INTRODUCTION
Unless the context otherwise requires, all references in this Annual
Report on Form 20-F (this “annual report”) to “we,” “us,” “our,” the “Company,”
and “Radware” are to Radware Ltd. and its subsidiaries.
When the following terms and abbreviations appear in the text of
this annual report, they have the meanings indicated below:
|
• |
“Articles of Association” is to our Amended and Restated Articles of Association; |
|
• |
“Companies Law” or the “Israeli Companies Law” are to the Israeli Companies Law, 5759-1999, as amended;
|
|
• |
“dollars,” “$,” or “US$” are to U.S. dollars; |
|
• |
“Nasdaq” is to the Nasdaq Stock Market LLC; |
|
• |
“NIS” or “shekels” are to New Israeli Shekels; |
|
• |
“ordinary shares” are to our ordinary shares, par value NIS 0.05 per share; |
|
• |
the “SEC” is to the U.S. Securities and Exchange Commission; |
|
• |
the “U.S.” is to the United States; and |
|
• |
“U.S. GAAP” are to generally accepted accounting principles in the United States. |
We have registered trademarks for, among others, Radware®;
Radware Logo:
®;
OnDemand Switch®; Alteon®; APSolute®; LinkProof®; DefensePro®; CID®; SIPDirector®; AppDirector®;
AppXcel®; AppXML®; AppWall®; APSolute Insite®; StringMatch Engine®; Web Server Director®; APSolute Vision®;
vDirect®; Alteon VA®; AppShape®; FastView®; DefenseFlow®; Virtual DefensePro®; VADI® (Virtual Application
Delivery Infrastructure); Radware SecurPath®; ShieldSquare® and the ShieldSquare Logo:
®,
and we have non-registered trademarks for, among others, ADC-VX™; Inflight™; and CyberStack™. Unless the context otherwise
indicates, all other trademarks and trade names appearing in this annual report are owned by their respective holders.
Our consolidated financial statements appearing in this annual
report are prepared in dollars and in accordance with U.S. GAAP and are audited in accordance with the standards of the Public Company
Accounting Oversight Board in the United States.
Statements made in this annual report concerning the contents of
any contract, agreement or other document are summaries of such contracts, agreements or documents and are not complete descriptions of
all of their terms. If we filed any of these documents as an exhibit to this annual report or to any registration statement or reports
that we previously filed, you may read the document itself for a complete description of its terms, and
the summary included herein is qualified by reference to the full text of the document, which is incorporated by reference into this annual
report.
Unless otherwise indicated, information contained in this annual
report concerning our industry and the markets in which we operate, including our competitive position and market opportunity, is based
on information from our own management estimates and research, as well as from industry and general publications and research, surveys
and studies conducted by third parties. Management estimates are derived from publicly available information, our knowledge of our industry
and assumptions based on such information and knowledge, which we believe to be reasonable. Our management estimates have not been verified
by any independent source, and we have not independently verified any third-party information. In addition, assumptions and estimates
of our and our industry’s future performance are necessarily subject to a high degree of uncertainty and risk due to a variety of
factors, including those described in Item 3.D “Risk Factors” below.
CAUTIONARY STATEMENT REGARDING
FORWARD-LOOKING STATEMENTS
Except for the historical information contained herein, the statements
contained in this annual report are forward-looking statements, within the meaning of the Private Securities Litigation Reform Act of
1995 and other federal securities laws with respect to our business, financial condition and results of operations. Actual results could
differ materially from those anticipated in these forward-looking statements as a result of various factors, including all the risks discussed
in “Risk Factors” and elsewhere in this annual report.
We urge you to consider that statements that use the terms “believe,”
“expect,” “plan,” “intend,” “estimate,” “anticipate,” and similar expressions
or future or conditional verbs such as “will,” “should,” “would,” “may,” and “could”
are intended to identify forward-looking statements. Such forward-looking statements appear in Item 3.D “Risk Factors,”
Item 4 “Information on the Company,” and Item 5 “Operating and Financial Review and Prospects” as well as elsewhere
in this annual report. These statements reflect our current views with respect to future events, are based on assumptions and are subject
to risks and uncertainties, including those discussed under Item 3.D “Risk Factors” and in our other filings with the SEC.
Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. Except
as required by applicable law, including the securities laws of the United States, we do not intend to update or revise any forward-looking
statements, whether as a result of new information, future events or otherwise.
Table of Contents
|
|
8 |
|
|
8 |
|
|
8 |
|
|
8 |
A. |
[Reserved] |
9 |
B. |
Capitalization and Indebtedness |
9 |
C. |
Reasons for the Offer and Use of Proceeds |
9 |
D. |
Risk Factors |
9 |
|
|
40 |
A. |
History and Development of the Company |
40 |
B. |
Business Overview |
41 |
C. |
Organizational Structure |
63 |
D. |
Property, Plants and Equipment |
65 |
|
|
66 |
|
|
66 |
A. |
Operating Results |
66 |
B. |
Liquidity and Capital Resources |
79 |
C. |
Research and Development, Patents and Licenses, etc. |
82 |
D. |
Trend Information |
83 |
E. |
Critical Accounting Estimates |
87 |
|
|
92 |
A. |
Directors and Senior Management |
92 |
B. |
Compensation |
96 |
C. |
Board Practices |
100 |
D. |
Employees |
105 |
E. |
Share Ownership |
106 |
F. |
Disclosure of a Registrant’s Action to Recover Erroneously
Awarded Compensation |
109 |
|
|
110 |
A. |
Major Shareholders |
110 |
B. |
Related Party Transactions |
112 |
C. |
Interests of Experts and Counsel |
116 |
|
|
117 |
A. |
Consolidated Statements and Other Financial Information |
117 |
B. |
Significant Changes |
117 |
|
|
118 |
A. |
Offer and Listing Details |
118 |
B. |
Plan of Distribution |
118 |
C. |
Markets |
118 |
D. |
Selling Shareholders |
118 |
E. |
Dilution |
118 |
F. |
Expenses of the Issue |
118 |
|
|
119 |
A. |
Share Capital |
119 |
B. |
Memorandum and Articles of Association |
119 |
C. |
Material Contracts |
119 |
D. |
Exchange Controls |
119 |
E. |
Taxation |
135 |
F. |
Dividends and Paying Agents |
135 |
G. |
Statement by Experts |
135 |
H. |
Documents on Display |
135 |
I. |
Subsidiary Information |
135 |
J. |
Annual Report to Security Holders |
135 |
|
|
136 |
|
|
138 |
|
|
139 |
|
|
139 |
|
|
139 |
|
|
140 |
|
[Reserved] |
140 |
|
|
140 |
|
|
141 |
|
|
141 |
|
|
142 |
|
|
143 |
|
|
143 |
|
|
144 |
|
|
144 |
|
|
145 |
|
Insider Trading Policy |
145 |
|
Cybersecurity |
145 |
|
|
147 |
|
|
147 |
|
|
147 |
|
|
147 |
|
|
149 |
Part I
ITEM 1. IDENTITY
OF DIRECTORS, SENIOR MANAGEMENT AND ADVISERS
Not applicable.
ITEM 2. OFFER
STATISTICS AND EXPECTED TIMETABLE
Not applicable.
ITEM 3. KEY
INFORMATION
A. [Reserved]
B. Capitalization
and Indebtedness
Not applicable.
C. Reasons
for the Offer and Use of Proceeds
Not applicable.
D. Risk
Factors
You should carefully consider the following risks before deciding
to purchase, hold or sell our ordinary shares. Our business, operating results, and financial condition could be seriously harmed due
to any of the following risks. The following risks are not the only risk factors facing our Company. Additional risks and uncertainties
not presently known to us or that we currently deem immaterial may also affect our business. The trading price of our ordinary shares
could decline due to any of these risks. You should also refer to the other information contained or incorporated by reference in this
annual report, before making any investment decision regarding our Company.
The following constitutes a summary of the material risks relevant to an investment
in our Company:
Risks Related to Our Business and Our Industry
• |
Changing or severe global economic conditions could have a material adverse effect on our results of operations. |
• |
We depend upon independent distributors to sell our solutions to customers. If our distributors do not succeed in selling our
products and services, we may not be able to operate profitably. |
• |
We must manage our anticipated growth effectively in order to be profitable. |
• |
A shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing
costs, and any disruption in our supply chain could have a material adverse effect on our results of operations. |
• |
We rely on a few vendors to provide our hardware platforms and components for the manufacture of our products. |
• |
Our success depends on our ability to attract, train and retain highly qualified personnel. |
• |
Competition in the market for cyber security and application delivery solutions and in our industry, in general, is intense. If we
are unable to compete effectively, we may lose market share, and we may be unable to maintain profitability. |
• |
We must develop new solutions and enhance existing solutions to remain competitive. |
• |
Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solutions
or if our end-users experience security breaches, which could have a material adverse effect on our business, reputation and operating
results. |
• |
As a security provider, if our information technology systems and data, or those of our service providers and other contractors,
are compromised by cyber-attackers or other malicious actors, or by a critical system failure, our reputation, financial condition and
operating results could be materially adversely affected. |
• |
Outages, interruptions, or delays in hosting services could impair the delivery of our cloud-based security services and harm our
business. |
• |
Our global operations may expose us to additional risks. |
• |
We have incurred net losses in the past two years and may incur losses in the future. |
• |
A slowdown in the growth of the cyber security and application delivery solutions market would reduce our addressable market and
solutions sales. |
• |
If the market for our cloud-based solutions does not continue to develop and grow, we may incur capital and operating losses.
|
• |
Our solutions may have long sales cycles, which may reduce the predictability of our financial performance. |
• |
We may pursue acquisitions or other investments that could disrupt our business and harm our financial condition. |
• |
Our business in countries with a history of corruption and transactions with foreign governments increases the risks associated with
our international activities. |
• |
Currency exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.
|
• |
Undetected defects and errors may increase our costs and impair the market acceptance of our products. |
• |
Our business and operating results could suffer if third parties infringe upon our proprietary technology. |
• |
Our products may infringe on the intellectual property rights of others. |
• |
Laws, regulations and industry standards affecting our business are evolving, and unfavorable changes could harm our business.
|
• |
Some of our solutions contain “open source” and third-party software, and any failure to comply with the terms of one
or more of these open source and third-party software licenses could negatively affect our business. |
• |
The amount of intangible assets and goodwill on our books may in the future lead to significant impairment charges. |
• |
Additional tax liabilities, including due to tax positions we have taken, could materially adversely affect our results of operations
and financial condition. |
• |
The enactment of legislation changing the United States’ taxation of international business activities could materially impact
our financial position and results of operations. |
• |
If we are unable to realize our investment objectives, our financial condition and results of operations may be adversely affected.
|
• |
We rely on information technology systems to conduct our businesses, and failure to protect these systems against security breaches
and otherwise to implement, integrate, upgrade and maintain such systems in working order could have a material adverse effect on our
results of operations, cash flows or financial condition. |
• |
Major disruptions or deficiencies of our information technology systems could disrupt our operations and cause unanticipated increases
in our costs. |
• |
Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories
as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and
dealings with Russian entities by many multi-national businesses across a variety of industries. |
• |
Climate change may have an adverse impact on our business. |
• |
Our disclosures and initiatives related to environmental, social and governance (“ESG”) matters expose us to numerous
risks, including risks to our reputation, business, financial performance and growth. |
Risks Related to the Market for
Our Ordinary Shares
• |
The late Yehuda Zisapel (and following his death, his estate), Nava Zisapel, and Roy Zisapel, our President, Chief Executive Officer
and a director, may exert significant influence in the election of our directors and over the outcome of other matters requiring shareholder
approval. |
• |
Provisions of our Articles of Association and Israeli law as well as the terms of our equity incentive plan could delay, prevent
or make a change of control of us more difficult or costly, which could depress the price of our ordinary shares. |
• |
Our share price has been volatile in the past and may be subject to volatility in the future. |
• |
If we are characterized as a passive foreign investment company, our U.S. shareholders may suffer adverse tax consequences.
|
• |
If a U.S. person is treated as owning at least 10% of our ordinary shares, such holder may be subject to adverse U.S. federal income
tax consequences. |
Risks Related to Operations in Israel
• |
Political, economic and military instability in the Middle East or Israel, including the state of war declared in Israel in October
2023, may harm our business. |
• |
The tax benefits we may receive in connection with our preferred enterprise program require us to satisfy prescribed conditions and
may be terminated or reduced in the future. This would increase taxes and decrease our net profit. |
• |
We have obtained benefits from the Israeli Innovation Authority that subject us to ongoing restrictions. |
• |
It may be difficult to enforce a U.S. judgment against us or our officers and directors and to assert U.S. securities laws claims
in Israel. |
• |
Your rights and responsibilities as a shareholder will be governed by Israeli law, which may differ in some respects from the rights
and responsibilities of shareholders of U.S. companies. |
Risks Related to Our Business and Our Industry
Changing or severe global economic conditions
could have a material adverse effect on our results of operations.
Our business is affected by global economic conditions, uncertainties
and downturns, including as a result of the state of war declared in Israel in October 2023 and instability in the Middle East (see the
risk factor below titled “Political, economic and military instability in the Middle East or Israel, including the state of war
declared in Israel in October 2023, may harm our business”), the war in Ukraine (see the risk factor below titled “Our business
may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other
responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian
entities by many multi-national businesses across a variety of industries”), the tensions between China and Taiwan, and central
banks in the markets in which we operate that have tightened their monetary policies and raised interest rates, which may impact current
and anticipated market demand for our solutions. Uncertainties about current global economic conditions continue to pose a risk as
our current or prospective customers may postpone or reduce demand and spending priorities in response to such uncertainties. This could
result in, among other things, a reduction in our revenues or a failure to achieve anticipated revenue growth, longer sales cycles, and
slower adoption of new technologies as well as downward pressure on the price of our solutions. Other macro conditions may have other
adverse effects on the economy, which are difficult to predict, such as instability of any bank with which we maintain a commercial relationship,
inflation pressures, rising interest rates or a period of elevated interest rates. Each of the above events could have a material adverse
effect on our business, operating results, and financial condition.
We depend upon independent distributors to sell
our solutions to customers. If our distributors do not succeed in selling our products and services, we may not be able to operate
profitably.
Our growth strategy depends upon, among other things, increasing
sales of our solutions, both directly and indirectly through our different distribution channels. We
sell our solutions primarily to independent distributors, including value added resellers (VARs), original equipment manufacturers (OEMs)
and global system integrators (GSIs), and are highly dependent upon these distributors’ active marketing and sales efforts. Our
distribution agreements with our distributors generally are non-exclusive, ranging in duration with no renewal obligation on the part
of our distributors. Our distribution agreements also typically do not prevent our distributors from selling products and services of
our competitors and do not contain minimum sales or marketing performance requirements. As a result, our distributors may give higher
priority to products and services of our competitors or their own products, thereby reducing their efforts to sell our products and services.
In addition, we may not be able to maintain our existing distribution relationships, and we may not be successful in replacing them on
a timely basis, or at all. We may also need to develop new distribution channels for new products and services, and we may not succeed
in doing so. Any changes in our distributor relationships or distribution channels, including a termination or other disruption of our
commercial relationship with our distributors or our inability to establish distribution channels for new products and services, could
impair our ability to sell our products and services and have a material adverse effect on our business, financial condition and results
of operations.
We must manage our anticipated growth effectively
in order to be profitable.
We have actively expanded our operations in the past and may continue
to expand them in the future in order to gain market share in the evolving market for cyber security and application delivery solutions.
This expansion has required, and may continue to require, managerial, operational and financial resources.
In some cases, we may choose to increase our cost of operations
at the expense of our short-term profitability in order to support future expansion and growth. We cannot assure you that we will continue
to expand our operations successfully. If we are unable to manage our expanding operations effectively, our revenues may not increase
or may decline, our cost of operations may increase, and we may not be profitable. For example, in 2023 and 2022, we recorded an operating
loss of $31.7 million and $3.3 million, respectively, and net loss of $21.6 million and $0.2 million, respectively.
A shortage of components or manufacturing capacity
could cause a delay in our ability to fulfill orders or increase our manufacturing costs, and any disruption in our supply chain could
have a material adverse effect on our results of operations.
Our ability to meet customer demands depends in part on our ability
to obtain timely deliveries of parts from our suppliers and contract manufacturers. We cannot assure you that we will not encounter supply
and fulfilment issues in the future and certain components are presently available to us only from limited sources (see the risk factor
below titled “We rely on a few vendors to provide our hardware platforms and components for the manufacture of our products” and
the discussion under Item 4.B “Business Overview—Manufacturing and Suppliers”). We may not be able to diversify sources
in a timely and cost-effective manner, which could harm our ability to deliver products to customers and adversely impact present and
future sales and profitability.
We may experience a shortage of certain component parts as a result
of our own manufacturing issues, manufacturing issues at our suppliers or contract manufacturers, capacity problems or transportation
and freight carriers issues experienced by our suppliers or contract manufacturers, or strong demand in the industry for those parts,
especially if there is growth in the overall economy. If there is growth in the economy, such growth is likely to create greater pressures
on us and our suppliers to accurately project overall component demand and component demands within specific product categories and to
establish optimal component levels. If shortages or delays persist, such as due to the worldwide chipset shortage, the price of these
components may increase, or the components may not be available at all.
We may also encounter shortages if we do not accurately anticipate
our needs. We may not be able to secure enough components at reasonable prices or of acceptable quality to build new products in a timely
manner in the quantities or configurations needed. Accordingly, our revenues and gross margins could be materially and adversely affected
until other sources can be developed.
In addition, our operating results could be materially and adversely
affected if we anticipate greater demand than what transpires, and we commit to purchasing more components than we actually need. We see
this specifically with respect to dated components, which we need to order in large quantities due to manufacturing stoppage. Due to technology
advancements, we are required from time to time to make “last buy” type of stock purchases of such dated components for our
legacy products.
Any disruption in our supply chain, such as disruptions resulting
from failure in telecommunication systems; acts of war, terrorism, cyber-attacks or natural disasters, including major environmental or
public health concerns, such as the COVID-19 pandemic, lack of skilled labor, the disruption of transportation networks, and adverse weather
conditions, could have a material adverse effect on our business, financial condition and results of operations.
We rely on a few vendors to provide our hardware
platforms and components for the manufacture of our products.
We primarily rely on a few original design manufacturers, or ODMs,
for the manufacture and supply of our hardware platforms, with approximately 92% of our direct product costs in 2023 related to these
vendors. If we are unable to continue to acquire from these ODMs and/or other components vendors on acceptable terms or should any of
these ODMs and/or components vendors cease to supply us with such platforms or components for any reason, we may not be able to identify
and integrate an alternative source of supply in a timely fashion or at the same costs. Any transition to one or more alternate manufacturers
could result in delays, operational problems and increased costs, and may limit our ability to deliver our products to our customers on
time during such a transition period, any of which could have a material adverse effect on our business, financial condition and results
of operations.
Our success depends on our ability to attract,
train and retain highly qualified personnel.
Our products and services require sophisticated technology, marketing
and sales expertise. Accordingly, we need highly trained research and development, sales, marketing, technical, customer support, operations
and IT personnel. Competition for such qualified personnel, especially in the cyber security domain, is intense. In particular, while
there has been intense competition for such qualified personnel in the Israeli high-tech industry historically, the industry experienced
record growth and activity in the past few years, which contributed to significant levels of employee attrition and is currently facing
a severe shortage of skilled human capital, including qualified personnel in the cyber security domain. Additionally, we may be unable
to hire or retain talent who are trained in artificial intelligence (AI), machine learning and advanced algorithms, to keep pace with
the rapid and continuous technological changes in our industry. In addition, while we utilize non-competition agreements with
our employees as a means of improving our employee retention, we may be unable to enforce these agreements under applicable laws. In light
of the foregoing, we may not be able to hire or retain sufficient personnel to support our business operations or, if we do, we may be
required to offer increased compensation to attract such employees, which could have a material adverse effect on our business, financial
condition and results of operations.
Competition in the market for cyber security
and application delivery solutions and in our industry, in general, is intense. If we are unable to compete effectively, we may lose market
share, and we may be unable to maintain profitability.
The cyber security and application delivery solutions marketplace
is highly competitive and has very few barriers to entry, particularly in our focus areas. We expect competition to intensify in the future,
and we may lose market share if we are unable to compete effectively.
Most of our competitors have greater financial, personnel and
other resources than we have, which may limit our ability to effectively compete with them. We expect to continue to face additional competition
as new participants enter the market or extend their portfolios into related technologies. Current and future participants may also be
able to respond more quickly to new or emerging technologies and changes in customer demands and to devote greater resources to the development,
promotion and sale of their products than we can. Larger companies with substantial resources, brand recognition and sales channels may
form consolidation and alliances with or acquire competing cyber security and application delivery solutions and emerge as significant
competitors.
Competition may result in lower prices or reduced demand for
our solutions and a corresponding reduction in our ability to recover our costs, which may impair our ability to achieve, maintain and
increase profitability. Furthermore, the dynamic market environment poses a challenge in predicting market trends and expected growth.
We cannot assure you that we will be able to implement our business strategy in a manner that will allow us to be competitive. If any
of our competitors offer products or services that are more competitive than ours, we could lose market share and our business, financial
condition and results of operations could be materially and adversely affected as a result.
We must develop new solutions and enhance
existing solutions to remain competitive.
The market for cyber security and application delivery solutions
is characterized by rapid technological changes, driven primarily by accelerated digital transformation including a dramatic increase
in work from home initiatives, a rapid shift to online business activity, increased migration to cloud environments and the introduction
of interactive AI technologies (LLM-based) that enable adversaries a faster time to launch cyber attacks. Such technological changes and
transformations are accompanied by, in addition to a rapidly evolving and active cyber threat landscape that is accelerated by weaponized
AI tools, changes in networks, applications infrastructure, architecture tools and increasingly demanding compliance mandates. The challenges
we face are centered around the timing and effectiveness of response and include:
|
• |
increasing throughput, capacity, performance algorithmic coverage and efficiency of our core products, to cope with growing velocity
and complexity of attacks; |
|
• |
adapting to fundamental changes in our customers’ data centers’ infrastructure and changes in the locations of applications
and data by offering relevant solutions for multi-clouds and hybrid cloud environments; |
|
• |
offering new solutions to adapt to the changes in applications’ deployment frameworks, workflows and architectures, massive
usage of Application Programming Interface (API) stacks, third-party attacks that require browser security presence, supply chain attacks
and new edge delivery technologies in response to the rise of modern applications buildup and delivery requirements; |
|
• |
adapting to changes in the cyber threat landscape, by extending our security coverage to include client-side attacks, edge attacks,
API-level attacks, cloud-native attacks (cloud access management and workloads), complex application-level attacks, such as Business
Logic Attacks (BLA), encrypted attacks, usage of open source third-party attack libraries, and/or AI, natural language processing (NLP)
and automated attacks; |
|
• |
addressing new regulations and compliance standards, including those related to publicly exposed services that require the validation
of safety of sensitive data provided or consumed by the service consumers; |
|
• |
developing and enhancing our cloud, physical and virtual appliances and container offerings and expanding our managed security services
capabilities to address the industry trend of providing services for the cloud and through the cloud – organically and inorganically;
and |
|
• |
increasing our support offerings to address the industry trend of increased customer reliance on third-party provided or managed
information technology services. |
In order to meet these challenges and remain competitive in the
market, we have introduced, and must continue to introduce, new solutions and enhancements to our existing solutions. Accordingly, our
future success will depend, to a substantial extent, on our ability to accurately and timely identify market trends and anticipate changing
market requirements and needs; to invest (including through acquisition of complimentary solutions) in research and development and timely
develop, introduce and support relevant and desired new solutions and enhancements; and to gain market acceptance of our offerings. There
can be no assurances that our continued investment in research and development, including associated capital expenditures, will ultimately
allow us to remain competitive in our industry or otherwise result in successful solutions that generate expected sales and support our
growth. In addition, diversifying our solution portfolio might expose us to direct competition with new players and might require additional
investments in the associated sales and marketing practices.
If our research and development efforts do not lead to a corresponding
increase in our revenues, if we fail to timely develop and deploy new solutions and enhancements to our existing solutions, or if we fail
to gain market acceptance of our new solutions or enhanced solutions, our business, operating results, and financial condition could be
materially adversely affected.
Our reputation and business could be harmed
based on real or perceived shortcomings, defects or vulnerabilities in our solutions or if our end-users experience security breaches,
which could have a material adverse effect on our business, reputation and operating results.
Any errors, defects, or misconfigurations could cause our solutions
to not meet specifications, be vulnerable to security attacks or fail to secure networks or applications, which could negatively impact
customer operations and consequently harm our business and reputation. In addition, we may suffer significant adverse publicity and reputational
harm and become subject to regulatory and litigation claims if our solutions are associated, or are believed to be associated with, or
fail to reasonably protect against, a security attack or a breach at a high-profile customer, a significant customer base or a significant
business partner. Many of our customers and business partners are themselves highly regulated entities, which may result in enhanced scrutiny
of our security program and controls in the event of a significant cybersecurity incident. Moreover, any actual or perceived cyber-attack,
other security breach, exposure or theft of our or our customers’ data, regardless of whether the breach or theft is attributable
to the failure of our solutions, could:
|
• |
adversely affect the market’s perception of our security solutions, |
|
• |
cause current or potential customers to look to our competitors for alternatives, |
|
• |
require us to expend significant financial resources to analyze, correct or eliminate any vulnerabilities, and |
|
• |
lead to investigations, litigation, fines and penalties, any of which could have a material adverse effect on our operations, financial
condition and reputation. |
Cyber-attackers or other malicious actors are increasingly sophisticated,
may be state actors or affiliated with organized crime, and may operate large-scale and complex automated attacks. In addition, the techniques
they use to access or sabotage networks or applications or to disrupt operations (for example, via ransomware) change frequently and generally
are not recognized until launched against a target. As a result, our solutions may be unable to anticipate these techniques and provide
timely or effective protection to our end-users’ networks or applications, particularly due to the increased use by attackers of
tools and techniques that are designed to circumvent security controls, to avoid detection and to remove or obfuscate evidence. The global
marketplace also expects actors to increasingly develop innovative attack methodologies utilizing AI to identify and exploit vulnerabilities
from both technical and social engineering perspectives. In addition, continued remote and hybrid working arrangements at our Company
(and at many third-party providers), such as those that evolved during the COVID-19 pandemic and continued after the pandemic, also increase
cybersecurity risks due to the challenges associated with managing remote computing assets and the security vulnerabilities that are present
in many non-corporate and home networks. We may acquire companies or enter into information technology system integrations with companies
that have cybersecurity vulnerabilities or unsophisticated security measures, which would expose us to increased risks. In addition, we
cannot comprehensively identify all misconfigurations, “bugs” or vulnerabilities in proprietary or third-party systems or
software used by our business, or guarantee that patches or compensating controls will be applied before vulnerabilities can be exploited
by a threat actor. If we fail to identify and respond to new and increasingly complex methods of attack or to update our solutions to
detect or prevent such threats in time to protect our end-users’ critical business data, the integrity of our solutions and reputation,
as well as our business and operating results, could suffer.
Furthermore, security breaches or defects in our solutions could
result in loss or alteration of, or unauthorized access to, data of customers, employees, business partners and others, including personally
identifiable information, as well as proprietary information belonging to our business such as trade secrets, and compromise our customers’
networks and applications that are secured by our physical and cloud solutions. Moreover, any use or integration of generative or other
AI in our, or any third party’s, operations, products or services will pose new and/or unknown cybersecurity risks and challenges.
If such a security breach results in the disruption or loss of availability, integrity or confidentiality of customers’ data, we
could incur significant liability to our customers and to businesses or individuals whose information was being handled by our customers,
in addition to liability imposed by regulatory agencies. There can be no assurance that limitation of liability, indemnification or other
protective provisions that we attempt to include in our contracts would be applicable, enforceable or adequate in connection with a security
breach, or would otherwise protect us from any such liabilities or damages with respect to any particular claim.
There is no guarantee that our solutions will be free of flaws
or vulnerabilities. Our end-users may also misuse our solutions, which could result in vulnerabilities to a breach or theft of business
data. Furthermore, there can be no assurance that our cybersecurity risk management program and processes, including our policies, controls,
or procedures, will be fully implemented, complied with or effective in protecting our information technology systems and confidential
information.
As a security provider, if our information
technology systems and data, or those of our service providers and other contractors, are compromised by cyber-attackers or other malicious
actors, or by a critical system failure, our reputation, financial condition and operating results could be materially adversely affected.
We will not succeed with our application and network security solutions
unless the marketplace is confident that we provide effective cyber security protection. We provide security solutions, and as a result,
we have been, and continue to be, an attractive target of cyber-attacks and other security incidents, which we have experienced from time
to time, that threaten the confidentiality, integrity and availability of our computer and information technology at our computer and
information technology systems and network environment. We are subject to many different types of attacks, including, among others, malware,
viruses and attachments to e-mails, web application attacks, Distributed Denial of Service (DDoS) attacks, and other disruptive activities
of individuals or groups, all of which are designed to impede the performance of our solutions, penetrate our network security or the
security of our cloud platform or our internal systems, misappropriate proprietary and other important data and personal information we
process or maintain and/or cause other interruptions to our services. We and certain of our third-party providers regularly experience
cyberattacks and other incidents, and we expect such attacks and incidents to continue in varying degrees. While to date no attacks or
incidents have had a material impact on our operations or results, we cannot guarantee that material incidents will not occur in the future.
We expect cyberattacks to accelerate on a global basis in both frequency and magnitude, as threat actors are increasingly sophisticated
in using techniques and tools – including AI – that can circumvent controls, evade detection and remove forensic evidence.
As a result, we may be unable to detect, investigate, remediate or recover from future attacks or incidents, or to avoid a material adverse
impact on our information technology systems, confidential information or business. Furthermore, third parties may attempt to illegally
induce employees or customers into disclosing our proprietary information or otherwise compromising the security of our internal networks,
systems or physical facilities in order to gain access to our data or our customers’ data. An actual or perceived breach of
security in our internal systems could adversely affect the integrity and market perception of our solutions. Furthermore, the costs to
eliminate or address security threats and vulnerabilities before or after a cyber-security incident and any resulting regulatory or litigation
actions could be significant.
