of our Board of Directors to designate the terms of and issue new series of preferred stock without stockholder approval,
which could include the right to approve an acquisition or other change in our control or could be used to institute a rights plan, also
known as a poison pill, that would work to dilute the stock ownership of a potential hostile acquirer, likely preventing acquisitions
that have not been approved by our Board of Directors.
The
existence of the forgoing provisions and anti-takeover measures could limit the price that investors might be willing to pay in the future
for shares of our common stock. They could also deter potential acquirers of our company, thereby reducing the likelihood that an investor
in our company could receive a premium for their common stock in an acquisition.
Our
Board of Directors is expressly authorized to make, alter, or repeal our by-laws by majority vote, while such action by stockholders
would require a super majority vote.
These
anti-takeover provisions and other provisions under Delaware law could discourage, delay, or prevent a transaction involving a change
in control of our company, including actions that our stockholders may deem advantageous, or negatively affect the trading price of our
stock. These provisions could also discourage proxy contests and make it more difficult for stockholders to elect directors of their
choosing and cause us to take other corporate actions they desire.
FINRA
sales practice requirements may limit a stockholder’s ability to buy and sell our stock.
The
Financial Industry Regulatory Authority, Inc. (“FINRA”) has adopted rules that require that, in recommending an investment
to a client, a broker-dealer must have reasonable grounds for believing that the investment is suitable for that customer. Prior to recommending
speculative low-priced securities to their non-institutional customers, broker-dealers must make reasonable efforts to obtain information
about the customer’s financial status, tax status, investment objectives, and other information. Under interpretations of these
rules, FINRA believes that there is a high probability that speculative low-priced securities will not be suitable for certain customers.
FINRA requirements will likely make it more difficult for broker-dealers to recommend that their customers buy our common stock, which
may have the effect of reducing the level of trading activity in the shares, resulting in fewer broker-dealers may be willing to make
a market in our shares, potentially reducing a stockholder’s ability to resell shares of our common stock.
If
we issue additional shares in the future, it will result in the dilution of our existing stockholders.
Our
amended and restated certificate of incorporation authorizes the issuance of up to 300,000,000 shares of our common stock and up to 50,000,000
shares of preferred stock. Our Board of Directors may choose to issue some or all of such shares to acquire one or more companies and
to fund our overhead and general operating requirements. The issuance of any such shares will reduce the book value per share and may
contribute to a reduction in the market price of the outstanding shares of our common stock. If we issue any such additional shares,
such issuance will reduce the proportionate ownership and voting power of all current stockholders. Further, such issuance may result
in a change of control of our company.
Our
directors and executive officers beneficially own a substantial majority of our outstanding capital stock and will have the ability to
control our affairs.
Our
current directors and executive officers beneficially own approximately 60.75% of our outstanding capital stock. By virtue of
these holdings, they effectively control the election of the members of our Board of Directors, our management, and our affairs and may
prevent us from consummating corporate transactions such as mergers, consolidations, or the sale of all or substantially all of our assets
that may be favorable from our standpoint or that of our other stockholders.
We
are eligible to be treated as an “emerging growth company,” as defined in the JOBS Act, and we cannot be certain if the reduced
disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.
We
are an “emerging growth company,” as defined in the JOBS Act. For as long as we continue to be an emerging growth company,
we may take advantage of exemptions from various reporting and other requirements that are applicable to other public companies that
are not emerging growth companies, including (i) not being required to comply with the auditor attestation requirements of Section 404(b)
of the Sarbanes-Oxley Act, (ii) reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements,
and (iii) exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of
any golden parachute payments not previously approved. We could be an emerging growth company for up to five years, although circumstances
could cause us to lose that status earlier.
In
addition, Section 107 of the JOBS Act provides that an emerging growth company can take advantage of the extended transition period provided
in Section 7(a)(2)(B) of the Securities Act for complying with new or revised accounting standards that have different effective dates
for public and private companies until those standards apply to private companies. We have elected to take advantage of the extended
transition period for complying with the revised accounting standards. As a result, our financial statements may not be comparable to
companies that comply with effective dates generally applicable to public companies.
Investors
may find our common stock less attractive because we may rely on these exemptions, reduced reporting requirements, and extended transition
periods. If investors find our common stock less attractive as a result of any of the foregoing, there may be a less active trading market
for our common stock and our stock price may be more volatile or may decrease.
Our
failure to meet the continued listing requirements of Nasdaq could result in a delisting of our common stock.
If we fail to satisfy the continued
listing requirements of Nasdaq, such as the corporate governance requirements or the minimum closing bid price requirement, Nasdaq may
take steps to delist our common stock. On March 29, 2023, we received a letter from the listing qualifications staff of Nasdaq providing
notification that the bid price for our common stock had closed below $1.00 per share for the previous 30 consecutive business days and
our common stock no longer met the minimum bid price requirement for continued listing under Nasdaq Listing Rule 5550(a)(2). In accordance
with Nasdaq Listing Rule 5810(c)(3)(A), we have an initial period of 180 calendar days to regain compliance. To regain compliance, the
closing bid price of our common stock has to be $1.00 per share or more for a minimum of 10 consecutive business days at any time before
the expiration of the initial compliance period. In the event that we are unable to regain compliance with Rule 5550(a)(2) during the
initial compliance period, Nasdaq rules provide that we may be eligible for an additional 180 calendar day compliance period. To qualify,
we need to meet the continued listing requirement for market value of publicly held shares and all other initial listing standards for
the Nasdaq Capital Market, with the exception of the minimum bid price requirement, and to provide written notice of our intention to
cure the deficiency during the second compliance period, by effecting a reverse stock split, if necessary.
The liquidity of the shares of
our common stock may be affected adversely by a reverse stock split undertaken to address such compliance failure, given the reduced number
of shares that are outstanding following a reverse stock split. In addition, reverse stock splits may increase the number of stockholders
who own odd lots (less than 100 shares) of our common stock, creating the potential for such stockholders to experience an increase in
the cost of selling their shares and greater difficulty effecting such sales.
In the event that we are unable to establish compliance, or again become
non-compliant, with Rule 5550(a)(2) and cannot re-establish compliance within the require timeframe, our common stock could be delisted
from Nasdaq, which could have a material adverse effect on our financial condition and which would cause the value of our common stock
to decline. If our common stock is not eligible for listing or quotation on another market or exchange, trading of our common stock could
be conducted in the over-the-counter market or on an electronic bulletin board established for unlisted securities such as the Pink Sheets
or the OTC Bulletin Board. In such event, it would become more difficult to dispose of, or obtain accurate price quotations for, our common
stock, and there would likely be a reduction in our coverage by security analysts and the news media, which could cause the price of our
common stock to decline further. In addition, it may be difficult for us to raise additional capital if we are not listed on a national
securities exchange.
We
do not intend to pay dividends on our common stock.
We
have never paid any cash dividends, and currently do not intend to pay any dividends for the foreseeable future. We intend to retain
any future earnings to the extent necessary to develop and expand our business. Payment of cash dividends, if any, will depend, among
other factors, on our earnings, capital requirements, and the general operating and financial condition, and will be subject to legal
limitations on the payment of dividends out of paid-in capital. Because we do not intend to declare dividends, any gain on an investment
in our company will need to come through an increase in the stock price. This may never happen, and investors may lose all of their investment.
Our
business could be negatively impacted by shareholder activism.
In
recent years, shareholder activists have become involved in numerous public companies. Shareholder activists frequently propose to involve
themselves in the governance, strategic direction, and operations of companies. Shareholder activists have also become increasingly concerned
with companies’ efforts with respect to environmental, sustainability and governance standards. Responding to actions by activist
shareholders, such as requests for special meetings, potential nominations of candidates for election to our Board of Directors, requests
to pursue a strategic combination or other transaction, or other special requests may disrupt our business and divert the attention of
management and employees. In addition, any perceived uncertainties as to our future direction resulting from such a situation could result
in the loss of potential business opportunities, be exploited by our competitors, cause concern to our current or potential customers,
and make it more difficult to attract and retain qualified personnel and business partners, all of which could negatively impact our
business. Shareholder activism could result in substantial costs. In addition, actions of activist shareholders may cause significant
fluctuations in our stock price based on temporary or speculative market perceptions or other factors that do not necessarily reflect
the underlying fundamentals of our business.
Our
share price may be volatile, and you may be unable to sell your shares.
The
trading price of our common stock is likely to be highly volatile and these fluctuations could cause you to lose all or part of your
investment in our common stock. Since shares of our common stock were sold in our initial public offering (IPO) in January 2021 at a
price of $5.00 per share, the reported high and low sales prices of our common stock have ranged from $0.22 to $10.78 per share through
March 27, 2023. Factors that may cause the market price of our common stock to fluctuate include:
● |
price
and volume fluctuations in the overall stock market from time to time; |
● |
significant
volatility in the market price and trading volume of technology companies in general, and of companies in our industry; |
● |
actual
or anticipated changes in our results of operations or fluctuations in our operating results; |
● |
whether
our operating results meet the expectations of securities analysts or investors; |
● |
failure
of securities analysts to initiate or maintain coverage of our company, changes in financial estimates or ratings by any securities
analysts who follow our company, or our failure to meet the estimates or the expectations of investors; |
● |
announcements
of new products or technologies, commercial relationships, acquisitions, or other events by us or our competitors; |
● |
actual
or anticipated developments in our competitors’ businesses or the competitive landscape generally; |
● |
actual
or perceived privacy or data security incidents; |
● |
litigation
involving us, our industry or both; |
● |
regulatory
developments in the U.S., foreign countries, or both; |
● |
general
economic conditions and trends; |
● |
the
commencement or termination of any share repurchase program; |
● |
new
laws or regulations or new interpretations of existing laws or regulations applicable to our business; |
● |
the
availability of our services, security breaches or perceived security breaches, and vulnerabilities; |
● |
changes
in accounting standards, policies, guidelines, interpretations, or principles; |
● |
actions
instituted by activist shareholders or others; |
● |
major
catastrophic events, including those resulting from war, incidents of terrorism, outbreaks of pandemic diseases, such as COVID-19,
or responses to these events; |
● |
sales
of large blocks of our stock; or |
● |
departures
of key personnel. |
In
addition, if the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price
of our common stock could decline for reasons unrelated to our business, operating results or financial condition. The trading price
of our common stock might also decline in reaction to events affecting other companies in our industry even if these events do not directly
affect us.
In
the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has
often been brought against that company. If our stock price is volatile, we may become the target of securities litigation, which could
result in substantial costs and a diversion of management’s attention and resources.
ITEM
1B. UNRESOLVED STAFF COMMENTS
None.
ITEM
2. PROPERTIES
Our
corporate headquarters is located in Scottsdale, Arizona where we currently lease approximately 3,300 square feet of office space. We
own office space in Santiago, Chile, which is primarily used for our secured managed services and administration in Latin America. We
lease additional offices, none of which we believe to be material to our operations, located throughout the United States and Chile for our service
delivery and administrative personnel.
