There were no material changes outside the ordinary course of business during the ninethree months ended September 30, 2017March 31, 2019 in our commitments under contractual obligations, as disclosed in our Prospectus filed withAnnual Report on Form 10-K for the SEC on October 27, 2017.year ended December 31, 2018.
Our condensed consolidated financial statements have been prepared in accordance with GAAP. The preparation of these condensed consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses, and related disclosures. We base our estimates on historical experience and on various other assumptions that we believe are reasonable under the circumstances. We evaluate our estimates and assumptions on an ongoing basis. Actual results may differ from these estimates. To the extent that there are material differences between these estimates and our actual results, our future financial statements will be affected.
|
| |
| |
ITEM 3. | QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK |
Foreign Currency Exchange Risk
Our sales contracts are primarily denominated in U.S. Dollars. A portionassessment of our operating expenses are incurred outsideexposures to market risk have not changed materially since the presentation set forth in Part II, Item 7A of our Annual Report on Form 10-K for the United States, are denominated in foreign currencies, and are subject to fluctuations due to changes in foreign currency exchange rates, particularly changes in the Israeli Shekel, or NIS, and the British Pound. Additionally, fluctuations in foreign currency exchange rates may cause us to recognize transaction gains and losses in our statements of operations and comprehensive loss. The effect of an immediate 10% adverse change in foreign exchange rates on foreign-denominated accounts as of September 30, 2017 andfiscal year ended December 31, 2016 would result in a $1.0 million and $985,000 loss, respectively, on our condensed consolidated statements of operations and comprehensive loss. As our international operations grow, we will continue to reassess our approach to managing the risks relating to fluctuations in foreign currency.
Interest Rate Sensitivity
As of September 30, 2017, we had cash and cash equivalents of $72.3 million, which consisted primarily of bank deposits and money market funds. Such interest-earning instruments carry a degree of interest rate risk. To date, fluctuations in interest income have not been significant.2018.
|
| |
| |
ITEM 4. | CONTROLS AND PROCEDURES |
Evaluation of Disclosure Controls and Procedures
Our management, with the participation of our principal executive officer and principal financial officer, evaluated the effectiveness of our disclosure controls and procedures pursuant to Rule 13a-15 under the Securities Exchange Act of 1934, as amended (the “Exchange Act”), as of the end of the period covered by this report. BasedQuarterly Report on our evaluation, our principal executive officer and principal financial officer & principal accounting officer concluded that, as of September 30, 2017, our disclosure controls and procedures are designed at a reasonable assurance level and are effective to provide reasonable assurance that information we are required to disclose in reports that we file or submit under the Exchange Act is recorded, processed, summarized, and reported within the time periods specified in SEC rules and forms, and that such information is accumulated and communicated to our management, including our principal executive officer and principal financial officer, as appropriate, to allow timely decisions regarding required disclosure.
Changes in Internal Control over Financial Reporting
There were no changes in our internal control over financial reporting identified in connection with the evaluation required by Rule 13a-15(d) and 15d-15(d) of the Exchange Act that occurred during the quarter ended September 30, 2017 that have materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.
Limitations on Controls
Form 10-Q. In designing and evaluating the disclosure controls and procedures, management recognizes that any controls and procedures, no matter how well designed and operated, can provide only reasonable assurance of achieving the desired control objectives. In addition, the design of disclosure controls and procedures must reflect the fact that there are resource constraints and that management is required to apply its judgment in evaluating the benefits of possible controls and procedures relative to their costs. Further, no
Based on our evaluation, our principal executive officer and principal financial officer concluded that, as of March 31, 2019, our disclosure controls canand procedures are effective to provide absolutereasonable assurance that misstatements dueinformation we are required to errordisclose in reports that we file or fraud will not occur or that all control issuessubmit under the Exchange Act is recorded, processed, summarized, and instances of fraud, if any,reported within the Companytime periods specified in the Securities and Exchange Commission (“SEC”) rules and forms, and that such information is accumulated and communicated to our management, including our principal executive officer and principal financial officer, as appropriate, to allow timely decisions regarding required disclosure.
Changes in Internal Control over Financial Reporting
There were no changes in our internal control over financial reporting identified in connection with the evaluation required by Rule 13a-15(d) and 15d-15(d) of the Exchange Act that occurred during the quarter ended March 31, 2019 that have beenmaterially affected, or will be detected.are reasonably likely to materially affect, our internal control over financial reporting.
PART II. OTHER INFORMATION
From time to time, we may be subject toare involved in claims and legal proceedings and claimsthat arise in the ordinary course of business. Such matters are subject to many uncertainties and outcomes are not predictable with assurance.
To the extent there is a reasonable possibility that a loss exceeding amounts already recognized may be incurred, and the amount of such additional loss would be material, we will either disclose the estimated additional loss or state that such an estimate cannot be made. We maydo not currently believe that it is reasonably possible that additional losses in connection with litigation arising in the future receive claims from third parties asserting, among other things, infringementordinary course of their intellectual property rights. Future litigation maybusiness would be necessary to defend ourselves, our partners and our customers or to establish our proprietary rights. The results of any current or future litigation cannot be predicted with certainty, and regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources, and other factors.
On October 24, 2017, Network Security Technologies, LLC, or NST, filed a lawsuit against us in the United States District Court for the District of Delaware, alleging that we infringe certain patents held by it and seeking unspecified damages. Based upon our review of these patents, we believe we have meritorious defenses to NST’s claims and intend to vigorously defend the lawsuit. However, the outcome of any litigation is inherently unpredictable, and as a result of this litigation, we may be required to pay damages or seek a license or other right to continue to deliver an unmodified version of CounterAct, which may not be made available to us at all or which may require us to pay ongoing royalties and comply with unfavorable terms.
material.
YouRefer to the description of the risk factors associated with our business in Part I, Item 1A of our Annual Report on Form 10-K for the fiscal year ended December 31, 2018. There have been no material changes from the risk factors described under Part I, Item 1A of our Annual Report on Form 10-K for the fiscal year ended December 31, 2018. Before you buy our common stock, you should carefully consider the followingknow that making such an investment involves some risks and uncertainties, described below, together with all of the other information contained in this Form 10-Q, including, the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our financial statements and related notes. Any ofbut not limited to, the risks if realized,described in Part I, Item 1A of our Annual Report on Form 10-K for the fiscal year ended December 31, 2018. Additionally, any one of those risks could have a material adverse effect onharm our business, financial condition and results of operations, prospects, and financial condition, andwhich could cause the tradingour stock price of our common stock to decline, which would cause you to lose all or part of your investment. The risks and uncertainties described below are not the only ones we face.decline. Additional risks and uncertainties not presently known to us or deemed to be material by usthat we currently deem immaterial may also impair our operations and performance.
Risks Related to Our Business
As a result of recent changes in our market, sales organization, and go-to-market strategy, our ability to forecast our future results of operations and plan for and model future growth is limited and subject to a number of uncertainties.
Although we were founded in 2000 and launched ForeScout CounterACT in 2006, much of our growth has occurred in recent periods. Our growth reflects a number of macro changes impacting the cyber security market, particularly through Bring Your Own Device, or BYOD, initiatives and the emergence of the Internet of Things, or IoT, both of which have contributed to a significant increase in the number of unmanaged devices accessing IT networks and resulted in growing demand for our products. To address this demand, we have made substantial investments in our sales force, which has almost tripled the size of our quota-bearing sales representatives from the beginning of 2015 to September 30, 2017. In addition, we have also recently begun to focus on building relationships with potential Alliance Partners, such as FireEye, Inc., or FireEye, to utilize their sales force resources to reach new end-customers. As a result of these recent changes in our market, sales organization and go-to-market strategies, coupled with our limited operating history, our ability to forecast our future results of operations and plan for and model future growth is limited and subject to a number of uncertainties. We have encountered and will continue to encounter risks and uncertainties frequently encountered by rapidly growing companies in developing markets. If our assumptions regarding these risks and uncertainties are incorrect or change in response to
developments in the security market, our results of operations and financial results could differ materially from our plans and forecasts. If we are unable to achieve our key objectives, our business and results of operations will be adversely affected and the fair market value of our common stock could decline.
Our revenue growth rate in recent periods may not be indicative of our future performance.
Our revenue growth rate in recent periods should not be viewed as an indication of our future performance. For the years ended December 31, 2014, 2015, and 2016, our revenue was $71.1 million, $126.0 million, and $166.8 million, respectively, representing year-over-year growth of 77% and 32%, respectively. For the nine months ended September 30, 2016 and 2017, our revenue was $117.4 million and $154.9 million, respectively, representing period-over-period growth of 32%. We may not achieve similar revenue growth rates in future periods. Factors that could impact our ability to increase our revenue include our ability to increase the size or efficiency of our sales force, which has expanded rapidly in recent years, our ability to achieve repeat purchases by existing end-customers, and the extent to which we are successful in securing large scale deployments, particularly among Global 2000 enterprises and public sector organizations. If we are unable to maintain consistent revenue or revenue growth, our stock price could experience volatility, and our ability to achieve and maintain profitability could be adversely affected.
We have a history of losses and may be unable to achieve or maintain profitability in the future.
We have incurred significant net losses in each year since our inception, including net losses of $44.0 million, $27.3 million, and $74.8 million for the years ended December 31, 2014, 2015, and 2016, respectively, and net losses of $58.0 million and $54.9 million for the nine months ended September 30, 2016 and 2017, respectively. While we have experienced revenue growth over these same periods, we may not be able to sustain or increase our growth or achieve profitability in the future or on a consistent basis. We expect our operating expenses to increase over the next several years as we continue to expend substantial financial resources on, among other things, expanding and improving the functionality of our solution through the addition of new ForeScout Extended Modules, investments in research and development and sales and marketing, and the hiring of additional employees. The return on these investments, if any, will only be realized over time and may not result in increased revenue commensurate with increases in our expenses, or at all.
In addition, as a public company, we will incur significant accounting, legal, and other expenses that we did not incur as a private company. Achieving profitability will require us to increase revenue, manage our cost structure, and avoid significant liabilities. Revenue growth may slow, revenue may decline, or we may incur significant losses in the future for a number of reasons, including general macroeconomic conditions, increasing competition, a decrease in the growth of the markets in which we operate, the inability to expand our sales force and increase its productivity, or if we fail for any reason to continue to capitalize on growth opportunities. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays, and other unknown factors that may result in losses in future periods. If these losses exceed our expectations or our revenue growth expectations are not met in future periods, our financial performance will be harmed and our stock price could decline.
If we are unable to increase sales of our solution to large organizations and public sector entities, while mitigating the risks associated with serving such end-customers, our business, financial position, and results of operations may suffer.
Our growth strategy is dependent, in part, upon increasing sales of our solution to large organizations and public sector entities. Sales to large organizations and public sector entities involve risks that may not be present (or that are present to a lesser extent) with sales to smaller entities. These risks include:
increased purchasing power and leverage held by large end-customers in negotiating contractual arrangements with us, including, in certain cases, clauses that provide preferred pricing of configurations with similar specifications;
more stringent or costly requirements imposed upon us in our maintenance and support contracts with such end-customers, including stricter response times and penalties for any failure to meet maintenance and support requirements (which penalties may include termination of our maintenance and support contracts with such end-customer, or refunds of amounts paid);
more complicated and costly implementation processes and network infrastructure;
longer sales cycles and the associated risk that substantial time and resources may be spent on a potential end-customer that ultimately elects not to purchase our products or purchases fewer products than we anticipated;
closer relationships with, and increased dependence upon, large technology companies who offer competitive products and have stronger brand recognition; and
increased pressure for pricing discounts.
In addition, because security breaches with respect to larger, high-profile organizations, or public sector entities are likely to be heavily publicized and because they are more likely to be targeted by cyberattackers, there is increased reputational risk associated with serving such end-customers. If we are unable to increase sales of our solution and products to large organizations and public sector entities while mitigating the risks associated with serving such end-customers, our business, results of operations, prospects, and financial condition may suffer.