We rely on third-party service providers to supply physical hosting,
cloud environments, and specific support technologies in order to deliver and support our security solutions, in addition to internal
functions, such as human resources, finance, and electronic communications, all of which are designed to enable us to conduct, monitor,
and/or protect our business, operations, systems, and data assets. Such third-party service providers have from time to time been subject
to, and continue to be subject to, cyber-attacks, malicious actors, and other security incidents. While we periodically evaluate the internal
security posture of each third-party service provider to determine their level of compliance, we may not be able to detect any breach
in the first instance it occurs. These risks may impact the integrity and availability of our solutions and may expose us to legal and
reputational liability.
Any significant system failure, accident, attack or security breach
could have a material adverse effect on our business, financial condition and results of operations. Remediation efforts or system redundancy
or other continuity measures may be ineffective or inadequate and could result in interruptions, delays or cessation of service and loss
of existing or potential customers. There can be no assurance that limitation of liability, indemnification or other protective provisions
in our contracts would be applicable, enforceable, or adequate in connection with a security breach, or would otherwise protect us from
any such liabilities or damages with respect to any particular litigation (including class actions), reputational impacts, and the loss
of partners, collaborators and customers. Additionally, our professional, product, and cyber liability insurance coverages may only cover
certain liabilities in connection with a security breach or other security incident and may not adequately cover all liabilities actually
incurred, and we cannot assure you that insurance will continue to be available to us on commercially reasonable terms, if at all, or
that any insurer will not deny coverage as to any future claim.
In addition, any such security breach could disrupt or impair our
ability to operate our business, including our ability to provide maintenance and support services to our customers. If this happens,
our revenues could decline and our reputation and business could suffer.
Outages, interruptions, or delays
in hosting services could impair the delivery of our cloud-based security services and harm our business.
We offer infrastructure that supports our DDoS Protection services,
web application firewall (WAF) and bot management cloud-based services. In addition, we provide other services through the cloud, such
as Content Delivery Network (CDN). Despite precautions taken within our own internal network and at these third-party facilities, the
occurrence of a natural disaster or an act of terrorism or other unanticipated problems could result in lengthy interruptions in our services.
The cloud-based security services that we provide are operated
from a network of third-party facilities that host the software and systems that operate these security services. Any damage to, failure
of, or significant disruptions (for example, due to ransomware) to, our internal systems or systems at third-party hosting facilities
could result in outages or interruptions in our cloud-based services. Outages or interruptions in our cloud-based security services, whether
as a result of impacts to our or our third-party hosting facilities or otherwise, may cause our customers to experience cyber-attacks
and to believe that our cloud-based security services are unreliable, cause us to issue credits or pay penalties or damages, cause customers
to terminate their subscriptions, and adversely affect our reputation and renewal rates and our ability to attract new customers, ultimately
harming our business and results of operations.
Our global operations may expose
us to additional risks.
We currently offer our solutions in over 80 countries. For the
years ended December 31, 2023 and 2022, our sales outside North, Central and South America represented approximately 60% and 58%, respectively,
of our total sales. We also rely on third-party service providers around the world to supply physical hosting and cloud environments in
order to deliver and support our cloud-based services. Our global business operations involve varying degrees of risk and uncertainty
inherent in doing business in so many different jurisdictions. Such risks include, among others: difficulties and costs of staffing and
managing foreign operations; the possibility of unfavorable circumstances and additional compliance costs arising from host country laws
or regulations, including unexpected changes in the interpretations thereof and reduced protection for intellectual property rights in
some countries; partial or total expropriation; export duties and quotas; local tax exposure; economic or political instability, including
as a result of insurrection, war, natural disasters, and major environmental, climate or public health concerns, such as the COVID-19
pandemic; differences in business practices; recessionary environments in multiple foreign markets; and damage to, or failure of, systems
at third-party hosting facilities around the word resulting in outages or interruptions in our cloud-based services. We cannot be certain
that the foregoing factors will not have a material adverse effect on our future revenues and, as a result, on our business, operating
results, and financial condition.
We have incurred net losses in
the past two years and may incur losses in the future.
We incurred net losses during 2022 and 2023. Our
ability to reach, maintain or increase profitability in the future depends in part on the following factors: the economic health of the
global economy, including geopolitical tensions; record levels of inflation and rising interest rates or a
period of elevated interest rates; the rate of growth of, and changes in technology trends in our market and other industries in which
we currently or may in the future operate; our ability to develop and manufacture new products and technologies and deliver new solutions
in a timely manner; the competitive position of our products and services; the continued acceptance of our solutions by our customers
and in the industries that we serve; and our ability to manage expenses. In the future, it may be necessary to undertake cost reduction
initiatives to be profitable, which could lead to a deterioration of our competitive position. Any difficulties that we encounter as we
reduce our costs could negatively impact our results of operations and cash flows. Our revenues
may not increase or may grow at a lower rate than we have experienced in the past several years or may even decline, which would negatively
impact our results of operations and cash flows. We cannot assure you that we will be profitable.
We may increase our operating expenses in future periods. Our decision
to increase operating expenses and the scope of such increases depends upon several factors, including the market situation and the effectiveness
of our past expenditures. We may continue to make additional expenditures in anticipation of generating higher revenues, which we may
not realize, if at all, until sometime in the future. This could cause reductions in our profitability or lead to losses. Additionally,
a failure of any acquisition or product development initiative to produce increased revenues could have a material adverse effect on our
operations and profitability.
A slowdown in the growth of the cyber security
and application delivery solutions market would reduce our addressable market and solutions sales.
The cyber security and application delivery market in which we
operate is rapidly evolving, and we cannot assure you that it will continue to develop and grow. In addition, we cannot assure you that
our solutions and technology will keep pace with the changes to this market. Market acceptance of cyber security and application delivery
solutions may be inhibited by, among other factors, a lack of anticipated congestion and strain on existing network infrastructures and
the availability of alternative solutions. If demand for cyber security and application delivery solutions does not continue to grow,
or grows at a slower pace than expected, we may not be able to sell enough of our solutions to maintain or increase our profitability.
If the market for our cloud-based solutions
does not continue to develop and grow, we may incur capital and operating losses.
As we continue to expand our cloud-based solution offerings, our
investments, both capital and operational, in our cloud business increase. We cannot assure you that sales of our cloud-based solutions
will continue to develop and grow. In addition, we cannot assure you that our services and technology will keep pace with the changes
in this market. Specifically, the emergence of alternative solutions, such as those offered by Amazon Web Services, Inc. (AWS), Microsoft
Azure or Google’s public cloud, may negatively affect sales of our solutions. We recognize a significant portion of revenue from
subscriptions over the term of the relevant subscription period, and as a result, downturns or upturns in sales are not immediately reflected
in full in our results of operations.
Our solutions may have long sales cycles, which
may reduce the predictability of our financial performance.
Our solutions are technologically complex and are typically intended
for use in applications that may be critical to the business of our customers. As a result, our pre-sales process can be subject to delays
associated with customers’ budgetary constraints and lengthy approval and procurement processes. The sales cycles of our solutions
to new customers can last for as long as 12 months (and in some cases even longer, for example, with carrier customers) from initial presentation
to sale. Long sales cycles result in a delay to our generation of revenue. Long sales cycles also subject us to risks not usually encountered
in short sales cycles, including our customers’ budgetary constraints and internal acceptance reviews and processes prior to purchase.
In addition, orders expected in one quarter could shift to another because of the timing of our customers’ procurement decisions.
Furthermore, customers may defer orders in anticipation of new solutions or product enhancements introduced by us or by our competitors.
These factors complicate our planning processes and reduce the predictability of our financial performance.
We may pursue acquisitions or other investments
that could disrupt our business and harm our financial condition.
As part of our business strategy, we may invest in or acquire complimentary
businesses, technologies or assets or enter into joint ventures or other strategic relationships with third parties. Past acquisitions
have caused, and future acquisitions may cause, us to assume liabilities, incur acquisition-related costs, incur amortization expenses
or realize write-offs on assets no longer being used or phased out. In addition, the future valuation of these acquisitions may decrease
from the market price paid by us, which could result in the impairment of our goodwill and other intangible assets associated with the
relevant acquired assets. Moreover, our operation of any acquired or merged businesses, technologies or assets could involve numerous
risks, including:
|
• |
post-merger integration problems resulting from the combination of any acquired operations with our own operations or from the combination
of two or more operations into a new unified entity; |
|
• |
diversion of management’s attention from our core business; |
|
• |
substantial expenditures, which could divert funds from other corporate uses; |
|
• |
entering markets in which we have little or no experience; |
|
• |
loss of key employees of the acquired operations; and |
|
• |
known or unknown contingent liabilities, including, but not limited to, tax and litigation costs. |
We cannot be certain that any past or future acquisitions or mergers
will be successful. If the operation of the business of any future acquisitions or mergers disrupts our operations, our results of operations
may be adversely affected, and even if we successfully integrate the acquired business with our own, we may not receive the intended benefits
of the acquisition. In addition, our pursuit of potential acquisitions may divert our management’s attention from our core business
and require considerable cash outlays at the expense of our existing operations, whether or not such transactions are consummated. A failure
of any acquisitions or product developments to produce increased revenues could have a material adverse effect on our operations and profitability.
Our business in countries with a history of corruption and transactions
with foreign governments increases the risks associated with our international activities.
As we operate and sell internationally, we are subject to the Foreign
Corrupt Practices Act of 1977, as amended (the “FCPA”), the U.K. Bribery Act of 2010 (the “UK Bribery Act”) and
other laws that prohibit improper payments or offers of payments to foreign governments and their officials and political parties for
the purpose of obtaining or retaining business. We have operations, deal with and make sales to governmental customers in countries known
to experience corruption, particularly certain emerging countries in Eastern Europe, South and Central America, East Asia, Africa and
the Middle East. Our activities in these countries create the risk of unauthorized payments or offers of payments by one of our employees,
consultants, channel partners or sales agents that could be in violation of various anti-corruption laws, even though these parties may
not be under our control. While we have implemented safeguards to prevent these practices by our employees, consultants, channel partners
and sales agents, our existing safeguards and any future improvements may prove to be less than effective, and our employees, consultants,
channel partners or sales agents may engage in conduct for which we might be held responsible. Violations of the FCPA, the UK Bribery
Act or other anti-corruption laws may result in severe criminal or civil sanctions, including suspension or debarment from government
contracting, and we may be subject to other liabilities, which could negatively affect our business, operating results, and financial
condition.
Currency exchange rates and fluctuations of
exchange rates could have a material adverse effect on our results of operations.
We are impacted by exchange rates and fluctuations thereof in a
number of ways, including:
|
• |
A large portion of our expenses in Israel, principally salaries and related personnel expenses, are paid in NIS, whereas most of
our revenues are generated in U.S. dollars. When the U.S. dollar is weak, our foreign currency-denominated expenses will be higher, whereas
if the U.S. dollar is strong, our foreign currency-denominated expenses will be lower. If the NIS strengthens against the U.S. dollar,
the dollar value of our Israeli expenses will increase and may have a material adverse effect on our business, operating results, and
financial condition; |
|
• |
A portion of our international sales are denominated in currencies other than U.S. dollars, such as euros, thereby exposing us to
currency fluctuations in such international sales transactions; |
|
• |
We incur expenses in several other currencies in connection with our operations in Europe and Asia. Devaluation of the U.S. dollar
relative to such local currencies causes our operational expenses to increase; and |
|
• |
The majority of our international sales are denominated in U.S. dollars. Accordingly, devaluation in the local currencies of our
customers relative to the U.S. dollar could cause our customers to decrease orders or default on payment. |
Not all of our potential exposure to the effect of fluctuations
in foreign currency exchange rates on our financial position and results of operations is covered by the foreign currency hedging transactions
we engage in from time to time. Furthermore, there can be no assurance that any such hedging transactions will materially reduce the effect
of fluctuations in foreign currency exchange rates on such results. For a further discussion of the impact on currency exchange rates
on our business, see Item 11 “Quantitative and Qualitative Disclosures About Market Risk.”
Undetected defects and errors may increase our
costs and impair the market acceptance of our products.
Our products have occasionally contained, and may in the future
contain, undetected defects or errors, especially when first introduced or when new versions are released, due to defects or errors that
we fail to detect, including in components supplied to us by third parties. These defects or errors may be found after the commencement
of commercial shipments. In addition, because our customers integrate our products into their networks with products from other vendors,
it may be difficult to identify the product that has caused the problem in the network. Regardless of the source of these defects or errors,
we will then need to divert the attention of our engineering personnel from our product development efforts to detect and correct these
errors and defects. We cannot assure you whether we will incur significant warranty or repair costs, be subject to liability claims for
material damages related to product errors or defects or experience any material lags or delays as a result thereof in the future. Any
insurance coverage that we maintain may also not provide sufficient protection should a claim be asserted. Moreover, the occurrence of
errors and defects, whether caused by our products or the components supplied by another vendor, may result in significant customer relations
problems and injure our reputation, thereby impairing the market acceptance of our products.
Our business and operating results could suffer
if third parties infringe upon our proprietary technology.
Our success depends, in part, upon the protection of our proprietary
software installed in our products, our trade secrets and trademarks. We seek to protect our intellectual property rights through a combination
of trademark and patent law, trade secret protection, confidentiality agreements, and other contractual arrangements with our employees,
affiliates, distributors, and others. In the United States and several other countries, we have registered or acquired trademarks. In
addition, we have registered patents in the U.S. and other jurisdictions and have pending patent applications and provisional patents
in connection with several of our products’ features.
The protective steps we have taken may be inadequate to deter infringement
upon our intellectual property rights or misappropriation of our proprietary information. We may be unable to detect the unauthorized
use of our proprietary technology or take appropriate steps to enforce our intellectual property rights. Effective trademark, patent and
trade secret protection may not be available in every country in which we offer, or intend to offer, our products. In addition, our competitors
may independently develop technologies that are substantially equivalent or superior to our technology. Any licenses for intellectual
property that might be required for our services or products may not be available on reasonable terms. Failure to adequately protect our
intellectual property rights could devalue our proprietary content, impair our ability to compete effectively, and eventually harm our
operating results. Furthermore, defending our intellectual property rights, either by way of initiating intellectual property litigation
or defending such, could result in the expenditure of significant financial and managerial resources. Moreover, any adverse outcome of
litigation proceedings could impact the value of our proprietary technology and have additional significant financial impacts, which may
harm our operating results.
Our products may infringe on the intellectual
property rights of others.
Third parties may assert claims that we have violated a patent,
trademark, copyright or other proprietary intellectual property right belonging to them. As is characteristic of our industry, there can
be no assurance that our products do not or will not infringe the proprietary rights of third parties, that third parties will not claim
infringement by us with respect to patents or other proprietary rights, or that we would prevail in any such proceedings. We have received
in the past, and may receive in the future, communications asserting that the technology used in some of our products requires third-party
licenses. Any infringement claims, whether or not meritorious, could result in significant costly litigation or arbitration and divert
the attention of technical and management personnel. Any adverse outcome in litigation alleging infringement could require us to develop
non-infringing technology or enter into royalty or licensing agreements. If, in such situations, we are unable to obtain licenses on acceptable
terms, we may be prevented from manufacturing or selling products that infringe such intellectual property of a third party. An unfavorable
outcome or settlement regarding one or more of these matters could have a material adverse effect on our business, reputation and operating
results.
Laws, regulations and industry standards affecting
our business are evolving, and unfavorable changes could harm our business.
Laws, regulations and industry standards that apply to our business
are becoming more prevalent and constantly evolving, particularly in the area of data privacy and cyber security. We may be impacted by
changes in privacy-related and cyber security-related regulations governing the collection, use, retention, sharing and security of personal
data that we collect, utilize, or otherwise process from our customers and/or visitors to their websites and others. Complying with
a diverse range of privacy and cyber security requirements could cause us to incur substantial costs or require us to change our business
practices in a manner adverse to our business. Any failure, or perceived failure, by us to comply with any privacy or cyber security-related
laws, government regulations or directives, or industry self-regulatory principles could result in damage to our reputation or proceedings
or actions against us by governmental entities or others, which could potentially have an adverse effect on our business.
For example, in the European Economic Area (EEA), we are subject
to the General Data Protection Regulation 2016/679 (GDPR) and in the United Kingdom we are subject to the United Kingdom data protection
regime consisting primarily of the UK General Data Protection Regulation and the UK Data Protection Act 2018 (UK DP Laws), in each case
in relation to our collection, control, processing, sharing, disclosure and other use of data relating to an identifiable living individual
(personal data). The GDPR, and national implementing legislation in EEA member states and the United Kingdom, impose a strict data protection
compliance regime. GDPR and UK DP Laws can expose us to enforcement actions and investigations by regulatory authorities and potentially
result in regulatory penalties and significant legal liability, if our information technology security efforts fail and if we fail to
disclose any material cybersecurity incident in an adequate and timely manner. Accordingly, a data security breach or privacy violation
that leads to unauthorized access to, disclosure or modification of personal information, that prevents access to personal information
or materially compromises the privacy, security, or confidentiality of the personal information, could result in fines, increased costs
or loss of revenue. Our compliance with GDPR and UK DP Laws, as well as other data privacy and cyber security laws around the world, evolving
regulations of cloud computing, cross-border data transfer restrictions and other domestic or foreign regulations, has required and will
continue to require us to invest significant resources in compliance and compliance-related areas.
Furthermore, laws, regulations and industry standards are subject
to constant and, at times, drastic changes that, particularly in the case of industry standards, may arrive with little or no notice,
and these could either help or hurt the demand for our solutions. If we are unable to adapt our solutions to changing laws, regulations
and industry standards in a timely manner, or if our solutions fail to assist our customers with their compliance initiatives, our customers
may lose confidence in our solutions and could switch to competing solutions. Recent legal developments in Europe have created complexity
and uncertainty regarding transfers of personal data from the EEA and the United Kingdom to the United States. These recent developments
may require us to review and amend the legal mechanisms by which we make and/or receive personal data transfers to or in the U.S. Such
legal developments also cause us to look at our operations and review our data flows to ensure we can continue to meet clients’
increasing requests for data to remain in-country or in-region. At the same time, if, contrary to this trend, regulations and standards
related to cyber security are changed in a manner that makes them less onerous, our customers may view government and industry regulatory
compliance as less critical to their businesses, and our customers may purchase fewer of our solutions, or none at all. In either case,
our sales and financial results would be negatively impacted and could be materially adversely affected.
Some of our solutions contain “open
source” and third-party software, and any failure to comply with the terms of one or more of these open source and third-party software
licenses could negatively affect our business.
Some of our products utilize open source technologies. Some open
source software licenses require users who distribute or make available as a service open source software as part of their own software
product to publicly disclose all or part of the source code of the users’ software product or to make available any derivative works
of the open source code on unfavorable terms or at no cost. We cannot be sure that all open source software is submitted for approval
prior to use in our products and while we scan the open-source software that we use in our products and patch discovered vulnerabilities,
we have no assurance that they will be free from vulnerabilities or malicious code. The use of open-source software in our solutions may
expose us, and our customers using our solutions, to additional vulnerabilities and security breaches, which may result in significant
adverse impacts to us and our customers. In addition, open source license terms may be ambiguous and many of the risks associated with
use of open source software cannot be eliminated, and could, if not properly addressed, negatively affect our business. We may face
ownership claims from third parties over, or seeking to enforce the license terms applicable to, such open source software, including
by demanding the release of the open source software, derivative works or our proprietary source code. Any such requirement to disclose
our source code or other confidential information related to our products could materially and adversely affect our competitive position
and may adversely impact our business, results of operations and financial condition. In addition, if the license terms for the open source
code change, we may be forced to re-engineer our software or incur additional costs.
In addition, some of our solutions include other software or intellectual
property licensed from third parties. This exposes us to risks over which we may have little or no control. There can be no assurance
that the licenses from such third-party licensors will continue to be available to us on acceptable terms, if at all. In addition, while
we believe we are compliant with the terms of our third-party licenses, such licensors may still assert that we are in breach of the terms
of a license, which could give such licensors the right to terminate a license or seek damages from us, or both. Our inability to maintain
such licenses or the need to engage in litigation regarding these matters, could result in delays in releases of new products, and could
otherwise disrupt our business, unless and until equivalent technology can be identified, licensed, or developed at substantially the
same costs to us.
The amount of intangible assets and goodwill
on our books may in the future lead to significant impairment charges.
The amount of goodwill and intangible assets on our consolidated
balance sheets was, as of December 31, 2023, approximately $83.7 million, compared to $87.7 million as of December 31, 2022. We regularly
review our intangible and tangible assets, including goodwill, for impairment. Goodwill is subject to impairment review at least annually,
and other intangible assets are reviewed for impairment when there is an indication that impairment may have occurred. Impairment testing
has led to, and may in the future lead to, significant impairment charges.
Additional tax liabilities, including due
to tax positions we have taken, could materially adversely affect our results of operations and financial condition.
We operate our business in various countries, and we attempt to utilize an efficient
operating model to optimize our tax payments based on the laws in the countries in which we operate. This can cause disputes between us
and various tax authorities in the countries in which we operate, whether due to tax positions that we have taken in various tax returns
we have filed or due to determinations we have made not to file tax returns in certain jurisdictions. In particular, not all of our tax
returns are final and may be subject to further audit and assessment by applicable tax authorities. There can be no assurance that the
applicable tax authorities will accept our tax positions, and, if they do not, we may be required to pay additional taxes. In the past
few years, certain tax authorities who have audited our tax returns have rejected our tax positions, and we cannot be sure that our positions
will be accepted, and we may end up paying additional taxes, whether as a result of litigation, if instituted, or settlement negotiations.
Our reserves, which are based on various assumptions and estimates, may prove to be insufficient and as such, our future results may be
adversely affected.
In recent years, we have seen changes in tax laws resulting in
an increase in applicable tax rates, especially increased liabilities of corporations and limitations on the ability to benefit from strategic
tax planning, with these laws particularly focused on international corporations. Such legislative changes in one or more jurisdictions
in which we operate may have implications on our tax liability and have a material adverse effect on our results of operations and financial
condition. For example, the Organization for Economic Cooperation and Development, or the OECD, an intergovernmental organization that
aims to promote the economic and social well-being of people around the world, introduced the base erosion and profit shifting (BEPS)
project. The BEPS project contemplates changes to numerous international tax principles, as well as national tax incentives, and these
changes, if adopted by individual countries, could adversely affect our provision for income taxes. Countries have only recently begun
to translate the BEPS recommendations into specific national tax laws, and it remains difficult to predict with accuracy the magnitude
of any impact that such new rules may have on our financial results. The U.S. and Israel, among other countries in which we have operations,
are members of the OECD.
The enactment of legislation changing the United States’
taxation of international business activities could materially impact our financial position and results of operations.
Due to the expansion of our international business activities,
any changes in the U.S. taxation of such activities may increase our worldwide effective tax rate, and adversely affect our financial
position and results of operations. The U.S. presidential administration and members of the U.S. Congress have proposed significant changes
in U.S. federal income tax law, regulation and government policy within the United States, which could affect us and our business. For
example, the recent Inflation Reduction Act enacted in the United States introduced, among other changes, a 15% corporate minimum tax
on certain United States corporations and a 1% excise tax on certain stock redemptions by United States corporations (which the U.S. Treasury
indicated may also apply to certain stock redemptions by a foreign corporation funded by certain United States affiliates). Further,
other foreign governments may enact tax laws in response to any changes in the U.S. taxation of international business activities that
could result in further changes to global taxation and materially affect our financial position and results of operations. We are currently
unable to predict whether these or other changes will occur and, if so, the ultimate impact on our business. To the extent that such changes
have a negative impact on us, our suppliers or our consumers, including as a result of related uncertainty, these changes may materially
and adversely impact our business, financial condition, results of operations and cash flow.
If we are unable to realize our investment
objectives, our financial condition and results of operations may be adversely affected.
We maintain substantial balances of cash and liquid investments
as strategic assets for purposes of acquisitions and general corporate purposes, including share repurchases. Our cash, cash equivalents,
short- and long-term bank deposits and marketable securities totaled $363.7 million as of December 31, 2023, compared to $432.0 million
as of December 31, 2022. The performance of the capital markets is the primary factor that affects the values of funds that are held
in marketable securities. These assets are subject to market fluctuations and various developments, including, without limitation, rating
agency downgrades that may impair their value. We expect that market conditions will continue to fluctuate and that the fair value of
our investments may be affected accordingly, including, without limitation, by rising levels of inflation and interest rates or a period
of elevated interest rates.
Financial income is a component of our net income and the outlook
for our financial income is dependent, in part, on the future direction of interest rates, exchange rates, the amount of any share repurchases
or acquisitions that we make and the amount of cash flows from operations that are available for investment. For example, for the years
ended December 31, 2023 and 2022, we had $13.9 million and $8.1 million, respectively, of net financial income, that was primarily derived
from changes in foreign currency exchange rates and the value of our investments and interest income from our bank deposits. The performance
of the capital markets affects the values of our funds that are held in marketable securities. These assets are subject to market fluctuations
and will yield uncertain returns. Due to certain market developments, including investments’ rating downgrades, the fair value of
these investments may decline. If market conditions continue to fluctuate, the fair value of our investments may be impacted accordingly.
Although our investment guidelines stress diversification and capital preservation, our investments are subject to a variety of risks,
including risks related to general economic conditions, interest rate fluctuations and market volatility.
In particular, our investment portfolios include a significant
amount of interest rate-sensitive instruments, such as bonds, which, in addition to the inherent risk associated with the debt, may be
adversely affected by changes in interest rates. Changes in interest rates and credit quality may also result in fluctuations in the income
derived from, or the valuation of, our fixed income securities. Interest rates are highly sensitive to many factors, including governmental
monetary policies, domestic and international economic and political conditions and other factors beyond our control. For example, benchmark
interest rates, such as the U.S. Federal Funds Rate, are currently relatively high, which is likely to significantly impact our investment
income. Additional increases in interest rates might decrease the value of our investments in fixed-income securities. If increases in
interest rates occur during periods when we sell investments to satisfy liquidity needs, we may experience investment losses. Conversely,
if interest rates decline, reinvested funds and our investment in bank deposits will earn less than expected.
In terms of credit risk, our investment portfolio policy is “buy
and hold” while minimizing credit risk by setting maximum concentration limit per issuer and credit rating. Our investments consist
primarily of government and corporate bonds and bank deposits. Although we believe that we generally adhere to conservative investment
guidelines, if turmoil in the financial markets reoccurs in the future, it may result in impairments of the carrying value of our investment
assets since we classify our investments in marketable securities as available-for-sale. Changes in the fair value of investments classified
as available-for-sale are not recognized as income (loss) during the period, but rather are recognized as a separate component of equity
until realized. Realized losses in our investments portfolio may adversely affect our financial position and results. For example, if
we had reported all the changes in the fair values of our investments into income (loss), our reported net loss would have decreased by
$4.3 million during the year ended December 31, 2023, and our net loss would have increased by $4.4 million during the year ended December
31, 2022. Any significant decline in our financial income or the value of our investments as a result of continued high interest rates,
deterioration in the credit worthiness of the securities in which we have invested, general market conditions or other factors could have
an adverse effect on our results of operations and financial condition.
We rely on information technology systems
to conduct our businesses, and failure to protect these systems against security breaches and otherwise to implement, integrate, upgrade
and maintain such systems in working order could have a material adverse effect on our results of operations, cash flows or financial
condition.
The efficient operation of our businesses depends on our computer
hardware and software systems. For instance, we rely on information technology systems to process customer orders, manage accounts receivable
collections, manage accounts payable processes, track costs and operations, maintain client relationships and accumulate financial results.
Despite our implementation of industry-accepted security measures and technology, our information technology systems are vulnerable to,
and have been in the past subject to, computer viruses, attempts to insert malicious codes, unauthorized access, phishing efforts, denial-of-service
attacks and other cyber-attacks, and we expect to be subject to similar attacks in the future as such attacks become more sophisticated
and frequent. A breach of our information technology systems could result in decreased performance, operational difficulties and increased
costs, any of which could have a material adverse effect on our business and operating results.
Major disruptions or deficiencies of our
information technology systems could disrupt our operations and cause unanticipated increases in our costs.
We have invested, and intend to continue to invest, significant
capital and human resources in our information technology systems, including in a project for company-wide sales, operations and services
support systems. Any major disruptions or deficiencies in the design and implementation of our information technology systems, particularly
those that impact our operations, could adversely affect our ability to process customer orders, ship products, provide services and support
to our customers, bill and track our customers, timely report our financial results and otherwise run our business.
Our business may be affected by sanctions,
export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s
military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national
businesses across a variety of industries.