We
believe our existing facilities are sufficient for our current needs. Although we have recently closed or consolidated certain of our
facilities, in the future, we may need to add new facilities or expand our existing facilities to meet our evolving business needs.
ITEM
3. LEGAL PROCEEDINGS
We
are currently not a party to any material legal proceedings.
ITEM
4. MINE SAFETY DISCLOSURES
Not
applicable.
The accompanying footnotes are an integral part of these condensed consolidated financial statements.
The accompanying footnotes are an integral part of these condensed consolidated financial statements.
The accompanying footnotes are an integral part of these condensed consolidated financial statements.
NOTES
TO CONSOLIDATED FINANCIAL STATEMENTS
NOTE
1 – NATURE OF THE ORGANIZATION AND BUSINESS
Unless
otherwise indicated or the context requires otherwise, the terms ““we,” “us,” “our,” and “our
company” refer to Cerberus Cyber Sentinel Corporation, a Delaware corporation (“Cerberus”), and our wholly owned subsidiaries. Unless otherwise specified, all dollar amounts are expressed in United States dollars.
Nature
of the Business
We
are a cybersecurity and compliance company comprised of highly trained and seasoned security professionals who work with clients to enhance
or create a better cyber posture in their organization. We provide a full range of cybersecurity consulting and related services, encompassing
all three pillars of compliance, cybersecurity, and culture. Our services include secured managed services, compliance services, security
operations center (“SOC”) services, virtual Chief Information Security Officer (“vCISO”) services, incident response,
certified forensics, technical assessments, and cybersecurity training. We believe that culture is the foundation of every successful
cybersecurity and compliance program. To deliver that outcome, we developed our unique offering of MCCP+ (“Managed Compliance &
Cybersecurity Provider + Culture”), which is the only holistic solution that provides all three of these pillars under one roof
from a dedicated team of subject matter experts. In contrast to the majority of cybersecurity firms that are focused on a specific technology
or service, we seek to differentiate ourselves by remaining technology agnostic, focusing on accumulating highly sought-after topic experts.
We continually seek to identify and acquire cybersecurity talent to expand our service scope and geographical coverage to provide the
best possible service for our clients. We believe that bringing together a world-class team of technological experts with multi-faceted
expertise in the critical aspects of cybersecurity is key to providing technology agnostic solutions to our clients in a business environment
that has suffered from a chronic lack of highly skilled professionals, thereby setting us apart from competitors and in-house security
teams. Our goal is to create a culture of security and to help quantify, define, and capture a return on investment from information
technology and cybersecurity spending. Our brand rallies around the battle cry: “Cyber security is a Culture, not a Product.”
NOTE
2 – LIQUIDITY AND GOING CONCERN CONSIDERATIONS
The
accompanying financial statements have been prepared on a going concern basis, which contemplates the realization of assets and satisfaction
of liabilities in the normal course of business. For the year ended December 31, 2022, we incurred a net loss of $33,775,182,
had negative cash flows from operations of $10,681,007, and working capital deficit of $8,814,244. These matters raise substantial doubt
as to our ability to continue as a going concern.
Our existence is dependent upon our ability to develop profitable operations.
We are devoting substantially all of our efforts to developing our business, reducing overhead costs, and raising capital, although there
can be no assurance that the our efforts will be successful. No assurance can be given that our actions will result in profitable operations
or the resolution of liquidity problems. The accompanying consolidated financial statements do not include any adjustments that might
result should we be unable to continue as a going concern.
In
order to improve our liquidity, in addition to a planned reduction in overhead costs, we are actively pursuing additional debt and/or equity financing through discussions with investment bankers and private investors. There
can be no assurance that we will be successful in our efforts to secure additional financing.
The
financial statements do not include any adjustments relating to the recoverability of assets and the amount or classification of liabilities
that might be necessary should we be unable to continue as a going concern.
NOTE
3 – SUMMARY OF SIGNIFICANT ACCOUNTING POLICIES
Basis
of Presentation
The
accompanying consolidated financial statements have been prepared in accordance with accounting principles generally accepted in the
United States of America (“GAAP”). The summary of significant accounting policies presented below is designed to assist in
understanding our consolidated financial statements. Such consolidated financial statements and accompanying notes are the representations
of our management, who is responsible for their integrity and objectivity.
Consolidation
The
consolidated financial statements include the accounts of our company and our wholly owned subsidiaries. All significant intercompany
accounts and transactions have been eliminated in consolidation.
Prior
Period Reclassifications
Reclassification
of certain immaterial prior period amounts have been made to conform to the current period presentation.
Use
of Estimates
Preparing
financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the reported amounts of
assets and liabilities and disclosure of contingent assets and liabilities at the date of the financial statements and the reported amounts
of revenue and expenses during the reporting period. Actual results could differ from those estimates.
We
believe the following critical accounting policies affect our more significant judgments and estimates used in the preparation of the
accompanying consolidated financial statements. Significant estimates include the allowance for doubtful accounts, the carrying value
of intangible assets and goodwill, deferred tax asset and valuation allowance, the estimated fair value of assets acquired, liabilities
assumed and stock issued in business combinations, and assumptions used in the Black-Scholes-Merton pricing model, such as expected volatility,
risk-free interest rate, share price, and expected dividend rate.
Revenue
Our
revenues are derived from two major types of services to clients: security managed services and professional services. With respect to
Security Managed Services, we provide culture education and enablement, tools and technology provisioning, data and privacy monitoring,
regulations and compliance monitoring, remote infrastructure administration, and cybersecurity services including, but not limited to,
antivirus and patch management. With respect to Professional Services, we provide cybersecurity consulting, compliance auditing, vulnerability
assessment and penetration testing, and disaster recovery and data backup solutions.
Our
managed services offerings typically are paid in advance of providing services. We have determined that our contracts do not include
a significant financing component. Payments received in advance of our performance are initially recorded as deferred revenue and then
recognized as revenue on a straight-line basis over the term of the contract. Revenue is recognized net of allowances for applicable
transaction-based taxes collected from customers.
Our
revenue is categorized and disaggregated as reflected in our consolidated statements of operations and comprehensive loss, as follows:
Security
Managed Services
We
have four distinct revenue streams under security managed services: compliance, secured managed services, SOC managed services, and vCISO.
We derive revenue from compliance by ensuring our customers are implementing the right controls, properly prioritizing risks, and investing
in the appropriate remediation, so our customers can achieve compliance, adhere to industry standards and guidelines, and manage continuous
monitoring over time. We derive revenue from secured managed services through security focused end-to-end network and device management
solutions for companies that want to outsource their administration needs to a team of senior engineers who provide modern strategy,
insights, and support. We derive revenue from SOC managed services by offering SOC-as-a-service, which is a subscription-based service
that manages and monitors clients’ logs, devices, clouds, network, and assets for possible cyber threats. We derive revenue from
vCISO when corporations are in need of cybersecurity services, but many do not have the capital resources or knowledge base to hire a
Chief Information Security Officer. We offer this service to companies on an ongoing managed service basis as a resource to augment their
management team. vCISO services include road mapping the future state for the client and providing our knowledgeable expertise to help
them achieve their security needs.
Performance
Obligations
Our
contract transaction price is allocated to each distinct performance obligation and recognized as revenue when, or as, the performance
obligation is satisfied. We have determined the performance obligations for the following services:
Compliance:
We have determined that services provided under compliance contains a single performance obligation. We recognize revenue as earned based
on time and material.
Secured
Managed Services: We consider these services to be one performance obligation, although they may include various parts (e.g., support
desk, vulnerability identification and patching, firewall management, etc. (referred to generally as the “parts”)). These
parts are not viewed as being distinct, but rather a collection of interrelated parts that are combined to fill a functional need over
a period of time (managed IT service). As such, the parts are not viewed as distinct as the parts are not separable in the contract.
We bill the client on a monthly basis under the annual contract, and revenue is recognized as earned ratably over the contract term.
SOC
Managed Services: We have determined that SOC managed services is viewed by our company as one performance obligation, although it
may include various parts (e.g., architecture, design, security, etc. (referred to generally as the “parts”)). This position
is based on the fact that these various parts are not viewed as being distinct. Revenue is recognized as earned ratably over the contract
term.
vCISO:
We have determined that vCISO managed services is viewed by our company as one performance obligation, although it may include various
parts (e.g., strategy, advisory, and oversight (referred to generally as the “parts”)). This position is based on the fact
that these various parts are not viewed as being distinct. Revenue is recognized as earned based on time and materials.
Professional
Services
We
have four distinct revenue streams under professional services: technical assessments, incident response and forensics, training, and
other cybersecurity services. We derive revenue from technical assessments by utilizing the same tools and techniques a malicious cybercriminal
would use to try to gain unauthorized access to highly guarded corporate systems and data to evaluate technical controls and quantify
business risks in a meaningful way. We derive revenue from incident response and forensics by providing our customers with certified
experts experienced in locating and neutralizing threat actors who have breached their environments. Our team is able to identify and
contain a cyberattack quickly, implement patches or configuration changes to prevent re-infection, perform forensic analysis to determine
root cause, and provide a plan of attack for improvements that will prevent a similar attack from succeeding in the future. We derive
revenue from training by offering cybersecurity awareness training required under most compliance frameworks, and recommended as a best
practice under National Institute of Standards and Technology standards, to help reduce the risk of a successful cyber-attack. We derive
revenue from other cybersecurity services for hardware and software for customers IT infrastructure along with occasional staffing services.
Performance
Obligations
Our
contract transaction price is allocated to each distinct performance obligation and recognized as revenue when, or as, the performance
obligation is satisfied. We have determined the performance obligations for the following services:
Technical
Assessments: We have determined that a technical assessment is viewed by our company as one performance obligation. Revenue is recognized
at a point in time when the result of the assessment is turned over to the customer.
Incident
Response and Forensics: We consider these services to be one performance obligation, although they may include various parts (e.g.,
determine the source, cause, and prevention of recurrence etc. (referred to generally as the “parts”)). These parts are not
viewed as being distinct. We recognize revenue as earned based on time and material.
Training:
We have determined that services provided under compliance contains a single performance obligation. We recognize revenue as earned based
on time and material.
Other
Cybersecurity Services: We have determined that services provided under other cyber security is comprised of hardware and software
sales and contains a single performance obligation. We recognize revenue upon delivery of equipment to the client. The staffing services
offered contains a single performance obligation based on time and materials and revenue is recognized as invoices are approved and generated.
Cash
and Cash Equivalents
We
consider all highly liquid investments with original maturities of three months or less at the time of purchase to be cash equivalents.
Accounts
Receivable
Accounts
receivable are generally unsecured and reported at their outstanding unpaid principal balances, net of allowances for doubtful accounts.