Our business and operations have experienced rapid growth, and if we do not appropriately manage any future growth, or are unable to improve our systems and processes, our results of operations will be harmed.
We have experienced rapid growth over the last several years, which has placed and will continue to place significant demands on our management, administrative, operational, and financial infrastructure. As we have grown, we have had to manage an increasingly larger and more complex array of internal systems and processes to scale all aspects of our business in proportion to such rapid growth, including an expanded sales force, additional end-customer service personnel, and a new corporate headquarters, as well as more complex administrative systems related to managing increased headcount, particularly within our sales force. For instance, from January 1, 2016 to September 30, 2017, our headcount grew from 513 employees to 811 employees, and we expect to continue to expand our headcount. Our success will depend in part upon our ability to manage our growth effectively. To do so, we must continue to increase the productivity of our existing employees, particularly our sales force, and hire, train, and manage new employees as needed.
To manage the domestic and international growth of our operations and personnel, we will need to continue to improve our operational, financial, and management controls, as well as our reporting processes and procedures. In addition, we will need to implement more extensive and integrated financial and business information systems, including a new software license management system and a human resource management system. These additional investments will increase our operating costs, which will make it more difficult for us to offset any future revenue shortfalls by reducing expenses in the short term. We may not be able to successfully acquire or implement these or other improvements to our systems and processes in an efficient or timely manner, or once implemented, we may discover deficiencies in their capabilities or effectiveness. We may experience difficulties in managing improvements to our systems and processes or in integrating with third-party technology. In addition, our systems and processes may fail to prevent or detect errors, omissions, or fraud. Our failure to improve our systems and processes, or their failure to operate effectively and in the intended manner, may result in the disruption of our current operations and end-customer relationships, our inability to manage the growth of our business and our inability to accurately forecast and report our revenue, expenses and earnings, any of which may materially harm our business, results of operations, prospects, and financial condition.
If we are unable to increase market awareness of our company and our solution, or fail to successfully promote or protect our brand, our competitive market position and revenue may not continue to grow or may decline.
Market awareness of the value proposition of our solution will be essential to our continued growth and our success. If our marketing efforts are unsuccessful in creating market awareness of our company and our solution, then our business, results of operations, prospects, and financial condition will be adversely affected, and we will not be able to achieve sustained growth.
Moreover, due to the intensely competitive nature of our market, we believe that building and maintaining our brand and reputation is critical to our success and that the importance of positive brand recognition will increase as competition in our market further intensifies. While we believe that we are successfully building a well-established brand and have invested and expect to continue to invest substantial resources to promote and maintain our brand, both domestically and internationally, there can be no assurances that our brand development strategies will enhance our reputation or brand recognition or lead to increased revenue.
Furthermore, an increasing number of independent industry analysts and researchers, such as Gartner, Inc., International Data Corporation, and Forrester Research, Inc., regularly evaluate, compare, and publish reviews regarding the functionality of security products and services, including our solution. The market’s perception of our solution may be significantly influenced by these reviews. We do not have any control over the content of these independent industry analysts and researchers’ reports, and our reputation and brand could be harmed if they publish negative reviews of our solution or do not view us as a market leader. The strength of our brand may also be negatively impacted by the marketing efforts of our competitors, which may include incomplete, inaccurate, and misleading statements about us, or our products and services. If we are unable to maintain a strong brand and reputation, sales to new and existing end-customers could be adversely affected, and our financial performance could be harmed.
We operate in a highly competitive market, with certain competitors having greater resources than we do, and competitive pressures from existing and new companies may adversely impact our business, results of operations, prospects, and financial condition.
The market in which we compete is highly fragmented, intensely competitive, and evolving in response to changes in the threat landscape and corporate network security infrastructures. We expect competition to intensify in the future as existing competitors bundle new and more competitive offerings with their existing products and services, and as new market entrants introduce new products into the security market. This competition could result in increased pricing pressure, reduced profit margins, increased sales and marketing expenses, and our failure to increase, or the loss of, market share, any of which could seriously harm our business, results of operations, prospects, and financial condition. If we do not keep pace with product and technology advances and otherwise keep our products and services competitive, there could be a material and adverse effect on our competitive position, revenue, and prospects for growth.
Our competitors and potential competitors include large networking vendors such as Cisco Systems, Inc., or Cisco, and HP Enterprise Company that may emulate or integrate features similar to ours into their own products; independent network security vendors that offer products that claim to perform similar functions to our solution; and small and large companies that offer point solutions that compete with some of the features present in our solution. We may also face competition from highly specialized vendors as well as larger vendors that may continue to acquire or bundle their products more effectively as our market grows and IT budgets are increased or created to support next-generation threat protection.
Many of our current and potential competitors, such as Cisco and HP Enterprise Company, have longer operating histories, are substantially larger and have greater financial, technical, research and development, sales and marketing, manufacturing, distribution, and other resources, and greater name recognition. Such competitors also may have well-established relationships with our current and potential end-customers, extensive knowledge of our industry and the market in which we compete and intend to compete, and such competitors may emulate or integrate product features similar to ours into their own products. As a result, our competitors may be able to respond more quickly to new or emerging technologies and changes in customer requirements, or to devote greater resources to the development, marketing, promotion, and sale of their products and services than we can with respect to our products and services. They also may make strategic acquisitions or establish cooperative relationships among themselves or with other providers, thereby increasing their ability to provide a broader suite of products and services, and potentially causing our end-customers to decrease purchases of, or defer purchasing decisions with respect to, our products and services. In addition, some of our larger competitors have substantially broader product offerings and may be able to leverage their relationships with distribution partners and customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages potential end-customers from purchasing our products and services, including by selling at zero or negative margins, product bundling, or offering closed technology solutions. Potential end-customers may also prefer to purchase from their existing vendors rather than a new supplier regardless of product performance or features. Further, to the extent that one of our competitors acquires, or establishes or strengthens a cooperative relationship with, one or more of our channel partners, it could adversely affect our ability to compete. We may be required to make substantial additional investments in research and development and sales and marketing to respond to these competitive pressures, and we may not be able to compete successfully in the future. Any of the foregoing may limit our ability to compete effectively in the market and adversely affect our business, results of operations, prospects, and financial condition.
If we are unable to successfully expand our sales force while maintaining sales productivity, sales of our products, maintenance, and professional services and the growth of our business and financial performance could be harmed.
We continue to be substantially dependent on our sales force to obtain new end-customers and increase sales to existing end-customers, and we plan to continue to grow our sales force in the future. There is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth and profitability will depend, in large part, on our success in recruiting, training, and retaining a sufficient number of sales personnel to support our growth, particularly in international markets. New sales representative hires require significant training and may require a lengthy on-boarding process before they achieve adequate levels of productivity. Generally, our sales representatives become more productive the longer they are with us, with limited productivity in their first few quarters as they learn to sell our products and participate in field training.
Our recent hires and planned hires may not become productive as quickly as we expect, or at all, and we may be unable to hire or retain a sufficient number of qualified personnel in the markets where we do business or plan to do business. If we are unable to recruit, train, and retain a sufficient number of productive sales personnel, sales of our products, maintenance, and professional services and the growth of our business would be harmed. Additionally, if our efforts to expand our sales force do not result in increased revenue, our results of operations could be negatively impacted due to increased operating expenses associated with an expanded sales force.
Our end-customers’ purchasing cycles may cause fluctuations in our revenue.
Our business is affected by cyclical fluctuations in end-customer spending patterns, which result in some seasonal trends in the sale of our solution. Revenue in our third and fourth fiscal quarters, particularly in the last two weeks of the fourth quarter, is typically stronger due to the calendar year-end. Our public sector end-customers typically end their fiscal years during our third quarter, while many of our other end-customers end their fiscal years during our fourth quarter. Our first and second fiscal quarters typically experience lower sales, with aggregate revenue historically significantly lower in our first fiscal quarter when compared to our third and fourth fiscal quarters. Furthermore, our rapid growth rate over recent years may have made these fluctuations more difficult to detect. If our growth rate slows over time, cyclical variations in our operations may become more pronounced, and our business, results of operations, prospects, and financial condition may be adversely affected.
Reliance on shipments at the end of the quarter could cause our revenue for the applicable period to fall below expected levels.
As a result of end-customer buying patterns and the efforts of our sales force and channel partners to meet or exceed their quarterly sales objectives, we have historically received a substantial portion of sales orders and generated a substantial portion of revenue during the last few weeks of each fiscal quarter. If expected revenue at the end of any fiscal quarter is delayed for any reason, our revenue for that quarter could fall below our expectations and the estimates of analysts, which could adversely impact our business, results of operations, prospects, and financial condition and cause a decline in the trading price of our common stock. The reasons our expected revenue may be delayed include:
the failure of anticipated purchase orders to materialize;
our logistics partners’ inability to deliver products prior to fiscal quarter-end to fulfill purchase orders received near the end of the fiscal quarter;
our failure to manage inventory to meet demand;
our inability to release new products on schedule;
any failure of our systems related to order review and processing; or
any delays in shipments based on trade compliance requirements.
We are dependent upon lead generation strategies to drive our sales and revenue. If these marketing strategies fail to continue to generate sales opportunities, our ability to grow our revenue will be adversely affected.
We are dependent upon lead generation strategies to generate sales opportunities, such as sponsored events, tradeshows, webinars, and product demonstrations. These strategies may not be successful in continuing to generate sufficient sales opportunities necessary to increase our revenue. To the extent that targeted leads do not become, or we are unable to successfully attract, end-customers, we will not realize the intended benefits of these marketing strategies, and our ability to grow our revenue will be adversely affected.
Our business depends substantially on our ability to retain end-customers and expand our offerings to them. A decline in our end-customer retention or in our ability to expand sales to existing end-customers could harm our future results of operations.
Many organizations seek security solutions that are among the best available in the industry. For us to maintain or improve our results of operations in an industry that is rapidly evolving and places a premium on market leading solutions, it is important that we retain existing end-customers and that our end-customers expand their use of our products and services. An increasing portion of our revenue is derived from additional sales to our end-customers for both the management of additional existing devices on their networks and the influx of new devices that are added to their networks each day. During the year ended December 31, 2016, approximately 82% of our revenue came from existing end-customers, and it is important for us to increase sales into this base. Our end-customers also have no obligation to renew their maintenance and support contracts with us upon the expiration of the initial maintenance and support contract period, which is typically a one-year or three-year term, and even if end-customers do renew, they may not renew with a similar maintenance and support contract period, or they may renew on terms that are less economically beneficial to us.
Our end-customer retention rates may decline or fluctuate as a result of a number of factors, including the level of our end-customers’ satisfaction with our solution, services and support, our prices and the prices of competing solutions or products, mergers and acquisitions affecting our end-customer base, the effects of global economic conditions, new technologies, changes in our end-customers’ spending levels, and changes in how our end-customers perceive the security threats to their organizations and the importance of our offerings to the security of their organizations.
In addition to increasing sales from our end-customers through sales of additional products, maintenance, and professional services, our sales may increase when end-customers refresh their installed base of our physical appliances, or Physical Appliances, with our latest equipment, replacing older versions of the Physical Appliances that reach the end of their useful life and are no longer supported under service contracts. Our end-customers typically refresh their installed base of our hardware appliance products every five years. Historically, these refresh cycles triggered buying cycles for new versions of our hardware appliances, which typically offer greater capacity and additional features than older versions, as well as new service contracts. If end-customers choose not to replace older versions of our products with newer products supported under our service contracts, our business, results of operations, prospects, and financial condition will be adversely affected. A refresh cycle also creates an opportunity for our competitors to try to displace our existing product deployments at our end-customers, who may be more inclined to consider other product solutions when they otherwise have to replace our existing products that have reached the end of their useful lives. The extent to which end-customers decide to refresh by purchasing products from our current or future competitors, as opposed to purchasing our new products, may significantly impact our current period product revenue, as well as future service revenue.