As a result of Russia’s military conflict in Ukraine, governmental
authorities in the United States, the European Union and the United Kingdom, among others, launched an expansion of coordinated sanctions
and export control measures, including, for example:
|
• |
blocking sanctions on some of the largest state-owned and private Russian financial institutions (and their subsequent removal from
SWIFT); |
|
• |
blocking sanctions against Russian and Belarusian individuals, including the Russian President, other politicians and those with
government connections or involved in Russian military activities; |
|
• |
blocking sanctions against certain Russian businessmen and their businesses, some of which have significant financial and trade ties
to the European Union; |
|
• |
blocking of Russia’s foreign currency reserves and prohibition on secondary trading in Russian sovereign debt and certain transactions
with the Russian Central Bank, National Wealth Fund and the Ministry of Finance of the Russian Federation; |
|
• |
expansion of sectoral sanctions in various sectors of the Russian and Belarusian economies and the defense sector; |
|
• |
United Kingdom sanctions introducing restrictions on providing loans to, and dealing in securities issued by, persons connected with
Russia; |
|
• |
restrictions on access to the financial and capital markets in the European Union, as well as prohibitions on aircraft leasing operations;
|
|
• |
sanctions prohibiting most commercial activities of U.S., U.K., and E.U. persons in the so-called People’s Republic of Donetsk
and the so-called People’s Republic of Luhansk (and, with respect to the E.U., the areas of Kherson and Zaporizhzhia not controlled
by the Ukrainian government), with all of these new restrictions largely tracking prior prohibitions relating to Crimea and Sevastopol;
|
|
• |
enhanced import and export controls and trade sanctions targeting Russia’s imports of technological goods, including E.U. and
U.K. prohibitions on exporting a wide range of “industrial” goods to Russia (and on importing a large number of “revenue-generating”
goods from Russia). The restrictions also include bans on the export of large numbers of “luxury” items to Russia (and
in some cases also to Belarus), tighter controls on exports and reexports of dual-use items, stricter licensing policy with respect to
issuing export licenses, and/or increased use of “end-use” controls to block or impose licensing requirements on exports,
as well as higher import tariffs; |
|
• |
closure of airspace to Russian aircraft; |
|
• |
ban on imports of Russian oil, liquefied natural gas and coal to the United States; |
|
• |
ban on imports of Russian fish, seafood, and preparations thereof, alcoholic beverages, non-industrial diamonds, and gold to the
United States; |
|
• |
a ban on “new investment” in the Russian Federation by a U.S. person, which may be interpreted broadly (with a similar
prohibition also enacted by the United Kingdom); |
|
• |
bans on the provision of certain professional services, including accounting, trust and corporate formation, auditing, and management
consulting services, among others; and |
|
• |
bans on the provision of services related to the worldwide maritime transportation of seaborne Russian oil, if purchased above a
specific price cap. |
As the conflict in Ukraine continues, there can be no certainty
regarding whether the governmental authorities in the United States, the European Union, the United Kingdom or other counties will impose
additional sanctions, export controls or other measures targeting Russia, Belarus or other territories. Furthermore, in retaliation against
new international sanctions and as part of measures to stabilize and support the volatile Russian financial and currency markets, the
Russian authorities also imposed significant currency control measures aimed at restricting the outflow of foreign currency and capital
from Russia, imposed various restrictions on transacting with non-Russian parties, banned exports of various products and other economic
and financial restrictions.
Our business must be conducted in compliance with applicable economic
and trade sanctions laws and regulations, including those administered and enforced by the U.S. Department of Treasury’s Office
of Foreign Assets Control, the U.S. Department of State, the U.S. Department of Commerce, the United Nations Security Council and other
relevant governmental authorities. We must be ready to comply with the existing and any other potential additional measures imposed in
connection with the conflict in Ukraine. The imposition of such measures could adversely impact our business, including preventing us
from performing existing contracts, recognizing revenue, pursuing new business opportunities or receiving payment for products already
supplied or services already performed with customers.
In 2023 and 2022, 3% and 7%, respectively, of our total revenues
were from sales to customers located in Russia. We continuously review and monitor our contractual relationships with suppliers and customers
to establish whether any of them are the target of the applicable sanctions. In the event that we identify a party with which we have
a business relationship that is the target of applicable sanctions, we would immediately activate a legal analysis of what gives rise
to the business relationship, including any contract, to estimate the most appropriate course of action to comply with the sanction regulations,
together with the impact of a contractual termination according to the applicable law, and then proceed as required by the regulatory
authorities. However, given the range of possible outcomes, the full costs, burdens, and limitations on our and our customer’s and
business partners’ businesses are currently unknown and may become significant.
Furthermore, even if an entity is not formally subject to sanctions,
customers and business partners of such entity may decide to reevaluate or cancel projects with such entity for reputational or other
reasons. As result of the ongoing conflict in Ukraine, many U.S. and other multi-national businesses across a variety of industries, including
consumer goods and retail, food, energy, finance, media and entertainment, tech, travel and logistics, manufacturing and others, have
indefinitely suspended their operations and paused all commercial activities in Russia and Belarus. Depending on the extent and
breadth of sanctions, export controls and other measures that may be imposed in connection with the conflict in Ukraine, it is possible
that our business, financial condition, and results of operations could be materially and adversely affected.
Climate change may have an adverse impact
on our business.
Global climate change may result in certain natural disasters occurring
more frequently or with greater intensity, such as earthquake, drought, wildfires, storms, sea-level rise, and flooding, and many believe
that the risks related to climate change are increasing in both impact and type of risk. While we do not believe there will be significant
near-term impacts to our business and operations due to climate change, long-term impacts remain unknown. These include operational risks
impacting, among other things, our supply chain, our personnel or electrical power availability from climate changed-related weather events
as well as business and regulatory risks. For example, regulatory risks include changes in laws and regulations on climate change, which
may increase our compliance costs and limit our ability to operate. Similarly, evolving customer and other stakeholder expectations and
regulatory requirements to reduce carbon emissions could present a risk of loss of business if we are not able to meet those expectations
or requirements.
Our disclosures and initiatives related to ESG
matters expose us to numerous risks, including risks to our reputation, business, financial performance and growth.
There has been increasing public focus by investors, customers,
environmental activists, the media and governmental and nongovernmental organizations on a variety of ESG matters, which may result in
increased costs (including but not limited to increased costs related to compliance, stakeholder engagement, and contracting), impact
our reputation, or otherwise affect our business performance. As we identify ESG topics for voluntary disclosure, we have expanded and,
in the future, may continue to expand, our voluntary disclosures in these areas. Statements about our ESG initiatives and goals, and progress
against those goals, may be based on standards for measuring progress that are still developing, internal controls and processes that
continue to evolve, and assumptions that are subject to change in the future. If our ESG-related data, processes and reporting are incomplete
or inaccurate, or if we fail to achieve progress with respect to our ESG goals on a timely basis, or at all, our reputation, business,
financial performance and growth could be adversely affected. In addition, this emphasis on ESG matters has resulted and may result in
the adoption of new laws and regulations, including new reporting requirements. If we fail to comply with new laws, regulations or reporting
requirements, our reputation and business could be adversely impacted.
Risks Related to the Market for Our Ordinary Shares
The late Yehuda Zisapel (and following his death, his estate), Nava
Zisapel, and Roy Zisapel, our President, Chief Executive Officer and a director, may exert significant influence in the election of our
directors and over the outcome of other matters requiring shareholder approval.
As of March 18, 2024, the late Yehuda Zisapel (until recently, the Chairman of our Board
of Directors) beneficially owned approximately 4.56% of our outstanding ordinary shares; Nava Zisapel beneficially owned approximately
7.32% of our outstanding ordinary shares; and their son, Roy Zisapel (our President, Chief Executive Officer and a director), beneficially
owned approximately 3.66% of our outstanding ordinary shares (see Items 6.E “Share Ownership and 7.A “Major Shareholders”).
As a result, if these shareholders act together, they could exert significant influence on the election of our directors and on decisions
by our shareholders on matters submitted to shareholder vote, including mergers, consolidations and the sale of all or substantially all
of our assets. This concentration of ownership of our ordinary shares could delay or prevent proxy contests, mergers, tender offers, or
other purchases of our ordinary shares that might otherwise give our shareholders the opportunity to realize a premium over the then-prevailing
market price for our ordinary shares. This concentration of ownership may also adversely affect our share price.
Provisions of our Articles of Association and
Israeli law as well as the terms of our equity incentive plan could delay, prevent or make a change of control of us more difficult or
costly, which could depress the price of our ordinary shares.
The provisions in our Articles of Association relating to the election
of our directors in three staggered classes, the submission of shareholder proposals for shareholders meetings and the quorum requirement
for adjourned shareholder meetings may have the effect of delaying or making an unsolicited acquisition of our Company more difficult.
Israeli corporate and tax laws, including the ability of our Board of Directors to adopt a shareholder rights plan without further shareholder
approval, may also have the effect of delaying, preventing or making an acquisition of us more difficult. For example, under the Companies
Law, upon the request of a creditor of either party to a proposed merger, an Israeli court may delay or prevent the merger if it concludes
that there is a reasonable concern that, as a result of the merger, the surviving company will be unable to satisfy the obligations of
any of the parties to the merger. In addition, our Key Employee Share Incentive Plan (1997), as amended, or the Share Incentive Plan,
provides that, in the event of a “Hostile Takeover” (which is defined to include, among others, an unsolicited acquisition
of more than 20% of our outstanding shares), the vesting of all or a portion of our outstanding equity awards will accelerate, unless
otherwise determined by our Board of Directors (or a committee thereof). As a result, an acquisition of our Company that triggers the
said acceleration will be more costly to a potential acquirer. These provisions could cause our ordinary shares to trade at prices below
the price for which third parties might be willing to pay to gain control over us. Third parties who are otherwise willing to pay a premium
over prevailing market prices to gain control of us may be unwilling to do so because of these provisions.
Our share price has been volatile in the past
and may be subject to volatility in the future.
The market price for our ordinary shares, as well as the prices
of shares of other technology companies, has been volatile. For example, during 2023, the lowest closing price of our share was $14.38,
compared to the highest closing price of our share of $23.14 during the same year. The volatility of our share price may have a negative
impact on our financial performance as a result of its negative impact on employee retention. Numerous factors, many of which are beyond
our control, may cause the market price and trading volume of our ordinary shares to fluctuate significantly and decrease further, including:
|
• |
operating results that do not meet forecasts by securities analysts; |
|
• |
announcements concerning us or our competitors; |
|
• |
the introduction of new products and new industry standards; |
|
• |
general market conditions and changes in market conditions in our industry; |
|
• |
the general state of securities markets (particularly the technology sector); |
|
• |
political, economic and other developments in the State of Israel, the U.S. and worldwide, including, for example, the Ukraine-Russia
and Israel-Hamas military conflicts; and |
|
• |
any of the events underlying any of the other risks or uncertainties set forth elsewhere in this annual report actually occurs.
|
If we are characterized as a passive foreign
investment company, our U.S. shareholders may suffer adverse tax consequences.
Generally, if for any taxable year, after applying certain “look
through” tax rules, (i) 75% or more of our gross income is passive income, or (ii) at least 50% of the fair market value of our
assets, averaged quarterly over our taxable year, are held for the production of, or produce, passive income, we would be characterized
as a passive foreign investment company, or PFIC, for U.S. federal income tax purposes. If we are classified as a PFIC, our U.S. shareholders
could suffer adverse U.S. tax consequences, including having gain realized on the sale of our ordinary shares treated as ordinary income,
as opposed to capital gain income, and having potentially punitive interest charges apply to such gain. Similar rules would apply to certain
“excess distributions” made with respect to our ordinary shares.
For our taxable year ended December 31, 2023, we do not believe
that we should be classified as a PFIC. There can be no assurance, however, that the IRS will not challenge this treatment, and it is
possible that the IRS could attempt to treat us as a PFIC for 2023 and prior taxable years. The tests for determining PFIC status are
applied annually, and require a factual determination that depends on, among other things, the composition of our income, assets and activities
in each taxable year, and can only be made annually after the close of each taxable year. Furthermore, the aggregate value of our gross
assets is likely to be determined in part by reference to the trading price of our ordinary shares, which could fluctuate significantly.
We have a substantial balance of cash and other liquid investments, which are passive assets for purposes of the PFIC determination. Accordingly,
if our market capitalization declines significantly, it may make our classification as a PFIC more likely for the current or future taxable
years. Accordingly, there can be no assurance that we will not become a PFIC in future taxable years. U.S. shareholders should consult
with their U.S. tax advisors with respect to the U.S. tax consequences of investing in our ordinary shares. For a more detailed discussion
of the rules relating to PFICs and related tax consequences, please see the section of this annual report titled Item 10.E “Taxation—United
States Federal Income Tax Considerations.”
If a U.S. person is treated as owning at least
10% of our ordinary shares, such holder may be subject to adverse U.S. federal income tax consequences.
Depending upon the aggregate value and voting power of our ordinary
shares that U.S. persons are treated as owning (directly, indirectly, or constructively), we could be treated as a controlled foreign
corporation (a “CFC”). Additionally, because our group consists of one or more U.S. subsidiaries, certain of our non-U.S.
subsidiaries will be treated as CFCs, regardless of whether or not we are treated as a CFC. If a U.S. person is treated as owning (directly,
indirectly or constructively) at least 10% of the value or voting power of our ordinary shares, such person may be treated as a “U.S.
shareholder” with respect to each CFC in our group (if any), which may subject such person to adverse U.S. federal income tax consequences.
Specifically, a U.S. shareholder of a CFC may be required to annually report and include in its U.S. taxable income its pro rata share
of each CFC’s “Subpart F income,” “global intangible low-taxed income” and investments in U.S. property,
whether or not we make any distributions of profits or income of a CFC to such U.S. shareholder. If you are treated as a U.S. shareholder
of a CFC, failure to comply with these reporting obligations may subject you to significant monetary penalties and may prevent the statute
of limitations with respect to your U.S. federal income tax return for the year for which reporting was due from starting. Additionally,
a U.S. shareholder that is an individual would generally be denied certain tax deductions or indirect foreign tax credits that may otherwise
be allowable to a U.S. shareholder that is a U.S. corporation. We cannot provide any assurances that we will assist investors in determining
whether we or any of our non-U.S. subsidiaries are treated as CFCs or whether any investor is treated as a U.S. shareholder with respect
to any of such CFC, nor do we expect to furnish to any U.S. shareholders information that may be necessary to comply with the aforementioned
reporting and tax paying obligations. The United States Internal Revenue Service provided limited guidance on situations in which investors
may rely on publicly available alternative information to comply with their reporting and tax paying obligations with respect to foreign-controlled
CFCs. U.S. investors should consult their advisors regarding the potential application of these rules to their investment in our ordinary
shares.
Risks Related to Operations in Israel
Political, economic and military instability
in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business.
We are incorporated under Israeli law, and our principal offices
and manufacturing and research and development facilities are located in Israel. In addition, the majority of our key employees, officers
and directors are residents of Israel. Accordingly, political, economic, and security conditions in Israel and the surrounding region
could directly affect our business, and our operations and financial results could be adversely affected in the event of any political
instability, terrorism, armed conflicts, or other hostilities involving Israel.
In October 2023, Hamas terrorists and members of other terrorist
organizations infiltrated Israel’s southern border from the Gaza Strip and conducted a series of attacks on civilian and military
targets. Hamas also launched extensive rocket attacks on Israeli population and industrial centers located along Israel’s border
with the Gaza Strip and in other areas within the State of Israel. These attacks resulted in thousands of deaths and injuries, and Hamas
additionally kidnapped many Israeli civilians and soldiers. Following the attacks, the Israeli government declared war against Hamas
and commenced a military campaign against these terrorist organizations. In parallel, clashes between Israel and Hezbollah, a militia
and political group operating in Lebanon, intensified on Israel’s northern border with Lebanon. Additionally, the Houthis, an extremist
Shia-Islamist movement operating in Yemen, launched missile and drone attacks targeted at Israel and ships in the Red Sea, posing a threat
to international shipping in the Suez Canal. These armed conflicts may further escalate into a greater regional conflict and could adversely
affect our business, operations and financial results.
These conflicts have also strained Israel’s relationship
with some of its Arab citizens, Arab countries and, to some extent, with other countries around the world. In addition, Israel faces
threats, including cyber threats, from more distant neighbors, such as Iran, which has previously threatened to attack Israel and is believed
to have a presence in Syria, as well as influence over Hamas, Hezbollah and the Houthis. This situation may further escalate in the future,
and this instability in the region may affect the global economy and marketplace. There can be no assurance that the political situation
and these armed conflicts will not have a material adverse impact on our business in the future.
Furthermore, some of our directors, officers, and employees are,
unless exempt, obligated to perform annual military reserve duty, depending upon their age and prior position in the army. They
may also be subject to being called to active duty at any time under emergency circumstances. For example, in connection with the
state of war declared in Israel in October 2023, approximately 5% of our total workforce have been called to perform immediate military
service, and additional employees may be called as these armed conflicts progress. Such employees may be absent for an extended period
of time. Our operations could be disrupted by the absence, for a significant period, of one or more of these officers or other key employees
due to military service, and any disruption in our operations could harm our business.
Our commercial insurance does not cover losses that may occur as
a result of events associated with the security situation in the Middle East, including the state of war declared in Israel in October
2023, such as damages to our facilities resulting in the disruption of our operations. Although the Israeli government currently covers
the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot be assured that this government
coverage will be maintained or will be adequate in the event we submit a claim. We could be adversely affected by any major hostilities,
including acts of terrorism as well as cyber-attacks or any other hostilities involving or threatening Israel, the interruption or curtailment
of trade between Israel and its trading partners, a significant downturn in the economic or financial condition of Israel, or a significant
increase in the rate of inflation. For example, in February 2024, in connection with the war declared in Israel in October 2023, Moody’s
Investors Service (Moody’s) has downgraded the Government of Israel’s foreign-currency and local-currency issuer ratings to
A2 from A1, and other global rating agencies may take similar actions. Such downgrades might adversely affect the macroeconomic conditions
in which we operate and also potentially deter foreign investment in Israel or Israeli companies, which may, among other things, hinder
our ability to raise additional funds, if deemed necessary by our management and Board of Directors.
Furthermore, some neighboring countries, as well as certain companies,
organizations and movements, continue to participate in a boycott of Israeli firms and others doing business with Israel or with Israeli
companies. In the past several years, and with greater intensity after the state of war declared in Israel in October 2023, there
have been increased efforts by activists to cause companies and consumers to boycott Israeli goods based on Israeli government policies.
Similarly, Israeli companies are limited in conducting business with entities from several countries. Restrictive laws, policies or practices
directed towards Israel or Israeli businesses could have an adverse impact on our operating results, financial condition or the expansion
of our business.
Finally, political conditions within Israel may affect our operations.
Israel has held five general elections between 2019 and 2022, and, prior to October 2023, the Israeli government pursued extensive changes
to Israel’s judicial system, which sparked extensive political debate and unrest. In response to the proposed changes to Israel’s
judicial system, certain leading international financial institutions, including investment banks, investors and key economists, have
indicated several causes for concern, including that such proposed changes, if adopted, may cause a downgrade to Israel’s sovereign
credit rating and Israel’s international standing. To date, these initiatives have been substantially put on hold. If such changes
to Israel’s judicial system are again pursued by the government and approved by the parliament, this may have an adverse effect
on our business, our results of operations and our ability to raise additional funds, if deemed necessary by our management and Board
of Directors.
The tax benefits we may receive in connection
with our preferred enterprise program require us to satisfy prescribed conditions and may be terminated or reduced in the future. This
would increase taxes and decrease our net profit.
We have in the past benefited, and currently benefit, from certain
government programs and tax benefits in Israel, including in connection with our preferred enterprise program (see under Item 10.E “Taxation—Israeli
Tax Considerations”). To remain eligible to obtain such tax benefits, we must continue to meet certain conditions. If we fail to
comply with these conditions in the future, the benefits we receive could be cancelled, and we may have to pay certain taxes. We cannot
guarantee that these programs and tax benefits will be continued in the future, at their current levels or at all. If these programs
and tax benefits are ended, our tax expenses and the resulting effective tax rate reflected in our financial statements may increase and
as such our business, financial condition and results of operations could be materially and adversely affected.
We have obtained benefits from the Israeli Innovation
Authority that subject us to ongoing restrictions.
We have in the past received, and in the future may apply for,
royalty-bearing or non-royalty bearing grants from the Israeli Innovation Authority (formerly known as the Office of the Chief Scientist
of the Israeli Ministry of Economy and Industry), or the IIA, for research and development programs that meet specified criteria pursuant
to the Law for the Encouragement of Research, Development and Technological Innovation in Industry, 1984 (formerly known as the Law for
Encouragement of Research and Development in Industry, 1984), and the regulations promulgated thereunder, or the Innovation Law. The terms
of the IIA grants limit our ability to manufacture products outside of Israel or to transfer technologies in or outside Israel if such
products or technologies were developed using know-how developed with or based upon IIA grants. In addition, a change of control in us
and the acquisition of 5% or more of our ordinary shares by a non-Israeli may require notification to the IIA and the provision of an
undertaking to comply with the Innovation Law, some of the principal restrictions and penalties of which are the transferability limits
described above and elsewhere in this annual report.
It may be difficult to enforce a U.S. judgment
against us or our officers and directors and to assert U.S. securities laws claims in Israel.
We are incorporated under the laws of the State of Israel, our
corporate headquarters is located in Israel and several of our current officers and directors reside in Israel. Service of process upon
us, our Israeli subsidiary, our directors and officers and the Israeli experts, if any, named in this annual report, substantially all
of whom reside outside the United States, may be difficult to obtain within the United States. Furthermore, because a majority of our
assets and investments, and substantially all of our directors, officers and such Israeli experts are located outside the United States,
any judgment obtained in the United States against us or any of them may be difficult to collect within the United States and may not
be enforced by an Israeli court.
We have been informed by our legal counsel in Israel that it may
also be difficult to assert U.S. securities law claims in original actions instituted in Israel. Israeli courts may refuse to hear a claim
based on an alleged violation of U.S. securities laws if they determine that Israel is not the most appropriate forum to bring such a
claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable
to the claim. There is little binding case law in Israel addressing these matters. If U.S. law is found to be applicable, the content
of applicable U.S. law must be proven as a fact, which can be a time-consuming and costly process. Certain matters of procedure
will also be governed by Israeli law.
Subject to specified time limitations and legal procedures, under
the rules of private international law currently prevailing in Israel, Israeli courts may enforce a U.S. judgment in a civil matter, including
a judgment based upon the civil liability provisions of the U.S. securities laws as well as a monetary or compensatory judgment in a non-civil
matter, only if the following key conditions are met:
|
• |
subject to limited exceptions, the judgment is final and non-appealable; |
|
• |
the judgment was given by a court competent under the laws of the state of the court and is otherwise enforceable in such state;
|
|
• |
the judgment was rendered by a court competent under the rules of private international law applicable in Israel; |
|
• |
the laws of the state in which the judgment was given provide for the enforcement of judgments of Israeli courts; |
|
• |
adequate service of process has been effected and the defendant has had a reasonable opportunity to present his arguments and evidence;
|
|
• |
the judgment is enforceable under the laws of State of Israel and its enforcement is not contrary to the law, public policy, security,
or sovereignty of the State of Israel; |
|
• |
the judgment was not obtained by fraud and does not conflict with any other valid judgment in the same matter between the same parties;
and |
|
• |
an action between the same parties in the same matter was not pending in any Israeli court at the time the lawsuit was instituted
in the U.S. court. |
Your
rights and responsibilities as a shareholder will be governed by Israeli law, which may differ in some respects from the rights and
responsibilities of shareholders of U.S. companies.
The rights and responsibilities of the holders of our ordinary
shares are governed by our Articles of Association and Israeli law. These rights and responsibilities differ in some respects from the
rights and responsibilities of shareholders in typical U.S.-based corporations. For example, a shareholder of an Israeli company has a
duty to act in good faith toward the company and other shareholders and to refrain from abusing its power in the company, including, among
other things, in voting at the general meeting of shareholders on matters such as amendments to a company’s articles of association,
increases in a company’s authorized share capital, mergers and acquisitions and interested party transactions requiring shareholder
approval. In addition, a shareholder who knows that it possesses the power to determine the outcome of a shareholder vote or to appoint
or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company. There is limited
case law available to assist us in understanding the implications of these provisions that govern shareholders’ actions. These provisions
may be interpreted to impose additional obligations and liabilities on holders of our ordinary shares that are not typically imposed on
shareholders of U.S. corporations.
ITEM 4. INFORMATION
ON THE COMPANY
A. History
and Development of the Company
Corporate History and Details
Radware Ltd. was organized in May 1996 as a corporation under the
laws of the State of Israel and commenced operations in 1997. Our principal executive offices are located at 22 Raoul Wallenberg Street,
Tel Aviv 6971917, Israel and our telephone number is 972-3-766-8666. Our website address is www.radware.com (information contained on
our website is not incorporated herein by reference and shall not constitute part of this annual report).
In addition, the SEC maintains a website that contains reports, proxy and information statements, and other information regarding
issuers that file electronically with the SEC: http://www.sec.gov.
As of September 1, 1998, we established Radware Inc., our wholly
owned subsidiary in the United States (Radware US), which conducts the sales and marketing of our products and services in the Americas
and is our authorized representative and agent in the United States. The principal offices of Radware US are located at 575 Corporate
Dr., Lobby 2, Mahwah, New Jersey 07430 and its telephone number is 201-512-9771. We also have several other wholly owned subsidiaries
worldwide handling primarily local support and promotion activities.
In September 1999, we conducted the initial public offering of
our ordinary shares that commenced trading on the Nasdaq.
In the past decade we have made several acquisitions, including, most recently (February
2022), the acquisition of the technology and operations of DC Security Ltd. (previously known as SecurityDAM Ltd., or SecurityDAM, a related
party and a cloud DDoS network operator that supplied us with scrubbing center services used for the provision of our cloud DDoS Protection
Service.
Recent Major Business Developments
In February 2022, we announced a strategic initiative to accelerate
the growth of our cloud security business, which entails, among other things, the acquisition of the technology and operations of SecurityDAM,
growing our innovation center in India, and expanding our cloud service capacity and delivery network. For additional details, see also
Item 7.B “Related Party Transactions.”
In May 2022, we announced the launch of SkyHawk (CNP) Security
Ltd., or SkyHawk Security, a spinoff of our former cloud native protector business with a strategic external investment of an affiliate
of Tiger Global Management.
Commencing January 1, 2023, we have determined that the Company
operates in two reportable segments. While we transitioned into two reportable segments, we remain focused on the consolidated results
as an important measure of performance, particularly given the high level of cooperation among these two segments, i.e., between Radware’s
Core Business and each of SkyHawk Security and EdgeHawk Security Ltd.EdgeHawk. We refer to SkyHawk Security and EdgeHawk collectively
as the “Hawks”.
For a discussion of our reportable segments, see Item 4.B “Business
Overview—General.”
For recent major product activities, see Item 4.B “Business
Overview—Our Solutions” under the captions “Recent Solution Offering Activities” and “Recent Partnerships
Activities.”
For a discussion of our capital expenditures and divestitures,
see Item 5.B “Liquidity and Capital Resources – Principal Capital Expenditures and Divestitures.”
B. Business
Overview
Overview
General
We are a provider of cyber security and application delivery solutions
for cloud, on-premises, and software defined data centers (SDDC). Our solutions secure the digital experience by providing infrastructure,
application, and network protection and availability services to enterprises globally. Our solutions are deployed by, among others, enterprises,
carriers, and cloud service providers.
Our solutions are offered in two main categories:
|
• |
Products – We offer a range of cloud-based subscriptions, on-premises products, software
products and product subscriptions (or a combination of these) to our customers. |
|
• |
Services – We offer managed services, professional services, technical support and training
and certification to our customers and partners. |
The sections below provide an overview of our key solutions and
services according to the above go-to-market targets.
Reportable Segments
In previous reporting periods (until December 31, 2022), we operated
in one reportable segment. Commencing January 1, 2023, we have determined that the Company operates in two reportable segments:
|
• |
Radware’s Core Business - this segment consists of our core business operations, including
our cloud security as-a-service products, application and data centers security products and our application availability products; and
|
|
• |
The Hawks’ Business – this segment consists of the operations
of our two subsidiaries: SkyHawk Security, a spinoff of our former cloud native protector business which now provides an agentless Cloud-native
threat Detection and Response (CDR), combined with Cloud Infrastructure Entitlement Manage (CIEM), Cloud Security Posture Management CSPM
and Autonomous Purple Team for AWS Google Cloud and Azure, and EdgeHawk, which is engaged in transforming routers and network nodes into
security platforms. |
While we transitioned into two reportable segments, we remain focused
on the consolidated results as an important measure of performance, particularly given the high level of cooperation among these two segments,
i.e., between Radware’s Core Business and each of SkyHawk Security and EdgeHawk.
For additional details regarding these two reportable segments, see Item 5.A –
“Operating Results” and Notes 2ac and 15 to our consolidated financial statements included elsewhere in this annual report.