We provide for allowances for doubtful receivables based on our estimate of uncollectible amounts considering age, collection history,
and any other factors considered appropriate. Payments are generally due within 30 days of invoice. We write off accounts receivable
against the allowance for doubtful accounts when a balance is determined to be uncollectible. As of December 31, 2022 and 2021, our allowance
for doubtful accounts was $270,011 and $77,811, respectively.
Prepaid
cost of revenue
Prepaid
cost of revenue represents amounts charged by our vendors for licenses that we resell to our customers. These amounts are amortized to
cost of revenue over the same period revenue is recognized for the related contract with our customers.
Property
and Equipment
Property
and equipment are recorded at cost. Depreciation is computed using the straight-line method over the estimated useful lives of the related
assets, generally between three and five years. Expenditures that enhance the useful lives of the assets are capitalized and depreciated.
Maintenance
and repairs are charged to expense as incurred. At the time of retirement or other disposition of property and equipment, the cost and
accumulated depreciation will be removed from the accounts and the resulting gain or loss, if any, will be reflected in operations.
Impairment
of Long-Lived Assets
We
review long-lived assets, including finite-lived intangible assets, for impairment whenever events or changes in circumstances indicate
that the carrying amount of such assets may not be recoverable. Recoverability of these assets is determined by comparing the forecasted
undiscounted net cash flows of the operation to which the assets relate to the carrying amount. Fair value is determined based on discounted
cash flows or appraised values, depending on the nature of the assets. No impairment was recorded for the year ended December 31, 2022.
Intangible
Assets
We
record our intangible assets at estimated fair value in accordance with Accounting Standards Code (“ASC”) 350, Intangibles
– Goodwill and Other. Finite lived intangible assets are amortized over their estimated useful life using the straight-line
method, which is determined by identifying the period over which the cash flows from the asset are expected to be generated.
Goodwill
Goodwill
represents the excess of the purchase price of the acquired business over the estimated fair value of the identifiable net assets acquired.
Goodwill is not amortized but is tested for impairment at least during the fourth quarter, at the reporting unit level or more frequently
if events or changes in circumstances indicate that the asset might be impaired. Goodwill is tested for impairment at the reporting unit
level by first performing a qualitative assessment to determine whether it is more likely than not that the fair value of the reporting
unit is less than its carrying value. If the reporting unit does not pass the qualitative assessment, then the reporting unit’s
carrying value is compared to its fair value. The fair values of the reporting units are estimated using market and discounted cash flow
approaches. Goodwill is considered impaired if the carrying value of the reporting unit exceeds its fair value. The discounted cash flow
approach uses expected future operating results. Failure to achieve these expected results may cause a future impairment of goodwill
at the reporting unit level.
Advertising
and Marketing Costs
We
expense advertising and marketing costs as they are incurred. Advertising and marketing expenses were $804,218 and $435,016 for the years
ended December 31, 2022 and 2021, respectively, and are recorded in operating expenses on the consolidated statements of operations.
Fair
Value Measurements
As
defined in ASC 820, Fair Value Measurements and Disclosures, fair value is the price that would be received to sell an asset or
paid to transfer a liability in an orderly transaction between market participants at the measurement date (exit price). We utilize market
data or assumptions that market participants would use in pricing the asset or liability, including assumptions about risk and the risks
inherent in the inputs to the valuation technique. These inputs can be readily observable, market corroborated, or generally unobservable.
ASC 820 establishes a fair value hierarchy that prioritizes the inputs used to measure fair value. The hierarchy gives the highest priority
to unadjusted quoted prices in active markets for identical assets or liabilities (Level 1 measurement) and the lowest priority to unobservable
inputs (Level 3 measurement). This fair value measurement framework applies at both initial and subsequent measurement.
Level
1: |
Quoted
prices are available in active markets for identical assets or liabilities as of the reporting date. Active markets are those in
which transactions for the asset or liability occur in sufficient frequency and volume to provide pricing information on an ongoing
basis. |
|
|
Level
2: |
Pricing
inputs are other than quoted prices in active markets included in Level 1, which are either directly or indirectly observable as
of the reported date. Level 2 includes those financial instruments that are valued using models or other valuation methodologies.
These models are primarily industry-standard models that consider various assumptions, including quoted forward prices for commodities,
time value, volatility factors, and current market and contractual prices for the underlying instruments, as well as other relevant
economic measures. Substantially all of these assumptions are observable in the marketplace throughout the full term of the instrument,
can be derived from observable data, or are supported by observable levels at which transactions are executed in the marketplace. |
|
|
Level
3: |
Pricing
inputs include significant inputs that are generally less observable from objective sources. These inputs may be used with internally
developed methodologies that result in management’s best estimate of fair value. The significant unobservable inputs used in
the fair value measurement for nonrecurring fair value measurements of long-lived assets include pricing models, discounted cash
flow methodologies and similar techniques. |
Fair
Value of Financial Instruments
The
carrying value of cash, accounts receivable, accounts payable and accrued expenses, and other current liabilities approximate their fair
values using Level 3 inputs, based on the short-term maturity of these instruments. The carrying amount of loans and of notes payable
approximate the estimated fair value for this financial instrument as management believes that such debt and interest payable on the
notes approximates our incremental borrowing rate. The long-lived assets (i.e., goodwill and intangible assets) were valued utilizing
Level 3 inputs. Significant unobservable inputs used in fair value measurement of the intangible assets include projected revenue, gross
profit and operating expenses, income tax rates, discount rates, royalty rates, and attrition rates.
Net
Loss per Common Share
Net
loss per common share is computed by dividing the net loss by the weighted average number of common shares outstanding during the period.
All outstanding options are considered potentially outstanding common stock. The dilutive effect, if any, of stock options is calculated
using the treasury stock method. All outstanding convertible notes are considered common stock at the beginning of the period or at the
time of issuance, if later, pursuant to the if-converted method. Since the effect of common stock equivalents is anti-dilutive with respect
to losses, the options and shares issuable upon conversion have been excluded from our computation of net loss per common share for the
years ended December 31, 2022 and 2021.
The
following tables summarize the securities that were excluded from the diluted per share calculation because the effect of including these
potential shares was antidilutive due to our net loss position even though the exercise price could be less than the average market price
of the common shares:
SUMMARY
OF SECURITIES EXCLUDED FROM DILUTED PER SHARE
| |
December 31, 2022 | | |
December 31, 2021 | |
| |
| | |
| |
Stock options | |
| 36,397,521 | | |
| 31,372,148 | |
Warrant | |
| 144,200 | | |
| - | |
Convertible debt | |
| 430,718 | | |
| 300,000 | |
Total | |
| 36,972,439 | | |
| 31,672,148 | |
Stock-Based
Compensation
We
apply the provisions of ASC 718, Compensation - Stock Compensation, which requires the measurement and recognition of compensation
expense for all stock-based awards made to employees and nonemployees, in the statements of operations.
For
stock options issued to employees and members of our Board of Directors for their services, we estimate the grant date fair value of
each option using the Black-Scholes-Merton option pricing model. The use of the Black-Scholes-Merton option pricing model requires management
to make assumptions with respect to the expected term of the option, the expected volatility of the common stock consistent with the
expected life of the option, risk-free interest rates and expected dividend yields of the common stock. For awards subject to service-based
vesting conditions, including those with a graded vesting schedule, we recognize stock-based compensation expense equal to the grant
date fair value of stock options on a straight-line basis over the requisite service period, which is generally the vesting term. Forfeitures
are recorded as they are incurred. Due to our company’s limited history and lack of public market for its common stock, we used
the average of historical share prices of similar companies within our industry to calculate volatility for use in the Black-Scholes-Merton
option pricing model.
Stock-based
awards are accounted for using the fair value method. Grant date fair values for stock options are determined using the Black-Scholes-Merton
option pricing model and a single option award approach.
We
issued shares of our stock to vendors and nonemployee for services provided. We recognize the accounting grant date fair value of the
stock award as compensation expense over the required service period of each award. Shares issued for services are measured based on
the fair market value of the underlying common stock on their respective accounting grant dates.
Foreign
Currency
Our
functional and reporting currency is the U.S. dollar. For certain of our foreign subsidiaries whose functional currency is other than
the U.S. dollar, we translate revenue and expense transactions at average exchange rates. We translate assets and liabilities at period-end
exchange rates and include foreign currency translation gains and losses as a component of accumulated other comprehensive income.
Leases
Leases
in which our company is the lessee are comprised of corporate offices and property and equipment. All of the leases are classified as
operating leases. We lease multiple office spaces with a remaining weighted average term of 2.34 years.
Right-of-use
(“ROU”) assets include any prepaid lease payments and exclude any lease incentives and initial direct costs incurred. Lease
expense for minimum lease payments is recognized on a straight-line basis over the lease term. The lease terms may include options to
extend or terminate the lease if it is reasonably certain that we will exercise that option.
In
accordance with ASC 842, Leases, we recognized a ROU asset and corresponding lease liability on our consolidated balance sheet
for long-term office leases and a vehicle operating lease agreement. See Note 14 – Leases for further discussion, including the
impact on our consolidated financial statements and related disclosures.
Income
Taxes
Deferred
tax assets and liabilities are recognized for the future tax consequences attributable to differences between the consolidated financial
statement carrying amounts of existing assets and liabilities and their respective tax bases. Deferred tax assets, including tax loss
and credit carry forwards, and liabilities are measured using enacted tax rates expected to apply to taxable income in the years in which
those temporary differences are expected to be recovered or settled. The effect on deferred tax assets and liabilities of a change in
tax rates is recognized in income in the period that includes the enactment date.
We
utilize ASC 740, Income Taxes, which requires the recognition of deferred tax assets and liabilities for the expected future tax
consequences of events that have been included in the consolidated financial statements or tax returns. We account for income taxes using
the asset and liability method to compute the differences between the tax basis of assets and liabilities and the related financial amounts,
using currently enacted tax rates. A valuation allowance is recorded when it is “more likely than not” that a deferred tax
asset will not be realized. At December 31, 2022 and 2021, our net deferred tax asset has been fully reserved.
For
uncertain tax positions that meet a “more likely than not” threshold, we recognize the benefit of uncertain tax positions
in the consolidated financial statements. Our practice is to recognize interest and penalties, if any, related to uncertain tax positions
in income tax expense in the consolidated statements of operations when a determination is made that such expense is likely.
Emerging
Growth Company Status
We
are an emerging growth company, as defined in the Jumpstart Our Business Startups Act of 2012 (the “JOBS Act”). Under the
JOBS Act, emerging growth companies can delay adopting new or revised accounting standards issued subsequent to the enactment of the
JOBS Act until those standards apply to private companies. We have elected to use this extended transition period for complying with
new or revised accounting standards that have different effective dates for public and private companies until the earlier of the date
that it is (i) no longer an emerging growth company or (ii) affirmatively and irrevocably opts out of the extended transition period
provided in the JOBS Act. As a result, these consolidated financial statements may not be comparable to companies that comply with the
new or revised accounting pronouncements as of public company effective dates. The JOBS Act does not preclude an emerging growth company
from early adopting new or revised accounting standards. We expect to use the extended transition period for any new or revised accounting
standards during the period which we remain an emerging growth company.