Our future success depends substantially on our ability to expand our sales to our existing end-customers with solutions we develop or acquire. If we are unable to expand our presence within our end-customer base by expanding the scope of their usage or adopting additional products, our business and revenue will be adversely affected.
If we are unable to attract new end-customers, our revenue growth and profitability will be adversely affected.
To increase our revenue and achieve and maintain profitability, we must regularly add new end-customers. In fiscal 2016, we sold our products to approximately 380 new end-customers. Numerous factors, however, may impede our ability to add new end-customers, including our inability to convert prospective end-customers that have been referred to us by our existing network into end-customers, failure to attract and effectively train new sales and marketing personnel, failure to retain and motivate our current sales and marketing personnel, failure to develop relationships with resellers, or failure to ensure the effectiveness of our marketing programs. In addition, if prospective end-customers do not perceive our solution to be of superior value and quality, we will not be able to attract the number and types of new end-customers that we are seeking.
Our results of operations may fluctuate significantly, be difficult to predict, and may not meet investor expectations.
Our results of operations have varied significantly in the past and may vary significantly in the future, from period to period due to a number of factors, many of which are outside of our control, including macroeconomic factors. These factors limit our ability to accurately predict our results of operations and include factors discussed throughout this “Risk Factors” section, including the following:
macroeconomic conditions in our markets, both domestic and international, as well as the level of discretionary IT spending available to organizations;
the timing, size, and mix of orders from, and shipments to, end-customers, including the timing of large orders, and timing of shipments;
fluctuation in demand for our products, maintenance, and professional services;
evolving conditions in the markets in which we compete;
variability and unpredictability in the rate of growth in the markets in which we compete;
our ability to continue to acquire new end-customers and increase our market share;
our sales cycles, which may lengthen as the complexity of products and competition in our markets increases and in response to macroeconomic conditions;
the level of competition in our markets, including the effect of new entrants, price competition, consolidation, and technological innovation;
market acceptance of our products, maintenance, and professional services;
any disruption in our channel or termination of our relationship with important channel partners;
product announcements, introductions, transitions, and enhancements by us or our competitors, which could result in deferrals of end-customer orders;
technological changes in our markets;
the quality and level of our execution of our business strategy and operating plan, and the effectiveness of our sales and marketing programs;
the impact of future acquisitions or divestitures;
the cost of potential and existing litigation, which could have a material adverse effect on our business;
seasonality or cyclical fluctuations in our markets;
the need to change our pricing model or make pricing concessions to large end-customers;
changes in accounting rules and policies; and
the need to recognize certain revenue ratably over a defined period or to defer recognition of revenue to a later period.
Furthermore, a high percentage of our expenses, including those related to overhead, service and maintenance, research and development, sales and marketing, and general and administrative functions are generally fixed in the short term. As a result, if our revenue is less than forecasted, we may not be able to effectively reduce such expenses to compensate for the revenue shortfall and our results of operations will be adversely affected.
Sales to U.S. federal, state, and local government agencies and other public sector entities are subject to a number of challenges and risks that may adversely impact our business.
We currently sell our solution to various government agencies and other public sector entities, and we may in the future increase sales to government agencies and other public sector entities. For example, sales to U.S. federal, state, and local government agencies and other public sector entities accounted for 23%, 23%, and 36%, of our total revenue for the years ended December 31, 2014, 2015, and 2016, respectively, and accounted for 33% and 28% of our total revenue for the nine months ended September 30, 2016 and 2017, respectively, and may in the future account for a greater percentage of our total revenue. Sales to such government agencies and other public sector entities are subject to certain risks. Selling to government agencies and other public sector entities can be highly competitive, expensive, and time consuming, and can require certification requirements, often requiring significant upfront time and expense without any assurance that these efforts will result in a sale. Additionally, public sector demand and payment for our products, maintenance, and professional services may be impacted by public sector budgetary cycles and funding authorizations. Funding reductions, budget constraints, or delays may adversely affect public sector demand for our products, maintenance, and professional services. The vast majority of our sales to government agencies and other public sector entities are completed through our network of channel partners, and government agencies and other public sector entities may have statutory, contractual, or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default. The public sector routinely investigates and audits public sector contractors’ administrative processes, and any unfavorable audit could result in the public sector refusing to continue buying our products, maintenance, and professional services, a reduction of revenue, fines, or civil or criminal liability if the audit uncovers improper or illegal activities, which could adversely impact our results of operations.
Because we derive substantially all of our revenue and cash flows from one product, ForeScout CounterACT, the failure to achieve increased market acceptance of CounterACT would adversely affect our business, results of operations, prospects, and financial condition.
We derive and expect to continue to generate most of our revenue from our ForeScout CounterACT product and related maintenance and professional services for CounterACT for the foreseeable future. As a result, the market acceptance of CounterACT is critical to our continued success. Demand for CounterACT is affected by a number of factors beyond our control, including continued market acceptance of CounterACT by referenceable accounts for existing and new use cases, the timing of development and release of new products by our competitors, technological change, and growth or contraction in our market. Our inability to expand our sales of CounterACT to existing end-customers or increase our sales of CounterACT to new end-customers would harm our business and results of operations more seriously than if we derived significant revenue from a variety of sources.
Real or perceived defects, errors or vulnerabilities in our products, the misconfiguration of our products, the failure of our products to detect or prevent a security breach, the failure of end-customers to take action on attacks identified by our products, or the failure of our products to detect newly developed devices could harm our reputation and adversely impact our business, results of operations, prospects, and financial condition.
Because our products are complex, they have contained, and may in the future contain, design or manufacturing defects or errors that are not detected before their deployment. Our products also provide our end-customers with the ability to customize a multitude of settings, and it is possible that an end-customer could misconfigure our products or otherwise fail to configure our products in an optimal manner. Such defects, errors, and misconfigurations of our products could cause our products to be vulnerable to security attacks, cause them to fail to secure networks and detect and block threats, or temporarily interrupt the networking traffic of our end-customers. In addition, because the devices and techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until widely deployed, there is a risk that an advanced attack could emerge through a device that our products are unable to detect, particularly devices without IP addresses. Moreover, as our products are adopted by an increasing number of large organizations and public sector entities, it is possible that the individuals and organizations behind cyberattacks will begin to focus on finding ways to defeat our products. If this happens, our products could be targeted by attacks specifically designed to disrupt our business and undermine the perception that our products are capable of providing superior network security, which, in turn, could have a serious impact on our reputation. Any security vulnerability or perceived security vulnerability of our products could materially and adversely affect our business, results of operations, prospects, and financial condition.
If any of our end-customers become infected with malware after using our products, such end-customer could be dissatisfied with our products or perceive that our products failed to perform their intended purpose, regardless of whether our products mitigated the actual harm of malware, blocked the theft of any of such end-customer’s data, or would have blocked such theft if the product had been configured properly. If any of our end-customers experience a security breach, such end-customers and the general public may believe that our products failed even if the cause of the breach is unrelated to the performance of our products. Furthermore, if any organizations or public sector entities that are publicly known to use our products are the subject of a cyberattack that becomes publicized, our other current or potential end-customers may believe that our products failed and be inclined to purchase alternative solutions from our competitors. Real or perceived security breaches of our end-customers’ networks could cause disruption or damage to their networks or other negative consequences and could result in negative publicity about us, damage to our brand and reputation, decreased sales, increased expenses, and end-customer relations problems.
Furthermore, our existing products are designed to detect existing IP-based devices and may fail to detect newly developed IP-based devices or devices that operate on newly developed protocols for any number of reasons, including our failure to enhance and expand our products and services to reflect industry trends, the advancement of new and existing technologies and new operating environments, the complexity of our end-customers’ network and environment, and the sophistication of malware, viruses, and other threats. To the extent potential end-customers, industry analysts or testing firms believe that the failure of our products to detect certain networked devices indicates that our products or services do not provide significant value, our reputation and business could be harmed. Failure to keep pace with technological changes in the security industry and the threat landscape could adversely affect our ability to protect against security breaches and could cause us to lose end-customers.
Any real or perceived defects, errors, or vulnerabilities in our products, or any other failure of our products to detect devices that introduce threats to an end-customer’s network, could result in:
a loss of existing or potential end-customers or channel partners;
delayed or lost revenue and harm to our financial condition and results of operations;
a delay in attaining, or the failure to attain, market acceptance for new products;
the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects, to address and eliminate vulnerabilities, or to identify and ramp up production with alternative third-party manufacturers;
an increase in warranty claims or an increase in the cost of servicing warranty claims, either of which would adversely affect our gross margins;
harm to our reputation or brand; or
litigation, regulatory inquiries, or investigations that may be costly and further harm our reputation.
Because our products are highly complex and are subject to real or perceived defects, our business is subject to risks related to warranty claims, product returns and product liability.
We may incur significant costs in connection with a product recall and any related indemnification obligations, which could materially and adversely affect our results of operations. In addition, many of our products operate on our internally developed operating system, and any error in the operating system may affect those products. We have experienced in the past, and may continue to experience in the future, errors or quality problems in connection with new products and enhancements to existing products. We expect that errors or quality problems will be found from time to time in our products after commencement of commercial shipments, which could seriously harm our business.
Historically, the amount of warranty claims we have received has not been significant, but there is a risk that errors or problems with the quality of our products could result in material claims in the future. Because our end-customers install our appliances directly into their network infrastructures, any errors, defects, or other problems with our products could negatively impact their networks or other internet users, resulting in financial or other losses to our end-customers. While we typically seek by contract to limit our exposure to such damages, liability limitation provisions in our standard terms and conditions of sale, and those of our channel partners, may not be enforceable under some circumstances as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries or may not fully or effectively protect us from end-customer claims and related liabilities and costs, including indemnification obligations under our agreements with channel partners or end-customers. The sale and support of our products also entail the risk of product liability claims. We maintain insurance to protect against certain types of claims associated with the use of our products, but our insurance coverage may not adequately cover any such claims. In addition, even claims that ultimately are unsuccessful could require us to incur costs in connection with litigation, which could divert management’s time and other resources away from our business and could significantly harm the reputation of our business and products.
We rely on revenue from maintenance and professional services, which may decline, and because we recognize revenue from our support and maintenance contracts over the term of the relevant service period, downturns or upturns in sales of our support and maintenance services are not immediately reflected in full in our results of operations.
Our maintenance and professional services revenue accounted for 42%, 43%, and 41% of our revenue during the years ended December 31, 2014, 2015, and 2016, respectively, and accounted for 41% and 46% of our revenue during the nine months ended September 30, 2016 and 2017, respectively. Sales of new or renewal service contracts may decline and fluctuate as a result of a number of factors, including our end-customers’ level of satisfaction with our maintenance and support services or our professional services, the prices of our services, and reductions in our end-customers’ spending levels. If our sales of new or renewal maintenance and support contracts or professional services contracts decline, our revenue and revenue growth may decline and our business will suffer. While we typically bill for support and maintenance services upfront, we recognize revenue from support and maintenance services ratably over the contractual service period, which is typically either one or three years. Our professional services revenue is generally recognized as the services are rendered. As a result, much of the service revenue from our maintenance and support contracts that we report each fiscal quarter is the recognition of deferred revenue from maintenance and support contracts entered into during previous fiscal quarters. Consequently, a decline in new or renewed maintenance and support contracts in any one fiscal quarter will not be fully or immediately reflected in revenue in that fiscal quarter but will negatively affect our revenue in future fiscal quarters. Accordingly, the effect of significant downturns in new or renewed sales of our maintenance and support services is not reflected in full in our results of operations until future periods. Also, it is difficult for us to rapidly increase our services revenue through additional sales of maintenance and support services in any period, as revenue from new and renewal maintenance and support contracts must be recognized over the applicable term of the contract. Furthermore, any increase in the average term of our maintenance and support contracts would result in revenue for such contracts being recognized over longer periods of time.