Our Products
Our cloud-based
subscription offering consists of the following key cloud-based subscriptions:
o |
Cloud DDoS Protection Service. Our Cloud DDoS Protection Service provides a full range of
enterprise-grade DDoS protection services in the cloud. Based on our DDoS protection technology, it aims to offer organizations wide security
coverage, accurate detection and short time to protect from today’s dynamic and evolving DDoS attacks. We offer a multi-vector DDoS
attack detection and mitigation service, handling network-layer attacks, server-based attacks and application-layer DDoS attacks.
|
Our Cloud DDoS Protection Service is offered in multiple deployment
options to meet an organization’s specific needs:
|
◾ |
Always-On Cloud DDoS Protection Service. This service provides always-on protection where
traffic is always routed through Radware’s cloud security scrubbing centers with no on-premise device required for detection and
mitigation. This service is recommended for organizations that have applications hosted in the cloud or those that are not able to deploy
an on-premise attack mitigation device in their data center. |
|
◾ |
Always-On Hybrid Cloud DDoS Protection Service. This service integrates with our on-premise
DDoS Protection device. The traffic is mitigated in the on-premise device and diverted through Radware’s cloud security scrubbing
centers upon a large volumetric DDoS attack that aims to saturate the internet pipe. This service is recommended for organizations that
place a high premium on the user experience and wish to avoid even the slightest possible downtime as a result of DDoS attacks.
|
|
◾ |
On-Demand Cloud DDoS Protection Service. This service protects against internet pipe saturation
and is activated when the attack threatens to saturate the organization’s internet pipe. This service is recommended for organizations
that are looking for the lowest cost solution and are less sensitive to real-time detection of DDoS attacks. |
|
◾ |
On-Demand Cloud Hybrid DDoS Protection Service. The on-premise DefensePro device detects
and mitigates all types of DDoS attacks in real-time, while volumetric DDoS attacks are diverted and mitigated in the cloud. This service
is recommended for organizations that can deploy an on-premise device in their data centers. |
o |
Cloud Web DDoS Protection. We offer our Cloud DDoS Protection users an additional protection
layer dedicated to detecting and mitigating sophisticated application-layer DDoS attacks. Our Cloud Web DDoS Protection uses advanced
L7 behavioral-based detection and mitigation techniques to block sophisticated Web DDoS Tsunami attacks, offering protection against advanced
HTTP/S floods that use randomization techniques to bypass traditional protections. |
o |
Cloud WAF Service. Our Cloud WAF Service provides enterprise-grade, continuously adaptive
web application and API protection. Based on our ICSA Labs certified web application firewall, it provides full coverage of OWASP Top-10
threats and automatically adapts protections to evolving threats and protected assets. Cloud WAF service includes built-in DDoS protection,
integrated bot mitigation and application analytics to simplify security event management by taking massive amounts of alerts and consolidating
them into a small, manageable set of user activities. With our SecurePath® architecture, Cloud WAF Service can be easily deployed
as an API-based, out-of-path service across any hybrid or cloud environment, securing applications with centralized visibility and management
console. Our Cloud WAF is available in two packages: |
|
o |
Enterprise Package: Includes a comprehensive web security coverage, including OWASP Top-10,
advanced attacks and zero-day attack protection, that is fully managed and monitored 24x7 and designed to guarantee service availability
at any given time with protection against today’s emerging web application and DDoS attacks. |
|
o |
Enterprise Premium Package: Includes all web security and managed services offered in the
Enterprise package, in addition to a dedicated technical account manager and an Emergency Response Team (“ERT”) expert as
well as pre and post attack alerts and reports and ongoing updates from Radware’s security experts. |
o |
Bot Manager. Our Bot Manager provides comprehensive protection of web applications, mobile
apps and APIs from automated threats like bots. Bot Manager provides precise bot management across all channels by combining behavioral
modeling for granular intent analysis, collective bot intelligence and fingerprinting of browsers, devices and machines. It is designed
to protect against all forms of account takeover (credential stuffing, brute force, etc.), denial of inventory, DDoS, ad and payment fraud
and web scraping to help organizations safeguard and grow their online operations. |
o |
Cloud-Native Protector (“CNP”) Service. The CNP service provides an agentless
cloud-native security solution for applications, workloads and infrastructure hosted on AWS and Microsoft Azure. The CNP service offers
multi-layered protection to reduce risk by continuously verifying compliance against multiple security standards, identifying publicly
exposed assets, keeping track of asset inventory with prioritized cross-cloud visibility, fortifying the cloud threat surface with context-aware
smart hardening, and providing advanced attack detection and remediation capabilities to stop data theft attempts. |
o |
Cloud Application Protection Services. Our Cloud Application Protection Services secure business
applications through a single platform, including WAF, bot management, API protection and application DDoS protection. Our Cloud Application
Protection Services offer the following application security capabilities: |
|
◾ |
Protect Digital Assets and Data. Our Cloud Application Protection Services protect digital assets and customer data in multiple environments,
such as on-premise, virtual clouds, private clouds, public clouds, hybrid environments, or Kubernetes. |
|
◾ |
Protect Against OWASP Vulnerabilities. Our solution helps protect against various known attack vectors, including the OWASP Top 10
Web Application Security Risks, Top 10 API Security Vulnerabilities, and Top 21 Automated Threats to Web Applications. |
|
◾ |
Protect Against Zero-Day Attacks. Our positive security model assists in stopping unknown threats in their tracks. Our machine-learning
analysis engine continuously studies application traffic and end-user behavior to build and enhance security policies that reduce exposure
to zero-day attacks. |
|
◾ |
Detect, Manage, and Mitigate Bots. Our solution detects and distinguishes between “good” bots and “bad” bots
to protect websites, mobile apps, and APIs against a wide range of application attacks, such as account takeover credential, denial of
inventory, ad and payment fraud, web scraping and more. |
|
◾ |
Protect APIs. API attacks are a rapidly growing threat to business applications and customer data. Our solution combines behavioral
analysis and policy automation to protect evolving API matrix from increasingly sophisticated API assaults. |
|
◾ |
Client-Side Protection From Supply Chain Attacks. As server-side security improves, more hackers target the less protected and rarely
monitored client side. Radware helps protect end users’ data when interacting with any third-party services in the application supply
chain, including form jacking, skimming and DOM XSS. |
|
◾ |
Mitigate Application-Level DDoS Assaults. Our Web DDoS Protection solution helps detect and mitigate HTTP-based DDoS assaults. Utilizing
multi-patented, behavioral-based algorithms, it automatically generates precise signatures in real time to stop disruptive web DDoS attacks
without blocking legitimate user traffic. |
Our physical and software products consist of the
following key products:
o |
DefensePro Attack Mitigation Device. DefensePro® provides automated DDoS protection
from fast-moving, high-volume, encrypted, or very-short-duration threats and is part of Radware’s attack mitigation solution. It
defends against Internet of Things (IoT)-based, Burst, DNS and TLS/SSL attacks to secure organizations against emerging network multi-vector
attacks, ransom DDoS campaigns, IoT botnets, phantom floods, and other types of cyberattacks. |
o |
Radware Kubernetes WAF. Radware Kubernetes WAF is a Web Application Firewall solution for
CI/CD environments orchestrated by Kubernetes. Our Kubernetes WAF integrates with common software provisioning, testing and visibility
tools in the CI/CD pipeline offering both IT security and DevOps personnel detailed insight down to the pod and container levels, and
enables organizations to implement application and data security in on-premise and cloud-based implementations. |
o |
Alteon® Application Delivery Controller (ADC). Alteon is our application delivery and
security solution that manages application traffic across cloud and data center locations, optimizing availability and performance. It
provides advanced, end-to-end local and global load balancing capabilities for web, cloud and mobile-based applications. Alteon integrates
multiple application protection services to provide protection against an array of cyber threats. Alteon’s analytics also provides
insightful visibility so that IT managers can manage and guarantee application service level agreement (SLA) and stay ahead of cyberattacks.
|
We offer Alteon ADC in three different packages (available on each
of its models and throughput levels) to address different deployment scenarios and needs:
|
• |
Alteon Deliver Package. For applications that require high performance ADCs with advanced
layer 4-7 ADC functionality. |
|
• |
Alteon Perform Package. For deployments requiring performance optimization, advanced application
performance monitoring, global server load balancing, link load balancing, and automated/optimized ADC service operation. |
|
• |
Alteon Secure Package. For applications that require our most advanced protections, including
an embedded WAF module, authentication gateway, bot management, threat intelligence feeds (ERT Security Updates Service, ERT Active Attackers
Feed, and ERT Location-based Mitigation), and SSL processing from perimeter security devices (with its embedded SSL inspection module).
|
o |
LinkProof NG. LinkProof® NG is a multi-homing and enterprise gateway solution that allows
service level availability and continuous connectivity of enterprise and cloud-based applications. It is an application-aware multi-homing
and link load balancing module that delivers 24/7 continuous connectivity and service level assurance, improved performance, and cost-effective
scalability of bandwidth for corporate and cloud-based applications. |
o |
Cyber Controller. Our Cyber Controller is a unified solution for management, configuration
and attack lifecycle. The Cyber Controller provides enhanced security, increased visibility and an improved user experience via multiple
security operation dashboards for a unified view into attack lifecycle and mitigation analysis for both inline and out-of-path DDoS deployments.
Cyber Controller provides network analytics with comprehensive visibility of traffic statistics during peacetime and attack, and simplified
management and configuration with unified visibility and control. |
Cyber Controller supports several licenses according to each
customer-managed environment and customer needs:
|
o |
Cyber Controller Standard: Provides the network management tool and network monitoring tool for the Radware family of cyber security
and application delivery solutions. It provides our customers immediate visibility to health, real-time status, performance and security
of our products from one central, unified console. An analytics module provides an intuitive, customizable Graphical User Interface with
granular forensic insights into application performance, denial-of-service and web application attacks. |
|
o |
Cyber Controller X: In addition to the “Standard” license features, provides the ability to manage the DefensePro X product
line using the new Cyber Controller X stream. |
|
o |
Cyber Controller Plus: An add-on on top of either the “Standard” or “X” licenses, enabling orchestration,
automation and out-of-path capabilities for attack life-cycle management. |
o |
MSSP Portal. The Managed Security Service Provider (MSSP) Portal is a turnkey, multi-tenant
DDoS detection and mitigation service portal. The Portal collects and aggregates security attack measurement and events (including traffic
utilization, attack distribution and alerts) and displays them in real-time and historical reports. Our MSSP Portal enables service providers
to resell cyber security mitigation services to their customers as a managed service. |
Our product-based subscription
offering consists of the following product-based subscriptions:
o |
ERT Security Updates Subscription (SUS). Our Security Update Subscription is a security-advisory
and managed monitoring and detection system dedicated to protecting network elements, hosts, and applications against the latest security
vulnerabilities and threats. The Security Update Subscription delivers periodic, emergency, and custom attack signature updates to subscribers
to protect against known attack patterns. The service is available for DefensePro and Alteon Integrated WAF. |
o |
ERT Active Attackers Feed. Our ERT Active Attackers Feed (EAAF) is a threat intelligence
feed designed to protect against emerging DDoS threats, including those involving IoT botnets and new DNS attack vectors. The EAAF subscription
enhances our attack mitigation solution by identifying and blocking IP addresses involved in major attacks in real time to offer preemptive
protection from known attackers. This subscription is available for DefensePro, Alteon ADC and Cloud Application Protection Services.
|
o |
ERT Protection Packages. Our ERT Protection packages bundle our ERT services into two packages:
ERT Silver Protection Package and ERT Gold Protection Package. ERT Silver Protection Package consolidates ERT Security Update Subscription,
ERT Active Attackers Feed, and Location-based Mitigation. ERT Gold Protection Package includes ERT under Attack Service on top of the
ERT Silver Package. |
o |
Alteon Global Elastic License (GEL). Alteon GEL is a purchasing and deployment subscription
that enables a high level of flexibility for ADC services across datacenters, private and public clouds. GEL enables dynamic ADC capacity
allocation and the ability to move that capacity across environments, without having to invest separately in a dedicated ADC infrastructure
for each and every location where organization’s applications are deployed (e.g. on-premise, public cloud, etc.). This application
delivery licensing model helps to eliminate planning risks in the purchase and deployment of ADC services, enabling continuous investment
protection of the ADC infrastructure throughout its lifecycle duration. |
o |
Location-based Mitigation. Our location-based mitigation solution is a subscription offering
that enables network traffic filtering by countries and regions based on the geolocation mapping of IP subnets. The subscription also
supports per-policy block and allow lists, making it a beneficial solution for carriers and service providers that wish to protect multitenant
networks. The subscription helps organizations comply with global and industry regulation requirements such as the Office of Foreign Assets
Control and others. This subscription is available for DefensePro and Alteon ADC. |
Customer Services
We offer managed services, professional services, technical support and training and certification to our
customers and partners. Our key customer services consist of the following:
o |
Certainty Support Program. We offer technical support for all our products through our Certainty
Support Program. Certainty support levels include: |
|
o |
Basic. This level provides business day access, including weekends from 9 a.m. to 5 p.m.
(local time) to technical support center services, and technical documentation, either via the Web, e-mail or direct phone support during
working days. New software releases are available for units covered under the certainty support program. |
|
o |
Standard. This level increases access to the technical support center 24/7/365 and adds next
business day replacement of failed hardware and waives customer shipping costs. |
|
o |
Advanced. This level increases the certainty support level standard to four hours’
replacement of failed hardware advanced replacement. |
o |
Professional Services. Our professional services group is staffed by a global team of experts
possessing extensive knowledge and experience in security and application delivery both in data centers and the cloud. The group offers
a full range of services to design, implement, automate, and optimize our customer solutions. We offer the following key professional
services: |
|
o |
Design and Planning. This service plans and designs applications for future growth with Radware
engineers. The service starts with a review of business goals, network optimization assessment and an overview of application architecture
and security requirements to help create a comprehensive deployment plan that is tailored to organizational IT requirements. |
|
o |
Application and Security Optimization Services. This service analyzes and reviews the current
implementation and design and provides recommendations to help optimize the system and achieve business goals. |
|
o |
Resident Engineer. Our Resident Engineer service is a proactive on-site engineer who performs
operations, design and automation activities. From initial deployment to ongoing management and day-to-day operation, our Resident Engineer
service decreases the time demands on our customers’ staff, allowing them to focus on their core business. |
|
o |
Technical Account Manager. Our technical account manager is a proactive consultant that implements
best practices, provides guidance and optimizes networking and application resources. |
o |
ERT Service. Our ERT is a group of security experts available 24x7 for proactive security
support services for customers facing an array of application- and network-layer attacks. These services include: |
|
o |
ERT Managed Security Service. Our ERT offers a fully managed application- and network-security
service. The service covers a broad range of attack types from different forms of DDoS to a variety of application attacks against our
customers’ servers or data centers. It includes immediate response, onboarding, consulting, remote management, and reporting.
|
|
o |
ERT Under-Attack Service. The ERT under-attack service offers 24x7 access to a security expert
within 10 minutes. The ERT engineer will take the lead, fight off attacks and provide postmortem analysis of security events. The ERT
under-attack service lets organizations know there is someone to rely on, guaranteeing support throughout the attack life cycle from the
moment it begins. The ERT experts are available 24x7 and assist large enterprises worldwide with complex multi-vector attacks against
their networks, data centers and application services. |
Recent Solution Offering
Activities
During 2023, our key solution offering activities consisted of the following:
|
• |
We have announced the opening of additional Cloud Security centers in Melbourne (Australia), Toronto (Canada), Auckland (New Zealand),
and Tel Aviv (Israel). The facilities are designed to reduce traffic latency, as well as increase service redundancy and mitigation
capacity to help customers defend against denial-of-service attacks, web application attacks, malicious bot traffic, and attacks on APIs.
|
|
• |
We have introduced a new Cloud Web DDoS Protection solution. The new solution is designed to minimize the growing gap between standard
DDoS mitigation and an emerging generation of more aggressive, layer 7, HTTP, and HTTPS Flood attacks—also known as Web DDoS Tsunami
attacks. Our solution mitigates these encrypted, high-volume, multi-vector threats that evade standard web application firewalls (WAF)
and network-based DDoS tools, essentially rendering them ineffective. |
|
• |
We have added to our Cloud WAF service a new advanced service called Client-Side Protection. As server-side security improves, more
hackers target the less protected and rarely monitored client side. Our Cloud WAF Client-Side Protection service ensures the protection
of end users’ data when interacting with any third-party services in the application supply chain, including form jacking, skimming
and DOM XSS. |
|
• |
We have announced enhancements to our Bot Manager solution to help organizations prevent nefarious bots from bypassing their defenses
to gain unlawful access to native Android and iOS (Google and Apple) mobile applications. |
|
• |
We have added to our Bot Manager Blockchain-based protection option. The Blockchain mitigation relies on Crypto Challenge mitigation,
which is based on the cryptographic proof-of-work concept used in various blockchains, and designed to deliver continuous, invisible browser-based
challenges to suspected bots that automatically and exponentially become more difficult if solved. The Blockchain-based protection mitigates
CAPTCHA solving bots and avoider bots. |
|
• |
We have improved our customer experience by launching a new unified portal for our cloud WAF, API Protection, Bot Manager, and Cloud
DDoS. The new portal allows centralized security management through a single dashboard for a customer’s applications across all
platforms and all security modules. |
|
• |
We have introduced a new line of DefensePro X attack mitigation platforms. The next-generation solution combines high performance
and DDoS mitigation capacity protection with enriched usability and visibility to defend against increasingly sophisticated cyber threats.
To answer the cybersecurity needs of medium-sized businesses as well as enterprises, Tier-1 service providers, and carriers, the DefensePro
X lineup offers five new hardware platforms and one virtual platform with a wide range of DDoS protections. |
|
• |
We have announced new platforms for our Alteon ADC product line: |
|
• |
Alteon 7 series. This is a high-end performance application delivery appliance with high performance SSL with support for latest
encryption standards (i.e. ECC). The new platform, with models 7700 and 7100, offers on-demand 100 & 200 Gbps throughput scalability
and designed for carriers, mobile operators and large enterprises. |
|
• |
Alteon 6300. This is a modular platform with selectable I/O and SSL acceleration modules, high performance SSL with support for latest
encryption standards (i.e. ECC). The platform is designed for carriers, mobile operators and very large enterprises with On-demand 60
and 90Gbps throughput scalability. |
Recent Partnerships Activities
During 2023, our key activities regarding our offerings through
partners and solution providers consisted of the following:
|
• |
In January 2023, we introduced a new global Radware Cybersecurity Partner Program. The global program offers our existing and prospective
ecosystem partners a more lucrative and systematic approach to creating, managing, and growing sales opportunities based on our cloud
security services and solutions. Equipped with new participation tiers, training, certifications, financial incentives, and support materials,
it is designed to empower our ecosystem partners to accelerate their growth and improve operating margins. This includes resellers, managed
security service providers, carriers, and cloud service providers. |
|
• |
In September 2023, we launched an enhanced program for MSSPs, which is designed to make it easier for MSSPs to expand their value-added
service portfolio and manage the hosted security services needed to address the surge in cyberattacks and shortage in skilled cybersecurity
talent. To accelerate revenue growth, partners are granted access to new licensing models, expanded technical training, and more marketing
and sales enablement tools. |
Our Competitive Strengths
Our solutions incorporate proprietary and innovative cyber security
and application delivery technologies that help our customers to secure the digital experience for users of business-critical applications.
We believe our competitive strengths are based on several elements, including the following:
|
• |
Innovation, Proprietary Technologies, and Thought Leadership. We are offering innovative
solutions in our domain. We were one of the first companies to offer hybrid attack mitigation solutions; behavioral DDoS attacks detection
with automated real-time signature creation for attack mitigation; device fingerprinting technology implementation for Bot-based attacks
detection; auto-policy generation for our WAF solution; protection against encrypted attacks without opening the sessions for DDoS protection;
and AI to detect attacks targeting workloads in public clouds. We believe this has given us significant expertise, know-how, and leadership
in the market for cyber-attack mitigation solutions, and we take part in many technology communities, standard organizations, and open
source projects. At the same time, we continue to invest in research and development of cyber security and application delivery technologies
in order to introduce new and innovative solutions, which are supported and protected by multiple patents and proprietary rights.
|
|
• |
Automation. We are offering automated attack detection and mitigation solutions that reduce
the total cost of ownership of cyber security solutions, including behavioral analysis technology to detect zero-day DDoS attacks; automated
real-time signature creation for DDoS attacks mitigation; intent-based behavioral analysis and machine learning (or “ML”)
models to detect automated Bot attacks; and machine learning (positive security model) to detect zero-day web application attacks.
|
|
• |
Wide attacks coverage. Our solutions offer a wide coverage against attacks, including mitigation
of all four generations of Bot attacks; negative and positive security models to defend against known (OWASP top-10) and zero-day web
application attacks (standard solutions typically cover OWASP top-10 attacks only); and advanced DDoS attacks protection such as DNS flood
attacks, burst floods, SSL flood attacks, IoT botnets and Web DDoS attacks. |
|
• |
Industry Awards. We gained multiple industry awards during 2023, including the following:
|
|
o |
Quadrant Knowledge Solutions – 2023 DDoS Mitigation SPARK Matrix™, July 2023 – Leader |
|
o |
Quadrant Knowledge Solutions – 2023 WAF SPARK Matrix™, December 2023 – Leader |
|
o |
Quadrant Knowledge Solutions – 2023 Bot Management SPARK Matrix™, July 2023 – Leader |
|
o |
GigaOm Research – GigaOm Radar for DDoS Protection 2023 – Leader and Fast Mover |
|
o |
GigaOm Research – GigaOm Radar for Application and API Protection: March 2023, Leader and Fast Mover |
We were named winner of two 2023 Cybersecurity Excellence Awards.
Our API Discovery and Protection solution received gold honors in the API Security category, and the Radware SecurePath® architecture
won gold in the Web Application Security category – March 2023.
We were named a winner in the 19th
Annual 2023 Globee® Cybersecurity Awards. The Radware SecurePath® application security architecture was awarded gold
honors in the Web Application Security and Firewalls category – March 2023.
We are not responsible for the determinations of any of these
awards or the entities or publications that award them.
Our Growth Strategy
Our growth strategy is based on several key elements:
|
• |
Focus on cloud and application security. We aim to offer superior and innovative cyber security
solutions and cloud-based solutions and expand our portfolio in these two dimensions. We also invest in go-to-market efforts related to
cloud security services and public cloud solutions. |
|
• |
Invest in data center solutions. We continue to develop and sell holistic cyber security
and application delivery solutions for physical, cloud, and hybrid data centers and cloud applications. |
|
• |
Increase our market footprint. We believe that a significant market opportunity exists to
sell our solutions with the complementary products and services provided by other organizations with whom we wish to collaborate. To that
end, we have already established strategic relationships with various third parties, including leading global-class partners, such as
Cisco, Check Point, and Nokia, which provide critical access to certain large customers allowing us to sell our solutions. We intend to
further increase our market footprint through collaboration with leading partners. |
|
• |
Expand our footprint in the medium sized enterprise market. The needs of the mid-market enterprises
regarding the management of cyber security risks are substantially similar to the needs of the large enterprise market, but their capacity
and access to skilled talent are more limited. We believe that our fully managed cloud security services can be a great fit for this market,
and we intend to further expand our market footprint in this segment. |
|
• |
Pursue acquisitions and investments. In order to achieve our business objectives, we may
evaluate and pursue the acquisition of, or significant investments in, other complementary companies, technologies, products, and/or businesses
that enable us to enhance and increase our technological capabilities and expand our product and service offerings. |
Sales and Marketing
Sales. We market
and sell our products and services primarily through indirect sales channels that consist of distributors and resellers located in North,
Central and South America, Europe, Africa, Asia, and Australia. In addition, we generate direct sales to selected customers mainly
in the United States. Our direct sales channels are supported by our sales and marketing managers who are also responsible for recruiting
potential distributors and resellers and for initiating and managing marketing projects in their assigned regions. The sales managers
are supported by our internal sales support staff that help generate and qualify leads for the sales managers. We have subsidiaries and
representative offices and branches in multiple countries to cover the above mentioned regions (see Item 4.C “Organizational Structure”),
to promote and market our products and services and provide customer support in their respective regions.
Marketing. Our marketing
strategy is to enhance brand recognition and maintain our reputation as a provider of technologically advanced, quality cyber security
and application delivery solutions to help drive demand for our products and services. We seek to build upon our marketing and branding
efforts globally to achieve greater worldwide sales and leverage sophisticated digital platforms and activity to scale our presence globally.
Our marketing initiatives are principally directed at developing brand awareness, optimizing our digital presence, searchability and awareness,
generating qualified leads and providing sales and marketing tools to our distributors/resellers to promote sales. We participate in major
trade shows and virtual events, regionally based events/seminars and offer support to our distributors and resellers who participate in
these events. We also participate in our partners’ events, such as Cisco Live and Checkpoint Experience, to promote our solutions
within their audiences. Additionally, we focus on our customer base to deliver an integrated Customer 360 experience including regular
communications, facilitating support and training needs, maximizing customer lifetime value and developing customer advocacy. We also
invest in online and search engine advertising campaigns, public relations, and regionalized field marketing campaigns. In addition to
our independent marketing efforts, we invest in joint marketing efforts with our distributors, OEMs, VARs, GSIs, and other companies that
have formed strategic alliances with us.
Customers and End-Users
With the exception of our limited direct sales to selected customers,
we sell our products and services through distributors or resellers who then sell our products and services to end-users.
We have a globally diversified end-user base, consisting of corporate
enterprises, including banks, insurance companies, manufacturing, retail companies, media companies, government agencies and utilities,
and service providers, such as telecommunication carriers, internet service providers, cloud service providers, and application service
providers. Customers in these different vertical markets deploy Radware products for availability, performance and security of their applications.
In 2023, approximately 40% of our revenues were in the North, Central
and South America (principally in the United States), 37% were in Europe, Middle East and Africa (EMEA) and 23% in Asia-Pacific, compared
to 42%, 36% and 22%, respectively, in 2022, and 45%, 34% and 21%, respectively, in 2021. Other than the United States, which accounted
for 28% of our total revenues in 2023, no other single country accounted for more than 10% of our revenues for 2023, 2022, and 2021.
In 2023, approximately 56% of our revenues derived from product
sales and 44% derived from service sales, compared to 59% and 41%, respectively, in 2022 and 59% and 41%, respectively, in 2021.
In 2023, approximately 77% of our revenues derived from the enterprise
market and 23% derived from the carrier market, compared to approximately 74% and 26%, respectively, in 2022, and 73% and 27%, respectively,
in 2021.
As of December 31, 2023, 2022, and 2021, no single customer accounted
for more than 10% of our revenues.
For additional details regarding the breakdown of our revenues
by geographical distribution and by activity, see Item 5.A – “Operating Results.”
Seasonality
Our quarterly operating results have been, and are likely to continue
to be, influenced by seasonal fluctuations in our sales and by seasonal purchasing patterns of some of our customers. Our operating results
in the fourth quarter tend to be higher than other quarters as some of our customers tend to make greater capital and operational expenditures
as well as expenditures relating to service renewals towards the end of their own fiscal years, thereby increasing orders for our products,
support and subscription services in the fourth quarter.
Customer Support Services
Our technical support team, which consisted of 356 employees worldwide
as of December 31, 2023, supports our sales force during the sales process, assists our customers, resellers and distributors with the
initial installation, set-up and ongoing support of our products, and trains them on how to best use our solutions. The technical support
team also assists with service onboarding processes and provides training to end-users of our services. In addition, our technical team
trains and certifies our distributors and resellers to provide limited technical support in each of the geographical areas in which our
products are sold and is directly responsible for remote support. Our Certainty Support Program offerings allow customers to automatically
obtain new software versions of their products and obtain optimized performance by purchasing any of the following optional offerings:
extended warranty, software updates, 24x7 help-desk (directly to our customers and through our distributors), on-site support and unit
replacement. Some of our on-site services are provided by third-party contractors.
Research and Development
We invest in research and development to expand and enhance the
features of our existing solutions, to develop new solutions and features and to improve our existing technologies and features. We believe
that our future success is dependent upon our ability to maintain our technological expertise, enhance our existing solutions and introduce,
on a timely basis, new commercially viable solutions that will address the needs of our customers. Accordingly, we intend to continue
devoting a significant portion of our personnel and financial resources to research and development. In order to identify market needs
and to define appropriate product specifications, as part of the product development process we seek to maintain close relationships with
current and potential distributors, customers and vendors in related industry sectors.
As of December 31, 2023, our research and development staff consisted
of 408 employees and 71 subcontractors. Research and development activities take place mainly at our facilities in Israel; Bangalore,
India; Vancouver, Canada; and North Carolina, United States. We employ established procedures for the required management, development
and quality assurance of our new product developments. Our research and development organization is divided into Application Security,
Infrastructure Security, Application Delivery, Management and Control, Cloud Services, and Chief Technology Officer groups. Within
those groups the organization is divided according to our existing product solutions. Each product group is headed by a group leader
and includes team leaders and engineers. Each group has a dedicated quality assurance team. In addition, we have an infrastructure
department responsible for the development of our platforms that are the basis for all products, serving all product groups, which consist
of a senior group leader, group leaders, team leaders, and engineers. The heads of all research and development divisions report to either
the Chief Operating Officer or the Chief Technology Officer.
See also below under “Government Regulations – Israeli
Innovation Authority.”
Manufacturing and Suppliers
Our quality assurance testing, final integration, packaging, and
shipping operations as well as part of our final assembly activities are primarily performed at our facility in Jerusalem, Israel. All
our products are Underwriters Laboratories (UL) and ISO 9001:2008 compliant and some of them have also achieved industry certifications.
We rely to a large extent on third-party manufacturing vendors
to provide our finished products. In this respect, these vendors primarily provide us with manufacturing assembly services in order to
deliver the finished goods while we perform the final integration of the products. All components and subassemblies included in our products
are supplied to the manufacturing vendors by several suppliers and subcontractors. Each of the manufacturing vendors monitors each stage
of the components production process, including the selection of components and subassembly suppliers. Thereafter, each of the manufacturing
vendors makes the final assembly in their own facility. Our primary manufacturing vendors are ISO 9001 certified, indicating that each
of their manufacturing processes adheres to established quality standards.
We primarily rely on two ODMs to manufacture and to supply our
hardware platforms. In 2023, approximately 46% of our direct product costs were from one of these vendors and 41% were from the other
vendor. Additionally, we rely on two other ODMs, which made up 5% of our direct product costs in 2023. The rest of our ODMs accounted
for 2% or less individually in 2023.
We conduct a business continuity plan (BCP) with all our vendors
to ensure an immediate recovery in case of crisis that might jeopardize the supply of our products and services. For example, in order
to overcome the risk of not meeting the committed SLA to our customers due to importation blocking in different countries associated with
the outbreak of the COVID-19 pandemic, we had allocated sufficient inventory that was sent directly from the ODM vendors to worldwide
warehouses to be shipped to customers, when needed, at the destination country, rather than being shipped from Israel. In this respect,
we have been certified during 2021 for ISO 22301 (Business Continuity Management System). Furthermore, in order to minimize potential
delays in product supplies by certain of our ODMs whose lead time had been significantly extended due to the worldwide chipset shortage,
we had paid expedite fees to several components manufacturers. However, if we are unable to continue to acquire those platforms or components
from these platform manufacturers and vendors on acceptable terms, or should any of these suppliers cease to supply us, on a timely basis,
with such platforms or components for any reason, we may not be able to identify and integrate an alternative source of supply in a timely
fashion or at the same costs. Any transition to one or more alternate suppliers would likely result in delays, operational problems, and
increased costs, and may limit our ability to deliver our products to our customers on time for such transition period, although we believe
we have levels of inventory that will assist us to transition to alternate suppliers smoothly.
Proprietary Rights
We rely on patent, trademark and trade secret laws, as well as
confidentiality agreements and other contractual arrangements with our employees, distributors and others to protect our technology.