Recently
Issued Accounting Standards
In
May 2021, the Financial Accounting Standards Board issued ASU No. 2021-04, Earnings Per Share (Topic 260), Debt — Modifications
and Extinguishments (Subtopic 470-50), Compensation — Stock Compensation (Topic 718), and Derivatives and Hedging — Contracts
in Entity’s Own Equity (Subtopic 815-40): Issuer’s Accounting for Certain Modifications or Exchanges of Freestanding Equity-Classified
Written Call Options (a consensus of the Emerging Issues Task Force). The ASU requires issuers to account for modifications or exchanges
of freestanding equity-classified written call options that remain equity classified after the modification or exchange based on the
economic substance of the modification or exchange. Under the ASU, an issuer determines the accounting for the modification or exchange
based on whether the transaction was done to issue equity, to issue or modify debt, or for other reasons. The ASU is applied prospectively
and is effective for us for fiscal years beginning after December 15, 2021, and interim periods within those fiscal years. Early adoption
is permitted. The adoption of this standard did not have a material impact on our consolidated financial statements.
In
October 2021, the FASB issued ASU No. 2021-08, Business Combinations (Topic 805): Accounting for Contract Assets and Contract Liabilities
from Contracts with Customers. The new guidance requires contract assets and contract liabilities acquired in a business combination
to be recognized in accordance with ASC Topic 606 as if the acquirer had originated the contracts. The ASU is applied prospectively and
is effective for us for fiscal years beginning after December 15, 2022, and interim periods within those fiscal years. Early adoption
is permitted. We are currently evaluating the impact that adopting this standard will have on our consolidated financial statements.
NOTE
4 – ACQUISITIONS
2021
Acquisitions
Catapult
Acquisition Corporation
On
July 26, 2021, we entered into an agreement and plan of merger with VelocIT, pursuant to which VelocIT became a wholly owned subsidiary
of our company. All issued and outstanding shares of common stock of VelocIT were converted into the right to receive an aggregate of
up to 2,566,778 shares of common stock, subject to a holdback of 256,678 shares of our common stock. In addition, we issued
replacement options to various VelocIT employees to purchase an aggregate of 1,542,251 shares of our common stock with
a fair value of $6,861,203 which was included in the purchase price of the transaction. The transaction closed on August 12, 2021.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 20,465,150 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 270,397 | |
Accounts receivable | |
| 649,810 | |
Prepaid expenses | |
| 26,282 | |
Property and equipment | |
| 24,862 | |
IT assets | |
| 10,780 | |
Total tangible assets | |
| 982,131 | |
| |
| | |
Intangible assets acquired: | |
| | |
Tradename - trademarks | |
| 542,800 | |
Intellectual property | |
| 355,000 | |
Non-competes | |
| 59,100 | |
Total intangible assets | |
| 956,900 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable | |
| 351,190 | |
Accrued expenses | |
| 192,034 | |
Loans payable | |
| 549,507 | |
SBA loan payoff | |
| 1,056,960 | |
Total assumed liabilities | |
| 2,149,691 | |
| |
| | |
Net liabilities acquired | |
| 210,660 | |
| |
| | |
Goodwill (a) | |
$ | 20,675,810 | |
| (a) | Goodwill
is not deductible for tax purposes. |
Atlantic
Technology Systems, Inc. Acquisition
On
October 1, 2021, we entered into a stock purchase agreement with ATS, ATE, James Montagne as the sole shareholder of ATS, and James Montagne
and Miriam Montagne, as the sole shareholders of ATE (the “Shareholders”). Pursuant to the agreement, we purchased from the
Shareholders all of the outstanding shares of ATE and ATS. The aggregate purchase price for the shares was 200,000 shares of our common
stock and $75,000 in cash. Furthermore, the Shareholders shall receive an additional 100,000 shares of our common stock based upon Atlantic
achieving certain revenue and earnings thresholds and an additional $150,000 in cash upon our listing to a national exchange. At December
31, 2021, we noted that Atlantic would not achieve the certain revenue and earnings threshold for additional compensation and,
therefore, was not included in the transaction price.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 1,260,000 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 30,612 | |
Accounts receivable | |
| 20,778 | |
Prepaid expenses | |
| 4,311 | |
Inventory | |
| 15,425 | |
Property and equipment | |
| 54,023 | |
Total tangible assets | |
| 125,149 | |
| |
| | |
Intangible assets acquired: | |
| | |
Tradename - trademarks | |
| 115,500 | |
Intellectual property | |
| 29,000 | |
Non-competes | |
| 18,800 | |
Total intangible assets | |
| 163,300 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable | |
| 4,314 | |
Accrued expenses | |
| 3,212 | |
Total assumed liabilities | |
| 7,526 | |
| |
| | |
Net assets acquired | |
| 280,923 | |
| |
| | |
Goodwill (a) | |
$ | 979,077 | |
| (a) | Goodwill
is not deductible for tax purposes. |
RED74
LLC Acquisition
On
October 8, 2021, we entered into a merger agreement with RED74 and Ticato Holdings, Inc., a New Jersey corporation (“Ticato”),
and Tim Coleman, as sole shareholder of Ticato. Tim Coleman and Ticato were the sole shareholders of RED74. Pursuant to the agreement,
the merger became effective at such time as a certificate of merger was accepted by the Secretary of State of New Jersey, or November
9, 2021 (the “Effective Time”). All shares of RED74 issued and outstanding immediately prior to the Effective Time were converted
into the right to receive an aggregate of 340,000 shares of our common stock and $50,000 in cash..
RED74
provides secured managed services and key IT security management expertise to small-to-mid-market businesses in New Jersey. RED74 focuses
primarily on clients within two industry verticals: financial services and distribution/warehouse management. RED74 offers strategic
solutions that address the specific needs of these smaller enterprises made possible by their experienced and personable staff and industry-leading
technology processes. Its experienced staff members are well-versed in either partial or total secured managed solutions for businesses.
RED74 has a single office location in Pennington, New Jersey and supports clients in New Jersey, Manhattan, and Eastern Pennsylvania.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 2,158,000 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 115,855 | |
Accounts receivable | |
| 115,612 | |
Other assets | |
| 81,844 | |
Property and equipment | |
| 1,539 | |
Total tangible assets | |
| 314,850 | |
| |
| | |
Intangible assets acquired: | |
| | |
Tradename - trademarks | |
| 328,900 | |
Intellectual property | |
| 70,000 | |
Customer base | |
| 279,000 | |
Non-competes | |
| 42,500 | |
Total intangible assets | |
| 720,400 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable | |
| 36,119 | |
Accrued expenses | |
| 12,249 | |
Total assumed liabilities | |
| 48,368 | |
| |
| | |
Net assets acquired | |
| 986,882 | |
| |
| | |
Goodwill (a) | |
$ | 1,171,118 | |
| (a) | Goodwill
is not deductible for tax purposes. |
Ocean
Point Equities, Inc. (Arkavia) Acquisition
On
December 1, 2021, we entered into a stock purchase agreement with Arkavia and all of the owners of Arkavia, pursuant to which we acquired
all of the issued and outstanding equity securities of Arkavia (the “Arkavia Acquisition”). Under the terms of the Arkavia
Acquisition, all of the issued and outstanding equity securities of Arkavia were exchanged for an aggregate of 2,914,000 shares of our
common stock.
Arkavia,
a cybersecurity services company headquartered in Santiago, Chile, is oriented to solve problems with the best technological alternatives
and their recognized IT Engineering services. Founded in 2010, Arkavia provides consulting, delivery, managed security service provider,
and network monitoring services to a diversified client base throughout South America. With years of experience backed by multiple certifications
of its specialists, Arkavia’s customers include multiple leading brands in the market in each important business segment.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 14,570,000 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 1,753,193 | |
Accounts receivable | |
| 744,400 | |
Inventory | |
| 1,210,442 | |
Prepaids | |
| 465,791 | |
Other receivables | |
| 1,067,477 | |
Property and equipment | |
| 1,424,760 | |
Total tangible assets | |
| 6,666,063 | |
| |
| | |
Intangible assets acquired: | |
| | |
Tradename - trademarks | |
| 811,100 | |
Intellectual property | |
| 460,000 | |
Customer base | |
| 987,000 | |
Non-competes | |
| 313,000 | |
Total intangible assets | |
| 2,571,100 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable | |
| 1,125,396 | |
Accrued liabilities | |
| 460,496 | |
Other | |
| 98,268 | |
Long-term debt | |
| 5,156,228 | |
Total assumed liabilities | |
| 6,840,388 | |
| |
| | |
Net assets acquired | |
| 2,396,775 | |
| |
| | |
Goodwill (a) | |
$ | 12,173,225 | |
| (a) | Goodwill
is not deductible for tax purposes. |
2022
Acquisitions
True
Digital Security, Inc. Acquisition
On
January 5, 2022, we entered into the True Digital Stock Purchase Agreement with certain stockholders of True Digital and the True Digital
Merger Agreement with True Digital and certain of its other stockholders. On January 19, 2022, the transactions contemplated by the True
Digital Stock Purchase Agreement and the True Digital Merger Agreement were consummated, with True Digital becoming a wholly owned subsidiary
of our company (the “True Digital Acquisition”). True Digital’s outstanding common stock was exchanged for $6,153,000
in cash and 8,229,000 shares of our common stock.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration | |
$ | 40,879,380 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 485,232 | |
Accounts receivable | |
| 1,404,386 | |
Contract assets | |
| 131,342 | |
Prepaid expenses and other current assets | |
| 196,825 | |
Property and equipment | |
| 906,006 | |
Other assets | |
| 17,505 | |
Total tangible assets | |
| 3,141,296 | |
| |
| | |
Intangible assets acquired: | |
| | |
Tradename - trademarks | |
| 1,744,200 | |
Intellectual property | |
| 1,137,000 | |
Non-competes | |
| 124,900 | |
Total intangible assets | |
| 3,006,100 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable and accrued expenses | |
| 1,283,003 | |
Deferred revenue | |
| 1,956,600 | |
Line of credit | |
| 283,244 | |
Loans payable | |
| 181,741 | |
Loans payable - shareholder | |
| 543,581 | |
Total assumed liabilities | |
| 4,248,169 | |
| |
| | |
Net assets acquired | |
| 1,899,227 | |
| |
| | |
Goodwill (a) | |
$ | 38,980,153 | |
| (a) | Goodwill
and intangibles are not deductible for tax purposes. |
Creatrix,
Inc. Acquisition
On
June 1, 2022, we entered into a stock purchase agreement with the stockholders of Creatrix, pursuant to which Creatrix became our wholly
owned subsidiary. We anticipate that this will expand our professional services offerings and capabilities. Creatrix offers recognized
expertise in identity management as wells as systems integration and software engineering and specializes in biometrics, vetting, credentialing,
and case management.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 3,630,000 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 3,572 | |
Accounts receivable | |
| 125,908 | |
Contract assets | |
| 33,965 | |
Prepaid expenses and other current assets | |
| 3,597 | |
Total tangible assets | |
| 167,042 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable and accrued expenses | |
| 48,001 | |
Loans payable | |
| 56,687 | |
Total assumed liabilities | |
| 104,688 | |
| |
| | |
Net assets acquired | |
| 62,354 | |
| |
| | |
Goodwill (a) | |
$ | 3,567,646 | |
(a) |
Goodwill is
not deductible for tax purposes. |
CyberViking,
LLC Acquisition
On
July 1, 2022, we entered into a stock purchase agreement with the interest holders of CyberViking and its interest holders, pursuant
to which we acquired all of the issued and outstanding units of CyberViking, with CyberViking becoming a wholly owned subsidiary of our
company. We anticipate that this will expand our professional services offerings and capabilities. CyberViking specializes in application
security services, incident response, and threat hunting as well as the creation and management of security operation centers.