The security market is rapidly evolving and difficult to predict within the increasingly challenging cyberthreat landscape. If the security market does not evolve as we anticipate or if our target end-customers do not adopt our solution, our sales will not grow as quickly as anticipated and our stock price could decline.
We are in a new, rapidly-evolving category within the security market that focuses on providing organizations with enhanced visibility and control over their networks through an agentless and continuous monitoring solution. As such, it is difficult to predict important market trends, including how large the security market will be or when and what products end-customers will adopt. For example, organizations that currently use traditional approaches may believe that these approaches already provide them with sufficient network security. Therefore, they may continue spending their network infrastructure budgets on these products and may not adopt our solution in addition to or in lieu of such traditional products.
The introduction of new products by others, market acceptance of products based on new or alternative technologies, or the emergence of new industry standards could render our existing products obsolete or make it easier for other products to compete with our products. Moreover, many of our end-customers operate in markets characterized by rapidly changing technologies and cyberthreats, which require them to add numerous devices and adopt increasingly complex network infrastructures, incorporating a variety of hardware devices, software applications, operating systems, and networking protocols. As their technologies and business plans grow more complex, we expect these end-customers to face new and increasingly sophisticated methods of cyberattack. We face significant challenges in ensuring that our solution effectively identifies and responds to these advanced and evolving attacks without disrupting our end-customers’ network performance. Changes in the nature of advanced cyberthreats could result in a shift in IT budgets away from solutions such as ours. In addition, any changes in government regulation, compliance standards, or audit requirements that deemphasize the types of visibility, controls, and monitoring that our solution provides would adversely impact demand for our offerings. If solutions such as ours are not viewed by organizations as necessary, or if end-customers do not recognize the benefit of our solution as a critical layer of an effective security strategy, then our revenue may not grow as quickly as expected, or may decline, and our business could suffer.
Our future success will depend in part upon our ability to:
develop, acquire, and/or maintain competitive products;
enhance our products by adding innovative features that differentiate our products from those of our competitors;
bring products to market on a timely basis at competitive prices;
identify and respond to emerging technological trends in the market; and
respond effectively to new technological changes or new product announcements by others.
If the market for network security products does not evolve in the way we anticipate or if organizations do not recognize the benefits our solution offers in addition to or in place of existing network security products, and as a result we are unable to increase sales of our solution to end-customers, then our revenue may not grow as expected or may decline, which could adversely impact our stock price.
Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense. As a result, our sales and the timing of our sales are difficult to predict and may vary substantially from period to period, which may cause our results of operations to fluctuate significantly.
The decision makers within our end-customers are primarily IT departments that are managing a growing set of user and compliance demands, which increases the complexity of end-customer requirements to be met in the sales cycle. The length of our sales cycle, from identification of an opportunity to delivery of and payment for our products, maintenance, and professional services, typically ranges from six to 12 months but can be longer and may vary significantly from customer to customer, with sales to large organizations and public sector entities typically taking longer to complete. To the extent our competitors develop products that our prospective end-customers view as comparable to ours, our average sales cycle may increase. Additionally, a combination of legal, procurement, development, and IT departments are involved in testing, evaluating, and finally approving purchases, which can also make the sales cycle longer and less predictable. Moreover, sales to large organizations and public sector entities, which we target, will contribute to the growth of our revenue and involve challenges that could further increase the complexity and length of our sales cycle, such as complicated certification and bidding processes. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated or have not occurred at all. The loss or delay of one or more large transactions in a quarter could impact our results of operations for that quarter and any future quarters for which revenue from that transaction is delayed.
We may not be able to accurately predict or forecast the timing of sales, which could cause our results to vary significantly. In addition, we might devote substantial time and effort to a particular unsuccessful sales effort, and as a result we could lose other sales opportunities or incur expenses that are not offset by an increase in revenue, which could harm our business.
If our products do not successfully interoperate with our end-customers’ infrastructure, sales of our products, maintenance, and professional services could be negatively affected, which would harm our business.
Our products must interoperate with our end-customers’ existing or future infrastructures, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors and contain multiple generations of products that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems. If we are unable to successfully manage and interpret new protocol standards and versions or if we encounter problematic network configurations or settings, we may have to modify our software or hardware so that our products will interoperate with our end-customers’ infrastructures and can manage our end-customers’ traffic in the manner intended, which may divert substantial time and resources. If we find defects in the hardware installed with an end-customer, as we have in the past, we will replace the hardware as part of our normal warranty process. If we find errors or bugs in existing software that create problematic network configurations or settings, as we have in the past, we may have to issue software updates as part of our normal maintenance process. Any delays in identifying the sources of problems or in providing necessary modifications to our software or hardware could have a negative impact on our reputation and our end-customers’ satisfaction with our products, maintenance, and professional services and our ability to sell products and services could be adversely affected. In addition, public sector entities and other end-customers may require our products to comply with certain additional security or other certifications and standards. If our products are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our products to such end-customers or at a competitive disadvantage, which would harm our business, results of operations, prospects, and financial condition.
Failure to protect our proprietary technology and intellectual property rights could substantially harm our business and results of operations.
The success of our business depends on our ability to protect and enforce our trade secrets, trademarks, copyrights, patents, and other intellectual property rights. We attempt to protect our intellectual property under patent, trademark, copyright, and trade secret laws, and through a combination of confidentiality procedures, contractual provisions, and other methods, all of which can offer only limited protection. We have five issued patents in the United States, nine pending U.S. patent applications, two issued foreign counterpart patents and one pending foreign counterpart patent application in non-U.S. jurisdictions, and we plan to file additional patent applications in the future. Our issued patents expire between 2019 and 2033. Valid patents may not issue from our pending applications, and the claims eventually allowed on any patents may not be sufficiently broad to prevent competitors from using technology similar to our patented technology.
Any issued patents may be challenged, invalidated, or circumvented, and any rights granted under these patents may not actually provide adequate defensive protection or competitive advantages to us. Patent applications in the United States are typically not published until 18 months after filing or, in some cases, not at all, and publications of discoveries in industry-related literature lag behind actual discoveries. At the time of filing a patent application, we cannot be certain that we were the first to make the inventions claimed in our pending patent applications or that we were the first to file for patent protection,
which could prevent our patent applications from issuing as patents or invalidate our patents following issuance. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications or pursue patent protection in all countries and jurisdictions in which we do business at a reasonable cost or in a timely manner. In addition, recent changes to the patent laws in the United States may bring into question the validity of certain categories of software patents. As a result, we may not be able to obtain adequate patent protection for our software or effectively enforce any issued patents relating to software.
Many aspects of our business rely on our unpatented or unpatentable proprietary technology and trade secrets. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, reverse engineer, or otherwise obtain and use them. The contractual provisions that we enter into with employees, consultants, partners, vendors, and end-customers may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights, which may substantially harm our business. In addition, we cannot assure you that we have entered into such agreements with all parties who may have or have had access to our confidential information, that such agreements will be fully enforceable, or that the agreements we have entered into will not be breached by the counterparty. Some license provisions protecting against unauthorized use, copying, transfer, and disclosure of our technology may be unenforceable under the laws of certain jurisdictions and foreign countries. We cannot guarantee that any of the measures we have taken will prevent misappropriation of our technology. Because we, as a provider of network security solutions, may be an attractive target for computer hackers, we may have a greater risk of unauthorized access to, and misappropriation of, our proprietary information. Moreover, policing unauthorized use of our technologies, products and intellectual property is difficult, expensive and time-consuming, particularly in foreign countries where the laws may not be as protective of intellectual property rights as those in the United States and where mechanisms for enforcement of intellectual property rights may be weak. We may be unable to determine the extent of any unauthorized use or infringement of our products, technologies or intellectual property rights, and may not be able to take appropriate steps to mitigate harms resulting from any unauthorized use or infringement.
From time to time, we may need to bring legal action to enforce our patents, trademarks, and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others, or to defend against claims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, results of operations, financial condition, and cash flows. If we are unable to protect our intellectual property rights, we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time, and effort required to create the innovative products that have enabled us to be successful to date.
Assertions by third parties of infringement or other violations by us of their intellectual property rights, or other lawsuits asserted against us, could result in significant costs and substantially harm our business and results of operations.
Patent and other intellectual property disputes are common in the security industry. Some companies in the security industry, including some of our competitors, own large numbers of patents, copyrights, trademarks, and trade secrets, which they may use to assert claims against us or to prevent us from developing certain technologies. Third parties may assert claims of infringement, misappropriation, or other violations of intellectual property rights against us. They may also assert such claims against our end-customers whom our standard license and other agreements obligate us to indemnify against claims that our products infringe, misappropriate, or otherwise violate the intellectual property rights of third parties. As the number of products and competitors in our market increase, the number of products with overlapping functionality may increase, which in turn may result in more claims of infringement, misappropriation, and other violations of intellectual property rights. Further, as we gain an increasingly high profile, the possibility of intellectual property rights claims against us grows. Any claim of infringement, misappropriation, or other violation of intellectual property rights by a third party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business. As an example, in 2012, a non-operating entity brought a patent infringement action against us, which we settled in 2012 for a nominal amount, but which required the payment of legal fees and diverted management’s time and attention.
On October 24, 2017, Network Security Technologies, LLC, or NST, filed a lawsuit against us in the United States District Court for the District of Delaware, alleging that we infringe certain patents owned by it and seeking unspecified damages. Based upon our review of these patents, we believe we have meritorious defenses to NST’s claims and intend to vigorously defend the lawsuit. However, the outcome of any litigation is inherently unpredictable, and as a result of this litigation, we may be required to pay damages or seek a license or other right to continue to deliver an unmodified version of CounterAct, which may not be made available to us at all or which may require us to pay ongoing royalties and comply with unfavorable terms.
While we intend to increase the size of our patent portfolio, the patent portfolios of our most significant competitors and potential competitors are larger than ours. This disparity between our patent portfolio and the patent portfolios of our most significant competitors may increase the risk that they may sue us for patent infringement and may limit our ability to counterclaim for patent infringement or settle through patent cross-licenses. In addition, future assertions of patent rights by third parties, and any resulting litigation, may involve other non-operating entities or other adverse patent owners who have no relevant product revenue and against whom our own patents may therefore provide little or no deterrence or protection. Given the competitive nature of the market in which we operate, there is a risk that we are infringing or otherwise violating third-party intellectual property rights.
An adverse outcome of a dispute may require us to:
pay substantial damages, including treble damages if we are found to have willfully infringed a third party’s patents or copyrights;
cease making, licensing, or using solutions that are alleged to infringe or misappropriate the intellectual property of others;
expend additional development resources to attempt to redesign our products or services or otherwise to develop non-infringing technology, which may not be successful;
enter into potentially unfavorable royalty or license agreements to obtain the right to use necessary technologies or intellectual property rights; or
indemnify our partners and other third parties.
Any damages or royalty obligations we may become subject to and any third-party indemnity we may need to provide that result from an adverse outcome could harm our results of operations. Royalty or licensing agreements, if required or desirable, may be unavailable on terms acceptable to us or at all, and may require significant expense and expenditures. In addition, some licenses may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. Any of these events could seriously harm our business, results of operations, prospects, and financial condition.
We rely on technology that we license from third parties, including software that is integrated with our internally developed software and used with our products.