We have a policy that requires our employees to execute employment agreements, including confidentiality and non-competition provisions.
We have registered trademarks for, among others, Radware®,
Radware Logo:
®,
OnDemand Switch®, Alteon®, APSolute®, LinkProof®, DefensePro®, CID®, SIPDirector®, AppDirector®,
AppXcel®, AppXML®, AppWall®, APSolute Insite®, StringMatch Engine®, Web Server Director®, APSolute Vision®,
vDirect®, Alteon VA®, AppShape®, FastView®, DefenseFlow®, Virtual DefensePro®, Radware SecurPath®,
VADI® (Virtual Application Delivery Infrastructure), ShieldSquare® and the ShieldSquare Logo:
®,
and we have non-registered trademarks for, among others, ADC-VX™, Inflight™, and CyberStack™. We own registered
U.S. copyrights in all of our primary software product lines.
We have registered patents in the United States, Canada and other
jurisdictions for, among others, our triangle redirection method used for the global load balancing in our AppDirector product; our mechanism
for efficient management and optimization of multiple links used in our LinkProof product; our method for load balancing by global proximity
used in our AppDirector product; our method for controlling traffic on links between autonomous Border Gateway Protocol (BGP) systems;
the stateful distribution of copied SSL traffic; the transparent inspection of encrypted client traffic; the activation of multiple virtual
services on a switching platform; the behavioral analysis and detection of zero-day and DDoS network attack patterns; a new method based
on Quantiles for network edge DDoS and network anomalies protection in our DefensePro product; our new paraphrase-based algorithm for
WebDDoS or Web floods and keyless HTTPS attack mitigation behavioral mechanisms in our DefensePro; our enhanced domain name service floods
behavioral protection and UDP protections; our web and API application protection (including the business logic attacks), including our
Bot Manager augmented by the new public identity and block-chain based methods for addressing automated threats (for public-facing
services) and advanced threats; our new client side protection to address sensitive PII leakage attacks resulting from untrusted third
parties; our new AI/ML methods to address and automate analysis of our cloud WAF (CWAF) customer’s applications for proactive false-positive
and false-negative service tuning, a geographically based traffic distribution; Zero-day attacks such as Log4j malicious strings, use
of OpenAI-related APIs for embedding AI-assistance in various use-cases; a generic proximity based site selection for global load balancing;
an internal hardware connectivity plane architecture; a specific proximity-based site selection for global load balancing of HTTP transactions
implemented in our Alteon products; and additional patents in the software-defined networking (SDN) field, around a new concept of cyber
control and automation for our DefenseFlow product.
We have pending patent applications and provisional patents in
connection with several methods and features used in our products or that we plan to implement in the future. These applications may not
result in any patent being issued, and, even if issued, the patents may not provide adequate protection against competitive technology
and may not be held valid and enforceable if challenged. In addition, other parties may assert rights as inventors of the underlying
technologies, which could limit our ability to fully exploit the rights conferred by any patent that we receive. Our competitors may be
able to design around a patent we receive, and other parties may obtain patents that we would need to license or circumvent in order to
exploit our patents.
Competition
The cyber security and application delivery market is highly fragmented
and competitive, and we expect competition to intensify in the future.
Our principal competitors are:
|
• |
DDoS Mitigation: Akamai Technologies, Inc., or Akamai, Imperva Inc., or Imperva, Netscout Systems, Inc., and Cloudflare, Inc.
|
|
• |
Web Application Firewalls and Bot Management: Akamai, Imperva, Cloudflare, Inc., F5 Networks, Inc., or F5, and AWS |
|
• |
Application Delivery: F5, A10 Networks, Inc., and Citrix Systems, Inc. |
|
• |
CDR: Gem Security, Inc. |
We expect to continue to face additional competition as new
participants enter the market or extend their portfolios into related technologies. Larger companies with substantial resources, brand
recognition and sales channels may also form consolidation and alliances with or acquire competing providers of application delivery or
application and network security solutions and emerge as significant competitors.
We are seeing new types of competitors from within the public
cloud providers – as more companies rely on these environments to host their services and applications, these vendors start providing
cyber security solutions that are typically fairly basic and customized for their own environment. As we see more and more companies
relying on more than one public cloud vendor, we expect to see additional competitors and rapid evolution of solutions and offerings.
An increase in competition may lower prices and reduce demand
and margins as well as increase costs associated with sales and marketing to maintain or increase market share; which, in turn, may impair
our ability to increase profitability. Furthermore, the dynamic market environment, as illustrated by the above acquisitions, poses a
challenge in predicting market trends and expected growth. We believe that our products and services have several competitive advantages
in performance and accuracy and that our future success will depend primarily on our continued ability to provide more technologically
advanced and cost-effective application delivery and cyber security solutions, and more responsive customer service and support, than
our competitors. However, we cannot assure you that all products and services we offer in our portfolio will compete successfully with
similar competitor solutions. See also above under “Business Overview.”
Government Regulations
Data Privacy and Data Protection
Laws
Our activities in the cyber security market require that we comply
with laws and regulations in the area of data privacy and data protection governing the collection, use, retention, sharing and security
of personal data. For example, the GDPR and UK DP Laws (each as referenced above), include operational requirements for companies that
receive or process personal data of residents of the European Union and the UK, and non-compliance will result in significant penalties.
Many other countries in which we operate have their own data protection and data security laws that we need to comply with in collecting,
utilizing, or otherwise processing personal data from our customers and/or visitors to their websites and others.
Environmental and
Security Management Regulations
Our activities in Europe require that we comply with European Union
Directives with respect to product quality assurance standards and environmental standards. The “RoHs” and RoHs II Directives
require products sold in Europe to meet certain design specifications, which exclude the use of hazardous substances.
Directive 2002/96/EC on Waste Electrical and Electronic Equipment (known as the “WEEE” Directive) requires producers
of electrical and electronic equipment to register in different European countries and to provide collection and recycling facilities
for used products. We believe we are currently in compliance with the RoHs and WEEE regulations,
ISO 14001 standards (regrading Environmental Management Systems), ISO/IEC 27001:2013 and ISO 27032: 2012 standards (both in regard to
Information Security Management System), ISO 28000 (Supply Chain Security management) and OHSAS 18001:2007 (Occupational Health and Safety
Management).
Israeli Innovation Authority
From time to time, eligible participants may receive grants under
programs of the IIA. This governmental support is conditioned upon the participant’s ability to comply with certain applicable requirements
and conditions specified in the IIA’s programs and the Innovation Law.
Under the Innovation Law, research and development programs that
meet specified criteria and are approved by the Research Committee of the IIA are eligible for grants usually of up to 55% of certain
approved expenditures of such programs, as determined by said committee.
The Innovation Law provides that know-how developed under an approved
research and development program or rights associated with such know-how (1) may not be transferred to third parties in Israel without
the approval of the IIA (such approval is not required for the sale or export of any products resulting from such research or development)
and (2) may not be transferred to any third parties outside Israel, except in certain special circumstances and subject to the IIA’s
prior approval, which approval, if any, may generally be obtained, subject to payment of a transfer fee pursuant to which the grant recipient
pays to the IIA a portion of the sale price paid in consideration for such IIA-funded know-how; or a portion of the consideration paid
in respect of licensing the IIA-funded know-how, as the case may be (according to certain formulas, which may result in repayment of up
to 600% of the grant amounts plus interest). Under certain circumstances, such as in the event that the grant recipient receives know-how
from a third party in exchange for its IIA-funded know-how, such transfer fee may not apply.
The Innovation Law imposes reporting requirements with respect
to certain changes in the ownership of a grant recipient. The law requires the grant recipient and its controlling shareholders and foreign
interested parties to notify the IIA of any change in control of the recipient or a change in the holdings of the means of control of
the recipient and requires a non-Israel interested party to undertake to the IIA to comply with the Innovation Law. In addition,
the rules of the IIA may require additional information or representations in respect of certain of such events. For this purpose, “control”
is defined as the ability to direct the activities of a company other than any ability arising solely from serving as an officer or director
of the company. A person is presumed to have control if such person holds 50% or more of the means of control of a company. “Means
of control” refers to voting rights or the right to appoint directors or the chief executive officer. An “interested party”
of a company includes a holder of 5% or more of its outstanding share capital or voting rights, its chief executive officer and directors,
someone who has the right to appoint its chief executive officer or at least one director, and a company with respect to which any of
the foregoing interested parties owns 25% or more of the outstanding share capital or voting rights or has the right to appoint 25% or
more of the directors. Accordingly, any non-Israeli who acquires 5% or more of our ordinary shares will be required to notify us that
it has become an interested party and needs to sign an undertaking to comply with the Innovation Law.
The Israeli authorities have indicated in the past that the government
may further reduce or abolish the IIA grants in the future. Even if these grants are maintained, we cannot presently predict what
would be the amounts of future grants, if any, that we might receive.
In 2023, 2022, and 2021, we were qualified to participate in projects
funded by the IIA to develop generic technology relevant to the development of our products. We were eligible to receive grants constituting
between 30% and 55% of certain research and development expenses relating to these projects. The grants under these projects are not required
to be repaid by way of royalties.
In addition, one of our Israeli subsidiaries received royalty-bearing
grants from the IIA for an approved research and development project. The grants under this project are required to be repaid based on
revenues from the sale of products incorporating or based upon know-how developed, in whole or in part with the grants. These grants amounted
to $0.4 million for the year ended December 31, 2023.
Research and development grants deducted from research and development
expenses, net amounted to $0.4 million, $1.3 million, and $1.3 million for the years ended December 31, 2023, 2022, and 2021, respectively.
Environmental, Social and Governance Matters
At Radware, we aim to help customers protect
their critical applications and secure their digital experiences. As we pursue this goal, we recognize our responsibility to promote socially
and environmentally responsible economic growth through our business practices. In order to promote this corporate responsibility and
sustainability approach, we have implemented, and will continue to implement, various ESG principles and activities into our daily business
practices, including, but not limited to, those summarized below.
Most recently, in December 2021, we have
also released our inaugural ESG Report available at www.radware.com/corporategovernance (information contained on our website, including
in our ESG report, is not incorporated herein by reference and shall not constitute part of this annual report) to expand our ESG-related
disclosures regarding what we have accomplished thus far on this front and what we strive to achieve.
Environmental
We aim to build a more sustainable world through the products,
services, and solutions we offer and the way we operate. This means, among other things, that we aim to operate our business in a manner
which meets or exceeds all environmental laws and compliance guidelines and strive to improve our environmental performance across our
entire supply chain.
While we continue to develop a program that recognizes our environmental
impact, we have already implemented various activities to measure and foster our environmental focus, including the following highlights:
|
• |
We have implemented key performance indicators (KPIs), which set quantitative reduction goals for the use of water, power and paper;
|
|
• |
We work with our suppliers to maintain compliance with various environmental laws and guidelines, such as RoHS and WEEE in the EU,
and adopted our Conflict Minerals Policy available at www.radware.com/corporategovernance/conflictminerals (information contained on our
website, including in our Conflict Minerals Policy, is not incorporated herein by reference and shall not constitute part of this annual
report), which outlines our practices and procedures with respect to responsible sourcing of minerals from conflict-affected and high-risk
areas; and |
|
• |
Our corporate headquarters in Tel Aviv, Israel, as well as our training rooms in Tel Aviv are designed in the “TED” style
to serve as multifunctional work spaces while the operations room utilizes NVX video technology in order to minimize the amount of copper
wiring required to function and travel. At our headquarters, we offer EV charging stations to our employees and visitors, and where applicable
according to local requirements, we offer recycling and properly dispose of e-waste. |
Social
We believe that the foundation of our success lies in our diverse,
engaged, and motivated workforce, and we continuously advocate for our team by creating a work environment in which our employees can
thrive in the spirit of productivity and development. This means, among other things, that we aim to operate our business in a manner
which promotes a work environment that is free of discrimination and harassment and otherwise attends to our employees’ wellbeing.
While we continue to develop a program that recognizes our social
impact, we have already implemented various activities to measure and foster our focus on social impact, including the following highlights:
|
• |
We are an equal-opportunity employer and make employment decisions based on a person’s qualifications and our business needs.
This is demonstrated by our Human Rights and Labor Standards Policy; |
|
• |
Our corporate policy maintains zero tolerance for harassment, sexual harassment, and discrimination, and it imposes significant consequences
for behavior deemed to create a hostile work environment. This is demonstrated by our Code of Conduct and Ethics as well as our Human
Rights and Labor Standards Policy; |
|
• |
We offer what we believe is an attractive mix of compensation and benefit plans to support our employees’ and their families’
physical, mental, and financial well-being. This includes allowing the majority of our employees to have a direct ownership interest in
Radware by participating in our equity-based incentive plans; and |
|
• |
We are focused on maintaining a healthy, safe, and secure work environment that protects our employees and the public from harm.
This is demonstrated by the measures we implemented in order to overcome the challenges presented by the COVID-19 pandemic. We implemented
a hybrid work model, which enables our employees to work partly remote and partly in the office. We believe that this flexibility
drives increased job satisfaction while addressing the major challenges of remote work, such as isolation and lack of community.
|
Governance
As part of our sustainable and other ESG operations policies, we
aim to conduct our corporate governance and build corporate behavior mechanisms to align with the interest of all our stakeholders. This
means, among other things, that we developed and strive to maintain a strong set of corporate values that will inspire ethical behavior
across all decision-making processes, and a management and control system so that ethics and security issues are given their due weight.
While we continue to develop a program that recognizes our corporate
governance and ethical conduct, we have already implemented various activities to measure and foster this focus, including the following
highlights:
|
• |
Corporate Governance and Board Practices: Our corporate governance policies and practices are designed to foster effective board
oversight in service of the long-term interests of our shareholders. Our Board of Directors consists of 8 members, of whom seven qualify
as “independent directors” under the Nasdaq rules and one is female. The Audit and Compensation Committees of our
Board of Directors, which are charged with significant functions in our risk oversight and compensation philosophy, respectively, both
currently consist of three members, all of whom qualify as “independent directors” under the Nasdaq rules. For further details
on our corporate governance, as well as our Board of Directors and its committees’ roles and practices, see Items 6.C “Board
Practices” and 16.G “Corporate Governance.” |
|
• |
Ethical Business Conduct: All our directors, officers, consultants, service providers and employees are expected to conduct themselves
in accordance with our Code of Conduct and Ethics available at http://www.radware.com/corporategovernance/ (information contained on our
website, including in our Code of Conduct and Ethics, is not incorporated herein by reference and shall not constitute part of this annual
report). Our Code of Conduct and Ethics is intended to promote various elements of ethical business conduct, such as compliance with laws;
avoiding conflict of interests and personal exploitation of corporate opportunities; fair dealing; confidentiality of information; and
other policies and guidelines in connection with insider trading and anti-corruption laws and policies. |
C. Organizational
Structure
We have a wholly owned subsidiary in the United States, Radware
Inc., which conducts the sales and marketing of our products and services in the United States. We also have subsidiaries in other countries,
most of which typically conduct sales and marketing of our products and services in their respective locations. Our subsidiaries include
(unless otherwise indicated, all subsidiaries are wholly owned):
Name
of Subsidiary |
Place
of Incorporation |
Radware Inc. |
New Jersey, United States |
Radware UK Limited |
United Kingdom |
Radware France |
France |
Radware Srl |
Italy |
Radware GmbH |
Germany |
Nihon Radware KK |
Japan |
Radware Australia Pty. Ltd. |
Australia |
Radware Singapore Pte. Ltd. |
Singapore |
Radware Korea Ltd. |
Korea |
Radware Canada Inc. |
Canada |
Radware India Pvt. Ltd. |
India |
Kaalbi Technologies Limited Ltd. |
India |
Radware (India) Cyber Security Solutions Private Limited
|
India |
Radware China Ltd. 睿伟网络科技(上海)有限公司
|
China |
Radware (Hong Kong) Limited |
Hong Kong |
Radyoos Media Ltd.* |
Israel |
Radware Canada Holdings Inc. |
Canada |
Radware Iberia, S.L.U. |
Spain |
Edgehawk Security Ltd. |
Israel |
SkyHawk (CNP) Security Ltd.** |
Israel |
SkyHawk Security, Inc.*** |
Delaware, United States |
CSR Cloud Security Ltd. |
Israel |
Radware (Colombia) S.A.S. |
Colombia |
* We own approximately 91.0% of this subsidiary, which ceased its activities in 2017.
** We own approximately 76.2% of this subsidiary.
*** Wholly-owned by SkyHawk (CNP) Security Ltd.
The late Yehuda Zisapel, one of our co-founders and shareholders
and, until recently, the Chairman of our Board of Directors, is the father of Roy Zisapel, our President, Chief Executive Officer and
director. Either the late Yehuda Zisapel (and following his death, his estate), his late brother, Zohar Zisapel, (and following
his death, his heirs – Michael Zisapel and Klil Zisapel), and Nava Zisapel (or all of them together) are founders, directors and/or
shareholders of several other companies which, together with our Company and our subsidiaries listed above, are known as the RAD-Bynet
Group. These companies include, among others:
AB-NET Communications Ltd.
Binat Business Ltd.
BYNET Data
Communications Ltd.*
Bynet Data Centers Ltd.
CloudRide Ltd.*
BYNET Electronics Ltd.* BYNET SEMECH (outsourcing) Ltd.*
Bynet Software Systems Ltd.
Bynet System Applications Ltd.* |
Ceragon Networks Ltd.
Internet Binat Ltd.*
Packetlight Networks Ltd.
RAD-Bynet Properties and Services (1981) Ltd.*
Radbit Computers, Inc.
RADCOM Ltd.
RAD Data Communications Ltd.*
Radiflow Ltd.
|
RADWIN Ltd.
DC Protection Ltd. (previously known as SecurityDAM Ltd.)
|
*Denotes a RAD-Bynet Group company with which we currently transact business
The late Yehuda Zisapel (and following his death, his estate),
Michael Zisapel and Klil Zisapel also hold shares in Carteav Ltd. and Tupaia Ltd., start-up companies that are not considered part of
the RAD -Bynet group.
The RAD-Bynet Group also includes several other holdings, real
estate companies, biotech and pharmaceutical companies and the above list does not constitute a complete list of all entities within the
RAD-Bynet Group or of all the holdings of Yehuda Zisapel’s estate, Michael Zisapel, Klil Zisapel and Nava Zisapel.
Members of the RAD-Bynet Group are actively engaged in designing,
manufacturing, marketing, and supporting data communications products, none of which currently compete with our products. Some of the
products of members of the RAD-Bynet Group are complementary to, and may be used in connection with, our products and services. See also
Item 7.B “Related Party Transactions.”
D. Property,
Plants and Equipment
General. We operate from
leased premises mainly in Tel Aviv, Jerusalem and Ramat Gan in Israel and New Jersey in the United States. We also lease premises in several
locations in Europe, North America, South America and Asia-Pacific for the activities of our subsidiaries, representative offices and
branches. Our aggregate annual rent expenses under these leases were approximately $6.1 million in 2023.
We believe that the following offices and facilities are suitable
and adequate for our operations as currently conducted and as currently foreseen. In the event that additional or substitute offices and
facilities are required, we believe that we could obtain such offices and facilities at commercially reasonable rates.
Israel. Our headquarters
and principal administrative, finance, research and development and marketing operations are located in approximately 108,000 square feet
of leased office space in Tel Aviv, Israel, in two buildings: one building, consisting of approximately 40,000 square feet, plus storage
and parking space, and the second building, consisting of approximately 68,000 square feet, plus parking spaces. Both buildings have leases
that expire in June 2030 (with one of the two buildings having a termination option by us in June 2025 by way of prior notice) and are
leased from, among others, affiliated companies owned by the late Yehuda Zisapel, Nava, Zisapel and/or the late Zohar Zisapel (and following
his death, his heirs – Michael Zisapel and Klil Zisapel), as applicable. For more information, see Item 7.B “Related Party
Transactions.”
In addition, we lease approximately 3,600 square feet of space
in Jerusalem, Israel, for development facilities from an affiliated company owned by the late Yehuda Zisapel and Nava Zisapel. The lease
expires in July 2025. We also lease approximately 15,000 square feet for manufacturing facilities in Jerusalem, Israel, from an affiliated
company owned by the late Yehuda Zisapel, Nava, Zisapel and the late Zohar Zisapel (and following his death, his heirs– Michael
Zisapel and Klil Zisapel). The lease expires in August 2028. For more information, see Item 7.B “Related Party Transactions.”
We also lease approximately 6,620 square feet of space in Ramat
Gan, for operations of one of our subsidiaries. The lease expires in September 2026.
Other locations. In the
United States, we lease approximately 16,900 square feet of property in Mahwah, New Jersey, consisting of approximately 12,700 square
feet of office space and 4,200 square feet of warehouse space from a company controlled by the late Yehuda Zisapel, Nava, Zisapel and
the late Zohar Zisapel (and following his death, his heirs – Michael Zisapel and Klil Zisapel). The lease expires in December 2025.
For more information, see Item 7.B “Related Party Transactions.”
We lease approximately 3,850 square feet of property for our research
and development facilities in North Carolina, the lease for which will expire in March 2026.
We also lease facilities for the operation of our subsidiaries
and representative offices in several locations in Europe, North America, South America, and Asia-Pacific, all from unrelated third parties.
ITEM 4A.
UNRESOLVED STAFF COMMENTS
None.
ITEM 5.
OPERATING AND FINANCIAL REVIEW AND PROSPECTS
Our discussion and analysis of our financial condition and results
of operation are based upon our consolidated financial statements, which have been prepared in accordance with U.S. GAAP. Our operating
and financial review and prospects should be read in conjunction with our financial statements, accompanying notes thereto and other financial
information appearing elsewhere in this annual report.
A. Operating
Results
Overview
General
We are a provider of cyber security and application delivery solutions
for cloud, on-premises, and SDDC. Our solutions secure the digital experience by providing infrastructure, application, and network protection
and availability services to enterprises globally. Our solutions are deployed by, among others, enterprises, carriers, and cloud service
providers.
We began sales in 1997, and currently have nearly 30 local offices,
subsidiaries or branches globally across Asia-Pacific, Europe, and North, Central and South America.
We sell through sales channels such as resellers and distributors
whereas most of our direct sales are to strategic customers.
Most of our revenues are generated in dollars or are dollar-linked,
and the majority of our expenses are incurred in dollars. As such, the dollar is our functional currency. Our consolidated financial statements
are prepared in dollars and in accordance with U.S. GAAP.
Our revenues are derived from sales of our solutions:
|
• |
We recognize physical and software product revenues when control of the product is transferred to the customer (i.e., when our performance
obligation is satisfied), which typically occurs at shipment, and we recognize revenues from product and cloud subscriptions, as part
of the product revenues, ratably over the subscription period. |
|
• |
Revenues from post-contract customer support (PCS), which mainly represents help-desk support and unit repairs or replacements, professional
services, and ERT services, are recognized ratably over the contract or subscription period, which is typically between one year and three
years. |
Our revenues are also attributed to geographic areas based on
the location of the end-users.
In the years ended December 31, 2023, 2022, and 2021, revenues
derived from sales of the Company’s products and product subscriptions constituted approximately 56%, 59%, and 59%, respectively,
of our total revenues, with the remaining revenues being derived from services.
Results of Operations
The following discussion of our results of operations for the years
ended December 31, 2023, 2022, and 2021, including the following tables, which present selected financial information in dollars and as
a percentage of total revenues, are based upon our consolidated statements of operations contained in our financial statements for those
periods, and the related notes, included in this annual report.
The following table sets forth, for the periods indicated, certain financial data concerning
our consolidated operating results:
|
|
2023 |
|
|
2022 |
|
|
2021 |
|
|
|
(US $ in thousands) |
|
Revenues: |
|
|
|
|
|
|
|
|
|
|
|
|
Products |
|
$ |
145,541 |
|
|
$ |
172,161 |
|
|
$ |
170,438 |
|
Services |
|
|
115,751 |
|
|
|
121,265 |
|
|
|
116,058 |
|
|
|
|
261,292 |
|
|
|
293,426 |
|
|
|
286,496 |
|
Cost of revenues: |
|
|
|
|
|
|
|
|
|
|
|
|
Products |
|
|
|
|
|
|
43,014 |
|
|
|
42,191 |
|
Services |
|
|
|
|
|
|
10,870 |
|
|
|
10,255 |
|
|
|
|
51,710 |
|
|
|
53,884 |
|
|
|
52,446 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Gross profit |
|
|
209,582 |
|
|
|
239,542 |
|
|
|
234,050 |
|
Operating expenses, net: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Research and development, net |
|
|
82,617 |
|
|
|
86,562 |
|
|
|
74,098 |
|
Sales and marketing |
|
|
126,237 |
|
|
|
126,533 |
|
|
|
119,842 |
|
General and administrative |
|
|
32,408 |
|
|
|
29,786 |
|
|
|
21,885 |
|
Total operating expenses, net |
|
|
241,262 |
|
|
|
242,881 |
|
|
|
215,825 |
|
Operating income (loss) |
|
|
(31,680 |
) |
|
|
(3,339 |
) |
|
|
18,225 |
|
Financial income, net |
|
|
13,927 |
|
|
|
8,052 |
|
|
|
4,407 |
|
Income (loss) before taxes on income
|
|
|
(17,753 |
) |
|
|
4,713 |
|
|
|
22,632 |
|
Taxes on income |
|
|
3,837 |
|
|
|
4,879 |
|
|
|
14,821 |
|
Net income (loss) |
|
|
(21,590 |
) |
|
|
(166 |
) |
|
|
7,811 |
|
The following table sets forth, for the periods indicated, certain financial data
expressed as a percentage of our total revenues:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Revenues: |
|
|
|
|
|
|
|
|
|
|
|
|
Products |
|
|
56 |
% |
|
|
59 |
% |
|
|
59 |
% |
Services |
|
|
44
|
|
|
|
41 |
|
|
|
41 |
|
|
|
|
100 |
|
|
|
100 |
|
|
|
100 |
|
Cost of Revenues: |
|
|
|
|
|
|
|
|
|
|
|
|
Products |
|
|
16 |
|
|
|
15 |
|
|
|
15 |
|
Services |
|
|
4 |
|
|
|
4 |
|
|
|
3 |
|
|
|
|
20 |
|
|
|
19 |
|
|
|
18 |
|
Gross profit |
|
|
80 |
|
|
|
81 |
|
|
|
82 |
|
Operating expenses, net: |
|
|
|
|
|
|
|
|
|
|
|
|
Research and development, net |
|
|
32 |
|
|
|
30 |
|
|
|
26 |
|
Sales and marketing |
|
|
48 |
|
|
|
43 |
|
|
|
42 |
|
General and administrative |
|
|
12 |
|
|
|
10 |
|
|
|
7 |
|
Total operating expenses, net |
|
|
92 |
|
|
|
83 |
|
|
|
75 |
|
Operating income (loss) |
|
|
(12 |
) |
|
|
(1 |
) |
|
|
6 |
|
Financial income, net |
|
|
5 |
|
|
|
3 |
|
|
|
2 |
|
Income (loss) before taxes on income
|
|
|
(7 |
) |
|
|
2
|
|
|
|
8
|
|
Taxes on income |
|
|
(1 |
) |
|
|
(2 |
) |
|
|
(5 |
) |
Net income (loss) |
|
|
(8 |
)% |
|
|
0 |
% |
|
|
3 |
% |
Comparison of Years Ended December 31, 2023, 2022, and 2021
Revenues.
Our revenues are derived from sales of our solutions. Revenues
from physical products and software-based products are recognized when control of the promised goods is transferred to the customer, either
upon shipment or when the product is delivered, depending on the commercial terms of each transaction. Revenues from cloud subscriptions
are recognized ratably over the subscription period. Revenues from post-contract customer support, which represent mainly help-desk support,
unit repairs or replacements, professional services and ERT services are recognized ratably over the contract period. For additional details
regarding the manner in which we recognize revenues, see the discussion under the caption “Critical Accounting Estimates –
Revenue Recognition” below.
The following table provides a breakdown of our consolidated revenues
by type of revenues both in dollars and as a percentage of total revenues for the past three fiscal years, as well as the percentage change
between such periods:
(US$ in thousands,
except percentages) |
|
2023
|
|
|
2022 |
|
|
2021 |
|
|
% Change
2023 vs. 2022 |
|
|
% Change
2022 vs. 2021 |
|
Products |
|
|
145,541 |
|
|
|
56 |
% |
|
|
172,161 |
|
|
|
59 |
% |
|
|
170,438 |
|
|
|
59 |
% |
|
|
(15 |
)% |
|
|
1 |
% |
Services |
|
|
115,751 |
|
|
|
44 |
% |
|
|
121,265 |
|
|
|
41 |
% |
|
|
116,058 |
|
|
|
41 |
% |
|
|
(5 |
)% |
|
|
4 |
% |
Total |
|
|
261,292 |
|
|
|
100 |
% |
|
|
293,426 |
|
|
|
100 |
% |
|
|
286,496 |
|
|
|
100 |
% |
|
|
(11 |
)% |
|
|
2 |
% |
The following table shows a breakdown of our consolidated revenues
by geographical distribution both in dollars and as a percentage of total revenues for the past three fiscal years, as well as the percentage
change between such periods:
(US$ in thousands,
except percentages) |
|
2023 |
|
|
2022 |
|
|
2021 |
|
|
% Change
2023 vs. 2022 |
|
|
% Change
2022 vs. 2021 |
|
North, Central and South America (principally the United States)(*) |
|
|
103,435 |
|
|
|
40 |
% |
|
|
123,947 |
|
|
|
42 |
% |
|
|
128,770 |
|
|
|
45 |
% |
|
|
(17 |
)% |
|
|
(4 |
)% |
EMEA (Europe, the Middle East and Africa) |
|
|
96,488 |
|
|
|
37 |
% |
|
|
104,219 |
|
|
|
36 |
% |
|
|
98,388 |
|
|
|
34 |
% |
|
|
(7 |
)% |
|
|
6 |
% |
Asia-Pacific |
|
|
61,369 |
|
|
|
23 |
% |
|
|
65,260 |
|
|
|
22 |
% |
|
|
59,338 |
|
|
|
21 |
% |
|
|
(6 |
)% |
|
|
10 |
% |
Total |
|
|
261,292 |
|
|
|
100 |
% |
|
|
293,426 |
|
|
|
100 |
% |
|
|
286,496 |
|
|
|
100 |
% |
|
|
(11 |
)% |
|
|
2 |
% |
(*) For the years ended December 31, 2023, 2022, and 2021, our
revenues from the United States were $73.0 million, $94.0 million, and $98.9 million, respectively, representing 28%, 32%, and 35% of
total revenues for these years, respectively.