We
did not acquire assets nor assume liabilities in our purchase of CyberViking, as a result the $1,836,320 of consideration paid is recognized
as goodwill. The goodwill is not deductible for tax purposes.
CUATROi
Acquisition
On
August 25, 2022, we entered into a stock purchase agreement with CUATROi and its partners, pursuant to which CUATROi became our wholly
owned subsidiary. We anticipate that this will expand our professional services offerings and capabilities. CUATROi is a cloud, managed
services provider and cybersecurity company with offices in South America.
The
aggregate purchase price was allocated to the tangible and intangible assets acquired and liabilities assumed based on their estimated
fair values as of the acquisition date, with the excess recorded to goodwill. During the measurement period, which will not exceed one
year from closing, we will continue to obtain information to assist us in finalizing the acquisition date fair values. Any qualifying
changes to our preliminary estimates will be recorded as adjustments to the respective assets and liabilities, with any residual amounts
allocated to goodwill.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 6,847,474 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 77,804 | |
Accounts receivable | |
| 478,210 | |
Prepaid expenses and other current assets | |
| 51,464 | |
Property and equipment | |
| 434,816 | |
Total tangible assets | |
| 1,042,294 | |
| |
| | |
Intangible assets acquired: | |
| | |
Customer base | |
| 1,240,000 | |
Total intangible assets | |
| 1,240,000 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable and accrued expenses | |
| 242,830 | |
Loans payable | |
| 850,199 | |
Total assumed liabilities | |
| 1,093,029 | |
| |
| | |
Net assets acquired | |
| 1,189,265 | |
| |
| | |
Goodwill (a) | |
$ | 5,658,209 | |
(a) | Goodwill
and intangibles are not deductible for tax purposes. |
NLT
Secure Acquisition
On
September 1, 2022, we entered into a stock purchase agreement with NLT Secure and its interest holders, pursuant to which we acquired
all of the issued and outstanding units of NLT Secure becoming a wholly owned subsidiary of our company. We anticipate that this will
expand our professional services offerings and capabilities. NLT Secure provides a broad range of security solutions and managed services
to organizations throughout South America.
The
aggregate purchase price was allocated to the tangible and intangible assets acquired and liabilities assumed based on their estimate
fair values as of the acquisition date, with the excess recorded to goodwill. During the measurement period, which will not exceed one
year from closing, we will continue to obtain information to assist us in finalizing the acquisition date fair values. Any qualifying
changes to our preliminary estimates will be recorded as adjustments to the respective assets and liabilities, with any residual amounts
allocated to goodwill.
The
following table summarizes the allocation of the purchase price to the fair values of the assets acquired and the liabilities assumed
as of the transaction date:
SUMMARY
OF SIGNIFICANT FAIR VALUE ASSETS ACQUIRED AND LIABILITIES
| |
| | |
Consideration paid | |
$ | 6,919,597 | |
| |
| | |
Tangible assets acquired: | |
| | |
Cash | |
| 48,858 | |
Accounts receivable | |
| 66,972 | |
Prepaid expenses and other current assets | |
| 154,300 | |
Property and equipment | |
| 1,071,401 | |
Total tangible assets | |
| 1,341,531 | |
| |
| | |
Assumed liabilities: | |
| | |
Accounts payable and accrued expenses | |
| 791,228 | |
Loans payable | |
| 1,778,591 | |
Total assumed liabilities | |
| 2,569,819 | |
| |
| | |
Net liabilities assumed | |
| 1,228,288 | |
| |
| | |
Goodwill (a) | |
$ | 8,147,885 | |
(a) | Goodwill
is not deductible for tax purposes. |
Pro
forma financial information is not presented because the acquisitions were not material to our financial statements, individually or
in the aggregate.
Prepaid
expenses and other current assets consisted of:
SCHEDULE
OF PREPAID EXPENSES AND OTHER CURRENT ASSETS
| |
December 31, 2022 | | |
December 31, 2021 | |
| |
| | |
| |
| |
| | |
| |
Prepaid expenses | |
$ | 987,651 | | |
$ | 441,259 | |
Prepaid taxes | |
| 572,645 | | |
| 231,014 | |
Prepaid insurance | |
| 164,354 | | |
| 46,751 | |
Deferred interest | |
| - | | |
| 229,702 | |
Total prepaid expenses and other current assets | |
$ | 1,724,650 | | |
$ | 948,726 | |
NOTE
6 – PROPERTY AND EQUIPMENT
Property
and equipment consisted of the following:
SCHEDULE
OF PROPERTY AND EQUIPMENT
| |
December 31, 2022 | | |
December 31, 2021 | |
| |
| | |
| |
Computer equipment | |
$ | 1,264,713 | | |
$ | 495,235 | |
Building | |
| 1,776,040 | | |
| 1,047,020 | |
Leasehold improvements | |
| 541,647 | | |
| 109,626 | |
Vehicle | |
| 28,229 | | |
| 63,052 | |
Furniture and fixtures | |
| 151,142 | | |
| 33,358 | |
Software | |
| 1,667,283 | | |
| 748,599 | |
Property and equipment
gross | |
| 5,429,054 | | |
| 2,496,890 | |
Less: accumulated depreciation | |
| (748,559 | ) | |
| (102,466 | ) |
Property and equipment, net | |
$ | 4,680,495 | | |
$ | 2,394,424 | |
Total
depreciation expense was $736,181 and $87,993 for the years ended December 31, 2022 and 2021, respectively.
NOTE
7 – INTANGIBLE ASSETS AND GOODWILL
At
December 31, 2021, we determined it was more-likely-than-not that the carrying value of goodwill in our reporting units was impaired
as of December 31, 2021. The fair value estimates for all reporting units were based on a blended analysis of the present value of future
cash flows and the market value approach. The significant estimates used in the discounted cash flows model included our weighted average
cost of capital, projected cash flows, and the long-term rate of growth. The significant estimates used in the market approach model
included identifying public companies engaged in businesses that are considered comparable to those of the reporting unit and assessing
comparable revenue and earnings multiples in estimating the fair value of the reporting unit. The excess of the reporting unit’s
carrying value over the estimate of the fair value was recorded as goodwill impairment of $22,078,064. There was no impairment recognized
as of and during the year ended December 31, 2022.
The
following table summarizes the changes in goodwill during the years ended December 31, 2022 and 2021, respectively:
SCHEDULE OF CHANGES IN GOODWILL
Balance December 31, 2020 | |
$ | 4,101,369 | |
Acquisition of goodwill | |
| 34,999,230 | |
Impairment | |
| (22,078,064 | ) |
Reclassification based on valuation report(1) | |
| (230,000 | ) |
Balance December 31, 2021 | |
| 16,792,535 | |
Acquisition of goodwill | |
| 58,190,213 | |
Foreign currency translation adjustment | |
| 1,237,153 | |
Other | |
| 444,116 | |
Ending balance, December 31, 2022 | |
$ | 76,664,017 | |
| (1) | During
the year ended December 31, 2022, we completed a valuation for the December 16, 2021 acquisition
of Alpine. As such, the purchase price allocation disclosed in our Annual Report in Form
10-K for December 31, 2021, filed on March 31, 2022, changed and, therefore, goodwill changed. |
Intangible
assets, net are summarized as follows:
SUMMARY
OF IDENTIFIABLE INTANGIBLE ASSETS
| |
Gross Carrying Amount | | |
Accumulated Amortization | | |
Net Carrying Amount | |
| |
December 31, 2022 | |
| |
Gross Carrying Amount | | |
Accumulated Amortization | | |
Net Carrying Amount | |
Tradenames – trademarks | |
$ | 4,744,409 | | |
$ | (1,167,476 | ) | |
$ | 3,576,933 | |
Customer base | |
| 2,949,143 | | |
| (449,565 | ) | |
| 2,499,578 | |
Non-compete agreements | |
| 796,583 | | |
| (436,611 | ) | |
| 359,972 | |
Intellectual property/technology | |
| 2,659,391 | | |
| (620,645 | ) | |
| 2,038,746 | |
Intangible Asset | |
$ | 11,149,526 | | |
$ | (2,674,297 | ) | |
$ | 8,475,229 | |
| |
Gross Carrying Amount | | |
Accumulated Amortization | | |
Net Carrying Amount | |
| |
December 31, 2021 | |
| |
Gross Carrying Amount | | |
Accumulated Amortization | | |
Net Carrying Amount | |
Tradenames – trademarks | |
$ | 3,010,100 | | |
$ | - | | |
$ | 3,010,100 | |
Customer base | |
| 1,650,000 | | |
| (57,261 | ) | |
| 1,592,739 | |
Non-compete agreements | |
| 675,500 | | |
| (154,653 | ) | |
| 520,847 | |
Intellectual property/technology | |
| 1,528,000 | | |
| (111,417 | ) | |
| 1,416,583 | |
Intangible Asset | |
$ | 6,863,600 | | |
$ | (323,331 | ) | |
$ | 6,540,269 | |
During
the third quarter of 2022, as the result of rebranding and expected future marketing of our products and services, we made the decision
to phase out certain indefinite-lived tradenames from acquired subsidiaries. We believe the phase-out and integration of the rebranding
and marketing will be completed no later than June 30, 2024, and expect to recognize $1,211,800 of amortization expense from tradenames
previously held as indefinite-lived.
Amortization
expense of identifiable intangible assets was $2,338,273 and $206,862, for the years ended December 31, 2022 and 2021, respectively.
As of December 31, 2022, the weighted-average remaining amortization period for intangible assets was 3.84 years.
Based
on the balance of intangibles assets at December 31, 2022, expected future amortization expense is as follows:
SCHEDULE OF FUTURE AMORTIZATION EXPENSE
| |
| | |
2023 | |
$ | 2,687,120 | |
2024 | |
| 1,947,787 | |
2025 | |
| 1,758,851 | |
2026 | |
| 1,656,636 | |
2027 | |
| 424,835 | |
Future
Amortization Expense | |
$ | 8,475,229 | |
NOTE
8 – ACCOUNTS PAYABLE AND ACCRUED EXPENSES
Accounts
payable and accrued expenses consisted of the following amounts:
SCHEDULE
OF ACCOUNTS PAYABLE AND ACCRUED EXPENSES
| |
December 31, 2022 | | |
December 31, 2021 | |
| |
| | |
| |
Accounts payable | |
$ | 5,267,492 | | |
$ | 1,700,260 | |
Accrued payroll | |
| 1,274,919 | | |
| 482,588 | |
Accrued expenses | |
| 1,296,382 | | |
| 513,718 | |
Accrued commissions | |
| 305,768 | | |
| - | |
Accrued interest | |
| 165,776 | | |
| 12,500 | |
Total accounts payable and accrued expenses | |
$ | 8,310,337 | | |
$ | 2,709,066 | |
Note
9 - RELATED PARTY TRANSACTIONS
Independent
Consulting Agreement with Stephen Scott
In
August 2020, we entered into an Independent Consulting Agreement with Stephen Scott, a Director of our company, with respect to advisory
and consulting services relating to our strategic and business development, and sales and marketing. Mr. Scott receives a consulting
fee of $11,500 per month for such services. During the years ended December 31, 2022 and 2021, we paid consulting fees to Mr. Scott in
the amount of $138,000 each year.
Convertible
Note Payable – Related Party
On
December 23, 2020, we issued an unsecured convertible note to Hensley & Company in the principal amount of $3,000,000 bearing an
interest rate at 6.00% per annum payable at maturity with a maturity date of December 31, 2021, with a conversion price of $2.00 per share.
On December 31, 2021, Hensley & Company converted the principal amount of $3,000,000 for 1,500,000 shares of our common stock
at a conversion price of $2.00 per share.
Managed
Services Agreement with Hensley Beverage Company – Related Party
In
July 2021, we entered into a 1-year Managed Services Agreement with Hensley Beverage Company to provide secured managed services. We
also may be engaged by Hensley Beverage Company from time to time to provide other related services outside the scope of the Managed
Services Agreement. While the agreement provides for a term through December 31, 2021, the agreement will continue until terminated by
either party. For the years ended December 31, 2022 and 2021, we received $850,445 and $466,597, respectively from Hensley Beverage Company
for contracted services and had an outstanding receivable balance of $15,737 and $11,508 as of December 31, 2022 and 2021, respectively.
Note
Receivable – Related Party
Arkavia
provided cash infusions to a related party to fund a wholly owned subsidiary in Peru for start-up and operational costs. The subsidiary
is incorporated and as such, the assets, liabilities and operation results are included in the condensed consolidated financial statements.
At December 31, 2022, no amount remains outstanding.
Note
10 - STOCKHOLDERS’ EQUITY
Our
amended and restated certificate of incorporation authorized the issuance of up to 300,000,000 shares of common stock and 50,000,000
shares of undesignated preferred stock, each having a par value of $0.00001 per share. Shares of common stock have both economic and
voting rights.
Equity
Transactions
During
the years ended December 31, 2022 and 2021, we issued an aggregate of 2,412,474 and 1,625,000 shares of common stock to investors for
cash proceeds of $10,689,087 and $3,250,000, respectively.
During
the years ended December 31, 2022 and 2021, we issued an aggregate of 909,819 and 392,900 shares of common stock, respectively, to consultants
and vendors for services rendered.
On
December 31, 2021, we issued 1,500,000 shares of common stock pursuant to the conversion of a convertible note with Hensley & Company.
On
January 18, 2022, we issued a warrant to the underwriter of our Form S-1 to purchase an aggregate 144,200 shares of our common stock.
The warrant is exercisable for a period of 5 years from the date of issuance at an exercise price of $5.00 per share.
The
follow table summarizes warrant activity:
SCHEDULE
OF STOCK WARRANT ACTIVITY
| |
Shares | | |
Weighted Average Exercise Price | | |
Weighted Average Remaining Contractual Life (in years) | | |
Aggregate Intrinsic Value | |
Outstanding at January 1, 2022 | |
| - | | |
$ | - | | |
| - | | |
$ | - | |
Granted | |
| 144,200 | | |
| 5.00 | | |
| - | | |
| - | |
Exercised | |
| - | | |
| - | | |
| - | | |
| - | |
Expired or cancelled | |
| - | | |
| - | | |
| - | | |
| - | |
Outstanding at December 31, 2022 | |
| 144,200 | | |
| 5.00 | | |
| 4.01 | | |
| - | |
Exercisable at December 31, 2022 | |
| 144,200 | | |
$ | 5.00 | | |
| 4.01 | | |
$ | - | |
Note
11 – STOCK-BASED COMPENSATION
2019
Equity Incentive Plan
Our
Board of Directors approved our 2019 Equity Incentive Plan (the “2019 Plan”) in June 2019, and our stockholders holding a
majority of the outstanding shares of our common stock approved and adopted the 2019 Plan. On October 17, 2022, the maximum number of
shares of our common stock that may be issued under our 2019 Plan was increased to 60,000,000 shares. As of December 31, 2022, there
were 20,213,408 shares of common stock available for issue as future awards under the 2019 Plan.
Options
We
granted options for the purchase of 17,457,613 and 11,091,691 shares of common stock during the year ended December 31, 2022 and 2021,
respectively.
In
applying the Black-Scholes option pricing model to stock options granted, we used the following assumptions:
SCHEDULE
OF BLACK-SCHOLES STOCK OPTIONS GRANTED
|
|
For the Year Ended |
|
For the Year Ended |
|
|
December 31, 2022 |
|
|
December 31, 2021 |
|
Risk free interest rate |
|
1.43% - 4.22 |
% |
|
0.42% - 1.34 |
% |
Contractual term (years) |
|
5.00 – 10.00 |
|
|
5.00 – 10.00 |
|
Expected volatility |
|
87.11% - 90.90 |
% |
|
73.43% - 85.22 |
% |
Expected dividend yield |
|
- |
% |
|
- |
% |
The
follow table summarizes stock option activity:
SCHEDULE
OF STOCK OPTION ACTIVITY
| |
Shares | | |
Weighted Average Exercise Price | | |
Weighted Average Remaining Contractual Life (in years) | | |
Aggregate Intrinsic Value | |
Outstanding at January 1, 2021 | |
| 24,573,700 | | |
$ | 0.86 | | |
| - | | |
$ | - | |
Granted | |
| 11,091,691 | | |
| 3.60 | | |
| - | | |
| - | |
Exercised | |
| (100,000 | ) | |
| 0.50 | | |
| - | | |
| - | |
Expired or cancelled | |
| (4,193,243 | ) | |
| 0.83 | | |
| - | | |
| - | |
Outstanding at December 31, 2021 | |
| 31,372,148 | | |
| 1.84 | | |
| - | | |
| - | |
Granted | |
| 17,457,613 | | |
| 3.51 | | |
| - | | |
| - | |
Exercised | |
| (2,689,071 | ) | |
| 0.55 | | |
| - | | |
| - | |
Expired or cancelled | |
| (9,743,169 | ) | |
| 3.03 | | |
| - | | |
| - | |
Outstanding at December 31, 2022 | |
| 36,397,521 | | |
$ | 2.45 | | |
| 5.65 | | |
$ | 41,440,378 | |
Exercisable at December 31, 2022 | |
| 19,829,580 | | |
$ | 1.41 | | |
| 3.57 | | |
$ | 37,818,420 | |
The
aggregate intrinsic value for stock options outstanding and exercisable is defined as the positive difference between the fair market
value of our common stock and the exercise price of the stock options.
Total
compensation expense related to the options was $15,464,587 and $7,802,096 for the years ended December 31, 2022 and 2021, respectively.
As of December 31, 2022, there was future compensation expense of $56,183,188 with a weighted average recognition period of 2.31 years
related to the options.
NOTE
12 – COMMITMENTS AND CONTINGENCIES
Maxim
Settlement Agreement
On
October 27, 2020, we entered into an advisory agreement (the “Advisory Agreement”) with Maxim Group LLC (“Maxim”),
pursuant to which the parties agreed to certain compensation obligations in the form of our common stock, cash and future rights. Certain
disputes arose between the parties regarding the duties and obligations pursuant to the Advisory Agreement, resulting in the parties
agreeing to enter into a settlement and release agreement on January 13, 2022. As a result, we recorded a settlement liability at December
31, 2021 of $470,000 on the statement of operations and issued 400,000 shares of our common stock to Maxim pursuant to the settlement.
The settlement liability was paid in January 2022.
Legal
Claims
There
are no material pending legal proceedings in which we or any of our subsidiaries is a party or in which any of our directors, officers
or affiliates, any owner of record or beneficially of more than 5% of any class of our voting securities, or security holder is a party
adverse to us or has a material interest adverse to us.
Indirect
Taxes
We
are subject to indirect taxation in some, but not all, of the various states and foreign jurisdictions in which we conduct business.
Laws and regulations attempting to subject commerce conducted over the Internet to various indirect taxes are becoming more prevalent,
both in the United States and internationally, and may impose additional burdens on us in the future. Increased regulation could negatively
affect our business directly, as well as the business of our customers. Taxing authorities may impose indirect taxes on the Internet-related
revenue we generated based on regulations currently being applied to similar, but not directly comparable industries. There are many
transactions and calculations where the ultimate indirect tax determination is uncertain. In addition, domestic and international indirect
taxation laws are complex and subject to change. We may be audited in the future, which could result in changes to our indirect tax estimates.
We continually evaluate those jurisdictions in which nexus exists, and believe we maintain adequate indirect tax accruals.
As
of December 31, 2022 and 2021, our accrual for estimated indirect tax liabilities was $409,187 and $99,088, respectively, reflecting
our best estimate of the potential liability based on an analysis of our business activities, revenues subject to indirect taxes, and
applicable regulations. Although we believe our indirect tax estimates and associated liabilities are reasonable, the final determination
of indirect tax audits, litigation, or settlements could be materially different than the amounts established for indirect tax contingencies.
NOTE
13 – LOANS PAYABLE, CONVERTIBLE NOTE PAYABLE AND LINES OF CREDIT
Loans
Payable
Loans
payable was as follows:
SCHEDULE
OF LOAN PAYABLE
|
|
Interest
Rate |
|
Maturities |
|
|
December
31, 2022 |
|
|
December
31, 2021 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Term
loans (US dollar denominated) |
|
5.00%
– 7.50 |
% |
|
2023
- 2027 |
|
|
$ |
5,461,520 |
|
|
$ |
478,712 |
|
Term
loans (Chilean peso denominated) |
|
3.48%
- 19.20 |
% |
|
2023
- 2031 |
|
|
|
6,541,113 |
|
|
|
5,018,788 |
|
|
|
|
|
|
|
|
|
|
12,002,633 |
|
|
|
5,497,500 |
|
Less
current portion |
|
|
|
|
|
|
|
|
(7,758,831 |
) |
|
|
(213,199 |
) |
Long
term loans payable |
|
|
|
|
|
|
|
$ |
4,243,802 |
|
|
$ |
5,284,301 |
|
Bridge
Loan
We
entered into a bridge loan with Bell Bank (the “Bell Bank Note”), secured by substantially all of our assets, in the principal
amount of $5,000,000
bearing an interest rate of 4.00%
per annum payable monthly with a maturity date of December
14, 2022. The bridge loans are guaranteed by
our assets. In December 2022, we extend the maturity of the bridge loan to March 14, 2023. The applicable interest rate on the loan extension
is 7.50%,
the prime rate at the time of the extension. We recorded interest expense of $114,167
for the year-ended December 31, 2022, and had accrued interest of $4,167
as of December 31, 2022. The effective interest
of this loan was 4.22%.
Term
Loans
Various
subsidiaries in the United States are borrowers under certain term loans. These term loans require monthly principal and interest payments.
The term loans are secured by various assets owned by our subsidiaries. We recorded aggregate interest expense of these term loans of
$50,754 and $297,487 for the years ended December 31, 2022 and 2021, respectively. Accrued interest for the loans was $13,435 and zero
as of December 31, 2022 and 2021, respectively. The aggregate effective interest rate of the terms loans was 10.80%.
Our
Latin America subsidiaries are the borrowers under certain term loans denominated in Chilean Pesos. These term loans require monthly
principal and interest payments. The loans are secured by various assets owned by our subsidiaries. We recorded aggregate interest expense
on these term loans of $318,055 and $14,825 for the years ended December 31, 2022 and 2021, respectively. Accrued interest for the loans
was zero as of December 31, 2022 and 2021, respectively. The aggregate effective interest rate of these term loans was 10.90%.
Convertible
Notes Payable
On
December 23, 2020, we issued to Hensley & Company an unsecured convertible note payable in the principal amount of $3,000,000. The
convertible note bore interest at 6.00% per annum, with an effective interest rate of 8.50% per annum, payable at maturity with a maturity
date of December 31, 2021. Amounts due under the note were convertible into shares of our common stock at any time at the option of the
Holder, at a conversion price of $2.00 per share. The issuance of the note resulted in a discount from the beneficial conversion feature
totaling $75,000. Interest expense on the note was zero and $255,891 for the years ended December 31, 2022 and 2021, respectively.
On
December 31, 2021, Hensley & Company converted the principal amount of $3,000,000 for 1,500,000 shares of our common stock.
On
October 27, 2021, we issued to Neil Stinchcombe, a convertible note in the principal amount of $1,500,000 bearing an interest rate of
5.00% per annum payable at maturity with a maturity date of January 27, 2022, with a conversion price of $5.00 per share. On March 10,
2022, we entered into Amendment #1 to the note pursuant to which the maturity date was extended to October 27, 2022. On March 27, 2023,
we entered into a letter agreement with Neil Stinchcombe to resolve certain payment terms of his convertible note. We agreed to repay the principal amount
of the note in three equal installment payments of $500,000 on each of March 31, April 28 and May 31, 2023, with accrued interest to be
paid on May 31, 2023 at the note’s reflected interest rate of 5.00% per annum. If we fail to make any of the foregoing payments,
the applicable interest rate will be increased to a default rate of 24.00% per annum.
The outstanding principal of this note was $1,500,000 at December 31, 2022 and 2021. We recorded interest expense of $106,507 and $12,500
during the years ended December 31, 2022 and 2021, respectively. At December 31, 2022 and 2021, we recorded accrued interest of $119,007
and $12,500, respectively, with respect to this note.
In
June 2022, we issued an unsecured convertible note payable in the principal amount of $1,000,000 and if repaid in cash, is payable at
105% of the principal amount. The convertible note bears interest at 5.00% per annum, with an effective interest rate of 13.57% per annum,
payable at maturity with a maturity date in June 2023. Amounts due under the note could be converted into shares of our common stock
at any time at the option of the Holder, at a conversion price of $7.83 per share. We recorded interest expense on the note of $79,167
for the year ended December 31, 2022 and accrued interest as of December 31, 2022 was $29,167.
Future
minimum payments under the above debt instruments following the year ended December 31, 2021, are as follows:
SCHEDULE
OF FUTURE MINIMUM PAYMENTS FOR LONG TERM DEBT
| |
| | |
2023 | |
$ | 10,308,831 | |
2024 | |
| 1,703,598 | |
2025 | |
| 1,081,333 | |
2026 | |
| 552,311 | |
2027 | |
| 303,338 | |
Thereafter | |
| 603,222 | |
Total future minimum payments | |
| 14,552,633 | |
Less: current | |
| (10,308,831 | ) |
Long
term debt, net of current portion | |
$ | 4,243,802 | |
NOTE
14 – LEASES
During
the years ended December 31, 2022 and 2021, we recognized additional ROU assets and lease liabilities of $226,942 and $387,543, respectively.
We elected to not recognize ROU assets and lease liabilities arising from short-term office leases, leases with initial terms of twelve
months or less (deemed immaterial) on the consolidated balance sheets.
When
measuring lease liabilities for leases that were classified as operating leases, we discounted lease payments using its estimated incremental
borrowing rate. The incremental borrowing rate applied was 6.00%. As of December 31, 2022, our leases had a remaining weighted average
term of 2.34 years.
The
following table presents net lease cost and other supplemental lease information:
SCHEDULE
OF LEASE COST AND OTHER SUPPLEMENT LEASE INFORMATION
| |
Year Ended December 31, 2022 | | |
Year Ended December 31, 2021 | |
Lease cost | |
| | | |
| | |
Operating lease cost (cost resulting from lease payments) | |
$ | 259,033 | | |
$ | 130,289 | |
Short term lease cost | |
| 66,658 | | |
| 59,306 | |
Net lease cost | |
$ | 325,691 | | |
$ | 189,595 | |
| |
| | | |
| | |
Operating lease – operating cash flows (fixed payments) | |
$ | 259,003 | | |
$ | 130,289 | |
Operating lease – operating cash flows (liability reduction) | |
$ | 233,425 | | |
$ | 118,252 | |
Non-current leases – right of use assets | |
$ | 255,687 | | |
$ | 277,578 | |
Current liabilities – operating lease liabilities | |
$ | 121,731 | | |
$ | 196,472 | |
Non-current liabilities – operating lease liabilities | |
$ | 159,205 | | |
$ | 88,040 | |
Future
minimum payments under non-cancelable leases for operating leases for the remaining terms of the leases following the year ended December
31, 2022, are as follows:
SCHEDULE
OF FUTURE MINIMUM UNDER NON-CANCELLABLE LEASES FOR OPERATING LEASES
| |
| |
Fiscal Year | |
Operating Leases | |
2023 | |
$ | 120,268 | |
2024 | |
| 106,639 | |
2025 | |
| 73,435 | |
Total future minimum lease payments | |
| 300,342 | |
Amount representing interest | |
| (17,768 | ) |
Present value of net future minimum lease payments | |
$ | 282,574 | |
NOTE
15 – INCOME TAXES
For
the years ended December 31, 2022, and 2021, the income tax benefit consisted of the following:
SCHEDULE OF
INCOME TAX BENEFIT
| |
| | | |
| | |
| |
Year Ended December 31, | |
| |
2022 | | |
2021 | |
Current: | |
| | | |
| | |
Federal | |
$ | - | | |
$ | - | |
Foreign | |
| 1,432 | | |
| - | |
State | |
| 6,869 | | |
| - | |
Total current income taxes | |
$ | 8,301 | | |
$ | - | |
| |
| | | |
| | |
| |
| | | |
| | |
Deferred | |
| | | |
| | |
Federal | |
$ | (95,018 | ) | |
$ | - | |
Foreign | |
| 100,466 | | |
| - | |
State | |
| (14,298 | ) | |
| - | |
Total deferred income taxes | |
$ | (8,850 | ) | |
$ | - | |
| |
| | | |
| | |
Total | |
$ | (549 | ) | |
$ | - | |
A
reconciliation of the statutory federal income tax benefit to actual tax benefit for the years ended December 31, 2022 and 2021 is as
follows:
SCHEDULE OF STATUTORY FEDERAL INCOME TAX BENEFIT TO ACTUAL TAX BENEFIT
| |
Year Ended December 31, | |
| |
2022 | | |
2021 | |
Computed tax benefit at statutory rate | |
| 21.00 | % | |
| (21.00 | %) |
State income taxes, net of federal tax effect | |
| 0.03 | % | |
| (4.00 | %) |
Effect of rates different than statutory | |
| 0.17 | % | |
| - | |
Stock-based compensation | |
| (5.10 | %) | |
| - | |
Change in valuation allowance | |
| (9.12 | %) | |
| 25.00 | % |
Return to provision adjustments | |
| (6.39 | %) | |
| - | |
Other, net | |
| (0.59 | %) | |
| - | |
Effective tax rate | |
| 0.00 | % | |
| 0.00 | % |
The
tax effects of temporary differences that give rise to significant portions of the deferred tax assets and liabilities were as follows
as of December 31, 2022 and 2021:
SCHEDULE OF DEFERRED TAX ASSETS AND LIABILITIES
| |
| | | |
| | |
| |
Year Ended December 31, | |
| |
2022 | | |
2021 | |
Deferred tax assets: | |
| | | |
| | |
Property and equipment | |
$ | 69,252 | | |
$ | 391,900 | |
Allowance for doubtful accounts | |
| 143,804 | | |
| 19,700 | |
Net operating loss carryforwards | |
| 1,452,734 | | |
| 1,035,400 | |
Stock-based compensation | |
| 4,303,860 | | |
| 2,791,900 | |
Accounts payable and accrued liabilities | |
| 3,191 | | |
| 657,700 | |
Right of use assets | |
| 78,419 | | |
| - | |
Goodwill impairment | |
| - | | |
| 5,587,000 | |
Other | |
| 194,374 | | |
| - | |
Total deferred tax assets | |
$ | 6,245,634 | | |
$ | 10,483,600 | |
Valuation allowance | |
| (4,381,644 | ) | |
| (8,937,487 | ) |
Net deferred income taxes | |
$ | 1,863,990 | | |
$ | 1,546,113 | |
| |
| | | |
| | |
Deferred tax liabilities | |
| | | |
| | |
Intangible assets | |
$ | (2,041,418 | ) | |
$ | - | |
Prepaid expenses | |
| (193,500 | ) | |
| - | |
Amortization | |
| - | | |
| (1,546,113 | ) |
Lease liability | |
| (64,750 | ) | |
| - | |
Total deferred tax liabilities | |
$ | (2,299,668 | ) | |
$ | (1,546,113 | ) |
Net deferred tax liabilities | |
$ | (435,678 | ) | |
$ | - | |
| |
| | | |
| | |
Net deferred tax liability by jurisdiction | |
| | | |
| | |
Domestic | |
$ | - | | |
$ | - | |
Chile | |
| (435,678 | ) | |
| - | |
Peru | |
| - | | |
| - | |
Colombia | |
| - | | |
| - | |
Total | |
$ | (435,678 | ) | |
$ | - | |
We
account for deferred taxes under ASC 740, Income Taxes, which requires a reduction of the carrying amounts of deferred tax assets by
a valuation allowance if, based on available evidence, it is more likely than not that such assets will not be realized. Accordingly,
the need to establish valuation allowances for deferred tax assets is assessed periodically based on the ASC 740 more-likely-than-not
realization threshold criterion. This assessment considers matters such as future reversals of existing taxable temporary differences,
projected future taxable income, tax-planning strategies, legislative developments, and results of recent operations. The evaluation
of the recoverability of the deferred tax assets requires that we weigh all positive and negative evidence to reach a conclusion that
it is more likely than not that all or some portion of the deferred tax assets will not be realized. The weight given to the evidence
is commensurate with the extent to which it can be objectively verified.
We
have provided a valuation allowance for our net deferred tax assets at December 31, 2022 and 2021, due to the uncertainty surrounding
the future realization of such assets and the cumulative losses we have generated. Therefore, no benefit has been recognized in the financial
statements for the net operating loss carryforwards and other deferred tax assets. During the years ended December 31, 2022 and 2021,
respectively, the valuation allowance decreased by $4,555,842 and increased by $9,180,200, respectively.
As
of December 31, 2022, we had approximately $21,511,055 of consolidated federal net operating loss carryforwards and $25,595,104 of apportioned
state net operating loss carryforwards available to offset future taxable income, respectively. If unused, the federal and state net
operating loss carryforwards will begin to expire in 2032. Additionally, we had $3,584,038 of Chile net operating loss carryforwards
and $916,601 of Peru net operating loss carryforwards. An indefinite carryforward of losses is allowed in Chile. The net operating loss
carryforward in Peru will begin to expire in 2026.
Utilization
of net operating loss carryforwards and credits may be subject to a substantial annual limitation due to the ownership change
limitations provided by the Internal Revenue Code of 1986, as amended (IRC), and similar state provisions. We have not performed a
detailed analysis to determine whether an ownership change under Section 382 of the IRC has occurred or will occur. We will perform
an analysis as soon as is practicable to determine the extent of limitations, especially in regard to our subsidiaries. It is
possible that additional limitations may arise in future years, even after an analysis is completed, due to future changes in the
ownership of our Company.
We
file federal and state income tax returns in jurisdictions with varying statutes of limitations. With few exceptions, we are no longer
subject to federal or state income tax examinations by tax authorities for tax years prior to 2019 and 2018, respectively. We believe
our income tax filing positions and deductions are more likely than not to be sustained on audit. Therefore, no liabilities for uncertain
tax positions have been recorded.
As
of the date of this filing, we have not filed our 2022 federal and state income tax returns. We expect to file these documents as soon
as practicable.
NOTE
16 – CONCENTRATION OF CREDIT RISK AND SIGNIFICANT CUSTOMERS
Cash
Deposits
Our
financial instruments exposed to concentrations of credit risk consist primarily of cash and cash equivalents. Although we deposit cash
with multiple banks, these deposits, including those held in foreign branches of global banks, may exceed the amount of insurance provided
on such deposits. These deposits may generally be redeemed upon demand and bear minimal risk.
Revenue
No
single customer represented over 10% of our total revenue for the year ended December 31, 2022.
One
client accounted for 20% of revenue for the year ended December 31, 2021.
NOTE
17 – GEOGRAPHIC INFORMATION
Revenue
by geography is based on the customer’s billing address and was as follows:
SCHEDULE
OF REVENUE BY GEOGRAPHY IS BASED ON CUSTOMERS BILLING ADDRESS
| |
2022 | | |
2021 | |
| |
| | |
| |
U.S. | |
$ | 36,559,841 | | |
$ | 13,823,871 | |
Chile | |
| 9,634,082 | | |
| 1,318,688 | |
All other countries | |
| 355,694 | | |
| - | |
Revenue | |
$ | 46,549,617 | | |
$ | 15,142,559 | |
No
other international country represented more than 10% of revenue in any period presented.
Property
and equipment, net by geography was as follows:
SCHEDULE
OF PROPERTY AND EQUIPMENT, NET BY GEOGRAPHIC AREAS
|
|
2022 |
|
|
2021 |
|
|
|
|
|
|
|
|
U.S. |
|
$ |
1,198,057 |
|
|
$ |
95,069 |
|
Chile |
|
|
3,480,911 |
|
|
|
2,299,355 |
|
All
other countries |
|
|
1,527 |
|
|
|
- |
|
Property and equipment
net |
|
$ |
4,680,495 |
|
|
$ |
2,394,424 |
|
No
other international country represented more than 10% of property and equipment, net in any period presented.
NOTE 18 – ACCUMULATED OTHER COMPREHENSIVE
LOSS
The following table presents AOCI activity in equity:
SCHEDULE
OF ACCUMULATED OTHER COMPREHENSIVE LOSS
| |
Foreign Currency Translation Adjustments | | |
Total AOCI | |
| |
| | |
| |
Balance as of December 31, 2021 | |
$ | - | | |
$ | - | |
Other comprehensive income | |
| - | | |
| - | |
Amounts reclassified from AOCI | |
| 1,062,247 | | |
| 1,062,247 | |
Balance as of December 31, 2022 | |
$ | 1,062,247 | | |
$ | 1,062,247 | |
NOTE
19 – SUBSEQUENT EVENTS
Acquisition
On
January 10, 2023, we entered into a definitive agreement to acquire RAN Security, a cybersecurity company with headquarters in Buenos
Aires, Argentina and officers in Chile, Peru, Bolivia, and Paraguay. Under the terms of the agreements, RAN Security will become a wholly
owned subsidiary. The transaction is expected to close later in the year, subject to satisfaction of customary closing conditions, including
applicable regulatory approvals.
Loan
Payable and Convertible Note
The
Bell Bank Note was originally due and payable on December 14, 2022, which was extended to March 14, 2023 (as so extended, the “Bell
Bank Maturity Date”). We did not repay the Bell Bank Note on or prior to the Bell Bank Maturity Date, which resulted in an event
of default under the terms thereof. As a result, the interest rate applicable to amounts due under the Bell Bank Note increased from
4.00% to 7.50% per annum.
On
March 15, 2023, we entered into a Cash Advance Agreement (“Cash Advance Agreement”) with Cedar Advance, LLC, pursuant to
which we received gross proceeds of $2,000,000 and paid $87,500 in upfront fees. The terms of the Cash Advance Agreement calls for us
to remit weekly payments of $99,398 until such time as we have repaid $2,870,000. The estimated effective interest
rate is 155.11%. The Cash Advance Agreement is secured by the accounts
receivables of Cerberus, TalaTek, and True Digital.
We
intend to use the proceeds from the Cash Advance Agreement for general corporate purposes, which may include working capital, capital
expenditures, and repayment of debt.
On
March 20, 2023, we entered into a Purchase Agreement (the “Purchase Agreement”) with Hensley & Company dba Hensley
Beverage Company (the “Purchaser”), a related party, pursuant to which we issued and sold to the Purchaser a $5,000,000
10 Percent (10%) Unsecured Convertible Note (the “Note”) for gross proceeds of $5,000,000
in a private placement exempt from registration under Section 4(a)(2) of the Securities Act of 1933, as amended (the
“Securities Act”), and Regulation D promulgated thereunder (the “Note Offering”). The Note, together with
accrued and unpaid interest thereon, is due on March
20, 2025 (the “Maturity Date”). We may not prepay the Note prior to the Maturity Date without the consent of the
Purchaser. The Note will bear interest at a rate of 10%
per annum (based on a 360-day year), payable monthly. At any time prior to or on the Maturity Date and subject to certain beneficial
ownership limitations, the Purchaser may convert all or any portion of the outstanding principal amount of the Note and all accrued
and unpaid interest thereon into shares of our common stock, par value $0.00001
per share, at a conversion price of $1.20
per share (the “Conversion Price”). The Conversion Price is adjustable in the event of any stock split, reverse stock
split, recapitalization, reorganization, or similar event. Upon the occurrence of an “Event of Default” (as defined in
the Note and including the failure to make required payments when due after specified grace periods, certain breaches of the
Purchase Agreement and certain specified insolvency events), the Purchaser would have the right to accelerate payments due under the
Note, which from and after such acceleration would bear interest at a default rate of 24%
per annum.
We
used the proceeds from the Note Offering and our existing cash resources to repay in full the $5,000,000
4% promissory note issued and sold to Bell Bank in June 2022, plus $35,417
of accrued and unpaid interest.
On March 27, 2023, we entered into a letter agreement with Neil Stinchcombe to resolve a dispute about certain payment terms of a convertible
note previously issued to Mr. Stinchcombe, with an outstanding principal amount of $1,500,000. Pursuant to the terms of this agreement,
we agreed to repay the principal amount of the note in three equal installment payments of $500,000, on each of March 31, April 28 and
May 31, 2023, with accrued interest to be paid on May 31, 2023 at the note’s reflected interest rate of 5.0% per annum. If we fail
to timely make any of the foregoing payments, the applicable interest rate will be increased to a default rate of 24% per annum.
On March 29, 2023, we received
a letter from the listing qualifications staff of Nasdaq providing notification that the bid price for our common stock had closed below
$1.00 per share for the previous 30 consecutive business days and our common stock no longer met the minimum bid price requirement for
continued listing under Nasdaq Listing Rule 5550(a)(2). In accordance with Nasdaq Listing Rule 5810(c)(3)(A), we have an initial period
of 180 calendar days to regain compliance. To regain compliance, the closing bid price of our common stock has to be $1.00 per share or
more for a minimum of 10 consecutive business days at any time before the expiration of the initial compliance period. In the event that
we are unable to regain compliance with Rule 5550(a)(2) during the initial compliance period, Nasdaq rules provide that we may be eligible
for an additional 180 calendar day compliance period. To qualify, we need to meet the continued listing requirement for market value of
publicly held shares and all other initial listing standards for the Nasdaq Capital Market, with the exception of the minimum bid price
requirement, and to provide written notice of our intention to cure the deficiency during the second compliance period, by effecting a
reverse stock split, if necessary.