We rely on technology that we license from third parties, including third-party commercial software and open source software, which is used with certain of our products. We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our products. Some of our agreements with our licensors may be terminated for convenience by them. If we are unable to continue to license any of this software on commercially reasonable terms, we will face delays in releases of our software or we will be required to delete this functionality from our software until equivalent, non-infringing technology can be licensed or developed and integrated into our current products. This effort could take significant time (during which we would be unable to continue to offer our affected products or services) and expense and may ultimately not be successful. In addition, our inability to obtain certain licenses or other rights might require us to engage in litigation regarding these matters, which could have a material adverse effect on our business, results of operations, prospects, and financial condition.
Our use of open source software could negatively affect our ability to sell our solution, require us to reengineer our products and possibly subject us to litigation.
We use open source software in our products and our development environments and expect to continue to use open source software in the future. Open source software is typically provided without assurances of any kind. Some open source licenses contain requirements that we make available source code for modifications or derivative works we create based upon the type of open source software we use. If we combine our proprietary software with open source software in a certain manner that is not intended under our policies or monitoring practices, we could, under certain open source licenses, be required to release the source code of our proprietary software to the public. This would allow our competitors to create similar products quickly with lower development effort and ultimately could result in a loss of sales for us. This could also result in litigation, require us to purchase costly licenses, or require us to devote additional research and development resources to change our products or services, any of which would have a negative effect on our business and results of operations. In addition, if the license terms for the open source software we utilize change, we may be forced to reengineer our offerings or incur additional costs. Although we regulate the use and incorporation of open source software into our products, we cannot be certain that we have, in all cases, incorporated open source software in our products in a manner that is consistent with the applicable open source license terms.
We are dependent on a single third-party manufacturer and a limited number of third-party logistics providers to design and manufacture our products and to fulfill orders for our products.
We depend on a single third-party manufacturer, Arrow Electronics, Inc., to manufacture and develop the hardware for our products. Our reliance on this third-party manufacturer reduces our control over the manufacturing process and exposes us to risks, including reduced control over quality assurance, product costs, and product supply and timing. This manufacturer typically fulfills our supply requirements on the basis of individual orders. We do not have a long-term contract with our third-party manufacturer that guarantees capacity, the continuation of particular pricing terms, or the extension of credit limits. Accordingly, it is not obligated to continue to fulfill our supply requirements, which could result in supply shortages, and the prices we are charged for manufacturing services could be increased on short notice. There are alternative manufacturers that could provide components and manufacture our hardware, as our agreements do not provide for exclusivity or minimum purchase quantities, but the transition and qualification from our single third-party manufacturer to another could be lengthy, costly, and difficult, diverting substantial time and resources from our operations.
We also depend on third-party logistics providers to fulfill orders for our products. Our supply chain partners are not committed to design or manufacture our products, or to fulfill orders for our products, on a long-term basis in any specific quantity or at any specific price. From time to time, we may be required to add new supply chain partner relationships or new manufacturing or fulfillment sites to accommodate growth in orders or the addition of new products. It is time consuming and costly to qualify and implement new supply chain partner relationships and new manufacturing or fulfillment sites, and such additions increase the complexity of our supply chain management. Our ability to ship products to our end-customers could be delayed, and our business and results of operations could be adversely affected if:
we fail to effectively manage our supply chain partner relationships;
our third-party manufacturer does not meet our development schedules;
our third-party manufacturer experiences delays, disruptions, or quality control problems in manufacturing our products;
one or more of our third-party logistics providers experiences delays or disruptions or otherwise fails to meet our fulfillment schedules; or
we are required to add or replace our third-party manufacturer, third-party logistics providers, or fulfillment sites.
In addition, these supply chain partners have access to certain of our critical confidential information and could wrongly disclose or misuse such information or be subject to a breach or other compromise that introduces a vulnerability or other defect in the products manufactured by our supply chain partners, which risks cannot be fully mitigated. While we take precautions to ensure that our hardware obtained or manufactured by our supply chain partners is inspected, any espionage acts, malware attacks, theft of confidential information, or other malicious incidents perpetrated either directly or indirectly through our supply chain partners, may compromise our system infrastructure, expose us to litigation and associated expenses and lead to reputational harm that could result in a material adverse effect on our financial condition and results of operations. In addition, we are subject to risks resulting from the perception that certain jurisdictions do not comply with internationally recognized rights of freedom of expression and privacy and may permit labor practices that are deemed unacceptable under evolving standards of social responsibility. If manufacturing or logistics in these foreign countries is disrupted for any reason, including natural disasters, IT system failures, military, or government actions or economic, business, labor, environmental, public health, or political issues, or if the purchase or sale of products from such foreign countries is prohibited or disfavored, our business, results of operations, prospects, and financial condition could be adversely affected.
We rely on third-party channel partners to sell our products, maintenance, and professional services. If our partners fail to perform, or if we fail to manage and retain such partners, our ability to sell our products, maintenance, and professional services would be limited, and if we fail to optimize our channel partner model going forward, our results of operations would be harmed.
We market and sell our products, maintenance, and professional services through a direct touch, channel fulfilled model. We currently have over 600 channel partners, including system integrators, value-added resellers, and distributors. During the years ended December 31, 2014, 2015, and 2016, approximately 90%, 80%, and 86%, respectively, of our revenue was attributable to sales fulfilled through our channel partners. For the nine months ended September 30, 2016 and 2017, approximately 91% and 90%, respectively, of our revenue was attributable to sales fulfilled through our channel partners. If we lost any of our channel partners, or if any of the channel partners responsible for a significant portion of our business becomes insolvent or suffers a deterioration in its financial or business condition and is unable to pay for our products, our results of operations could be harmed. Although we provide support to these channel partners through our direct sales and marketing activities, we depend upon these partners to generate sales opportunities and to independently manage the sales process for opportunities with which they are involved. In order to increase our revenue, we expect we will need to maintain our existing channel partners and continue to train and support them, as well as add new channel partners and effectively
train, support, and integrate them with our sales process. Additionally, our entry into any new markets will require us to develop appropriate channel partners and to train them to effectively address these markets. If we are unsuccessful in these efforts, our ability to grow our business will be limited, and our business, results of operations, prospects, and financial condition will be adversely affected.
Our current system of channel distribution may not prove effective in maximizing sales of our products, maintenance, and professional services. Our products are complex and certain sales can require substantial effort and outlay of cost and resources, either by us or our channel partners. It is possible that our channel partners will be unable or unwilling to dedicate appropriate resources to support those sales. Furthermore, most of our channel partners do not have minimum purchase or resale requirements and may terminate our agreements with only a short notice period or otherwise cease selling our products at any time. If we are unable to develop and maintain effective sales incentive programs for our third-party channel partners, we may not be able to incentivize these partners to sell our products to end-customers and, in particular, to large organizations. They also may market, sell, and support products and services that are competitive with ours and may devote more resources to the marketing, sales, and support of those competitive products. There is no assurance that we will retain these channel partners or that we will be able to add additional or replacement channel partners in the future. The loss of one or more of our key channel partners in a given geographic area could harm our results of operations within that area, as new channel partners typically require extensive training and take several months to achieve acceptable productivity.
We also depend on some of our channel partners and our end-customers’ outsourced IT vendors to deliver professional services for our products. Once our products are deployed within our end-customers’ networks, many of our end-customers depend on the support of our channel partners and their outsourced IT vendors to resolve any issues relating to the implementation and maintenance of our solution. If our channel partners and our end-customers’ outsourced IT vendors do not effectively assist our end-customers in deploying our products, succeed in helping our end-customers quickly resolve post-deployment issues or provide effective ongoing support, our end-customer satisfaction and future sales of our products could be adversely affected.
While we require that our channel partners comply with applicable laws and regulations, they could engage in behavior or practices that expose us to legal or reputational risk.
Managing the supply of our products is complex. Insufficient supply and inventory may result in lost sales opportunities or delayed revenue, while excess inventory may harm our gross margins.
Our third-party manufacturer procures components and builds our products based on our forecasts, and we generally do not hold inventory. These forecasts are based on estimates of future demand for our products, which can be adjusted based on historical trends and analysis and for overall market conditions, and we cannot guarantee the accuracy of our forecasts. In order to reduce manufacturing lead times and plan for adequate component supply, from time to time we may issue forecasts for components and products that are non-cancelable and nonreturnable.
Our inventory management systems and related supply chain visibility tools may be inadequate to enable us to forecast accurately and effectively manage supply of our products and product components. Supply management remains an increased area of focus as we balance the need to maintain supply levels that are sufficient to ensure competitive lead times against the risk of obsolescence because of rapidly changing technology and end-customer requirements. We accrue for manufacturing cost commitments in excess of our forecasted demand. If we ultimately determine that we have excess supply, we may have to record a reserve for excess manufacturing costs or reduce our prices and write-down inventory, either of which in turn could result in lower gross margins. Alternatively, insufficient supply levels may lead to shortages that result in delayed revenue or loss of sales opportunities altogether as potential end-customers turn to competitors’ products that are readily available. Additionally, any increases in the time required to manufacture our products or ship products could result in supply shortfalls. If we are unable to effectively manage our supply and inventory, our results of operations could be adversely affected.
Our failure to adequately protect personal information in compliance with evolving legal requirements could harm our business.
A wide variety of state, federal, and international laws and regulations apply to the collection, use, retention, protection, disclosure, transfer, and other processing of personal data. For instance, in order for our solution to detect devices on a network, our solution gathers and tracks IP addresses to monitor each device on our end-customer’s networks. While we do not have immediate access to these IP addresses and other personal information, we have access to this information from time to time in connection with our maintenance and professional services. These data protection and privacy-related laws and regulations are evolving and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. Our failure to comply with applicable laws and regulations, or to protect such data, could result in enforcement actions against us, including fines, imprisonment of company officials and public censure, claims for damages
by end-customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing end-customers and prospective end-customers), any of which could harm on our operations, financial performance, and business. Evolving and changing definitions of personal data and personal information, within the European Union, the United States, and elsewhere, especially relating to classification of IP addresses, machine identification, location data, and other information, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. Even the perception of privacy concerns, whether or not valid, may harm our reputation and inhibit adoption of our products by current and future end-customers.
In addition, our appliances, when configured by our end-customers, may intercept and examine data in a manner that may subject the use of those appliances to privacy and data protection laws and regulations in those jurisdictions in which our end-customers operate. Any failure or perceived failure by us or by our products or services to comply with these laws and regulations may subject us to legal or regulatory actions, damage our reputation or adversely affect our ability to sell our products or services in the jurisdiction that has enacted the law or regulation. Moreover, if these laws and regulations change, or are interpreted and applied in a manner that is inconsistent with our data practices or the operation of our products and services, we may need to expend resources in order to change our business operations, data practices, or the manner in which our products or services operate. This could adversely affect our business, results of operations, prospects, and financial condition.
Reduced information technology and network infrastructure spending or adverse economic conditions may harm our business, results of operations, prospects, and financial condition.
Our business depends on the overall demand for information technology, network infrastructure, and network security products. In addition, the purchase of our products and services is often discretionary and may involve a significant commitment of capital and other resources. Currently, most organizations and public sector entities have not allocated a fixed portion of their budgets to protect against next-generation advanced cyberattacks. If we do not succeed in convincing end-customers that our products and services should be an integral part of their overall approach to network security and that a portion of their annual IT budgets should be allocated to our solution, general reductions in IT spending by our end-customers are likely to have a disproportionate impact on our business, results of operations, prospects, and financial condition.
Weak global economic conditions, or a reduction in information technology and network infrastructure spending even if economic conditions improve, could adversely impact our business, results of operations, prospects, and financial condition in a number of ways, including longer sales cycles, lower prices for our products and services, higher default rates among our distributors, reduced unit sales and lower or no growth. In addition, continued budgetary challenges in the United States and Europe and geopolitical turmoil in many parts of the world have and may continue to put pressure on global economic conditions and overall spending on network security products.
The average sales price of our products has decreased from time to time, and may decrease in the future, which may negatively impact our gross profits and results of operations.