Revenues in 2023 were $261.3 million compared with revenues of
$293.4 million in 2022, a decrease of 11%. The decline in revenue was primarily attributed to delays in closing large deals due
to greater budget constraints of customers, mainly in the Americas, which resulted in a decrease in our on-premises products revenues
in 2023 compared to 2022. This decline was partially offset by a growing demand for our cloud-based solutions.
Revenues in 2022 were $293.4 million compared with revenues of
$286.5 million in 2021, an increase of 2%. The increase in revenues was primarily due to an increase in both product subscriptions revenues
and service subscriptions revenues as described in more detail below.
In 2023, our product revenues were $145.5 million, a decrease of
15% compared to $172.2 million in 2022. The decline in revenues is attributed primarily to a decrease in our hardware-based products revenues,
as the number of large deals in 2023 declined compared to 2022. Those large deals usually include significant hardware-based products
revenues. Additionally, the increase demand for our cloud-based solutions impacted our revenues from hardware-based products.
In 2022, our product revenues were $172.2 million, an increase
of 1% compared to $170.4 million in 2021, reflecting an increase in product subscriptions, partially offset by a decrease in sales of
our hardware-based products.
In 2023, our service revenues were $115.8 million, a decrease of
5% compared to $121.3 million in 2022. The decrease in service revenues was attributed mainly to the decrease in service revenues derived
from large deals, and due to a decrease in support services for our on-premises devices revenues which was partially offset by an increase
in service subscription revenues.
In 2022, our service revenues were $121.3 million, an increase
of 4% compared to $116.1 million in 2021. The increase in service revenues was due to the increase in service subscriptions.
During 2023, our revenues from the enterprise market decreased
by 8% to $201.2 million from $218.0 million in 2022, and revenues from the carrier market decreased by 20% to $60.1 million from $75.4
million in 2022. During 2022, our revenues from the enterprise market increased by 5% to $218.0 million from $208.2 million in 2021, whereas,
in 2022, revenues from the carrier market decreased by 4% to $75.4 million from $78.3 million in 2021.
Our revenues in North, Central and South America decreased in 2023
by 17% compared to 2022. Revenues from the EMEA region decreased in 2023 by 7% compared to 2022. Revenues in the Asia-Pacific region decreased
in 2023 by 6% compared to 2022. The declines in revenues were attributed mainly to decreases in sales of our hardware-based products as
described above, and a decrease in support services for our on-premises devices across all regions, partially offset by an increase in
our cloud and subscription revenues, mainly in the EMEA and Asia-Pacific regions.
Our revenues in North, Central and South America decreased in 2022
by 4% compared to 2021. Revenues from the EMEA region increased in 2022 by 6% compared to 2021. Revenues in the Asia-Pacific region increased
in 2022 by 10% compared to 2021. The growth in EMEA and Asia-Pacific was attributed mainly to our cloud and subscription business and
to new logos we added to our cloud security offering; many of them are mid-sized enterprises. The decrease in revenues in North, Central
and South America was attributed mainly to elongated sales cycles influenced by the macroeconomic downturn.
Other than the United States, no other single country accounted
for more than 10% of our revenues for each of the years ended December 31, 2023, 2022, and 2021.
Cost of Revenues.
Cost of revenues refers to both products and services revenues
and consists primarily of the cost of circuit boards and other components required for the assembly of our products, salaries and related
personnel expenses for those engaged in the final assembly, and in providing support and maintenance service of our products, license
and hosting fees paid to third parties, fees paid to managed security service providers (related parties), inventory write-offs, amortization
of acquired technology and other overhead costs.
The following table sets forth a breakdown of our cost of revenues
between products and services for the periods indicated, in absolute figures and as a percentage of the relative product and services
revenues:
(US$ in thousands,
except percentages) |
|
2023 |
|
|
2022 |
|
|
2021
|
|
Cost of Products |
|
|
41,450 |
|
|
|
28.5 |
% |
|
|
43,014 |
|
|
|
25.0 |
% |
|
|
42,191 |
|
|
|
24.8 |
% |
Cost of Services |
|
|
10,260 |
|
|
|
8.9 |
% |
|
|
10,870 |
|
|
|
9.0 |
% |
|
|
10,255 |
|
|
|
8.8 |
% |
Total |
|
|
51,710 |
|
|
|
19.8 |
% |
|
|
53,884 |
|
|
|
18.4 |
% |
|
|
52,446 |
|
|
|
18.3 |
% |
Cost of products as a percentage of product revenues in 2023 was
28.5%, compared to 25.0% in 2022. Cost of products in 2023 and 2022 included amortization of intangible assets in the amount of $4.0 million
and $3.7 million, respectively. Our cost of products as a percentage of product revenues, excluding amortization of intangible assets,
represented approximately 25.7% of product revenues in 2023, compared to 22.8% in 2022. Excluding amortization of intangible assets, the
increase in cost of products as a percentage of product revenues was mainly attributed to the decrease in our products revenues.
Cost of services as a percentage of service revenues in 2023 was
8.9% compared to 9.0% in 2022.
Cost of products as a percentage of product revenues in 2022 was
25.0%, compared to 24.8% in 2021. Cost of products in 2022 and 2021 included amortization of intangible assets in the amount of $3.7 million
and $1.9 million, respectively. Our cost of products as a percentage of product revenues, excluding amortization of intangible assets,
represented approximately 22.8% of product revenues in 2022, compared to 23.7% in 2021. Excluding amortization of intangible assets, the
decrease in cost of products as a percentage of product revenues was mainly due to a different mix of sales of our products and product
subscriptions, as there was an increase in product subscriptions and a decrease in hardware-based products.
Cost of services as a percentage of service revenues in 2022 was
9.0% compared to 8.8% in 2021.
Operating Expenses, Net.
The following table sets forth a breakdown of our operating expenses,
net for the periods indicated as well as the percentage change between such periods:
(US$ in thousands,
except percentages) |
|
2023 |
|
|
2022 |
|
|
2021 |
|
|
% Change
2023 vs. 2022 |
|
|
% Change
2022 vs. 2021 |
|
Research and development, net |
|
$ |
82,617 |
|
|
$ |
86,562 |
|
|
$ |
74,098 |
|
|
|
(5 |
)% |
|
|
17 |
% |
Sales and marketing |
|
|
126,237 |
|
|
|
126,533 |
|
|
|
119,842 |
|
|
|
0 |
% |
|
|
6 |
% |
General and administrative |
|
|
32,408 |
|
|
|
29,786 |
|
|
|
21,885 |
|
|
|
9 |
% |
|
|
36 |
% |
Total |
|
$ |
241,262 |
|
|
$ |
242,881 |
|
|
$ |
215,825 |
|
|
|
(1 |
)% |
|
|
13 |
% |
Our operating expenses, net decreased 1% in 2023 to $241.3 million from $242.9 million
in 2022. The decrease of $1.6 million was primarily attributed to the decrease of $6.1 million in personnel costs and related expenses,
mainly due to a decrease in average headcount compared to the previous year and a decrease in other salary related expenses, such as sales
incentive commissions and a decrease of $2.2 million in fees paid to subcontractors. The decrease was partially offset by an increase
of $6.5 million in share-based compensation expenses.
Our operating expenses, net increased by 13% in 2022 to $242.9
million from $215.8 million in 2021. The increase was primarily attributed to increased personnel costs and related expenses, additional
operating costs following the acquisition of SecurityDAM in February 2022, increased share-based compensation expenses, increased travel
expenses, and increased fees paid for hosting services and subcontractors.
Research and Development Expenses, Net.
Research and development, or R&D, expenses, net consist primarily
of salaries and related personnel expenses, costs of subcontractors, and prototype expenses related to the design, development, quality
assurance and enhancement of our solutions, and depreciation of equipment purchased for the development and testing processes. All R&D
costs are expensed as incurred. We believe that continued investment in R&D is critical to attaining our strategic product objectives.
R&D expenses, net were $82.6 million in 2023, a decrease of
$3.9 million, or 5%, compared with R&D expenses, net of $86.6 million in 2022. This decrease was primarily a result of: (1) a $2.5
million decrease in personnel costs, mainly due to a decrease in average headcount compared to the previous year, and (2) a $2.2 million
decrease in amounts paid to subcontractors, partially offset by a $1.2 million increase in share-based compensation expenses (see also
“Share-based compensation expenses” below). There was no significant impact due to the strengthening of the dollar against
the NIS since the Company hedged most of its salary related expenses.
R&D expenses, net were $86.6 million in 2022, an increase of
$12.5 million, or 17%, compared with R&D expenses, net of $74.1 million in 2021. This increase was primarily a result of: (1) $7.8
million due to an increase in personnel costs, including salary raises awarded and increases in average headcount compared to the previous
year and additional personnel costs as part of the acquisition of SecurityDAM in February 2022, (2) $0.8 million related to additional
rent and maintenance expenses due to SecurityDAM office spaces, (3) a $1.5 million increase in amounts paid to subcontractors, and (4)
a $1.9 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below). There was
no significant impact due to the strengthening of the dollar against the NIS since the Company hedged most of its salary related expenses.
Sales and Marketing Expenses.
Sales and marketing expenses consist primarily of salaries, commissions,
and related personnel expenses for those engaged in the sales and marketing of our products and services, operational costs of our offices
that are located outside Israel and are engaged in the promotion, marketing and support of our solutions, in addition to the related trade
shows, advertising, promotions, website maintenance, and public relations expenses, and amortization of intangible assets.
Sales and marketing expenses were $126.2 million in 2023, a decrease
of $0.3 million, or less than 1%, compared with sales and marketing expenses of $126.5 million in 2022. This decrease was mainly related
to a decrease of $3.6 million in personnel costs, largely due to a decrease in average headcount compared to the previous year, and also
a decrease in other salary-related expenses, such as sales incentive commissions, partially offset by an increase of $2.0 million in marketing-related
expenses, and a $1.3 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below).
Sales and marketing expenses were $126.5 million in 2022, an increase
of $6.7 million, or 6%, compared with sales and marketing expenses of $119.8 million in 2021. This increase was mainly related to (1)
an increase of $2.3 million in marketing-related expenses, (2) a $2.0 million increase in travel expenses, and (3) a $2.4 million increase
in share-based compensation expenses (see also “Share-based compensation expenses” below).
General and Administrative Expenses.
General and administrative expenses consist primarily of salaries
and related personnel expenses for executive, accounting, and administrative personnel, professional fees (which include legal, audit
and additional consulting fees), bad debt expenses, acquisition related costs, and other general corporate expenses.
General and administrative expenses were $32.4 million in 2023,
an increase of $2.6 million, or 9%, compared with general and administrative expenses of $29.8 million in 2022. The increase in general
and administrative expenses in 2023 was primarily due to (1) a $4.0 million increase in share-based compensation expenses (see also “Share-based
compensation expenses” below), and (2) an increase of $0.3 million related to revaluation of contingent consideration recorded as
part of the acquisition of SecurityDAM, partially offset by a $2.1 million decrease in professional services due to lower D&O insurance
costs and one time transaction costs we recorded in 2022, as part of the acquisition of SecurityDAM.
General and administrative expenses were $29.8 million in 2022,
an increase of $7.9 million, or 36%, compared with general and administrative expenses of $21.9 million in 2021. The increase in general
and administrative expenses in 2022 was primarily due to (1) a $5.3 million increase in share-based compensation expenses (see also “Share-based
compensation expenses” below), (2) a $0.9 million increase related to personnel costs and related expenses, (3) a $1.0 million increase
related to transaction costs as part of the acquisition of SecurityDAM in February 2022, and (4) a $0.8 million increase related to revaluation
of contingent consideration recorded as part of the acquisition of SecurityDAM.
For a discussion of the impact of foreign currency fluctuations
on our business, see Item 11 “Quantitative and Qualitative Disclosures about Market Risk.”
Share-based compensation expenses.
Our expenses also include the recognition of share-based compensation,
which is allocated among cost of sales, research, and development expenses, marketing and selling expenses and general and administrative
expenses, based on the division in which the recipient of the option grant is employed.
The share-based compensation is amortized to operating expenses over the requisite service period of the individual options.
The following tables summarize the share options and restricted share units (RSUs) that
were granted during the years 2023, 2022, and 2021, and their weighted average grant-date fair value:
Share options:
|
|
2023 |
|
|
2022 |
|
|
2021 |
|
Grants |
|
|
331,899 |
|
|
|
250,284 |
|
|
|
248,233 |
|
Weighted-average grant-date fair value |
|
|
5.48 |
|
|
|
6.77 |
|
|
|
6.87 |
|
RSUs:
|
|
2023 |
|
|
2022 |
|
|
2021 |
|
Grants |
|
|
1,390,718 |
|
|
|
1,947,499 |
|
|
|
1,143,097 |
|
Weighted-average grant-date fair value |
|
|
15.82 |
|
|
|
21.31 |
|
|
|
32.57 |
|
Share-based compensation expenses in 2023 totaled $34.0 million,
an increase of $6.6 million, or 24%, compared with expenses of $27.4 million in 2022. The increase in our share-based compensation expenses
in 2023 was primarily due to equity-based grants made to our Chief Executive Officer (CEO) during 2022 and certain equity-based grants
made to employees of Skyhawk Security, our majority-owned subsidiary, during the last quarter of 2022, which resulted in recording higher
expenses in 2023.
Share-based compensation expenses in 2022 totaled $27.4 million,
an increase of $9.8 million, or 56%, compared with expenses of $17.6 million in 2021. The increase in our share-based compensation expenses
in 2022 was primarily due to equity-based grants made to our CEO during 2022 and higher weighted-average grant date fair value of RSUs
granted towards the end of 2021, which resulted in recording higher expenses in 2022.
Financial Income, Net.
Financial income, net consists primarily of interest earned on
short- and long-term bank deposits, amortization of premiums, accretion of discounts, interest and dividends earned on investments in
marketable securities, gain from the sale of marketable securities and from income and expenses from the translation of monetary balance
sheet items denominated in non-dollar currencies.
Financial income, net was $13.9 million in 2023, compared with
$8.1 million in 2022. The net increase of $5.9 million was primarily due to higher average interest rates on our bank deposits, which
resulted in a $7.0 million increase in interest income and gains from our investments and bank deposits, partially offset by a $1.1 million
decrease in foreign currency exchange gains, mainly due to revaluation of liabilities stated in NIS.
Financial income, net was $8.1 million in 2022, compared with $4.4
million in 2021. The net increase of $3.7 million was primarily due to a $3.1 million increase in foreign currency exchange gains, mainly
due to revaluation of liabilities stated in NIS, and a $0.6 million increase in interest income and gains from our investments and bank
deposits.
Income Taxes.
Israeli companies are generally subject to corporate tax on their
taxable income at the rate of 23% for the 2023, 2022, and 2021 tax years. We elected to apply the Preferred Enterprise regime under the
Law for the Encouragement of Capital Investment, 1959 (the “Investments Law”) as of the 2014 tax year. The election is irrevocable.
Under the Preferred Enterprise regime, a preferred income of an enterprise located in the center of Israel is subject to a tax rate of
16%. Pursuant to Amendment 73 to the Investments Law adopted in 2017, a company located in the center of Israel that meets the conditions
for “Preferred Technological Enterprises” is subject to a tax rate of 12%. We believe we meet those conditions.
We operate our business in various countries and attempt to utilize
an efficient operating model to optimize our tax payments based on the laws in the countries in which we operate. This can cause disputes
between us and various tax authorities in different parts of the world.
In 2023, we recorded pretax loss of $17.8 million as compared to
pretax income of $4.7 million in 2022, and our tax expenses were $3.8 million in 2023, a decrease of $1.1 million, or 21%, compared with
tax expenses of $4.9 million in 2022. The decrease was mainly attributed to the decrease in our pretax income (loss) compared to the previous
year and to a decrease in our uncertain tax positions provision.
Our effective tax rate in 2022 was 104% compared with an effective
tax rate of 65% in 2021. The increase in the effective tax rate in 2022 as compared to 2021 was primarily due to an additional provision
for unrecognized tax benefit and carryforward losses of which valuation allowance was recorded.
For additional disclosure and explanations regarding our income
taxes, including the Preferred Technology Enterprise program, see Note 14 to our consolidated financial statements included elsewhere
in this annual report and Item 10.E “Taxation—Israeli Tax Considerations.”
Reportable Segments
In previous reporting periods (until December 31, 2022), we operated
in one reportable segment. Commencing January 1, 2023, we have determined that the Company operates in two reportable segments:
|
• |
Radware’s Core Business - this segment consists of our core business operations, including
our cloud security as-a-service products, application and data centers security products and our application availability products; and
|
|
• |
The Hawks’ Business – this segment consists of the operations
of our two subsidiaries: SkyHawk Security, a spinoff of our former cloud native protector business which now provides an agentless Cloud-native
threat Detection and Response (CDR), combined with Cloud Infrastructure Entitlement Manage (CIEM), Cloud Security Posture Management CSPM
and Autonomous Purple Team for AWS Google Cloud and Azure, and EdgeHawk, which is engaged in transforming routers and network nodes into
security platforms. |
The following tables set forth, for the periods indicated, certain
financial data concerning our reportable segments (U.S. dollars in thousands):
|
|
Year ended
December 31, 2023 |
|
|
|
Radware Core |
|
|
Hawks |
|
|
Total |
|
|
|
|
|
|
|
|
|
|
|
Revenues |
|
$ |
260,322 |
|
|
$ |
970 |
|
|
$ |
261,292 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operating loss |
|
$ |
(16,802 |
) |
|
$ |
(14,878 |
) |
|
$ |
(31,680 |
) |
|
|
Year ended
December 31, 2022 |
|
|
|
Radware Core |
|
|
Hawks |
|
|
Total |
|
|
|
|
|
|
|
|
|
|
|
Revenues |
|
$ |
290,408 |
|
|
$ |
3,018 |
|
|
$ |
293,426 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operating income (loss) |
|
$ |
8,416 |
|
|
$ |
(11,755 |
) |
|
$ |
(3,339 |
) |
|
|
Year ended
December 31, 2021 |
|
|
|
Radware Core |
|
|
Hawks |
|
|
Total |
|
|
|
|
|
|
|
|
|
|
|
Revenues |
|
$ |
283,913 |
|
|
$ |
2,583 |
|
|
$ |
286,496 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operating income (loss) |
|
$ |
24,114 |
|
|
$ |
(5,889 |
) |
|
$ |
18,225 |
|
Revenues of the Hawks’ reportable segment was immaterial
during the years ended December 31, 2021 through December 31, 2023, therefore, there is no separate discussion about revenues of each
segment during those years. For a discussion about the revenues on a consolidated basis, see Item 5.A “Operating Results.”
Operating expenses of the Hawks’ business consist primarily
of salaries and related personnel expenses, costs of subcontractors, agent fees and share-based compensation expenses.
Operating loss of the Hawks’ business was $14.9 million in
2023, $11.8 million in 2022 and $5.9 million in 2021.
The increase of $3.1 million in the operating loss of the Hawks’
segment in 2023 compared to 2022 was primarily a result of an increase of $1.9 million in salaries and related personnel costs, mainly
due to an increase in average headcount, $1.6 million increase in share-based compensation expenses and a decrease of $2.0 million in
revenues. This was partially offset by a decrease of $1.7 million in costs of subcontractors and agents and a decrease of $0.5 million
in hosting fees.
The increase of $5.9 million in the operating loss of the Hawks’
segment in 2022 compared to 2021 was primarily a result of an increase of $2.5 million in salaries and related personnel costs, mainly
due to an increase in average headcount, $1.3 million increase in share-based compensation expenses and an increase of $1.5 million in
fees paid to subcontractors and agents.
Operating expenses of the Radware core business segment consist
primarily of salaries and related personnel expenses including commissions paid to our sales team, marketing related expenses, hosting
services fees, rent and office maintenance fees, professional services, costs of subcontractors and share-based compensation expenses.
The operating loss of the Radware core business segment was $16.8
million in 2023, compared to operating income of $8.4 million in 2022 and operating income of $24.1 million in 2021.
The decrease of $25.2 million in the operating income in 2023 compared
to 2022 was primarily a result of the decrease of $30.1 million in the Radware core segment’s revenues. This was partially offset
by a decrease of $2.5 million in cost of sales, and a $2.5 million decrease in salaries and related personnel costs, mainly due to the
decrease in average headcount compared to the previous year.
The decrease of $15.7 million in the operating income of the Radware
core segment in 2022 compared to 2021 was primarily a result of an increase of $1.5 million in cost of sales, an increase of $7.8 million
in salaries and related personnel costs including commissions to our sales teams, mainly due to an increase in average headcount,
an increase of $8.5 million in share-based compensation expenses, mainly due to equity-based grants made to our CEO during 2022, an increase
of $2.1 million in travel expenses and an increase of $2.3 million in marketing-related expenses. This was partially offset by an increase
of $6.5 million in the segment’s revenues.
For additional details regarding these two reportable segments, see below and Notes
2ac and 15 to our consolidated financial statements included elsewhere in this annual report.
Currency Fluctuations and Inflation
Our financial results may be negatively impacted by foreign currency
fluctuations and inflation. Information required by this section is set forth in Item 11 “Quantitative and Qualitative Disclosures
about Market Risk” and in Item 3.D “Risk Factors—Currency exchange rates and fluctuations of exchange rates could have
a material adverse effect on our results of operations.”
Impact of Governmental Policies
For information on the impact of governmental policies on our operations,
see Item 4.B “Business Overview—Government Regulations,” Item 3.D “Risk Factors—Laws, regulations and industry
standards affecting our business are evolving, and unfavorable changes could harm our business,” and “Item 3.D “Risk
Factors—Risks Related to Operations in Israel.”
Impact of Ukraine-Russia and Israel-Hamas Military Conflicts
Following Russia’s military conflict in Ukraine, the United
States and other countries launched economic sanctions and severe export control restrictions against Russia and Belarus, and the United
States and other countries could launch wider sanctions and export restrictions and take other actions should the conflict further escalate.
For information on the possible impact of the Russia-Ukraine conflict, see Item 3.D “Risk Factors—Our business may be affected
by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other responses to
Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities
by many multi-national businesses across a variety of industries.”
In October 2023, following the Hamas terrorist attack, the Israeli
government declared war against Hamas and commenced a military campaign against these terrorist organizations. In parallel, clashes intensified
between Israel and Hezbollah on Israel’s northern border with Lebanon. Additionally, the Houthis launched missile and drone attacks
targeted at Israel and ships in the Red Sea, posing a threat to international shipping in the Suez Canal. These armed conflicts may further
escalate into a greater regional conflict and could adversely affect our business, operations and financial results. However, to date,
we have not experienced any major interruption or material adverse impact on our business activities. For information on the possible
impact of the state of war declared in Israel in October 2023, see Item 3.D “Risk Factors—Political, economic and military
instability in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business.”
Related Parties
We have entered into a number of agreements for the lease of real
property and the purchase of certain products and services from certain companies, of which the late Yehuda Zisapel, the late Zohar Zisapel
(and following his death, his heirs – Michael Zisapel and Klil Zisapel), and/or Nava Zisapel are co-founders, directors and/or shareholders,
which form part of the RAD-Bynet Group. In February 2022, we have also acquired the technology and operations of one of these RAD-Bynet
Group entities, SecurityDAM. The late Yehuda Zisapel (and following his death – his estate) and his son, Roy Zisapel, our President
and Chief Executive Officer and a director, hold a majority stake and a minority stake, respectively, in SecurityDAM. Roy Zisapel also
serves as a director of RAD Data Communications Ltd., a company in the RAD-Bynet Group.
We believe that the terms of the transactions in which we have
entered with these member entities of the RAD-Bynet Group are not different in any material respect from terms we could obtain from unaffiliated
third parties and are beneficial to us and no less favorable to us than terms that might be available to us from unaffiliated third parties.
The pricing of the transactions was arrived at based on negotiations between the parties. Members of our management reviewed the pricing
of the agreements and confirmed that they were not different in any material respect than that which could have been obtained from unaffiliated
third parties.
For more details about these transactions, see below under Item
7.B “Related Party Transactions.”
B. Liquidity
and Capital Resources
General
Since our inception, we have financed our operations through a
combination of issuing equity securities, including two public offerings in October 1999 and February 2000, research and development and
marketing grants from the Government of Israel, and cash generated by operations.
The total Radware Ltd. shareholders’ equity as a percentage
of its total assets was 50% on December 31, 2023, compared with 52% on December 31, 2022 and 58% on December 31, 2021.
Cash and cash equivalents, short- and long-term bank deposits and
short- and long-term marketable securities were $363.7 million on December 31, 2023, compared with $432.0 million and $465.8 million
on December 31, 2022 and 2021, respectively.
Principal Capital Expenditures and Divestitures
Capital expenditures were $5.4 million, $8.8 million, and $5.6
million for the years ended December 31, 2023, 2022, and 2021, respectively. These expenditures were mainly comprised of investments in
cloud infrastructure, enterprise resource planning (ERP) modules, leasehold improvements, machinery and equipment, computers, lab equipment
and testing tools.
In 2024, we anticipate that the majority of our capital expenditures will be primarily
for additional infrastructure to support our cloud-based solutions and for R&D testing, lab equipment and additional investments in
our ERP system.
In May 2022, we announced the launch of SkyHawk Security, a spinoff
of our former cloud-native Cloud Native Protector business with a strategic external investment of an affiliate of Tiger Global Management
(the “SkyHawk Spinoff”).
Other than the SkyHawk Spinoff, we did not have any principal divestitures
in the past three years.
Working Capital and Cash Flows
The following table presents the major components of net cash flows
used in and provided by operating, investing, and financing activities for the periods presented (dollars in thousands(:
|
|
2023 |
|
|
2022 |
|
|
2021 |
|
Net cash provided by (used in) operating activities |
|
$ |
(3,500 |
) |
|
$ |
32,148 |
|
|
$ |
71,774 |
|
Net cash provided by (used in) investing activities |
|
|
92,779 |
|
|
|
(56,018 |
) |
|
|
7,849 |
|
Net cash used in financing activities |
|
|
(64,926 |
) |
|
|
(22,458 |
) |
|
|
(41,881 |
) |
Net cash provided by (used in) operating activities for 2023, 2022
and 2021 was $(3.5) million, $32.1 million, and $71.8 million, respectively. Our net income (loss) in 2023, 2022, and 2021 was $(21.6)
million, $(0.2) million, and $7.8 million, respectively.
Net cash used in operating activities was $3.5 million for the
year ended December 31, 2023, compared to net cash provided by operating activities of $32.1 million for the year ended December 31, 2022.
The change resulted primarily from an increase in our net loss of $21.4 million, a decrease of $0.8 million in accrued interest on bank
deposits, a decrease of $28.4 million in deferred revenues, a decrease of $4.3 million in inventories, and a decrease of $4.3 million
in trade payables. These decreases were partially offset by an increase of $12.6 million in other payables and accrued expenses, an increase
of $6.7 million in share-based compensation, an increase of $2.1 million in other assets and prepaid expenses, and a $2.0 million increase
in trade receivables.
Net cash provided by operating activities was $32.1 million for
the year ended December 31, 2022, compared to $71.8 million for the year ended December 31, 2021. The change resulted primarily from a
decrease in our net income of $8.0 million, a decrease of $4.9 million in accrued interest on bank deposits, a decrease of $6.6 million
in deferred revenues, a decrease of $2.2 million in inventories, a decrease of $1.9 million in operating lease liabilities, net, a decrease
of $8.2 million in trade receivables, net, and a decrease in other payables of $26.3 million, mainly related to $15.4 million cash paid
during the first quarter of 2022 for a settlement we reached with the Israeli Tax Authority during November 2021. These decreases were
partially offset by an increase of $1.5 million in depreciation and amortization, an increase of $9.8 million in share-based compensation,
an increase of $4.3 million in other assets and prepaid expenses, and a $1.7 million increase in trade payables.
Net cash provided by investing activities was $92.8 million for the year ended December
31, 2023, an increase of $148.8 million compared to net cash used in investing activities of $56.0 million for the year ended December
31, 2022. The change was primarily due to a net increase of $115.4 million in proceeds from short- and long-term deposits and marketable
securities, the non-recurrence of the $30.0 million acquisition payment related to SecurityDAM in 2022, and a decrease of $3.4 million
in capital expenditures.
Net cash used in investing activities was $56.0 million for the year ended December
31, 2022, a change of $63.9 million compared to net cash provided by investing activities of $7.8 million for the year ended December
31, 2021. The change was primarily due to a net decrease of $30.6 million in proceeds from short- and long-term deposits and marketable
securities, a decrease of $30.0 million due to the acquisition payment related to SecurityDAM, and an increase of $3.2 million in capital
expenditures.
Net cash used in financing activities was $64.9 million for the year ended December
31, 2023, an increase of $42.5 million compared to net cash used in financing activities of $22.5 million for the year ended December
31, 2022. The increase in net cash used in financing activities was attributed to the non-recurrence of the $35.0 million proceeds from
the issuance of Preferred A shares in our subsidiary SkyHawk Security in 2022, the $2.1 million contingent consideration paid to SecurityDAM
and an increase of $3.7 million in repurchase of our ordinary shares. In addition, proceeds from the exercise of share options decreased
by $1.7 million.
Net cash used in financing activities was $22.5 million for the
year ended December 31, 2022, a decrease of $19.4 million compared to net cash used in financing activities of $41.9 million for the year
ended December 31, 2021. Net cash used in financing activities was attributed primarily to the repurchase of our ordinary shares. In 2022
and 2021, we repurchased ordinary shares in the amount of $59.5 million and $52.5 million, respectively. In addition, proceeds from the
exercise of share options decreased by $8.6 million, and in 2022, we received $35.0 million in proceeds from the issuance of Preferred
A shares in our subsidiary, SkyHawk Security.
Cash and Cash Equivalents
As of December 31, 2023, we had cash and cash equivalents, including
short- and long-term bank deposits and short- and long-term marketable securities, of $363.7 million, compared to $432.0 million as of
December 31, 2022 and $465.8 million as of December 31, 2021. As of December 31, 2023, approximately 46%, 28% and 26% of our short-term
bank deposits were deposited in Israel with major Israeli banks which are rated AAA, A and BBB+, respectively, as determined by S&P’s
Maalot. As of December 31, 2023, the longest contractual duration of any of our bank deposits was 2.0 years, the weighted-average duration
of our deposits was 1.11 years, and the weighted average time to maturity was 0.36 years.
Our marketable securities portfolio includes investments in foreign
banks and government debentures and in debt securities of corporations. The financial institutions that hold our marketable securities
are major U.S. financial institutions, located in the United States. As of December 31, 2023, 45% of our marketable securities portfolio
was invested in debt securities of financial institutions and 55% in debt securities of corporations. From a geographic perspective, 76%
of our marketable securities portfolio was invested in debt securities of U.S. issuers, 6% was invested in debt securities of European
issuers and 18% was invested in debt securities of other geographic-located issuers. As of December 31, 2023, 92% of our marketable securities
portfolio was rated A- or higher and 8% was rated BBB+, as determined by S&P.
There are no material legal restrictions, taxes, or other costs
associated with transferring our funds held in U.S. financial institutions to Israeli financial institutions, and we have access to all
of our cash as needed for our operations. Although we have various subsidiaries throughout the world, there are no material legal, tax,
or other cost impediments to our transferring cash to these subsidiaries for operations as and when needed or to such subsidiaries transferring
cash to us to meet our own cash obligations. Further, we believe we generate sufficient cash from our Israeli operations to fund our operating
and capital requirements and, therefore, do not need or intend to repatriate any of the earnings of our foreign subsidiaries.
Other Material Contractual Obligations
The following table summarizes our material contractual obligations
as of December 31, 2023 and the effect those commitments are expected to have on our liquidity and cash flow.
|
Payments Due by Period
(US $ in thousands) |
|
|
|
|
|
|
Operating leases (1) |
22,265 |
4,937 |
7,673 |
5,834 |
3,821 |
Total contractual cash obligations (2) |
22,265 |
4,937 |
7,673 |
5,834 |
3,821 |
* Become due during 2024.
(1) Consists of outstanding operating leases for the Company’s
facilities. The lease agreements expire in the years 2024 to 2030, although certain of our leases have renewal options.
(2) Severance payments of $4.4 million are payable only upon termination,
retirement, or death of the respective employee and there is no obligation for benefits accrued prior to 2007 if the employee voluntarily
resigns. Since we are unable to reasonably estimate the timing of settlement, such payments are not included in the table. See also Note
2(w) of our consolidated financial statements.
Market Risk
We are exposed to market risk, including fluctuations in interest
rates and foreign currency exchange rates. Additional information about market risk is set forth in Item 11 “Quantitative and Qualitative
Disclosures about Market Risk.”
Outlook
Our capital requirements depend on numerous factors, including
market acceptance of our products and services and the resources we allocate to our operating expenses. Since our inception, we
have experienced substantial increases in our expenditures consistent with growth in our operations and personnel, and we may increase
our expenditures in the foreseeable future in order to execute our strategy.
We anticipate that operating activities as well as capital expenditures
will demand the use of our cash resources. We believe that our cash balances will provide sufficient cash resources to finance our operations
and the projected marketing and sales activities and research and development efforts and other elements of our strategy for a period
of no less than the next 12 months.
C. Research
and Development, Patents and Licenses, etc.
In order to accommodate the rapidly changing needs of our markets,
we place considerable emphasis on research and development projects designed to improve our existing product lines, develop new product
lines and customize our products to meet our customers’ needs. As of December 31, 2023, we had 408 employees and 71 subcontractors
engaged primarily in research and development activities, compared to 419 employees and 75 subcontractors at the end of 2022, and 365
employees and 68 subcontractors at the end of 2021. For a further discussion of research and development, see Item 5.A “Operating
Results.”
For a discussion regarding the benefits provided under programs
of the IIA, see Item 4.B “Business Overview—Israeli Innovation Authority.”
D. Trend
Information
General
We have identified the following key trends and uncertainties that
we believe will materially influence our market, financial condition and the demand for our solutions:
|
• |
Applications are migrating to the public cloud. The migration to public cloud exposes
organizations to new threats that require consistent security across all cloud environments. Organizations also prefer to purchase security
services as a subscription, to match the subscription-based consumption of hosting services. |
|
• |
Datacenter architecture is changing. Datacenter architecture is changing to include various
models such as a physical datacenter, a virtual datacenter, a software defined datacenter, and private or public cloud. New emerging edge
clouds, coupled with the emerging 5G breakouts and SD-WAN, will enable enterprises to effectively leverage cloud-native services and edge
computing services. Many organizations use a mixed infrastructure that includes a combination of one or more of the above and therefore
require broader overarching protection that encompasses both the datacenter and multi-cloud-based applications. In addition, this mixed
environment often involves multiple vendors and creates challenges in IT staffing and operational costs, which increase the needs for
hybrid cloud services, managed “single pane of glass” style security services and modern automated data center technologies.
|
|
• |
Application modernization requires new security tools. Application infrastructure is changing,
from monolithic applications to modern applications and websites in which deployment workflows, front-end built-tools and API-centric
architectures are used. The rise of cloud-native ecosystems, increasingly adapting cloud-direct and micro-services architecture packaged
as containers, is providing a built-in “on-demand” elasticity and availability application infrastructure. This enables introducing
and running the new generation of cloud-native applications, in a fast, adaptive and more efficient way by interacting with DevOps CICD
tools and methods. As such, the AppSec blast radius is expanded and requires injection of security controls within the application lifecycle
at early stages, to avoid slowdown in development, to sanitize, for example, usage of opensource software used by developers and might
leak in malicious code (recent Log4J library). Various “shift-right” and “shift-left” methods are used and specifically
adapted for various target deployment environments. |
|
• |
The above-mentioned cloud-native application delivery opens the door for leakage through the open
cloud interface. A new family of attack surfaces manifested by the fact that the cloud APIs are publicly published, and DevOps
processes are done from the outside of the cloud “perimeter” (the insider becomes the outsider). “Cloud-native”
infiltrations are enabled by the usage of cloud-IAM (identify and access) misconfigurations or account take over techniques and by various
vulnerabilities of publicly exposed web and API interfaces. This creates a need for a new protection posture for compliance, permissions
hardening, vulnerabilities detection as well as cloud-native detection (infiltrations and exfiltration) and response tools under new industry
categories: CIEM (Cloud Infrastructure Entitlement Management), CSPM (Cloud Security Posture Management), CWPP (Cloud Workload Protector
Platform), and CTDR (Cloud Threat Detection and Response). |
|
• |
Organizations’ attack surfaces are increasing due to a changing economy. This was caused
by a combination of two forces. First, working from home, primarily due to the restraints associated with COVID-19, required organizations
to enable remote access to applications and services that were previously not exposed. This eliminated the traditional network perimeter,
and now, even after The World Health Organization determined that COVID-19 no longer fit the definition of a public health emergency,
every home computer or mobile device has become the new perimeter. Second, an increase in the online consumption of goods has accelerated
organizations’ digital transformation and migration to the cloud. The result is more opportunities for attackers to leverage the
increased attack surface. |
|
• |
Increasing complexity and intensity of security threats, including in view of AI-weaponized attacks.
The increasing complexity and intensity of the security threats landscape requires expertise in identifying the attacks and state-of-the-art
security to mitigate the attacks and safeguard the assets. Attack delivery is aided by the growing presence of connected devices (IoT),
which increases the threat surface against any kind of infrastructure, as well as traffic encryption (dark data) assisting in hiding attacks.
Furthermore, attack tools are increasingly available to all through the dark net and becoming more sophisticated as hackers use automation
and weaponize AI. Increasing focus is currently centered around the new opportunities of weaponizing AI enabled by OpenAI. This leads
to ever morphing and scalable attack vectors at all levels, from volumetric botnets through web and API-centric attacks, as well as new
attack surfaces that utilize Kubernetes-platforms (container orchestration platform of choice). The mass amount of uncontrolled IoT devices
and cloud hosting opens the door for a new generation of botnets and automated bots that are hard to classify and block. Most organizations
are not able to keep up with these developments with their internal cyber security resources and seek managed security services.
|
|
• |
Increasing expectations for applications availability and frictionless performance, due to the increasing
dependence on applications in today’s business world. Businesses are sensitive to the resilience and availability of their
applications, given their customers’ expectations of flawless experience and optimal performance. As such, exposed web and API based
applications are the target for attackers that utilize both the server side as well as the client/browser side platforms for spreading
their malicious code. New security controls utilize the power of AI and machine learning to control the delivery of AppSec services (control
false positives) as well as detection of zero-days. |
|
• |
Israel-Hamas and Ukraine-Russia Military Conflicts. The state of war declared in Israel in
October 2023 (see the risk factor titled “Political, economic and military instability in the Middle East or Israel, including the
state of war declared in Israel in October 2023, may harm our business”) and the Russia-Ukraine war (see the risk factor titled
“Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories
as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and
dealings with Russian entities by many multi-national businesses across a variety of industries”). |
We believe that our business, comprised of application security
and delivery solutions, is positioned to effectively navigate the headwinds resulting from the above-mentioned industry dynamics due to
the following key factors:
|
• |
We have developed a broad portfolio of solutions to address the challenges and meet the requirements arising from these trends.
|
|
• |
We continuously focus on innovation and believe that our solutions have, in many instances, a technological advantage over competing
solutions. |
|
• |
We offer our solutions in a wide array of deployment models (on-premise solutions, managed services, cloud-based solutions, etc.),
in order to support various customers’ business models. We believe this flexibility addresses the complexity and diversity of the
current application and infrastructure ecosystem. |
We believe that the advantages of our offerings, coupled with the
above-mentioned industry dynamics and trends, place us in a position to meet our business plans. Nevertheless, meeting our business plans
and implementing our growth strategy, as more fully described under Item 4.B “Business Overview–Our Growth Strategy”
above, may not convert into revenues growth in a given period, due to our shift towards subscription-based product sales, where revenues
are recognized throughout the subscription period.
In addition, while we believe that the above trends may present
some opportunities for us, they also pose significant challenges, risks, and uncertainties, including the following:
|
• |
We operate in a highly competitive environment, and some of our competitors have larger internal resources, and a larger installed
base. |
|
• |
While we believe that the shift towards a subscription-based business model is a strategic transition towards higher growth and profitability
in the long term, we may not be successful in its execution, including an inability to maintain a high subscription renewal rate.
|
|
• |
In addition, our customers’ purchasing decisions are related to the conditions in our industry and in the various regions and
geographical markets in which we operate and are tied to the overall IT spending climate. Uncertainty about current global economic conditions
continues to pose a risk as customers may postpone or reduce spending in response to such uncertainties. In particular, the Israel-Hamas
and Ukraine-Russia military conflicts may negatively affect economic conditions regionally, as well as globally, disrupt operations, affect
supply chains, or otherwise negatively impact our business. |
|
• |
The other risks and uncertainties we face, as described under Item 3.D “Risk Factors.” |
State of War in Israel Update
In October 2023, Hamas terrorists and members of other terrorist
organizations infiltrated Israel’s southern border from the Gaza Strip and conducted a series of attacks on civilian and military
targets. Hamas also launched extensive rocket attacks on Israeli population and industrial centers located along Israel’s border
with the Gaza Strip and in other areas within the State of Israel. These attacks resulted in thousands of deaths and injuries, and Hamas
additionally kidnapped many Israeli civilians and soldiers. Following the attacks, the Israeli government declared war against Hamas
and commenced a military campaign against these terrorist organizations. In parallel, clashes intensified between Israel and Hezbollah
on Israel’s northern border with Lebanon. Additionally, the Houthis launched missile and drone attacks targeted at Israel and ships
in the Red Sea, posing a threat to international shipping in the Suez Canal. These armed conflicts may further escalate into a greater
regional conflict and could adversely affect our business, operations and financial results.
These conflicts have also strained Israel’s relationship
with some of its Arab citizens, Arab countries and, to some extent, with other countries around the world. In addition, Israel faces
threats, including cyber threats, from more distant neighbors, such as Iran, which has previously threatened to attack Israel and is believed
to have a presence in Syria as well as influence over Hamas, Hezbollah and the Houthis. This situation may further escalate in the future,
and this instability in the region may affect the global economy and marketplace. There can be no assurance that the political situation
and these armed conflicts will not have a material adverse impact on our business in the future.
Furthermore, some of our directors, officers and employees are,
unless exempt, obligated to perform annual military reserve duty, depending upon their age and prior position in the army. They may also
be subject to being called to active duty at any time under emergency circumstances. For example, in connection with the state of
war declared in Israel in October 2023, certain of our employees and consultants in Israel have been called to perform immediate military
service and additional employees may be called as these armed conflicts progress. Our operations could be disrupted by the absence, for
a significant period, of one or more of these officers or other key employees due to military service, and any disruption in our operations
could harm our business.
In addition, in February 2024, in connection with the war declared
in Israel in October 2023, Moody’s has downgraded Government of Israel’s foreign-currency and local-currency issuer ratings
to A2 from A1, and other global rating agencies may take similar actions. Such downgrades might adversely affect the macroeconomic condition
in which we operate, and also potentially deter foreign investment into Israel or Israeli companies, which may, among other things, hinder
our ability to raise additional funds, if deemed necessary by our management and board of directors.
E. Critical
Accounting Estimates
In many cases, the accounting treatment of a particular transaction
is specifically dictated in U.S. GAAP and does not require management’s judgment in its application. There are also areas in which
management’s judgment in selecting among available alternatives would produce a materially different result. Our management has
reviewed these critical accounting policies and related disclosures with the Audit Committee of our Board of Directors (the “Audit
Committee”). See Note 2 to our consolidated financial statements included elsewhere in this annual report, which contains additional
information regarding our accounting policies and other disclosures required by U.S. GAAP.
Our management believes that the significant accounting policies
that affect its more significant judgments and estimates used in the preparation of its consolidated financial statements and that are
the most critical to aid in fully understanding and evaluating our reported financial results include the following:
|
• |
Investment in marketable securities; |
|
• |
Goodwill and impairment of long-lived assets; |
|
• |
Share-based compensation; and |
Revenue Recognition. We
recognize revenues in accordance with ASC No. 606, “Revenue from Contracts with Customers.” As such, we identify a contract
with a customer, identify the performance obligations in the contract, determine the transaction price, allocate the transaction price
to each performance obligation in the contract and recognize revenues when (or as) we satisfy a performance obligation.
Our solutions are sold primarily through distributors and resellers,
all of which are considered end-users.
Our arrangements typically contain various combinations of its products, subscriptions
and PCS, which are distinct and are accounted for as separate performance obligations. We allocate the transaction price to each performance
obligation based on its relative standalone selling price (“SSP”). If the SSP is not observable, we estimate the SSP taking
into account available information such as geographic specific factors, customer grouping and internally approved historical pricing guidelines
related to the performance obligation. For PCS and subscriptions, we determine the standalone selling price based on observable renewals
prices or standalone subscription transactions. For products, the SSP is not observable, and therefore, we estimate the product SSP taking
into account available information such as geographic specific factors, customer grouping and internally approved historical pricing guidelines.
Deferred revenues represent mainly the unrecognized revenue collected
for subscriptions and for PCS. Such revenues are recognized ratably over the term of the related agreement and are classified as short-
and long-term based on their contractual term.
We record a provision for estimated sale returns, credits and stock
rotation granted to customers on our products in the same period that the related revenues are recorded in accordance with ASC 606. Those
estimates are based on historical sales returns and other factors known to us. Such provisions amounted to $3.3 million and $1.0 million
as of December 31, 2023 and 2022, respectively.
Investment in Marketable Securities. We
account for investments in marketable securities in accordance with Accounting Standards Codification, or ASC 320, “Investments
– Debt Securities.” Management determines the appropriate classification of our investments at the time of purchase and reevaluates
such determinations at each balance sheet date.
We classified all our debt securities as available-for-sale marketable
securities. Debt securities are carried at fair value, with the unrealized gains and losses reported in “accumulated other comprehensive
income (loss)” in shareholders’ equity, except for changes in allowance for expected credit losses, which is recorded in financial
income, net. Realized gains and losses on sales of investments are included in financial income, net and are derived using the specific
identification method for determining the cost of securities.
The amortized cost of debt securities is adjusted for amortization
of premiums and accretion of discounts to maturity. Such amortization together with interest on securities are included in financial income,
net.
We periodically evaluate our available-for-sale debt securities
for impairment. If the amortized cost of an individual security exceeds its fair value, we consider our intent to sell the security or
whether it is more likely than not that we will be required to sell the security before recovery of its amortized basis. If either of
these criteria are met, we write down the security to its fair value and record the impairment charge in financial income, net in our
consolidated statements of income (loss). If neither of these criteria are met, we determine whether credit loss exists. Credit loss is
estimated by considering changes to the rating of the security by a rating agency and any adverse conditions specifically related to the
security, as well as other factors. Credit loss impairments for both the years ended December 31, 2023 and 2022 were immaterial.
Business Combinations.
We account for business combinations in accordance with ASC No. 805, "Business Combinations" ("ASC 805"). Under ASU No. 2017-01, “Business
Combinations (Topic 805): Clarifying the Definition of a Business (“2017-01”), we first determine whether substantially all
of the fair value of the gross assets acquired is concentrated in a single identifiable asset or a group of similar identifiable assets.
If this threshold is met, the single asset or group of assets, as applicable, is not a business.
ASC No. 805 requires allocations of tangible assets acquired, liabilities
assumed and intangible assets acquired based on their estimated fair values. Any excess of the fair value of purchase consideration over
the fair values of these identifiable assets and liabilities is recorded as goodwill.
When we acquire a business, the purchase price is allocated to
the tangible and identifiable intangible assets, net of liabilities assumed. Any residual purchase price is recorded as goodwill. The
allocation of the purchase price requires management to make significant estimates in determining the fair values of assets acquired and
liabilities assumed, especially with respect to intangible assets. We use the Discounted Cash Flow Method to assign fair values to acquired
identifiable intangible assets. These estimates can include, but are not limited to, the cash flows that an asset is expected to generate
in the future, forecasted future revenue, forecasted operating results, discount rates and the appropriate weighted-average cost of capital.
These estimates are inherently uncertain and unpredictable.
These models are based on reasonable estimates and assumptions
given available facts and circumstances, including industry estimates and averages, as of the acquisition dates and are consistent with
the plans and estimates of management.
During the measurement period, which may be up to one year from
the acquisition date, adjustments to the fair value of these tangible and intangible assets acquired and liabilities assumed may be recorded,
with the corresponding offset to goodwill. Upon the conclusion of the measurement period or final determination of the fair value of assets
acquired or liabilities assumed, whichever comes first, any subsequent adjustments are recorded to in our consolidated statements of income
(loss).
Goodwill and impairment of long-lived
assets. Goodwill represents the excess of the purchase price in a business combination over the fair value of the net tangible
and intangible assets acquired. Under ASC 350 “Intangibles – Goodwill and Other” (ASC 350), goodwill is not amortized,
but rather is subject to an annual impairment test. ASC 350 requires goodwill to be tested for impairment at least annually or between
annual tests in certain circumstances and written down when impaired. Goodwill is tested for impairment by comparing the fair value of
each reporting unit with its carrying value.
ASC 350 allows an entity to first assess qualitative factors to
determine whether it is necessary to perform a quantitative goodwill impairment test. If the qualitative assessment does not result in
a more likely than not indication of impairment, no further impairment testing is required. If the entity elects not to use this option,
or if the entity determines that it is more likely than not that the fair value of a reporting unit is less than its carrying value, then
the entity prepares a quantitative analysis to determine whether the carrying value of a reporting unit exceeds its estimated fair value.
If the carrying value of a reporting unit exceeds its estimated fair value, the entity recognizes an impairment of goodwill for the amount
of this excess.
In previous reporting periods (until December 31, 2022), we operated
in one reportable segment. Commencing January 1, 2023, we have determined that the Company operates in two reportable segments. We conduct
our annual test of impairment for goodwill on December 31 of each year, or more frequently if impairment indicators are present. No impairment
loss was recorded during each of 2023, 2022, and 2021.
Share-based compensation.
We account for share-based compensation in accordance with ASC 718, “Compensation-Stock Compensation” (ASC 718). ASC 718 requires
companies to estimate the fair value of equity-based payment awards on the date of grant using an option-pricing model. The value of the
portion of the award that is ultimately expected to vest is recognized as an expense over the requisite service periods in our consolidated
statements of income (loss).
Some of our subsidiaries have share option plans pursuant to which
qualified directors and employees may be granted options for the purchase of securities of the subsidiaries. Share-based compensation
expenses recorded on the subsidiaries' level are presented in non-controlling interests.
We recognize compensation expenses for the value of our awards
based on the accelerated attribution method over the requisite service period of each of the awards, net of estimated forfeitures. Forfeitures
are estimated at the time of grant and revised, if necessary, in subsequent periods if actual forfeitures differ from those estimates.
Estimated forfeitures are based on actual historical pre-vesting forfeitures.
We selected the Black-Scholes-Merton option pricing model to account
for the fair value of our share-options awards with only service conditions and whereas the fair value of the RSUs awards is based on
the market value of the underlying shares at the date of grant.
During 2020, the Board of Directors of the Company approved a market-condition
based RSUs equity grant to the Chief Executive Officer of the Company. The vesting of the market-condition based RSUs granted during 2020
is dependent upon the Company’s share performance over the requisite service period.
On July 28, 2022, the Board of Directors of the Company approved
an equity grant to the Chief Executive Officer of the Company, which is comprised of RSUs, market-condition based RSUs and market-condition
based share options. The equity grant includes grants for the years 2022, 2023, and 2024 and are fixed monetary amounts ($7,725, $5,000,
and $5,000, respectively).
Market-condition based RSUs’ vesting is dependent upon the
fulfillment of certain market conditions and will vest, or partially vest, depending on the Company's share performance compared to other
companies that are listed on the NASDAQ CTA Cybersecurity Index over the requisite service period, which is up to three years.
Market-based condition share options’ vesting is dependent
upon the fulfillment of certain market conditions and will vest depending on the Company's share performance over the requisite service
period, which is up to three years.
For the 2024 grants, the Company recorded a liability in the consolidated
balance sheets for the RSUs and the market-condition based RSUs as the Company has an obligation to issue a variable number of shares
for which the monetary amount is fixed and the key terms and conditions of the equity grant are known.
The fair value of the market-condition based awards was determined
using a Monte Carlo simulation methodology.
The option-pricing model requires a number of assumptions, of which
the most significant are the expected stock price volatility and the expected option term. Expected volatility was calculated based upon
actual historical stock price movements over a historical period equivalent to the option’s expected term. The expected option term
represents the period of time that options are expected to be outstanding. Expected term of options is based on historical experience.
The risk-free interest rate is based on the yield from U.S. treasury bonds with an equivalent term. We have historically not paid dividends
and have no foreseeable plans to pay dividends.
Income Taxes. We account
for income taxes in accordance with ASC 740, “Income Taxes.” This statement prescribes the use of the liability method whereby
deferred tax assets and liability account balances are determined based on differences between financial reporting and tax bases of assets
and liabilities and are measured using the enacted tax rates and laws that will be in effect when the differences are expected to reverse.
We provide a valuation allowance, if necessary, to reduce deferred tax assets to their estimated realizable value if it is more likely
than not that a portion or all of the deferred tax assets will not be realized.
ASC 740 contains a two-step approach to recognizing and measuring
a liability for uncertain tax positions. The first step is to evaluate the tax position taken or expected to be taken in a tax return
by determining if the weight of available evidence indicates that it is more likely than not that, on an evaluation of the technical merits,
the tax position will be sustained on audit, including resolution of any related appeals or litigation processes. The second step is only
addressed if the first step has been satisfied (i.e., the position is more likely than not to be sustained), otherwise a full liability
in respect of a tax position not meeting the more likely than not criteria is recognized. The second step is to measure the tax benefit
as the largest amount that is more than 50% likely to be realized upon ultimate settlement. We accrue interest and penalty, if any, that
are related to unrecognized tax benefits in taxes on income. Although we believe we have adequately reserved for our uncertain tax positions,
no assurance can be given that the final tax outcome of these matters will not be different. We adjust these reserves in light of changing
facts and circumstances, such as the closing of a tax audit, the refinement of an estimate or changes in tax laws. To the extent that
the final tax outcome of these matters is different than the amounts recorded, such differences will impact the provision for income taxes
in the period in which such determination is made. The provision for income taxes includes the impact of reserve provisions and changes
to reserves that are considered appropriate, as well as the related interest and penalties.
Accounting for tax positions requires judgments, including estimating
reserves for potential uncertainties. We also assess our ability to utilize tax attributes, including those in the form of carryforwards
for which the benefits have already been reflected in the financial statements. We do not record valuation allowances for deferred tax
assets that we believe are more likely than not to be realized in future periods. While we believe the resulting tax balances as of December 31,
2023 and 2022 are appropriately accounted for, the ultimate outcome of such matters could result in favorable or unfavorable adjustments
to our consolidated financial statements and such adjustments could be material. See Note 14 to
our consolidated financial statements included elsewhere in this annual report for further information regarding income taxes. We have
filed or are in the process of filing local and foreign tax returns that are subject to audit by the respective tax authorities. The amount
of income tax we pay is subject to ongoing audits by the tax authorities, which often result in proposed assessments. See “Results
of Operations—Income Taxes” above.
While we believe that we have adequately provided for any reasonably
foreseeable outcomes related to tax audits and settlement, our future results may include favorable or unfavorable adjustments to our
estimated tax liabilities in the period the assessments are made or resolved, audits are closed or when statutes of limitation on potential
assessments expire.
ITEM 6. DIRECTORS,
SENIOR MANAGEMENT AND EMPLOYEES
A. Directors
and Senior Management
The following table lists our current directors and senior management:
Name |
Age |
Position |
Yuval Cohen (1)(2) |
61 |
Chairman of the Board of Directors |
Yair Tauman (1)(2)(3)(4) |
75 |
Director |
Stanley B. Stern (2)(4)(6)(7) |
66 |
Director, Chairman of the Nomination and Corporate Governance
Committee |
Naama Zeldis (2)(3)(4)(5) |
60 |
Director, Chairperson of the Audit Committee |
Meir Moshe (2)(3)(5)(7) |
69 |
Director, Chairman of the Compensation Committee |
Israel Mazin (2)(6)(7) |
64 |
Director |
Alex Pinchev (1)(2) |
73 |
Director |
Roy Zisapel (5) |
53 |
President, Chief Executive Officer and Director |
Guy Avidan |
61 |
Chief Financial Officer |
Yoav Gazelle |
54 |
Chief Business Officer |
David Aviv |
68 |
Chief Technology Officer |
Gabi Malka |
48 |
Chief Operating Officer |
Sharon Trachtman |
55 |
Chief Marketing Officer |
Riki Goldriech |
47 |
Chief People Officer |
(1) Term as director expires at the annual meeting of shareholders to be held
in 2024.
(2) Qualified as an independent director, as determined under the Nasdaq rules.
(3) Serves on the Compensation Committee of the Board of Directors (the “Compensation
Committee”).
(4) Serves on the Audit Committee.
(5) Term as director expires at the annual meeting of shareholders to be held
in 2025.
(6) Term as director expires at the annual meeting of shareholders to be held
in 2026.
(7) Serves on the Nomination and Corporate Governance Committee of the Board
of Directors (the “Nomination and Corporate Governance Committee”).
Yuval Cohen has served as
Chairman of our Board of Directors since November 2023 and as a member of our Board of Directors since December 2021. He is the founding
and managing partner of Fortissimo Capital, a private equity fund headquartered in Israel, which was established in 2004. From 1997 through
2002, Mr. Cohen was a General Partner at Jerusalem Venture Partners, an Israeli-based venture capital fund, and prior thereto, he held
executive positions at various Silicon Valley companies, including DSP Group, Inc. (Nasdaq: DSPG) and Intel Corporation (Nasdaq: INTC).
Currently, Mr. Cohen serves as the chairman of the board of directors of Kornit Digital Ltd. (Nasdaq: KRNT). He also serves on the board
of directors of several privately-held portfolio companies of Fortissimo. Mr. Cohen holds a B.Sc. degree in industrial engineering from
the Tel Aviv University and an M.B.A. from Harvard University.
Yair Tauman has served
as a member of our Board of Directors since October 2010. He is the Vice Dean of the Adelson School of Entrepreneurship in the Interdisciplinary
Center (IDC) in Herzliya, Israel and was previously the Dean of the Arison School of Business in the IDC. He is also a Leading Professor
of Economics and the Director of the Stony Brook Center for Game Theory, New York. He was a professor at Tel Aviv University for 25 years
until 2009 and, prior thereto, served as a professor at the Kellogg School of Management at Northwestern University. His areas of research
include game theory and industrial organization. Professor Tauman currently serves on the board of directors of other private companies
from different sectors, including online auctions, social networking and fintech. Professor Tauman obtained his Ph.D. and M.Sc. degrees
in mathematics as well as a B.Sc. in mathematics and statistics from The Hebrew University, Israel.