From time to time, the average sales price of our products and services has decreased. In the future, it is possible that the average sales price of our products will decrease in response to competitive pricing pressures, increased sales discounts, new product introductions by us or our competitors, or other factors. Such pricing pressures may also be dependent upon the mix of products sold, the mix of revenue between products, maintenance, and professional services and the degree to which products, maintenance, and professional services are bundled and sold together for a package price. Therefore, to achieve and maintain profitability, we must develop and introduce new products and product enhancements on a timely basis and continually reduce our product costs. Our failure to do so would cause our revenue and gross profits to decline, which would harm our business and results of operations. Furthermore, currency fluctuations in certain countries and regions may negatively impact actual prices that partners and end-customers are willing to pay in those countries and regions. In addition, we may experience substantial period-to-period fluctuations in future results of operations in the event we experience an erosion of our average sales price.
We are dependent on the continued services and performance of our senior management and other key employees, and the loss of any of these key employees or any failure to hire additional key employees could adversely affect our business, results of operations, prospects, and financial condition.
Our future performance depends on the continued services and contributions of our senior management, including our Chief Executive Officer and President, Michael DeCesare, and other key employees to execute on our business plan, and to identify and pursue new opportunities and product innovations. The loss of services of senior management or other key employees could significantly delay or prevent the achievement of our development and strategic objectives and could harm our business and our customer relationships. We do not maintain key man life insurance with respect to any officer or other employee.
Our ability to continue to attract and retain highly skilled personnel will be critical to our future success. Competition for highly skilled personnel is frequently intense, especially in the San Francisco Bay Area, where we have a substantial presence and need for talent. We may not be successful in attracting, assimilating or retaining qualified personnel to fulfill our current or future needs. Also, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited or that they divulged proprietary or other confidential information.
In addition, we issue stock options and other equity awards as a key component of our overall compensation and recruiting and retention efforts. Our compensation arrangements, such as our equity award programs, may not always be successful in attracting new employees and retaining and motivating existing employees. We are also required under GAAP to recognize compensation expense in our results of operations for employee stock-based compensation under our equity grant programs, which may negatively impact our results of operations and may increase the pressure to limit stock-based compensation. Further, the ability to either exercise those options and for our employees to sell their stock and vested and settled restricted stock units, or RSUs, in a public market after the completion of any applicable lock-up period may lead to a larger than normal turnover rate. Additionally, subject to certain limitations, an aggregate of approximately 876,442 shares underlying RSUs will vest and settle on April 25, 2018, 181 days after October 26, 2017, the date the S-1 was effective with the SEC.
We are dependent on various IT systems, and failures of, or interruptions to, those systems could harm our business.
Many of our business processes depend upon our IT systems, the systems and processes of third parties and on interfaces with the systems of third parties over which we do not have control. If those systems fail or are interrupted, or if our ability to connect to or interact with one or more networks is interrupted, our processes may function at a diminished level or not at all. This would harm our ability to maintain operations and to ship products, and our financial results would likely be harmed. In addition, reconfiguring our IT systems or other business processes in response to changing business needs may be time consuming and costly. To the extent any such reconfiguration were to impact our ability to react timely to specific market or business opportunities, our financial results would likely be harmed.
Governmental regulations affecting the manufacturing of products and that contain “conflict minerals” and the import or export of our products could negatively affect our revenue and may cause reputational harm.
We may be deemed to manufacture or contract to manufacture products that contain certain minerals that have been designated as “conflict minerals” under The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, or the Dodd-Frank Act. As a result, in future periods, we may be required to diligence the origin of such minerals and disclose and report whether or not such minerals originated in the Democratic Republic of the Congo, or the DRC, or adjoining countries. For instance, the Dodd-Frank Act includes disclosure requirements regarding the use of certain minerals mined from the DRC and adjoining countries and procedures pertaining to a manufacturer’s efforts regarding the source of such minerals. Securities and Exchange Commission, or SEC, rules implementing these requirements and other international standards, such as the Organization for Economic Co-Operation and Development Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High Risk Areas, may have the effect of reducing the pool of suppliers who can supply DRC “conflict free” components and parts, and we may not be able to obtain DRC conflict free products or supplies in sufficient quantities for our products. In addition, we may incur additional costs to comply with the disclosure requirements, including costs related to determining the source of any of the relevant minerals and metals used in our products. We may also face reputational challenges with our end-customers, stockholders and other stakeholders if we are unable to verify the origins for the minerals used in our products.
In addition, the U.S. government and various foreign governments, including that of Israel, where we have significant research and development operations, have imposed controls, export license requirements and restrictions on the import or export of some technologies, especially encryption technology. If we were to fail to comply with any of these controls or requirements, including U.S. export licensing requirements, U.S. customs regulations, U.S. economic sanctions, or other laws, we could be subject to substantial civil and criminal penalties, including fines, incarceration for responsible employees and managers, and the possible loss of export or import privileges. Obtaining the necessary export license or approval for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products to U.S. embargoed or sanctioned countries, governments, and persons. Even though we take precautions to ensure that our channel partners, who we rely on to fulfill our product orders and deliver our products to our end-customers, comply with all relevant regulations, any failure by us or by our channel partners to comply with such regulations could have negative consequences, including reputational harm, government investigations, and penalties. In addition, from time to time, governmental agencies have proposed additional regulation of encryption technology, such as requiring the escrow and governmental recovery of private encryption keys. Governmental regulation of encryption technology and regulation of imports or exports, or our failure to obtain required import or export approval for our products, could harm our international and domestic sales and adversely affect our revenue.
In addition, failure to comply with such regulations could result in penalties, costs and restrictions on export privileges, which would harm our results of operations.
Parts of our research and development activities are located in Israel and, therefore, our results of operations may be adversely affected by political, economic, and military instability in Israel.
Parts of our research and development facilities are located in Israel. Accordingly, political, economic, and military conditions in Israel may directly affect our business. Since the establishment of the State of Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring countries. In recent years, these have included hostilities between Israel and Hezbollah in Lebanon and Hamas in the Gaza strip, both of which resulted in rockets being fired into Israel causing casualties and disruption of economic activities. In addition, Israel faces threats from more distant neighbors, in particular, Iran. Our commercial insurance does not cover losses that may occur as a result of an event associated with the security situation in the Middle East. Although the Israeli government is currently committed to covering the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot assure you that this government coverage will be maintained or, if maintained, will be sufficient to compensate us fully for damages incurred. Any losses or damages incurred by us could have a material adverse effect on our business. Any armed conflict involving Israel could adversely affect our operations and results of operations.
Further, our operations could be disrupted by the obligations of personnel to perform military service. As of September 30, 2017, we had 175 employees based in Israel, certain of which may be called upon to perform up to 54 days in each three year period (and in the case of non-officers depending on their specific military commanders or officers, up to 70 or 84 days, respectively, in each three year period) of military reserve duty until they reach the age of 40 (and in some cases, up to 49 years of age) and, in certain emergency circumstances, may be called to immediate and unlimited active duty. Our operations could be disrupted by the absence of a significant number of employees related to military service, which could materially adversely affect our business and results of operations.
Several countries, principally in the Middle East, restrict doing business with Israel and Israeli companies, and additional countries may impose restrictions on doing business with Israel and Israeli companies whether as a result of hostilities in the region or otherwise. In addition, there have been increased efforts by activists to cause companies and consumers to boycott Israeli goods based on Israeli government policies. Such actions, particularly if they become more widespread, may adversely impact our ability to sell our products.
Our international operations expose us to a variety of risks.
We currently have operations in a number of foreign countries and make sales to end-customers throughout the world. Historically, the majority of our sales are into North America, Latin America, and the Americas. For example, in the years ended December 31, 2014, 2015, and 2016 approximately 24%, 18%, and 17%, respectively, and in the nine months ended September 30, 2016 and 2017 approximately 18% and 20%, respectively, of our revenue was derived from outside of the Americas, but we anticipate that our sales in markets outside of the Americas will increase as we grow and expand our international operations and sales force. In addition, we currently perform certain of our research and development and other operations in Israel and in other geographically dispersed locations outside of the United States. Our international operations and sales into international markets require significant management attention and financial resources, and subject us to certain inherent risks, including:
technical difficulties and costs associated with product localization;
challenges associated with coordinating product development efforts among geographically dispersed areas;
potential loss of proprietary information due to piracy, misappropriation, or laws that may inadequately protect our intellectual property rights;
greater difficulty in establishing, utilizing, and enforcing our intellectual property rights;
our limited experience in establishing a sales and marketing presence, and research and development operations, together with the appropriate internal systems, processes, and controls, in certain geographic markets;
political unrest or economic instability, regulatory changes, war, or terrorism, and other unpredictable and potentially long-term events in the countries or regions where we or our end-customers do business, which could result in delayed or lost sales or interruption in our business operations;
longer payment cycles for sales in certain foreign countries;
seasonal reductions in business activity in the summer months in Europe and at other times in various countries;
the significant presence of some of our competitors in some international markets;
potentially adverse tax consequences or changes in applicable tax laws;
import and export restrictions and tariffs and other trade protection initiatives;
potential failures of our foreign employees and channel partners to comply with both U.S. and foreign laws and regulations, including antitrust laws, trade regulations, and anti-bribery and corruption laws, including the U.S. Foreign Corrupt Practices Act, or FCPA;
compliance with foreign laws, regulations, and other government controls, such as those affecting trade, privacy and data protection, the environment, corporations, and employment;
management, staffing, legal, and other costs of operating a distributed enterprise spread over various countries;
fluctuations in foreign exchange rates, which we currently do not hedge against; and
fears concerning travel or health risks that may adversely affect our ability to sell our products and services in any country in which the business sales culture encourages face-to-face interactions.
To the extent we are unable to effectively manage our international operations and these risks, our international sales or operations may be adversely affected, we may incur additional and unanticipated costs, and we may be subject to litigation or regulatory action. As a consequence, our business, results of operations, prospects, and financial condition could be seriously harmed.
Due to the global nature of our business, we could be adversely affected by violations of the U.S. FCPA or similar anti-bribery laws in other jurisdictions in which we operate and various international trade and export laws.
The global nature of our business creates various domestic and local regulatory challenges. The FCPA and similar anti-bribery laws in other jurisdictions generally prohibit U.S.-based companies and their intermediaries from making improper payments for the purpose of obtaining or retaining business to non-U.S. officials. In addition, U.S.-based companies are required to maintain records that accurately and fairly represent their transactions and have an adequate system of internal accounting controls. We operate in areas of the world that experience corruption by government officials to some degree and, in certain circumstances, compliance with anti-bribery laws may conflict with local customs and practices. Our global operations require us to import and export to and from several countries, which increases our compliance obligations. In addition, changes in such laws could result in increased regulatory requirements and compliance costs which could adversely affect our business, financial condition and results of operations. We cannot assure you that our employees or other software agents will not engage in prohibited conduct and render us responsible under the FCPA. If we are found to be in violation of the FCPA or other anti-bribery laws (either due to acts or inadvertence of our employees or due to the acts or inadvertence of others), we could suffer criminal or civil penalties or other sanctions, which could have a material adverse effect on our business.
Third parties may bring legal actions against us.
In the past, third parties have brought legal actions against us and we may, from time to time, be a party to other lawsuits in the normal course of our business. We have incurred costs to defend those lawsuits and related legal proceedings. It is likely that in the future other parties may bring legal actions against us. Such actions, even if without merit, could harm our business. Litigation in general, and intellectual property and securities litigation in particular, can be expensive, lengthy, and disruptive to normal business operations. Moreover, the results of complex legal proceedings are difficult to predict. An unfavorable resolution of any lawsuit could adversely affect our business, results of operations, prospects, or financial condition. Any material litigation or arbitration inevitably results in the diversion of the attention of our management and other relevant personnel. To the extent uninsured, such claims further require us to incur defense costs for us and for parties to whom we may have indemnification obligations. For example, we indemnify our channel partners in response to requests they receive from our end-customers to be indemnified for patent or other intellectual property litigation brought by third parties against our end-customers with regard to our end-customers’ use of products or services sold by our channel partners, including our own products. We also may be required to pay material amounts in settlement costs or damages. Furthermore, if the matter relates to infringement of a third party’s intellectual property, we may be required to enter into royalty or licensing agreements or to develop non-infringing technology, and injunctive relief could be entered against us. End-customer concerns with respect to material litigation can result in delayed or lost sales and reputational damage. Any of the foregoing could seriously harm our business and have a material adverse effect on our business, financial condition and results of operations.
Our operations could be significantly hindered by the occurrence of a natural disaster, terrorist attack, or other catastrophic event.
Our business operations are susceptible to outages due to fire, floods, power loss, telecommunications failures, terrorist attacks, and other events beyond our control, and our sales opportunities may also be affected by such events. In addition, a substantial portion of our facilities, including our headquarters, are located in Northern California, an area susceptible to earthquakes. We do not carry earthquake insurance for earthquake-related losses. Despite our implementation of network security measures, our servers are vulnerable to computer viruses, break-ins, and similar disruptions from unauthorized tampering with our computer systems. We may not carry sufficient business interruption insurance to compensate us for losses that may occur as a result of any of these events. In addition, acts of terrorism and other geo-political unrest could
cause disruptions in our business or the business of our supply chain, manufacturers, logistics providers, partners, or end-customers or the economy as a whole. Any disruption in the business of our supply chain, manufacturers, logistics providers, partners, or end-customers that impacts sales at the end of a fiscal quarter could have a significant adverse impact on our financial results. To the extent that such events disrupt our business or the business of our current or prospective end-customers, or adversely impact our reputation, such events could adversely affect our business, results of operations, prospects, and financial condition.
If we fail to comply with environmental requirements, our business, results of operations, prospects, financial condition, and reputation could be adversely affected.
Our operations and the sale of our products are subject to various federal, state, local, and foreign environmental and safety regulations, including laws adopted by the European Union, such as the Waste Electrical and Electronic Equipment Directive, or WEEE Directive, and the Restriction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment Directive, or EU RoHS Directive, of certain metals from global hot spots. The WEEE Directive requires electronic goods producers to be responsible for marking, collection, recycling, and treatment of such products. Changes in the WEEE Directive of the interpretation thereof may cause us to incur additional costs or meet additional regulatory requirements, which could be material.
The EU RoHS Directive and similar laws of other jurisdictions limit the content of certain hazardous materials such as lead, mercury, and cadmium in the manufacture of electrical equipment, including our products. Currently, our products comply with the EU RoHS Directive requirements. However, if there are changes to this or other laws, or to their interpretation, or if new similar laws are passed in other jurisdictions, we may be required to reengineer our products or to use different components to comply with these regulations. This reengineering or component substitution could result in substantial costs to us or disrupt our operations or logistics.
We are also subject to environmental laws and regulations governing the management of hazardous materials, which we use in small quantities in our engineering labs. Our failure to comply with past, present, and future environmental and safety laws could result in increased costs, reduced sales of our products, substantial product inventory write-offs, reputational damage, penalties, third-party property damage, remediation costs and other sanctions, any of which could harm our business and financial condition. To date, our expenditures for environmental compliance have not had a material impact on our results of operations or cash flows, and although we cannot predict the future impact of such laws or regulations, they will likely result in additional costs and may increase penalties associated with violations or require us to change the content of our products or how they are manufactured, which could have a material adverse effect on our business, results of operations, prospects, and financial condition. We also expect that our business will be affected by new environmental laws and regulations on an ongoing basis, which may be more stringent, imposing greater compliance costs and increasing risks and penalties associated with violations which could harm our business.
Our gross margin is affected by a number of factors, and we may not be able to sustain it at present levels.
Our gross margin has been and will continue to be affected by a variety of factors, including:
market acceptance of our solution and fluctuations in demand for our solution and services;
the mix of products and services that we sell;
varying discounting rates among end-customers;
our ability to increase sales to and retain existing end-customers and to sell to new end-customers;
increased price competition and changes in product pricing;
actions taken by our competitors;
new product innovations and enhancements;
manufacturing and component costs;
availability of sufficient inventory to meet demand;
purchase of inventory in excess of demand;
our execution of our strategy and operating plans;
geographies in which sales are made; and
revenue recognition rules.
Macroeconomic factors and competitive pressures may also require us to lower prices or increase spending, and our business and results of operations may suffer. Even if we achieve our net revenue and operating expense objectives, our net income or loss and results of operations may be below our expectations and the expectations of investors if our gross margin is below expectations.
Our investments in new or enhanced products and services may not yield the benefits we anticipate.
The success of our business is predicated on our ability to develop new products and technologies and to anticipate future market requirements and applicable industry standards. We intend to continue to invest in enhancing our products by adding personnel and other resources to our research and development function. We will likely recognize costs associated with these investments earlier than the anticipated benefits. If we do not achieve the anticipated benefits from these investments, or if the achievement of these benefits is delayed, our business, results of operations, prospects, and financial condition may be adversely affected.
The process of developing new technologies is time consuming, complex, and uncertain, and requires the commitment of significant resources well in advance of being able to fully determine market requirements and industry standards. Furthermore, we may not be able to timely execute new product or technical initiatives because of errors in product planning or timing, technical difficulties that we cannot timely resolve, or a lack of appropriate resources. This could result in competitors bringing products to market before we do and a consequent decrease in our market share and net revenue. Our inability to timely and cost-effectively introduce new products and product enhancements, or the failure of these new products or enhancements to achieve market acceptance and comply with industry standards, could seriously harm our business, results of operations, prospects, and financial condition. Additionally, products and technologies developed by others, and our own introduction of new products and product enhancements, could result in the obsolescence and write-off of previously purchased or committed inventory, which would reduce our net income or increase our net loss.
We may acquire or invest in companies, which may divert our management’s attention and result in additional dilution to our stockholders. We may be unable to integrate acquired businesses and technologies successfully or achieve the expected benefits of such acquisitions.
Our success will depend, in part, on our ability to grow our business in response to changing technologies, end-customer demands, and competitive pressures. In some circumstances, we may choose to do so through the acquisition of complementary businesses and technologies rather than through internal development. The identification of suitable acquisition candidates can be difficult, time-consuming, and costly, and we may not be able to successfully complete identified acquisitions. The risks we face in connection with acquisitions include:
encountering difficulties or unforeseen expenditures in integrating the business, technologies, products, personnel, or operations of a company that we acquire, particularly if key personnel of the acquired company decide not to work for us;
an acquisition that may disrupt our ongoing business, divert resources, increase our expenses, and distract our management;
our use of cash to pay for acquisitions, which would limit other potential uses for our cash;
if we incur debt to fund an acquisition, such debt may subject us to material restrictions on our ability to conduct our business; and
if we issue a significant amount of equity securities in connection with acquisitions, existing stockholders may be diluted and earnings per share may decrease.
The occurrence of any of these risks could have an adverse effect on our business, results of operations, prospects, and financial condition.
We face increased exposure to foreign currency exchange rate fluctuations.
Our sales contracts are primarily denominated in U.S. Dollars, and therefore, the majority of our revenue is not currently subject to foreign currency risk. However, a strengthening of the U.S. Dollar could increase the real cost of our products to our end-customers outside of the United States, which could adversely affect our financial condition and results of operations. In addition, increased international sales in the future, including through our channel partners and other partnerships, may result in greater foreign currency denominated sales, increasing our foreign currency risk. Moreover, an increasing portion of our operating expenses is incurred outside the United States, is denominated in foreign currencies, and is subject to fluctuations due to changes in foreign currency exchange rates. If we are not able to successfully hedge against the risks associated with currency fluctuations, our financial condition and results of operations could be adversely affected.
We do not currently maintain a program to hedge transactional exposures in foreign currencies. However, in the future, we may use derivative instruments, such as foreign currency forward and option contracts, to hedge certain exposures to fluctuations in foreign currency exchange rates. The use of such hedging activities may not offset any or more than a portion of the adverse financial effects of unfavorable movements in foreign exchange rates over the limited time the hedges are in place. Moreover, the use of hedging instruments may introduce additional risks if we are unable to structure effective hedges with such instruments.
If we fail to maintain an effective system of disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.
As a public company, we will be required to maintain internal control over financial reporting and to report any material weaknesses in such internal controls. Section 404 of the Sarbanes-Oxley Act of 2002, as amended, or the Sarbanes-Oxley Act, requires that we evaluate and determine the effectiveness of our internal control over financial reporting and, beginning with our second annual report following our initial public offering, provide a management report on internal control over financial reporting. However, while we remain an emerging growth company, we will not be required to include an attestation report on internal control over financial reporting issued by our independent registered public accounting firm.
Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our results of operations, cause us to fail to meet our reporting obligations, result in a restatement of our financial statements for prior periods, or adversely affect the results of management evaluations and independent registered public accounting firm audits of our internal control over financial reporting that we will eventually be required to include in our periodic reports that will be filed with the SEC. Ineffective disclosure controls and procedures and internal controls over financial reporting could also cause investors to lose confidence in our reported financial and other information, which would likely have a negative effect on the trading price of our common stock.
We are in the process of designing and implementing the internal control over financial reporting required to comply with Section 404 of the Sarbanes-Oxley Act. This process will be time consuming, costly, and complicated. If we are unable to assert that our internal control over financial reporting is effective or when required in the future, if our independent registered public accounting firm issues an adverse opinion on the effectiveness of our internal control over financial reporting, investors may lose confidence in the accuracy and completeness of our financial reports, the market price of our common stock could be adversely affected and we could become subject to investigations by the stock exchange on which our securities are listed, the SEC, or other regulatory authorities, which could require additional financial and management resources.
If we cannot maintain our corporate culture as we grow, we could lose the innovation, teamwork, passion, and focus on execution that we believe contribute to our success, and our business may be harmed.
We believe that our corporate culture has been a critical component to our success. We have invested substantial time and resources in building our team. As we grow and mature as a public company, we may find it difficult to maintain our corporate culture. Any failure to preserve our culture could negatively affect our future success, including our ability to recruit and retain personnel and effectively focus on and pursue our business strategy.
Forecasting our estimated annual effective tax rate is complex and subject to uncertainty, and there may be material differences between our forecasted and actual tax rates.
We are currently generating operating losses and have minimal tax rate uncertainty. When we begin generating operating profit, and fully utilize our net operating losses, or NOLs, forecasts of our effective tax rate will become more complex. As a multinational corporation we conduct our business in many countries and are subject to different taxation in many jurisdictions. The taxation of our business is subject to the application of multiple and conflicting tax laws and regulations as well as multinational tax conventions. Our effective tax rate will be highly dependent upon the geographic distribution of our worldwide earnings or losses, the tax regulations in each geographic region, the availability of tax credits and carryforwards, and the effectiveness of our tax planning strategies.
In addition, we are subject to examination of our income tax returns by the Internal Revenue Service and other tax authorities. If tax authorities challenge the relative mix of our U.S. and international income, our future effective income tax rates could be adversely affected. While we regularly assess the likelihood of adverse outcomes from such examinations and the adequacy of our provision for income taxes, there can be no assurance that such provision is sufficient and that a determination by a tax authority will not have an adverse effect on our business, results of operations, prospects, and financial condition.
Our ability to use our net operating loss carry-forwards and certain other tax attributes may be limited.
As of December 31, 2016, we had federal NOLs of $143.7 million, which begin to expire in 2021 if not utilized, and California and other state NOLs of $21.2 million and $56.2 million, respectively, which begin to expire in 2017 if not utilized. Subject to the following discussion, such NOLs are generally available to be carried forward to offset our future taxable income, if any, until such NOLs are used or expire.
In general, under Section 382 of the Internal Revenue Code of 1986, as amended, or the Code, a corporation that undergoes an “ownership change” (generally defined as a greater than 50-percentage point cumulative change (by value) in the equity ownership of certain stockholders over a rolling three-year period) is subject to limitations on its ability to utilize its pre-change NOLs to offset post-change taxable income. Similar rules may apply under state tax laws. Based upon an analysis of the period from inception through November 30, 2015, we believe we may have undergone an ownership change and that a portion of our current NOLs may be subject to limitations under Section 382. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code. Furthermore, our ability to utilize NOLs of companies that we have acquired or may acquire in the future may be subject to limitations. There is also a risk that due to regulatory changes, such as suspensions on the use of NOLs, or other unforeseen reasons, our existing NOLs could expire or otherwise be unavailable to offset future income tax liabilities. For these reasons, we may not be able to realize a tax benefit from the use of our NOLs, whether or not we attain profitability.
Risks Relating to Owning Our Common Stock
Provisions of our corporate governance documents could make an acquisition of our company more difficult and may prevent attempts by our stockholders to replace or remove our current management, even if beneficial to our stockholders.
Our amended and restated certificate of incorporation and amended and restated bylaws and the Delaware General Corporation Law, or the DGCL, contain provisions that could make it more difficult for a third party to acquire us, even if doing so might be beneficial to our stockholders.
These provisions include:
the division of our board of directors into three classes and the election of each class for three-year terms;
advance notice requirements for stockholder proposals and director nominations;
the ability of the board of directors to fill a vacancy created by the expansion of the board of directors;
the ability of our board of directors to issue new series of, and designate the terms of, preferred stock, without stockholder approval, which could be used to, among other things, institute a rights plan that would have the effect of significantly diluting the stock ownership of a potential hostile acquirer, likely preventing acquisitions that have not been approved by our board of directors;
limitations on the ability of stockholders to call special meetings and to take action by written consent; and
the required approval of holders of at least 66-2/3% of the voting power of the outstanding shares of our capital stock to adopt, amend, or repeal certain provisions of our amended and restated certificate of incorporation and amended and restated bylaws or remove directors for cause.
In addition, Section 203 of the DGCL may affect the ability of an “interested stockholder” to engage in certain business combinations, for a period of three years following the time that the stockholder becomes an “interested stockholder.”
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board. Because our board of directors is responsible for appointing the members of our management team, these provisions could in turn affect any attempt to replace current members of our management team. See the section titled “Description of Capital Stock” in the Prospectus for additional information.
Our amended and restated bylaws designate courts in the State of Delaware and in the county of Santa Clara, California as the sole and exclusive forums for certain types of actions and proceedings that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers, or employees.
Our amended and restated bylaws provide that, subject to limited exceptions, a state or federal court located within the State of Delaware or a state or federal court located within the county of Santa Clara, California will be the sole and exclusive forums for:
any derivative action or proceeding brought on our behalf;
any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers, or other employees to us or our stockholders;
any action asserting a claim against us arising pursuant to any provision of the DGCL, our amended and restated certificate of incorporation or our amended and restated bylaws; or
any other action asserting a claim against us or our directors, officers, or employees that is governed by the internal affairs doctrine.
Any person or entity purchasing or otherwise acquiring any interest in shares of our capital stock shall be deemed to have notice of and to have consented to these provisions. These provisions may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers, or other employees, which may discourage such lawsuits against us and our directors, officers, and employees. Alternatively, if a court were to find these provisions of our amended and restated bylaws inapplicable to, or unenforceable in respect of, one or more of the specified types of actions or proceedings, we may incur additional costs associated with resolving such matters in other jurisdictions, which could adversely affect our business and financial condition.
Market volatility may affect the price of our common stock.
The price of our common stock may fluctuate significantly in response to a number of factors, most of which we cannot predict or control, including:
actual or anticipated changes or fluctuations in our results of operations and whether our results of operations meet the expectations of securities analysts or investors;
actual or anticipated changes in securities analysts’ estimates and expectations of our financial performance;
announcements of new products and solutions, services or technologies, commercial relationships, acquisitions, or other events by us or our competitors;
general market conditions, including volatility in the market price and trading volume of technology companies in general and of companies in the network security industry in particular;
changes in how current and potential end-customers perceive the effectiveness of our solution in protecting against advanced cyberattacks or other reputational harm;
sales of large blocks of our common stock, including sales by our executive officers, directors, and significant stockholders;
announced departures of any of our key personnel;
lawsuits threatened or filed against us or involving our industry, or both;
changing legal or regulatory developments in the United States and other countries;
general economic conditions and trends; and
other events or factors, including those resulting from major catastrophic events, war, acts of terrorism, or responses to these events.
In addition, the stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many technology companies. Stock prices of many technology companies have fluctuated in a manner unrelated or disproportionate to the operating performance of those companies. In the past, stockholders have instituted securities class action litigation following periods of market volatility. If we were to become involved in securities litigation, it could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, results of operations, prospects, and financial condition.
Our business could be impacted as a result of actions by activist shareholders or others.
We may be subject, from time to time, to legal and business challenges in the operation of our company due to actions instituted by activist shareholders or others. Responding to such actions could be costly and time-consuming, may not align with our business strategies and could divert the attention of our board of directors and senior management from the pursuit of our business strategies. Perceived uncertainties as to our future direction as a result of shareholder activism may lead to the perception of a change in the direction of the business or other instability and may affect our relationships with our end-customers, prospective and current employees and others.
As a public company, we are subject to additional laws, regulations, and stock exchange listing standards, which impose additional costs on us and may strain our resources and divert our management’s attention.
We are subject to the reporting requirements of the Securities Exchange Act of 1934, as amended, or the Exchange Act, the Sarbanes-Oxley Act, the Dodd-Frank Act, the listing requirements of The NASDAQ Stock Market, and other applicable securities laws and regulations. Compliance with these laws and regulations increases our legal and financial compliance costs and make some activities more difficult, time-consuming, or costly. For example, the Exchange Act requires us, among other things, to file annual, quarterly, and current reports with respect to our business and results of operations and maintain effective disclosure controls and procedures and internal control over financial reporting. Also, as a public company, it will be more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. Although we have already hired additional employees to comply with these requirements, we may need to hire even more employees in the future, which will increase our costs and expenses.
These factors may therefore strain our resources, divert management’s attention, and affect our ability to attract and retain qualified board members.
Since we have no current plans to pay regular cash dividends on our common stock, you may not receive any return on investment unless you sell your common stock for a price greater than that which you paid for it.
We do not anticipate paying any regular cash dividends on our common stock in the foreseeable future. Any decision to declare and pay dividends in the future will be made at the discretion of our board of directors and will depend on, among other things, our results of operations, financial condition, cash requirements, contractual restrictions, and other factors that our board may deem relevant. In addition, our ability to pay dividends is, and may be, limited by covenants of existing and any future outstanding indebtedness we or our subsidiaries incur. Therefore, any return on investment in our common stock is solely dependent upon the appreciation of the price of our common stock on the open market, which may not occur.
If securities or industry analysts do not publish research or reports about our business, if they adversely change their recommendations regarding our shares or if our results of operations do not meet their expectations, our share price and trading volume could decline.
The trading market for our shares will be influenced by the research and reports that industry or securities analysts publish about us or our business. We do not have any control over these analysts. If one or more of these analysts cease coverage of our company or fails to publish reports on us regularly, we could lose visibility in the financial markets, which in turn could cause our share price or trading volume to decline. Moreover, if one or more of the analysts who cover our company downgrade our stock or if our results of operations do not meet their expectations, our share price could decline.
We are an “emerging growth company,” and the reduced disclosure requirements applicable to emerging growth companies may make our common stock less attractive to investors.
We are an “emerging growth company,” as defined in the Jumpstart Our Business Startups Act, or JOBS Act, and may remain an emerging growth company for up to five years. For so long as we remain an emerging growth company, we are permitted and intend to rely on exemptions from certain disclosure requirements that are applicable to other public companies that are not emerging growth companies. These exemptions include not being required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act not being required to comply with any requirement that may be adopted by the Public Company Accounting Oversight Board regarding mandatory audit firm rotation or a supplement to the auditor’s report providing additional information about the audit and the financial statements, reduced disclosure obligations regarding executive compensation and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and shareholder approval of any golden parachute payments not previously approved. We have not yet disclosed all of the executive compensation-related information that would be required if we were not an emerging growth company. We cannot predict whether investors will find our common stock less attractive if we rely on these exemptions. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock and our stock price may be more volatile.
In addition, the JOBS Act provides that an emerging growth company can take advantage of an extended transition period for complying with new or revised accounting standards. This allows an emerging growth company to delay the adoption of certain accounting standards until those standards would otherwise apply to private companies. We have irrevocably elected not to avail ourselves of this exemption from new or revised accounting standards and, therefore, we will be subject to the same new or revised accounting standards as other public companies that are not emerging growth companies. We will incur increased costs as a result of operating as a public company, and our management will be required to devote substantial time to new compliance initiatives and corporate governance practices.
Our directors, executive officers, and significant stockholders have substantial control over us and could delay or prevent a change in control.
Our directors, executive officers and holders of more than 5% of our common stock, together with their affiliates, beneficially own, in the aggregate, approximately 70% of our outstanding common stock as of September 30, 2017. As a result, these stockholders, acting together, would have the ability to control the outcome of matters submitted to our stockholders for approval, including the election of directors and any merger, consolidation or sale of all or substantially all of our assets. In addition, these stockholders, acting together, would have the ability to control the management and affairs of our company. Accordingly, this concentration of ownership might adversely affect the market price of our common stock by:
delaying, deferring or preventing a change in control of the company;
impeding a merger, consolidation, takeover or other business combination involving us; or
discouraging a potential acquirer from making a tender offer or otherwise attempting to obtain control of the company.
|
| |
| |
ITEM 2. | UNREGISTERED SALES OF EQUITY SECURITIES AND USE OF PROCEEDS |
| None. |
None.
The documents listed in the Exhibit Index of this Quarterly Report on Form 10-Q are herein incorporated by reference or are filed with this Quarterly Report on Form 10-Q, in each case as indicated therein (numbered in accordance with Item 601 of Regulation S-K).
EXHIBIT INDEX
|
| | |
Exhibit Number | | Description |
3.110.1* | | |
3.210.2 | | |
31.1 | | |
31.2 | | |
32.1† | | |
32.2† | | |
101.INS | | XBRL Instance Document. |
101.SCH | | XBRL Taxonomy Schema Linkbase Document. |
101.CAL | | XBRL Taxonomy Calculation Linkbase Document. |
101.DEF | | XBRL Taxonomy Definition Linkbase Document. |
101.LAB | | XBRL Taxonomy Labels Linkbase Document. |
101.PRE | | XBRL Taxonomy Presentation Linkbase Document. |
|
| |
* | Indicates a management or compensatory plan. |
† | This certification is deemed not filed with the Securities and Exchange Commission and is not to be incorporated by reference into any filing of Forescout Technologies, Inc. under the Securities Act of 1933, as amended, or the Securities Exchange Act of 1934, as amended, whether made before or after the date of this Quarterly Report on Form 10‑Q, irrespective of any general incorporation language contained in such filing. |
SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1933,1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized, in the City of San Jose, State of California, on December 7, 2017.authorized.
|
| |
| FORESCOUT TECHNOLOGIES, INC. |
| |
By:Dated: May 9, 2019 | /s/By: /s/ Darren J. Milliken |
| Darren J. Milliken |
| Senior Vice President, General Counsel, Corporate Secretary and Corporate Compliance Officer |
|
| |
| |
Dated: May 9, 2019 | By: /s/ Christopher Harms |
| Christopher Harms |
| Chief Financial Officer |
| Principal Financial Officer |