Stanley B. Stern has served
as a member of our Board of Directors since September 2020. Mr. Stern is currently the chairman of the board of directors of AudioCodes
Ltd. (Nasdaq, TASE: AUDC) (AudioCodes), a leading vendor of advanced communications software, products and productivity solutions for
the digital workplace, and serves as the lead director of Ormat Technologies, Inc. (NYSE: ORA). He previously served as a member of the
board of directors of Ekso Bionics Holdings, Inc. (Nasdaq: EKSO) from 2014 until 2023. Since 2013, Mr. Stern has served as the president
of Alnitak Capital, a strategic advisory firm, engaged primarily in high-tech, alternative energy and healthcare. Previously, from 1982
until 2000 and from 2004 until 2013, Mr. Stern served in various positions at Oppenheimer & Co., including as a Managing Director
and Head of Investment Banking, Technology, Israeli Banking and FIG. From 2002 until 2004, he was a Managing Director and the Head of
Investment Banking at C.E. Unterberg, Towbin. From January 2000 until January 2002, Mr. Stern was the President of STI Ventures Advisory
USA Inc., a venture capital firm focusing on technology investments. In the past, Mr. Stern was a board member of several public and private
companies, including Given Imaging Ltd. and Fundtech Ltd., and the chairman of the boards of directors of Tucows, Inc. and of SodaStream
International Ltd., until its sale to Pepsico in December 2018. Mr. Stern holds a B.A. degree in economics and accounting from City University
of New York, Queens College, and an M.B.A. from Harvard University.
Naama Zeldis has served
as a member of our Board of Directors since September 2020. Ms. Zeldis served as the Chief Executive Officer of Aquarius-Spectrum Ltd.,
a private company specializing in innovative solutions for monitoring urban water pipes and detecting hidden leaks from the earliest stage,
until January 2023. Formerly, Ms. Zeldis served as Chief Financial Officer for a variety of high-tech and industrial companies, such as
Tahal Group from 2013 to 2020, Netafim Ltd. from 2005 to 2013, the Israeli subsidiary of Electronic Data Systems from 2001 to 2005 and
Radguard Ltd., formerly with the RAD-Bynet Group, from 1999 to 2001. Ms. Zeldis currently serves on the board of directors of Electra
Real Estate Ltd. (TASE: ELCRE), a global real estate private equity firm, Orbit Technologies Ltd. (TASE: ORBI), a company specializing
in satellite communications, tracking systems, airborne communication and audio managements solutions, and on the board of directors of
Aquarius Engines (A.M.) Ltd. (TASE: AQUA), a developer of a Free Piston Linear Engine, which is integrated into a comprehensive, reliable,
cost-effective, green energy generator. Ms. Zeldis has also served as a member of the boards of directors of several other companies,
including Nova Measuring Instruments Ltd. (Nasdaq: NVMI), Rafael Advanced Defense Systems Ltd. and Metalink Ltd. She holds a B.A. degree
in accounting from the Tel Aviv University and a B.A. degree in economics and an M.B.A. from the Hebrew University in Jerusalem.
Meir Moshe has served as a member of our Board
of Directors since May 2022. Mr. Moshe has held senior positions in the financial sector over the past four decades, including as our
Chief Financial Officer from 1999 to 2016 and as our interim Chief Financial Officer from June 2021 to February 2022. Mr. Moshe has served
as a director and member of the audit committee in multiple public companies, including Otonomo Technologies Ltd. (Nasdaq: OTMO)
from 2022 to 2023, Ability Inc. (Nasdaq: ABIL) from 2016 to 2017, Carasso Motors Ltd. (TASE: CRSM) from 2018 to 2019 and Albert Technologies
Ltd. (LSE: ALB) from 2018 to 2019. He currently provides consulting services to public companies. He holds a B.Sc. degree in economics
and accounting from Tel Aviv University, Israel and is a certified public accountant.
Israel Mazin has served
as a member of our Board of Directors since October 2023. Mr. Mazin is the Chairman, CEO and Co-Founder of MEMCYCO (Memco-Cyber-Corporation),
a Digital-Watermark Authentication technology for B2B and B2C online communication, since 2021. Prior to that, Mr. Mazin was a founding
member of several technology companies, including OpTier, an APM market leader that was acquired by SAP in 2015, and Memco Software, a
security software company that went public on Nasdaq and was later acquired by Platinum Technology. Mr. Mazin also co-founded Shadow
Technologies, a non-profit company that consolidates crowd opinion online reviews. Mr. Mazin is also an active investor in real
estate, high tech, and bio-tech startups. In 2018, Mr. Mazin received an honorary degree from the Holon Institute of Technology.
Alex Pinchev has served
as a member of our Board of Directors since November 2023. Mr. Pinchev has held numerous leadership and board positions across several
high-tech companies throughout his career, including, most recently, as the Chairman of Flicent, Inc. and as a board member in several
private companies, including SuSe S.A., StackState B.V. and Velotix Ltd. He previously served as an Executive Vice President and president
of global sales, services, and field marketing of Red Hat, Inc. from 2003 to 2012 and as an Executive Vice President and president of
global sales and marketing of Rackspace Limited (NASDAQ: RXT) from 2016 to 2017. He also served as the CEO of Acronis during 2012-2013.
He was a board member of several public companies, in Quantum Corporation (NYSE: QMCO) and BMC Software, Inc. (NYSE:BMC). He currently
serves on the boards of several privately owned companies and continues to advise and invest in startups and firms seeking global expansion
through Capri Ventures, an early-stage fund that he founded. Mr. Pinchev holds a Masters degree in applied mathematics and computer science from
the ITMO University in St. Petersburg, Russia.
Roy Zisapel, co-founder
of our Company, has served as our President and Chief Executive Officer and a director since our inception in May 1996. Mr. Zisapel
also serves as a director of Radware US and other subsidiaries. From 1996 to 1997, Mr. Zisapel was a team leader of research and development
projects for RND Networks Ltd. From 1994 to 1996, Mr. Zisapel was employed as a software engineer for unaffiliated companies in Israel.
Currently, Mr. Zisapel serves on the board of directors of Israel Acquisitions Corp (NASDAQ: ISRL). Mr. Zisapel also serves as a director
of Rad Data Communications Ltd., a private company in the RAD-Bynet Group. Mr. Zisapel has a B.Sc. degree in mathematics and computer
science from Tel Aviv University, Israel.
Guy Avidan has served as
our Chief Financial Officer since February 2022. Prior to joining Radware, he was with Kornit Digital (NASDAQ:KRNT), where he served as
President at KornitX from November 2020 to November 2021 and as Chief Financial Officer from November 2014 to November 2020, in which
role he led Kornit to its initial public offering on Nasdaq. Prior to joining Kornit Digital, Mr. Avidan was Vice President of Finance
and Chief Financial Officer at AudioCodes (NASDAQ: AUDC). In addition, Mr. Avidan has 15 years of experience serving in various other
executive capacities, including co-President and Chief Financial Officer at MRV Communications, Inc. (NASDAQ: MRVC), as well as Vice President
of Finance and Chief Financial Officer at Ace North Hills, which was acquired by MRV Communications. Mr. Avidan is a certified public
accountant and holds a B.A. degree in economics and accounting from Haifa University in Israel.
Yoav Gazelle has served
as our Chief Business Officer since January 2022 and as our Vice President, International Sales since January 2019. Prior to that, Mr.
Gazelle served as our Vice President, EMEA & CALA from June 2013 to January 2019. Prior to joining Radware, between 2000 and 2013,
Mr. Gazelle held a variety of sales, marketing and business development positions in ECI Telecom Ltd., including President, Head of Europe
and the Americas from January 2012 to March 2013. Mr. Gazelle holds a B.Sc. degree in electrical and electronic engineering from the Technion
– The Israeli Institute of Technology, Israel.
David Aviv has served as
our Chief Technology Officer since 2016 and as our Vice President, Advanced Services, since 2004. Mr. Aviv oversees the technology strategy
for the Company’s solutions for enterprise, carrier and cloud solutions and is involved in researching and developing key algorithms
and concepts that will guide the direction of the Company’s future solutions. Prior to joining Radware, he was the VP of Engineering
at Ofek, an Israel-based ILEC and a senior consultant. Prior to that, until 2000, Mr. Aviv served in the Israeli Air Force as a senior
technical leader. He also serves as the Technical Chairman of the Israeli Telecom Standards Body committee. Mr. Aviv holds a Ph.D.
degree in Electrical Engineering (EE) from the Naval Postgraduate School in Monterey, California, a B.S. degree in Electrical Engineering
from Ben-Gurion University and a M.S. degree in Electrical Engineering from Tel Aviv University, Israel.
Gabi Malka has served as
our Chief Operating Officer since March 2014. Mr. Malka oversees product management, research & development, cloud services, and customer
support. From May 2005 to February 2014, Mr. Malka served as Vice President of Research & Development at HP Software (formerly Mercury).
Prior to HP Software, from 2000 to 2005, Mr. Malka served as Vice President of Research & Development of AppStream (acquired by Symantec).
Prior to AppStream, from 1998 to 2000, Mr. Malka directed Research & Development at Amdocs Limited. Mr. Malka holds a B.A. from American
InterContinental University and has furthered his post-graduate education at Tel Aviv University (Lahav Business School) and Harvard Business
School.
Sharon Trachtman has served
as our Chief Marketing Officer since February 2021. In parallel she continues to serve as our Chief Business Operation Officer. Ms. Trachtman
has been with our Company since its start of operations in 1997. Since September 1997, she has held various senior positions in Radware,
such as Product Management Vice President and Marketing Vice President. From November 1994 to September 1997, Ms. Trachtman was a
product line marketing manager for Scitex Corporation. Ms. Trachtman holds a B.A. degree in computer science and philosophy from
Bar-Ilan University, Israel.
Riki Goldriech has served
as our Global VP HR since 2016 and as our Chief People Officer since 2022. Ms. Goldriech brings more than 13 years of human resources
experience to her role. Prior to Radware, Ms. Goldriech managed the human resources function at Hewlett-Packard Enterprise (HPE) Software
in Israel. Ms. Goldriech has also held multiple human resources posts at HPE Israel. Ms. Goldriech holds a B.Sc. degree in computer science
and logistics-economics and an MBA from Bar-Ilan University.
Additional Information
Under Nasdaq requirements, a majority of the members of our Board
of Directors are required to be “independent” as defined under the Nasdaq rules. We currently satisfy this requirement because
seven of our eight directors qualify as “independent directors” under the Nasdaq rules.
On March 10, 2024, Yehuda Zisapel, a co-founder and shareholder
of the Company who served as a member of our Board of Directors since our inception in May 1996 and as Chairman of our Board of Directors
from May 1996 until August 2006 and again from November 2009 until November 2023, passed away. Roy Zisapel, our President, Chief Executive
Officer and director. is the son of Nava Zisapel, who is one of our major shareholders, and the late Mr. Yehuda Zisapel. There are no
other family relationships between any of the directors or members of senior management named above.
We are not aware of any arrangements or understandings with
major shareholders, customers, suppliers or others, pursuant to which (1) any person referred to above was selected as a director or member
of senior management or (2) any director will receive compensation by a third party in connection with his or her candidacy or board service
in the Company.
B. Compensation
General
Our objective is to attract, motivate and retain highly skilled
personnel who will assist Radware to reach its business objectives, performance and the creation of shareholder value and otherwise contribute
to our long-term success. Our compensation policy for our executive officers and directors, or the Compensation Policy, which is approved
by our shareholders, is designed to correlate executive compensation with our objectives and goals.
The following table sets forth all salaries, fees, commissions
and bonuses and pension retirement and other similar benefits we paid or accrued with respect to all of our directors and officers as
a group for the 2023 fiscal year. The table does not include any amounts we paid to reimburse any of our affiliates for costs incurred
in providing us with services during such period.
|
|
Salaries, fees, commissions and bonuses
|
|
|
Pension, retirement and other similar
benefits |
|
|
|
|
|
|
|
|
2022 - All directors and officers as a group, consisting of 14 persons* |
|
$ |
3,307,407 |
|
|
$ |
527,559 |
|
2023 - All directors and officers as a group, consisting of 15 persons** |
|
$ |
2,419,283 |
|
|
$ |
475,235 |
|
* Includes one person who served as our officer in 2022 and is no longer serving
as our officer and one director who was appointed during 2022.
** Includes one person who served as our director in 2023 and is no longer serving
on our Board of Directors and two directors who were appointed during 2023.
During 2023, we granted to our directors and officers listed in
Item 6.A “Directors, Senior Management and Employees,” in the aggregate, 273,941 RSUs at a weighted average grant date fair
value per RSU of $19.28 and options to purchase 331,899 ordinary shares at a weighted average exercise price per share of $17.63. The
options expire 62 months after grant. The weighted-average grant date fair value of these options was $5.48 per option.
For a discussion of the accounting method and assumptions used
in valuation of such share-based compensation, see Note 2(s) to our consolidated financial statements included elsewhere in this annual
report. See also Item 6.E “Share Ownership.”
For a discussion of the compensation granted to our five most highly
compensated executive officers during 2023, see “Compensation of Executive Officers” below, and for a discussion of the compensation
paid to our non-employee directors, see “Compensation of Directors” below.
We currently hold directors and officers liability insurance with
an aggregate coverage limit of $35 million, including side A coverage. In addition, we provide our directors and officers indemnification
pursuant to the terms of a Letter of Indemnification substantially in the form approved by our shareholders.
Compensation of Executive Officers
The table and summary below outline the compensation granted to
our five most highly compensated executive officers during or with respect to the year ended December 31, 2023. We refer to the five individuals
for whom disclosure is provided herein as our “Covered Executives.”
For purposes of the table and the summary below, “compensation”
includes base salary, bonuses, equity-based compensation, retirement or termination payments, benefits and perquisites such as car, phone
and social benefits, and any undertaking to provide such compensation. All amounts reported in the table are in terms of cost to the Company,
as recognized in our financial statements for the year ended December 31, 2023.
Name and Principal Position
(1) |
Year |
Salary |
Bonus (including Sales
Commissions) (2) |
Equity-Based
Compensation (3)
|
All Other
Compensation (4)
|
Total |
(US$ In
Thousands) |
Roy Zisapel, President, Chief Executive
Officer and Director |
2023 |
450 (5) |
(6) |
2,451 |
139* |
3,040 |
Guy Avidan, Chief Financial Officer
|
2023 |
308 |
|
261 |
67 |
636 |
Yoav Gazelle, Chief Business Officer
|
2023 |
240 |
198 |
214 |
40 |
692 |
Gabi Malka, Chief Operating Officer
|
2023 |
319 |
|
139 |
73 |
531 |
David Aviv, Chief Technology Officer
|
2023 |
300 |
|
139 |
72 |
511 |
|
(1) |
Unless otherwise indicated herein, all Covered Executives are (i) employed on a full-time (100%) basis; and (ii) subject to customary
confidentiality, intellectual property assignment and non-solicitation provisions as well as an undertaking not to compete with us or
in our field of business for at least 12 months following termination of employment. |
|
(2) |
Amounts reported in this column represent annual bonuses, including sales commissions. Consistent with our Compensation Policy, such
bonuses are based upon (i) for non-sales executive officers - achievement of milestones and targets
and the measurable results of the Company, as compared to our budget and/or work plan for the relevant year. The bonus (of up to 10% of
the annual bonus) is based on the achievement and performance of pre-determined key performance indicators (KPIs), and, in any event,
not to exceed the amount of 200% of the base salary; and (ii) for sales executive officers - achievement of targets of revenues generated
by the individual and/or his/her team or division and/or the Company and in any event, not to exceed the amount of four annual base salaries
of such executive. |
|
(3) |
Amounts reported in this column represent the grant date fair value in accordance with accounting guidance for share-based compensation.
For a discussion of the assumptions used in reaching this valuation, see Note 2(s) to our consolidated financial statements included elsewhere
in this annual report. |
|
(4) |
Amounts reported in this column include benefits and perquisites, including those mandated by applicable law. Such benefits and perquisites
may include, to the extent applicable to the Covered Executive, payments, contributions and/or allocations for savings funds (e.g., Managers
Life Insurance Policy), education funds (“keren hishtalmut”), pension, severance, vacation, car or car allowance, medical
insurances and benefits, risk insurances (e.g., life or work disability insurance), phone, convalescence or recreation pay, relocation,
payments for social security, tax gross-up payments and other benefits and perquisites consistent with Radware’s guidelines. Unless
otherwise indicated herein, all Covered Executives (i) are entitled to a notice period of at least one month prior to termination (other
than termination for cause), during which they are generally entitled to all compensation and rights under their employment agreements;
and (ii) are not entitled to any special bonuses or benefits upon a change of control of our Company, other than a potential acceleration
of the vesting of their share options pursuant to our equity incentive plan, as more fully described in Item 6.E “Share Ownership.”
|
|
(5) |
As approved by our shareholders on July 28, 2022, as of such date, Roy Zisapel’s gross base salary increased from $400,000
to $450,000 and his annual bonus increased from $400,000 to $600,000 (however, the actual payout, based on performance, could reach $900,000
for overperformance). |
|
(6) |
Consistent with our Compensation Policy, and as approved by our shareholders on July 28, 2022, Roy Zisapel is entitled to an annual
bonus of up to $600,000 (however, the actual payout, based on performance, could reach $900,000 for overperformance). |
*
Social contributions paid in Israel are denominated in NIS, whereas our functional currency is dollars and therefore fluctuations in dollar
amounts may be attributed to exchange rate fluctuations.
As approved by our shareholders on July 28, 2022, the terms of
compensation of Roy Zisapel, our President, Chief Executive Officer and director, were modified, such that, commencing July 28, 2022,
(i) his gross base salary is $450,000 per annum (payable in NIS); (ii) his annual bonus is $600,000 (payable in NIS) for on-target (100%)
performance; however, the actual payout, based on performance, could reach $900,000 for overperformance (or the equivalent in NIS); and
(iii) he is entitled to annual grants of a combination of time-based restricted share units, performance-based restricted share units,
and performance-based share options, with a total grant value of $7.725 million, $5.0 million and $5.0 million, for 2022, 2023, and 2024,
respectively. For additional details, see Proposal 3 of the Proxy Statement filed as Exhibit 99.2 to the Report of Foreign Private Issuer
on Form 6-K we submitted to the SEC on June 23, 2022.
Compensation of Directors
Our non-employee directors are entitled to the following compensation:
(i) annual compensation in the amount of NIS 120,800 (equivalent to approximately $33,556, based on the exchange rate published by the
Bank of Israel on March 10, 2023, which was NIS 3.60 = $1.00) per year of service; (ii) per meeting remuneration of NIS 3,600 (equivalent
to approximately $1,000, based on the exchange rate published by the Bank of Israel on March 10, 2023, which was NIS 3.60 = $1.00)
for each Board or committee meeting attended, provided that the director is a member of such committee; (iii) compensation for telephonic
participation in board and committee meetings (where other members physically attend) in an amount of 60% of what is received for physical
participation; and (iv) compensation for board and committee meetings held via electronic means without physical participation in an amount
of 50% of what is received for physical meetings. All amounts payable under items (i), (ii), (iii), and (iv) above are subject to adjustment
for changes in the Israeli consumer price index after December 2007 and changes in the amounts payable pursuant to Israeli law from time
to time.
In addition, our non-employee directors are entitled to a grant
of options under our share option plans to purchase 20,000 ordinary shares for each year in which such non-employee director holds office.
The options are granted for three years in advance, and therefore every director receives an initial grant of options to purchase 60,000
ordinary shares that vest over a period of three years, with a third (20,000) to vest upon each anniversary of service, provided that
the director still serves on the Company’s Board of Directors on the date of vesting. The grant is made on the date of the director’s
election (or the date of commencement of office, if different), and thereafter, every three years, if reelected, an additional grant of
options to purchase an additional 60,000 ordinary shares will be made on the date of each annual meeting in which such director is reelected.
The exercise price of all options shall be equal to the fair market value of the ordinary shares on the date of the grant (i.e., an exercise
price equal to the market price of our ordinary shares on the date of the annual meeting approving the election or reelection of a director
or the date of commencement of office, if different).
C. Board
Practices
Introduction
Since we are incorporated as an Israeli company, we are subject
to the provisions of the Companies Law and the regulations adopted thereunder. In addition, since our ordinary shares are listed on the
Nasdaq Global Select Market, we are also subject to the Nasdaq rules.
According to the Companies Law and our Articles of Association,
the oversight of the management of our business is vested in our Board of Directors. Our Board of Directors may exercise all powers and
may take all actions that are not specifically granted to our shareholders. As part of its powers, our Board of Directors may cause us
to borrow or secure payment of any sum or sums of money for our purposes, at times and upon terms and conditions as it determines, including
the grant of security interests in all or any part of our property.
Our Articles of Association provide for a Board of Directors of
not less than five and not more than nine directors. Currently, our Board of Directors consists of eight directors. In accordance with
current Nasdaq requirements, nominees for election as directors are approved and recommended to the Board of Directors by our Nomination
and Corporate Governance Committee.
Under the Companies Law, our Board of Directors is required to
determine the minimum number of directors having accounting and financial expertise, as defined in regulations promulgated under the Companies
Law, that our Board of Directors should have. In determining the number of directors required to have such expertise, the Board
of Directors must consider, among other things, the type and size of the company and the scope and complexity of its operations. Our Board
of Directors has determined that we require at least one director with the requisite financial and accounting expertise and that Naama
Zeldis has such expertise.
Staggered Board
In accordance with the terms of our Articles of Association, our
Board of Directors is divided into three classes with each class of directors serving until, generally, the third annual meeting following
their election as follows:
|
|
Term expiring at the annual meeting for the year |
|
|
|
|
|
|
|
Class I |
|
2024 |
|
Yair Tauman and Yuval Cohen |
Class II |
|
2025 |
|
Roy Zisapel, Naama Zeldis and Meir Moshe |
Class III |
|
2026 |
|
Stanley Stern, Israel Mazin and Alex Pinchev* |
* Mr. Pinchev was appointed in November 2023 and, in accordance with our Articles of Association, will
be presented for election in the next annual general meeting of shareholders for a term of two years, ending on the annual general meeting
to be held in 2026.
At each annual meeting of shareholders after the initial classification,
the successors to directors whose terms will then expire will be elected to serve from the time of election and qualification until the
third annual meeting following such election. Directors are elected by a simple majority of the votes cast by our shareholders at an annual
general meeting, whereas a director’s removal from office requires the vote of at least 75% of the voting power represented at the
general meeting. Any additional directorships resulting from an increase in the number of directors will be distributed among the three
classes so that, to the nearest extent possible, each class will consist of one-third of the directors. This classification of our Board
of Directors may have the effect of delaying or preventing changes in control or management of our Company.
For a description of how long our directors and officers have served
in their current positions, please see Item 6.A “Directors and Senior Management.”
External Directors and Israeli Relief Regulations
Under the Companies Law, companies incorporated under the laws
of Israel whose shares are listed for trading on a stock exchange or have been offered to the public in or outside of Israel, are required
to appoint at least two external directors. However, pursuant to Israeli regulations promulgated under the Companies Law, companies
whose shares are traded on specified non-Israeli stock exchanges, including Nasdaq, and which do not have a controlling shareholder, such
as Radware, may elect to opt out of the requirement to maintain external directors as well as elect to opt out of the composition
requirements under the Companies Law with respect to the audit and compensation committees.
Consistent with the aforesaid relief regulations, in February 2020,
we elected to opt out from the requirement to appoint external directors and from the composition requirements for the audit and compensation
committees under the Companies Law. Our eligibility to opt out is conditioned upon: (i) the continued listing of our ordinary shares on
the Nasdaq (or one of a few other specified non-Israeli stock exchanges); (ii) there not being a controlling shareholder of our Company;
and (iii) our compliance with the SEC rules and Nasdaq requirements as to the composition of (a) our board of directors (which requires
that we maintain a majority of independent directors on our board of directors) and (b) the audit and compensation committees of our Board
of Directors (which, subject to certain exceptions, requires that such committees consist solely of independent directors (at least three
and two members, respectively), as described under the Nasdaq rules).
Our election to exempt our Company from compliance with the external
director and audit and compensation committee requirements can be reversed at any time by our Board of Directors, in which case we would
need to hold a shareholder meeting to once again appoint external directors, whose election, by a special majority, would initially be
for a three-year term.
Our Committees
The Board of Directors appoints committees to help carry out its
duties. Each committee reports the results of its meetings to the full Board of Directors. The Board of Directors established an Audit
Committee and a Compensation Committee and, from time to time, establishes other “ad-hoc” committees of members of the Board
of Directors for specific duties or assignments and limited duration.
Audit Committee
Our ordinary shares are listed on the Nasdaq Global Select Market,
and we are subject to the Nasdaq rules applicable to listed companies. Under the Nasdaq rules, we are required to have an audit committee
consisting of at least three independent directors, all of whom are financially literate and one of whom has accounting or related financial
management expertise. To the extent a company is required to appoint external directors, the audit committee must include all of the external
directors and comply with additional requirements as to the composition thereof under the Companies Law. However, when we elected to exempt
our Company from the external director requirement, we concurrently elected to exempt our Company from all of such requirements.
Our Board has determined that all directors serving on our Audit
Committee (namely, Naama Zeldis, Stanley Stern and Prof. Yair Tauman) meet the independence standards required of Audit Committee members
by the Securities Exchange Act of 1934, as amended (the “Exchange Act”) and the Nasdaq rules. In addition, the Board of Directors
has determined that Naama Zeldis is considered an “audit committee financial expert” (as defined by SEC rules).
In accordance with the Nasdaq rules, our Audit Committee has adopted
a charter that sets forth the Audit Committee’s purpose and responsibilities, which include, among other things, (1) assisting the
Board of Directors in fulfilling its responsibility for oversight of the quality and integrity of our accounting, auditing and financial
reporting practices and financial statements, and the independence qualifications and performance of our independent auditors, and (2)
selecting, evaluating and, where appropriate, recommending to replace the independent auditors (or to nominate the independent auditors
subject to shareholder approval) and pre-approving audit engagement fees and all permitted non-audit services and fees. Our Audit Committee
must also review and approve all related party transactions specified under Item 7.B “Related Party Transactions” of Form
20-F.
In accordance with the Companies Law, the duties of our Audit Committee,
in addition to the requirements imposed by the Nasdaq rules, include, among other things, (1) identifying irregularities in the business
management of the Company, including in consultation with the internal auditor and/or the Company’s independent accountants, and
recommending remedial measures to the Board of Directors, (2) reviewing, and, where appropriate, approving certain interested party transactions
specified under the Companies Law, as more fully described in Exhibit 2.1 to this annual report under the heading “Approval of Specified
Related Party Transactions under Israeli Law,” and (3) examining and monitoring the work of our internal auditor.
Our Audit Committee also functions as our Qualified Legal Compliance
Committee, or the QLCC. In its capacity as the QLCC, our Audit Committee is responsible for investigating reports of perceived material
violations of U.S. federal or state securities laws, breaches of fiduciary duty or similar violations by our officers, directors, employees,
or any of our agents.
Compensation Committee
Pursuant to applicable Nasdaq rules, the compensation payable to
a company’s chief executive officer and other executive officers must generally be approved by a compensation committee comprised
solely of independent directors. To the extent a company is required to appoint external directors, the compensation committee must include
all of the external directors and comply with additional requirements as to the composition thereof under the Companies Law. However,
when we elected to exempt our Company from the external director requirement, we concurrently elected to exempt our Company from all of
such requirements.
Under the Companies Law, the role of the compensation committee
includes recommending to the Board of Directors, for ultimate shareholder approval by a special majority, a policy governing the compensation
of office holders based on specified criteria; reviewing, from time to time, modifications to the compensation policy and examining its
implementation; approving the actual compensation terms of office holders prior to approval thereof by the Board of Directors; and resolving
whether to exempt the compensation terms of a candidate for chief executive officer from shareholder approval. The Companies Law defines
the term “office holder” of a company to include a director, the chief executive officer, the chief financial officer, a vice
president and any officer of the company that reports directly to the chief executive officer.
Pursuant to its charter, our Compensation Committee is authorized
to make decisions regarding executive compensation and terms and conditions of employment, to follow market trends and provide recommendations
to the Board of Directors in connection with the Company’s general compensation philosophy and policies, as well as to recommend
that the Board of Directors issue options under our share option plans. The Compensation Committee reviews, recommends, and determines,
on behalf of the Board of Directors, the amounts and types of compensation to be paid to the Company’s Chief Executive Officer and
other executive officers.
Our Compensation Committee currently consists of Meir Moshe, Prof.
Yair Tauman, and Naama Zeldis, all of whom are independent directors.
Nomination and Corporate Governance Committee
Our Board of Directors formed a Nomination and Corporate Governance
Committee in October 2023. The role of our Nomination and Corporate Governance Committee is, among other things, to assist our Board of
Directors by identifying individuals qualified to become Board members, consistent with criteria approved by the Board, and to recommend
to the Board the director nominees for the next annual meeting of shareholders and the individuals to be appointed to the Board from time
to time; to develop and recommend to the Board matters of corporate governance; to lead the Board in its annual review of the Board and
management’s performance; and to recommend to the Board director nominees for each committee.
Pursuant to its charter, our Nomination and Corporate Governance
Committee is authorized, among other things, to seek individuals qualified to become directors for recommendation to the Board, consistent
with criteria identified by the Board; monitor and evaluate the orientation and training needs of directors and make recommendations to
the Board where appropriate; assist the Board in determining and monitoring whether or not each director and prospective director is “independent”
within the meaning of any rules and laws applicable to us; receive comments from all directors and report annually to the Board with an
assessment of the Board’s performance; periodically review our policies, practices and disclosures with respect to sustainability
and environmental, social and governance factors; and review, as it deems appropriate, the succession planning for our senior executive
officers.
Our Nomination and Corporate Governance Committee currently consists
of Stanley Stern, Meir Moshe, and Israel Mazin, all of whom are independent directors.
Nomination of Directors
Nominees for election as directors are approved and recommended
to the Board of Directors by our Nomination and Corporate Governance Committee.
Board and Committee Meetings
The table below describes the number of meetings and attendance
rates of our Board of Directors, Audit Committee and Compensation Committee in 2023*: