UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
FORM 20-F
|
REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934
|
OR
|
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
|
For the fiscal year ended
OR
|
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
|
For the transition period from __________ to __________
OR
|
SHELL COMPANY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
|
Date of event requiring this shell company report _________
Commission file number: 000-30324
(Exact name of registrant as specified in its charter)
(Jurisdiction of incorporation or organization)
(Address of principal executive offices)
Chief Financial Officer
Tel. +
(Name, Telephone, E-mail and/or Facsimile number and Address of Company Contact Person)
Securities registered or to be registered pursuant to Section 12(b) of the Act:
| Title of each class | Trading Symbol |
Name of each exchange on which registered
|
|
|
|
The
|
Securities registered or to be registered pursuant to Section 12(g) of the Act:
None
(Title of Class)
Securities for which there is a reporting obligation pursuant to Section 15(d) of the Act:
None
(Title of Class)
Indicate the number of outstanding shares of each of the issuer’s classes of capital or common stock as of the close of the period covered by the annual report:
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
☒ Yes ☐ No
If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934.
☐ Yes ☒ No
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
☒ Yes ☐ No
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).
☒ Yes ☐ No
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
|
|
Accelerated Filer ☐
|
|
Non-Accelerated Filer ☐
|
Emerging growth company
|
- 2 -
If an emerging growth company that prepares its financial statements in accordance with U.S. GAAP, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report. ☒
Indicate by check mark which basis of accounting the registrant has used to prepare the financial statements included in this filing:
|
☒
|
|
|
☐
|
International Financial Reporting Standards as issued by the International Accounting Standards Board
|
|
☐
|
Other
|
If “Other” has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow:
☐ Item 17 ☐ Item 18
If this is an annual report, indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).
☐ Yes ☒ No
- 3 -
INTRODUCTION
Unless the context otherwise
requires, all references in this Annual Report on Form 20-F (this “annual report”) to “we,” “us,”
“our,” the “Company,” and “Radware” are to Radware Ltd. and its subsidiaries.
When the following terms
and abbreviations appear in the text of this annual report, they have the meanings indicated below:
| • |
“Companies Law” or the “Israeli Companies Law” are to the Israeli Companies Law, 5759-1999, as amended;
|
| • |
“dollars,” “$” or “US$” are to U.S. dollars; |
| • |
“EUR” are to Euros; |
| • |
“Nasdaq” is to the Nasdaq Stock Market LLC; |
| • |
“NIS” or “shekels” are to New Israeli Shekels; |
| • |
“ordinary shares” are to our Ordinary Shares, par value NIS 0.05 per share; |
| • |
the “SEC” is to the U.S. Securities and Exchange Commission; |
| • |
the "U.S." is to the United States; and |
| • |
“U.S. GAAP” are to generally accepted accounting principles in the United States. |
We have registered trademarks
for, among others, Radware®; Radware Logo:
®;
OnDemand Switch®; Alteon®; APSolute®; LinkProof®; DefensePro®; CID®; SIPDirector®; AppDirector®;
AppXcel®; AppXML®; AppWall®; APSolute Insite®; StringMatch Engine®; Web Server Director®; APSolute Vision®;
vDirect®; Alteon VA®; AppShape®; FastView®; DefenseFlow®; Virtual DefensePro®; VADI® (Virtual Application
Delivery Infrastructure); ShieldSquare® and the ShieldSquare Logo: 
®,
and we have non-registered trademarks for, among others, ADC-VX™, Inflight™, CyberStack™ and SecurPath™. Unless
the context otherwise indicates, all other trademarks and trade names appearing in this annual report are owned by their respective holders.Our consolidated financial
statements appearing in this annual report are prepared in dollars and in accordance with U.S. GAAP and are audited in accordance with
the standards of the Public Company Accounting Oversight Board in the United States.
Statements made in this
annual report concerning the contents of any contract, agreement or other document are summaries of such contracts, agreements or documents
and are not complete descriptions of all of their terms. If we filed any of these documents as an exhibit to this annual report or to
any registration statement or reports that we previously filed, you may read the document itself for a complete description of its terms, and
the summary included herein is qualified by reference to the full text of the document, which is incorporated by reference into this annual
report.
-
4 -
Unless otherwise indicated,
information contained in this annual report concerning our industry and the markets in which we operate, including our competitive position
and market opportunity, is based on information from our own management estimates and research, as well as from industry and general publications
and research, surveys and studies conducted by third parties. Management estimates are derived from publicly available information, our
knowledge of our industry and assumptions based on such information and knowledge, which we believe to be reasonable. Our management estimates
have not been verified by any independent source, and we have not independently verified any third-party information. In addition, assumptions
and estimates of our and our industry’s future performance are necessarily subject to a high degree of uncertainty and risk due
to a variety of factors, including those described in Item 3.D “Risk Factors” below.
CAUTIONARY STATEMENT REGARDING
FORWARD-LOOKING STATEMENTS
FORWARD-LOOKING STATEMENTS
Except for the historical
information contained herein, the statements contained in this annual report are forward-looking statements, within the meaning of the
Private Securities Litigation Reform Act of 1995 and other federal securities laws with respect to our business, financial condition and
results of operations. Actual results could differ materially from those anticipated in these forward-looking statements as a result of
various factors, including all the risks discussed in “Risk Factors” and elsewhere in this annual report.
We urge you to consider
that statements that use the terms “believe,” “expect,” “plan,” “intend,” “estimate,”
“anticipate,” and similar expressions or future or conditional verbs such as “will,” “should,” “would,”
“may,” and “could” are intended to identify forward-looking statements. Such forward-looking statements
appear in Item 3.D “Risk Factors,” Item 4 “Information on the Company,” and Item 5 “Operating and Financial
Review and Prospects” as well as elsewhere in this annual report. These statements reflect our current views with respect to future
events, are based on assumptions and are subject to risks and uncertainties, including those discussed under Item 3.D “Risk Factors”
and in our other filings with the SEC. Readers are cautioned not to place undue reliance on these forward-looking statements, which
speak only as of the date hereof. Except as required by applicable law, including the securities laws of the United States, we do not
intend to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise.
-
5 -
Table
of Contents
| 8 | ||
| 8 | ||
| 8 | ||
| 8 | ||
|
A. |
[Reserved] |
9 |
|
B. |
Capitalization and Indebtedness |
9 |
|
C. |
Reasons for the Offer and Use of Proceeds |
9 |
|
D. |
Risk Factors |
9 |
| 39 | ||
|
A. |
History and Development of the Company |
39 |
|
B. |
Business Overview |
40 |
|
C. |
Organizational Structure |
61 |
|
D. |
Property, Plants and Equipment |
63 |
| 63 | ||
| 64 | ||
|
A. |
Operating Results |
64 |
|
B. |
Liquidity and Capital Resources |
74 |
|
C. |
Research and Development, Patents and Licenses, etc. |
78 |
|
D. |
Trend Information |
78 |
|
E. |
Critical Accounting Estimates |
81 |
| 87 | ||
|
A. |
Directors and Senior Management |
87 |
|
B. |
Compensation |
91 |
|
C. |
Board Practices |
95 |
|
D. |
Employees |
100 |
|
E. |
Share Ownership |
101 |
| 104 | ||
|
A. |
Major Shareholders |
104 |
|
B. |
Related Party Transactions |
106 |
|
C. |
Interests of Experts and Counsel |
110 |
| 111 | ||
|
A. |
Consolidated Statements and Other Financial Information |
111 |
|
B. |
Significant Changes |
111 |
-
6 -
| 112 | ||
|
A. |
Offer and Listing Details |
112 |
|
B. |
Plan of Distribution |
112 |
|
C. |
Markets |
112 |
|
D. |
Selling Shareholders |
112 |
|
E. |
Dilution |
112 |
|
F. |
Expenses of the Issue |
112 |
| 113 | ||
|
A. |
Share Capital |
113 |
|
B. |
Memorandum and Articles of Association |
113 |
|
C. |
Material Contracts |
113 |
|
D. |
Exchange Controls |
113 |
|
E. |
Taxation |
113 |
|
F. |
Dividends and Paying Agents |
128 |
|
G. |
Statement by Experts |
128 |
|
H. |
Documents on Display |
128 |
|
I. |
Subsidiary Information |
128 |
|
J. |
Annual Report to Security Holders |
128 |
| 129 | ||
| 131 | ||
| 132 | ||
| 132 | ||
| 132 | ||
| 132 | ||
| [Reserved] | 133 | |
| 133 | ||
| 134 | ||
| 134 | ||
| 135 | ||
| 136 | ||
| 136 | ||
| 137 | ||
| 137 | ||
| 137 | ||
| 138 | ||
| 138 | ||
| 138 | ||
| 138 | ||
| 140 |
-
7 -
Part
I
| ITEM 1. |
IDENTITY OF DIRECTORS, SENIOR MANAGEMENT AND ADVISERS |
Not applicable.
| ITEM 2. |
OFFER STATISTICS AND EXPECTED TIMETABLE |
Not applicable.
| ITEM 3. |
KEY INFORMATION |
-
8 -
A.
[Reserved]
B.
Capitalization and Indebtedness
Not applicable.
C.
Reasons for the Offer and Use of Proceeds
Not applicable.
D.
Risk Factors
You should carefully
consider the following risks before deciding to purchase, hold or sell our ordinary shares. Our business, operating results and financial
condition could be seriously harmed due to any of the following risks. The following risks are not the only risk factors facing our Company.
Additional risks and uncertainties not presently known to us or that we currently deem immaterial may also affect our business. The trading
price of our ordinary shares could decline due to any of these risks. You should also refer to the other information contained or incorporated
by reference in this annual report, before making any investment decision regarding our Company.
Summary of Risk Factors
The following constitutes a summary of the
material risks relevant to an investment in our Company:
Risks Related to Our
Business and Our Industry
| • |
Changing or severe global economic conditions could have a material adverse effect on our results of operations. |
| • |
We depend upon independent distributors to sell our solutions to customers. If our distributors do not succeed in selling our
products and services, we may not be able to operate profitably. |
| • |
We must manage our anticipated growth effectively in order to remain profitable. |
| • |
A shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders
or increase our manufacturing costs, and any disruption in our supply chain could have a material adverse effect on our results of operations.
|
| • |
The COVID-19 pandemic has impacted and may continue to impact our business, operating results and financial condition. |
| • |
We rely on a few vendors to provide our hardware platforms and components for the manufacture of our
products. |
-
9 -
| • |
Our success depends on our ability to attract, train and retain highly qualified personnel. |
| • |
Competition in the market for cyber security and application delivery solutions and in our industry, in general, is intense. If we
are unable to compete effectively, we may lose market share, and we may be unable to maintain profitability. |
| • |
We must develop new solutions and enhance existing solutions to remain competitive. |
| • |
Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solutions
or if our end-users experience security breaches, which could have a material adverse effect on our business, reputation and operating
results. |
| • |
As a security provider, if our internal network system is compromised by cyber-attackers or other malicious actors, or by a critical
system failure, our reputation, financial condition and operating results could be materially adversely affected. |
| • |
Outages, interruptions or delays in hosting services could impair the delivery of our cloud-based security services and harm our
business. |
| • |
Our global operations may expose us to additional risks. |
| • |
We have incurred net losses in the past and may incur losses in the future. |
| • |
A slowdown in the growth of the cyber security and application delivery solutions market would reduce our addressable market and
solutions sales. |
| • |
If the market for our cloud-based solutions does not continue to develop and grow, we may incur capital and operating losses.
|
| • |
Our solutions may have long sales cycles, which may reduce the predictability of our financial performance. |
| • |
We may pursue acquisitions or other investments that could disrupt our business and harm our financial condition. |
| • |
Our business in countries with a history of corruption and transactions with foreign governments increases the risks associated with
our international activities. |
| • |
Currency exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.
|
| • |
Undetected defects and errors may increase our costs and impair the market acceptance of our products. |
| • |
Our business and operating results could suffer if third parties infringe upon our proprietary technology. |
-
10 -
| • |
Our products may infringe on the intellectual property rights of others. |
| • |
Laws, regulations and industry standards affecting our business are evolving, and unfavorable changes could harm our business.
|
| • |
Some of our solutions contain “open source” and third-party software, and any failure to comply with the terms of one
or more of these open source and third-party software licenses could negatively affect our business. |
| • |
An increasing amount of intangible assets and goodwill on our books may in the future lead to significant impairment charges.
|
| • |
Additional tax liabilities, including due to tax positions we have taken, could materially adversely affect our results of operations
and financial condition. |
| • |
The enactment of legislation changing the United States’
taxation of international business activities could materially impact our financial position and results of operations. |
| • |
If we are unable to realize our investment objectives, our financial condition and results of operations may be adversely affected.
|
| • |
We rely on information systems to conduct our businesses, and failure to protect these systems against security breaches and otherwise
to implement, integrate, upgrade and maintain such systems in working order could have a material adverse effect on our results of operations,
cash flows or financial condition. |
| • |
Major disruptions or deficiencies of our information systems could disrupt our operations and cause unanticipated increases in our
costs. |
| • |
Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories
as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and
dealings with Russian entities by many multi-national businesses across a variety of industries. |
| • |
Climate change may have an adverse impact on our business. |
| • |
Our disclosures and initiatives related to environmental, social and governance (ESG) matters expose us to numerous risks, including
risks to our reputation, business, financial performance and growth. |
Risks Related to the Market for Our Ordinary Shares
| • |
Yehuda Zisapel, our chairman of the board, Nava Zisapel, and Roy Zisapel, our President, Chief Executive Officer and director, may
exert significant influence in the election of our directors and over the outcome of other matters requiring shareholder approval.
|
| • |
Provisions of our Articles of Association and Israeli law as well as the terms of our equity incentive plan could delay, prevent
or make a change of control of us more difficult or costly, which could depress the price of our ordinary shares. |
-
11 -
| • |
Our share price has been volatile in the past and may be subject to volatility in the future. |
| • |
If we are characterized as a passive foreign investment company, our U.S. shareholders may suffer adverse tax consequences.
|
| • |
If a U.S. person is treated as owning at least 10% of our ordinary shares, such holder may be subject to adverse U.S. federal income
tax consequences. |
Risks
Related to Operations in Israel
| • |
Political, economic and military instability in the Middle East or Israel may harm our
business. |
| • |
The tax benefits we may receive in connection with our preferred enterprise program require us to satisfy prescribed conditions and
may be terminated or reduced in the future. This would increase taxes and decrease our net profit. |
| • |
We have obtained benefits from the Israeli Innovation Authority that subject us to ongoing restrictions. |
| • |
It may be difficult to enforce a U.S. judgment against us or our officers and directors and to assert U.S. securities laws claims
in Israel. |
| • |
Your rights and responsibilities as a shareholder will be governed by Israeli law, which may differ in some respects from the rights
and responsibilities of shareholders of U.S. companies. |
Risks Related to Our Business
and Our Industry
Changing
or severe global economic conditions could have a material adverse effect on our results of operations.
Our business is affected by global economic conditions, uncertainties and downturns,
including as a result of the war in Ukraine (see the risk factor below titled “Our business may be affected by sanctions, export
controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s military
conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national
businesses across a variety of industries”), the tensions between China and Taiwan, the COVID-19 pandemic and record levels of inflation
that have resulted in significant volatility and disruptions in the global economy, including central banks in the markets in which we
operate that have tightened their monetary policies and raised interest rates, which may impact current and anticipated market demand
for our solutions. Uncertainties about current global economic conditions continue to pose a risk as our current or prospective customers
may postpone or reduce demand and spending priorities in response to such uncertainties. This could result in, among other things, a reduction
in our revenues or a failure to achieve anticipated revenue growth, longer sales cycles, and slower adoption of new technologies as well
as downward pressure on the price of our solutions. For example, the United States and Israel have recently experienced high levels of
inflation. In the event inflation persists or continues to increase, as well as other macro conditions which may have other adverse effects
on the economy, which are difficult to predict, such as instability of any bank with which we maintain a commercial relationship with,
each of the above events could have a material adverse effect on our business, operating results and financial condition.
-
12 -
We
depend upon independent distributors to sell our solutions to customers. If our distributors do not succeed in selling our products
and services, we may not be able to operate profitably.
Our growth strategy depends
upon, among other things, increasing sales of our solutions, both directly and indirectly through our different distribution channels.
We sell our solutions primarily to independent distributors, including value added resellers (VARs), original equipment manufacturers
(OEMs) and global system integrators (GSIs), and are highly dependent upon these distributors’ active marketing and sales efforts.
Our distribution agreements with our distributors generally are non-exclusive, ranging in duration with no renewal obligation on the part
of our distributors. Our distribution agreements also typically do not prevent our distributors from selling products and services of
our competitors and do not contain minimum sales or marketing performance requirements. As a result, our distributors may give higher
priority to products and services of our competitors or their own products, thereby reducing their efforts to sell our products and services.
In addition, we may not be able to maintain our existing distribution relationships, and we may not be successful in replacing them on
a timely basis, or at all. We may also need to develop new distribution channels for new products and services, and we may not succeed
in doing so. Any changes in our distributor relationships or distribution channels, including a termination or other disruption of our
commercial relationship with our distributors or our inability to establish distribution channels for new products and services, could
impair our ability to sell our products and services and have a material adverse effect on our business, financial condition and results
of operations.
We
must manage our anticipated growth effectively in order to remain profitable.
We have actively expanded
our operations in the past and may continue to expand them in the future in order to gain market share in the evolving market for cyber
security and application delivery solutions. This expansion has required, and may continue to require, managerial, operational and financial
resources.
In some cases, we may
choose to increase our cost of operations at the expense of our short-term profitability in order to support future expansion and growth.
We cannot assure you that we will continue to expand our operations successfully. If we are unable to manage our expanding operations
effectively, our revenues may not increase or may decline, our cost of operations may increase, and we may not be profitable.
A
shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing costs,
and any disruption in our supply chain could have a material adverse effect on our results of operations.
Our ability to meet customer
demands depends in part on our ability to obtain timely deliveries of parts from our suppliers and contract manufacturers. We cannot assure
you that we will not encounter supply and fulfilment issues in the future and certain components are presently available to us only from
limited sources (see the risk factor below titled “We rely on a few vendors to provide our hardware platforms and components for
the manufacture of our products” and
the discussion under Item 4.B "Business Overview—Manufacturing and Suppliers"). We may not be able to diversify sources in a timely
and cost-effective manner, which could harm our ability to deliver products to customers and adversely impact present and future sales
and profitability.
-
13 -
We may experience a shortage
of certain component parts as a result of our own manufacturing issues, manufacturing issues at our suppliers or contract manufacturers,
capacity problems or transportation and freight carriers issues experienced by our suppliers or contract manufacturers, or strong demand
in the industry for those parts, especially if there is growth in the overall economy. If there is growth in the economy, such growth
is likely to create greater pressures on us and our suppliers to accurately project overall component demand and component demands within
specific product categories and to establish optimal component levels. If shortages or delays persist, such as due to the worldwide
chipset shortage, the price of these components may increase, or the components may not be available at all.
We may also encounter
shortages if we do not accurately anticipate our needs. We may not be able to secure enough components at reasonable prices or of acceptable
quality to build new products in a timely manner in the quantities or configurations needed. Accordingly, our revenues and gross margins
could be materially and adversely affected until other sources can be developed.
In addition, our operating
results could be materially and adversely affected if we anticipate greater demand than what transpires, and we commit to purchasing more
components than we actually need. We see this specifically with respect to dated components, which we need to order in large quantities
due to manufacturing stoppage. Due to technology advancements, we are required from time to time to make “last buy” type of
stock purchases of such dated components for our legacy products.
Any disruption in our
supply chain, such as disruptions resulting from failure in telecommunication systems; acts of war, terrorism, cyber-attacks or natural
disasters, including major environmental or public health concerns, such as the COVID-19 pandemic (see the risk factor below titled “The
COVID-19 pandemic has impacted and may continue to impact our business, operating results and financial condition” and
the discussion under Item 4.B "Business Overview—Manufacturing and Suppliers"); lack of skilled labor; the disruption of transportation
networks; and adverse weather conditions, could have a material adverse effect on our business, financial
condition and results of operations.
The
COVID-19 pandemic has impacted and may continue to impact our business, operating results and financial condition.
The COVID-19 pandemic
has resulted in a widespread health crisis that has adversely affected businesses, economies and financial markets worldwide, placed constraints
on the operations of businesses, caused disruptions in global supply chains, and decreased consumer mobility and activity. Our business
has been affected in various ways, including in our sales and marketing, our supply chain and our employees.
At the same time, the
COVID-19 pandemic has negatively impacted our business by causing some delays in purchasing decisions by some of our customers, and
some difficulties in acquiring new customers given travel limitations and limits on in-person interactions with our customers and prospective
customers, as well as some disruptions in our supply chain and delivery of products to customers. For example, circumstances related
to the COVID-19 pandemic have triggered disruptions in global supply chains and interruptions and delays involving freight carriers that,
in turn, have caused difficulties in timely obtaining components from our suppliers, as well as transportation of our products after manufacture
to our customers.
-
14 -
The extent to which COVID-19
will continue to impact our business, financial condition or results of operations, will depend on future developments, which are uncertain
and cannot be predicted.
We
rely on a few vendors to provide our hardware platforms and components for the manufacture of our products.
We primarily rely on
a few original design manufacturers, or ODMs, for the manufacture and supply of our hardware platforms, with approximately 88% of our
direct product costs in 2022 related to these vendors. If we are unable to continue to acquire from these ODMs and/or other components
vendors on acceptable terms or should any of these ODMs and/or components vendors cease to supply us with such platforms or components
for any reason, we may not be able to identify and integrate an alternative source of supply in a timely fashion or at the same costs.
Any transition to one or more alternate manufacturers could result in delays, operational problems and increased costs, and may limit
our ability to deliver our products to our customers on time during such a transition period, any of which could have a material adverse
effect on our business, financial condition and results of operations.
Our
success depends on our ability to attract, train and retain highly qualified personnel.
Our products and services
require sophisticated technology, marketing and sales expertise. Accordingly, we need highly trained research and development, sales,
marketing, technical, customer support, operations and IT personnel. Competition for such qualified personnel, especially in the cyber
security domain, is intense. In particular, while there has been intense competition for such qualified personnel in the Israeli high-tech
industry historically, the industry experienced record growth and activity in 2021 and 2022, which contributed to significant levels of
employee attrition and is currently facing a severe shortage of skilled human capital, including qualified personnel in the cyber security
domain. In addition, while we utilize non-competition agreements with our employees
as a means of improving our employee retention, we may be unable to enforce these agreements under applicable laws. In light of the foregoing,
we may not be able to hire or retain sufficient personnel to support our business operations or, if we do, we may be required to offer
increased compensation to attract such employees, which could have a material adverse effect on our business, financial condition and
results of operations.
-
15 -
Competition
in the market for cyber security and application delivery solutions and in our industry, in general, is intense. If we are unable to compete
effectively, we may lose market share, and we may be unable to maintain profitability.
The cyber security
and application delivery solutions marketplace is highly competitive and has very few barriers to entry, particularly in our focus areas.
We expect competition to intensify in the future, and we may lose market share if we are unable to compete effectively.
Most of our competitors
have greater financial, personnel and other resources than we have, which may limit our ability to effectively compete with them. We expect
to continue to face additional competition as new participants enter the market or extend their portfolios into related technologies.
Current and future participants may also be able to respond more quickly to new or emerging technologies and changes in customer demands
and to devote greater resources to the development, promotion and sale of their products than we can. Larger companies with substantial
resources, brand recognition and sales channels may form consolidation and alliances with or acquire competing cyber security and application
delivery solutions and emerge as significant competitors.
Competition may result
in lower prices or reduced demand for our solutions and a corresponding reduction in our ability to recover our costs, which may impair
our ability to achieve, maintain and increase profitability. Furthermore, the dynamic market environment poses a challenge in predicting
market trends and expected growth. We cannot assure you that we will be able to implement our business strategy in a manner that will
allow us to be competitive. If any of our competitors offer products or services that are more competitive than ours, we could lose market
share and our business, financial condition and results of operations could be materially and adversely affected as a result.
We
must develop new solutions and enhance existing solutions to remain competitive.
The market for cyber
security and application delivery solutions is characterized by rapid technological changes, driven primarily by accelerated digital transformation
including a dramatic increase in work from home initiatives, a rapid shift to online business activity, and increased migration to cloud
environments. Such technological changes and transformations are accompanied by, in addition to a rapidly evolving and active cyber threat
landscape, changes in application infrastructure tools and increasingly demanding compliance mandates. The challenges we face include:
| • |
increasing throughput, capacity, performance and efficiency of our core products, to cope with growing velocity and complexity of
attacks; |
| • |
adapting to fundamental changes in our customers’ data centers’ infrastructure and changes in the locations of applications
and data by offering relevant solutions for multi-clouds and hybrid cloud environments; |
| • |
offering new solutions to adapt to the changes in applications’ deployment frameworks, workflows and architectures, massive
usage of Application Programming Interface (API) stacks and new edge delivery technologies in response to the rise of modern applications
buildup and delivery requirements; |
| • |
adapting to changes in the cyber threat landscape, by extending our security coverage to include cloud-native attacks (cloud access
management and workloads), application level attacks, usage of open source third-party libraries, encrypted attacks, automated attacks
and edge/client delivery related attacks; |
-
16 -
| • |
developing and enhancing our cloud and virtual offerings and expanding our managed security services capabilities to address the
industry trend of providing services for the cloud and through the cloud – organically and inorganically; and |
| • |
increasing our support offerings to address the industry trend of increased customer reliance on third-party provided or managed
information technology services. |
In order to meet these
challenges and remain competitive in the market, we have introduced, and must continue to introduce, new solutions and enhancements to
our existing solutions. Accordingly, our future success will depend, to a substantial extent, on our ability to accurately and timely
identify market trends and anticipate changing market requirements and needs; to invest (including through acquisition of complimentary
solutions) in research and development and timely develop, introduce and support relevant and desired new solutions and enhancements;
and to gain market acceptance of our offerings. There can be no assurances that our continued investment in research and development,
including associated capital expenditures, will ultimately allow us to remain competitive in our industry or otherwise result in successful
solutions that generate expected sales and support our growth. In addition, diversifying our solution portfolio might expose us to direct
competition with new players and might require additional investments in the associated sales and marketing practices.
If our research and
development efforts do not lead to a corresponding increase in our revenues, if we fail to timely develop and deploy new solutions and
enhancements to our existing solutions, or if we fail to gain market acceptance of our new solutions or enhanced solutions, our business,
operating results and financial condition could be materially adversely affected.
Our
reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solutions or if our
end-users experience security breaches, which could have a material adverse effect on our business, reputation and operating results.
Any errors, defects,
or misconfigurations could cause our solutions to not meet specifications, be vulnerable to security attacks or fail to secure networks
or applications which could negatively impact customer operations and consequently harm our business and reputation. In addition, we may
suffer significant adverse publicity and reputational harm and become subject to regulatory and litigation claims if our solutions are
associated, or are believed to be associated with, or fail to reasonably protect against, a security attack or a breach at a high-profile
customer, a significant customer base or a significant business partner. Many of our customers and business partners are themselves highly
regulated entities, which may result in enhanced scrutiny of our security program and controls in the event of a significant cybersecurity
incident. Moreover, any actual or perceived cyber-attack, other security breach, exposure or theft of our or our customers’ data,
regardless of whether the breach or theft is attributable to the failure of our solutions, could:
| • |
adversely affect the market’s perception of our security solutions, |
| • |
cause current or potential customers to look to our competitors for alternatives, |
-
17 -
| • |
require us to expend significant financial resources to analyze, correct or eliminate any vulnerabilities, and |
| • |
lead to investigations, litigation, fines and penalties, any of which could have a material adverse effect on our operations, financial
condition and reputation. |
Cyber-attackers or
other malicious actors are increasingly sophisticated, may be state actors or affiliated with organized crime, and may operate large-scale
and complex automated attacks. In addition, the techniques they use to access or sabotage networks or applications or to disrupt operations
(for example, via ransomware) change frequently and generally are not recognized until launched against a target. As a result, our solutions
may be unable to anticipate these techniques and provide timely or effective protection to our end-users’ networks or applications,
particularly due to the increased use by attackers of tools and techniques that are designed to circumvent security controls, to avoid
detection and to remove or obfuscate evidence. The global marketplace also expects actors to increasingly develop innovative attack methodologies
utilizing artificial intelligence to identify and exploit vulnerabilities from both technical and social engineering perspectives. In
addition, the COVID-19 pandemic significantly impact online behavior and the continued remote and hybrid working arrangements may affect
the security of businesses and individuals (for example, due to the prevalence of vulnerabilities inherent in non-corporate and home networks),
and we have observed a significant increase in cyberattack activity since the beginning of the pandemic that has also continued. If we
fail to identify and respond to new and increasingly complex methods of attack or to update our solutions to detect or prevent such threats
in time to protect our end-users’ critical business data, the integrity of our solutions and reputation, as well as our business
and operating results, could suffer.
Furthermore, security
breaches or defects in our solutions could result in loss or alteration of, or unauthorized access to, customers’ data and compromise
our customers’ networks and applications that are secured by our physical and cloud solutions. If such a security breach results
in the disruption or loss of availability, integrity or confidentiality of customers’ data, we could incur significant liability
to our customers and to businesses or individuals whose information was being handled by our customers, in addition to regulatory agencies.
There can be no assurance that limitation of liability, indemnification or other protective provisions that we attempt to include in our
contracts would be applicable, enforceable or adequate in connection with a security breach, or would otherwise protect us from any such
liabilities or damages with respect to any particular claim.
There is no guarantee
that our solutions will be free of flaws or vulnerabilities. Our end-users may also misuse our solutions, which could result in vulnerabilities
to a breach or theft of business data.
As
a security provider, if our internal network system is compromised by cyber-attackers or other malicious actors, or by a critical system
failure, our reputation, financial condition and operating results could be materially adversely affected.
We will not succeed
with our application and network security solutions unless the marketplace is confident that we provide effective cyber security protection.
We provide security solutions, and as a result, we have been, and continue to be, an attractive target of cyber-attacks and other security
incidents, which we have experienced from time to time, that are aimed at our own internal systems and network environment. We are subject
to many different types of attacks, including, among others, malware, viruses and attachments to e-mails, web application attacks, e-mails,
web application attacks, Distributed Denial of Service (DDoS) attacks and other disruptive activities of individuals or groups, all of
which are designed to impede the performance of our solutions, penetrate our network security or the security of our cloud platform or
our internal systems, misappropriate proprietary and other information and/or cause other interruptions to our services. Furthermore,
third parties may attempt to illegally induce employees or customers into disclosing our proprietary information or otherwise compromising
the security of our internal networks, systems or physical facilities in order to gain access to our data or our customers’ data.
An actual or perceived breach of security in our internal systems could adversely affect the integrity and market perception of our solutions.
Furthermore, the costs to eliminate or address security threats and vulnerabilities before or after a cyber-security incident and any
resulting regulatory or litigation actions could be significant.
-
18 -
We rely on third-party
service providers to supply physical hosting, cloud environments and specific support technologies in order to deliver and support our
security solutions, in addition to internal functions, such as human resources, finance, and electronic communications, all of which are
designed to enable us to conduct, monitor and/or protect our business, operations, systems and data assets. Such third-party service providers
have from time to time been subject to, and continue to be subject to, cyber-attacks, malicious actors and other security incidents. While
we periodically evaluate the internal security posture of each third-party service provider to determine their level of compliance, we
may not be able to detect any breach in the first instance it occurs. These risks may impact the integrity and availability of our solutions
and may expose us to legal and reputational liability.
Remediation efforts
or system redundancy or other continuity measures may be ineffective or inadequate and could result in interruptions, delays or cessation
of service and loss of existing or potential customers. There can be no assurance that limitation of liability, indemnification or other
protective provisions in our contracts would be applicable, enforceable or adequate in connection with a security breach, or would otherwise
protect us from any such liabilities or damages with respect to any particular claim. Additionally, our professional, product and cyber
liability insurance coverages may only cover certain liabilities in connection with a security breach or other security incident and may
not adequately cover all liabilities actually incurred, and we cannot assure you that insurance will continue to be available to us on
commercially reasonable terms, if at all, or that any insurer will not deny coverage as to any future claim.
In addition, any such
security breach could disrupt or impair our ability to operate our business, including our ability to provide maintenance and support
services to our customers. If this happens, our revenues could decline and our reputation and business could suffer.
Outages,
interruptions or delays in hosting services could impair the delivery of our cloud-based security services and harm our business.
We offer infrastructure
that supports our DDoS Protection services, web application firewall (WAF) and bot management cloud-based services. In addition, we provide
other services through the cloud, such as Content Delivery Network (CDN). Despite precautions taken within our own internal network and
at these third-party facilities, the occurrence of a natural disaster or an act of terrorism or other unanticipated problems could result
in lengthy interruptions in our services.
-
19 -
The cloud-based security
services that we provide are operated from a network of third-party facilities that host the software and systems that operate these security
services. Any damage to, failure of, or significant disruptions (for example, due to ransomware) to, our internal systems or systems at
third-party hosting facilities could result in outages or interruptions in our cloud-based services. Outages or interruptions in our cloud-based
security services, whether as a result of impacts to our or our third-party hosting facilities or otherwise, may cause our customers to
experience cyber-attacks and to believe that our cloud-based security services are unreliable, cause us to issue credits or pay penalties
or damages, cause customers to terminate their subscriptions and adversely affect our reputation and renewal rates and our ability to
attract new customers, ultimately harming our business and results of operations.
Our
global operations may expose us to additional risks.
We currently offer
our solutions in over 80 countries. For the years ended December 31, 2022 and 2021, our sales outside North, Central and South America
represented approximately 58% and 55%, respectively, of our total sales. We also rely on third-party service providers around the world
to supply physical hosting and cloud environments in order to deliver and support our cloud-based services. Our global business operations
involve varying degrees of risk and uncertainty inherent in doing business in so many different jurisdictions. Such risks include, among
others, difficulties and costs of staffing and managing foreign operations; the possibility of unfavorable circumstances and additional
compliance costs arising from host country laws or regulations, including unexpected changes in the interpretations thereof and reduced
protection for intellectual property rights in some countries; partial or total expropriation; export duties and quotas; local tax exposure;
economic or political instability, including as a result of insurrection, war, natural disasters, and major environmental, climate or
public health concerns, such as the COVID-19 pandemic; differences in business practices; recessionary environments in multiple foreign
markets; and damage to, or failure of, systems at third-party hosting facilities around the word resulting in outages or interruptions
in our cloud-based services. We cannot be certain that the foregoing factors will not have a material adverse effect on our future revenues
and, as a result, on our business, operating results and financial condition.
We
have incurred net losses in the past and may incur losses in the future.
Although we have been
profitable in the past several years, we incurred net losses during 2022. Our ability to maintain
or increase profitability in the future depends in part on the following factors: the economic health of the global economy, including
geopolitical tensions, the potential effects of the COVID-19 pandemic, record levels of inflation and rising interest rates; the rate
of growth of, and changes in technology trends in our market and other industries in which we currently or may in the future operate;
our ability to develop and manufacture new products and technologies and deliver new solutions in a timely manner; the competitive position
of our products and services; the continued acceptance of our solutions by our customers and in the industries that we serve; and our
ability to manage expenses. In the future, it may be necessary to undertake cost reduction initiatives to remain profitable, which could
lead to a deterioration of our competitive position. Any difficulties that we encounter as we reduce our costs could negatively impact
our results of operations and cash flows. Our revenues may
not continue to increase or may grow at a lower rate than we have experienced in the past several years or may even decline, which would
negatively impact our results of operations and cash flows. We cannot assure you that we will remain profitable.
-
20 -
We
may increase our operating expenses in future periods. Our decision to increase operating expenses and the scope of such increases depends
upon several factors, including the market situation and the effectiveness of our past expenditures. We may continue to make additional
expenditures in anticipation of generating higher revenues, which we may not realize, if at all, until sometime in the future. This
could cause reductions in our profitability or lead to losses. Additionally, a failure of any acquisition or product development initiative
to produce increased revenues could have a material adverse effect on our operations and profitability.
A
slowdown in the growth of the cyber security and application delivery solutions market would reduce our addressable market and solutions
sales.
The cyber security and
application delivery market in which we operate is rapidly evolving, and we cannot assure you that it will continue to develop and grow.
In addition, we cannot assure you that our solutions and technology will keep pace with the changes to this market. Market acceptance
of cyber security and application delivery solutions may be inhibited by, among other factors, a lack of anticipated congestion and strain
on existing network infrastructures and the availability of alternative solutions. If demand for cyber security and application delivery
solutions does not continue to grow, or grows at a slower pace than expected, we may not be able to sell enough of our solutions to maintain
or increase our profitability.
If
the market for our cloud-based solutions does not continue to develop and grow, we may incur capital and operating losses.
As we continue to expand
our cloud-based solution offerings, our investments, both capital and operational, in our cloud business increase. We cannot assure you
that sales of our cloud-based solutions will continue to develop and grow. In addition, we cannot assure you that our services and technology
will keep pace with the changes in this market. Specifically, the emergence of alternative solutions, such as those offered by Amazon
Web Services, Inc. (AWS), Microsoft Azure or Google’s public cloud, may negatively affect sales of our solutions.
Our
solutions may have long sales cycles, which may reduce the predictability of our financial performance.
Our solutions are technologically
complex and are typically intended for use in applications that may be critical to the business of our customers. As a result, our pre-sales
process can be subject to delays associated with customers’ budgetary constraints and lengthy approval and procurement processes.
The sales cycles of our solutions to new customers can last for as long as twelve months (and in some cases even longer, for example,
with carrier customers) from initial presentation to sale. Long sales cycles result in a delay to our generation of revenue. Long sales
cycles also subject us to risks not usually encountered in short sales cycles, including our customers’ budgetary constraints and
internal acceptance reviews and processes prior to purchase. In addition, orders expected in one quarter could shift to another
because of the timing of our customers’ procurement decisions. Furthermore, customers may defer orders in anticipation of new solutions
or product enhancements introduced by us or by our competitors. These factors complicate our planning processes and reduce the predictability
of our financial performance.
-
21 -
We
may pursue acquisitions or other investments that could disrupt our business and harm our financial condition.
As part of our business
strategy, we may invest in or acquire complimentary businesses, technologies or assets or enter into joint ventures or other strategic
relationships with third parties. Past acquisitions have caused, and future acquisitions may cause,
us to assume liabilities, incur acquisition-related costs, incur amortization expenses or realize write-offs on assets no longer
being used or phased out. In addition, the future valuation of these acquisitions may decrease from the market price paid by us, which
could result in the impairment of our goodwill and other intangible assets associated with the relevant acquired assets. Moreover,
our operation of any acquired or merged businesses, technologies or assets could involve numerous risks, including:
| • |
post-merger integration problems resulting from the combination of any acquired operations with our own operations or from the combination
of two or more operations into a new unified entity; |
| • |
diversion of management’s attention from our core business; |
| • |
substantial expenditures, which could divert funds from other corporate uses; |
| • |
entering markets in which we have little or no experience; |
| • |
loss of key employees of the acquired operations; and |
| • |
known or unknown contingent liabilities, including, but not limited to, tax and litigation costs. |
We cannot be certain
that any past or future acquisitions or mergers will be successful. If the operation of the business of any future acquisitions or mergers
disrupts our operations, our results of operations may be adversely affected, and even if we successfully integrate the acquired business
with our own, we may not receive the intended benefits of the acquisition. In addition, our pursuit
of potential acquisitions may divert our management’s attention from our core business and require considerable cash outlays at
the expense of our existing operations, whether or not such transactions are consummated. A failure of any acquisitions or product developments
to produce increased revenues could have a material adverse effect on our operations and profitability.
-
22 -
Our business in countries with a history of corruption and transactions
with foreign governments increases the risks associated with our international activities.
As we operate and sell
internationally, we are subject to the Foreign Corrupt Practices Act of 1977, as amended (the “FCPA”), the U.K. Bribery Act
of 2010 (the “UK Bribery Act”) and other laws that prohibit improper payments or offers of payments to foreign governments
and their officials and political parties for the purpose of obtaining or retaining business. We have operations, deal with and make sales
to governmental customers in countries known to experience corruption, particularly certain emerging countries in Eastern Europe, South
and Central America, East Asia, Africa and the Middle East. Our activities in these countries create the risk of unauthorized payments
or offers of payments by one of our employees, consultants, channel partners or sales agents that could be in violation of various anti-corruption
laws, even though these parties may not be under our control. While we have implemented safeguards to prevent these practices by our employees,
consultants, channel partners and sales agents, our existing safeguards and any future improvements may prove to be less than effective,
and our employees, consultants, channel partners or sales agents may engage in conduct for which we might be held responsible. Violations
of the FCPA, the UK Bribery Act or other anti-corruption laws may result in severe criminal or civil sanctions, including suspension or
debarment from government contracting, and we may be subject to other liabilities, which could negatively affect our business, operating
results and financial condition.
Currency
exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.
We are impacted by exchange
rates and fluctuations thereof in a number of ways, including:
| • |
A large portion of our expenses in Israel, principally salaries and related personnel expenses, are paid in NIS, whereas most of
our revenues are generated in U.S. dollars. When the U.S. dollar is weak, our foreign currency-denominated expenses will be higher, whereas
if the U.S. dollar is strong, our foreign currency-denominated expenses will be lower. If the NIS strengthens against the U.S. dollar,
the dollar value of our Israeli expenses will increase and may have a material adverse effect on our business, operating results and financial
condition; |
| • |
A portion of our international sales are denominated in currencies other than U.S. dollars, such as Euros, thereby exposing us to
currency fluctuations in such international sales transactions; |
| • |
We incur expenses in several other currencies in connection with our operations in Europe and Asia. Devaluation of the U.S. dollar
relative to such local currencies causes our operational expenses to increase; and |
| • |
The majority of our international sales are denominated in U.S. dollars. Accordingly, devaluation in the local currencies of our
customers relative to the U.S. dollar could cause our customers to decrease orders or default on payment. |
-
23 -
Commencing in 2022, although
we engaged in foreign currency hedging transactions intended to reduce the effect of fluctuations in foreign currency exchange rates on
our financial position and results of operations, not all of our potential exposure is covered and, regardless,
there can be no assurance that any such hedging transactions will materially reduce the effect of fluctuations in foreign currency
exchange rates on such results. For a further discussion of the impact on currency exchange rates on our business, see Item 11 “Quantitative
and Qualitative Disclosures About Market Risk.”
Undetected
defects and errors may increase our costs and impair the market acceptance of our products.
Our products have occasionally
contained, and may in the future contain, undetected defects or errors, especially when first introduced or when new versions are released,
due to defects or errors that we fail to detect, including in components supplied to us by third parties. These defects or errors may
be found after the commencement of commercial shipments. In addition, because our customers integrate our products into their networks
with products from other vendors, it may be difficult to identify the product that has caused the problem in the network. Regardless of
the source of these defects or errors, we will then need to divert the attention of our engineering personnel from our product development
efforts to detect and correct these errors and defects. We cannot assure you whether we will incur significant warranty or repair costs,
be subject to liability claims for material damages related to product errors or defects or experience any material lags or delays as
a result thereof in the future. Any insurance coverage that we maintain may also not provide sufficient protection should a claim
be asserted. Moreover, the occurrence of errors and defects, whether caused by our products or the components supplied by another vendor,
may result in significant customer relations problems and injure our reputation, thereby impairing the market acceptance of our products.
Our
business and operating results could suffer if third parties infringe upon our proprietary technology.
Our success depends,
in part, upon the protection of our proprietary software installed in our products, our trade secrets and trademarks. We seek to protect
our intellectual property rights through a combination of trademark and patent law, trade secret protection, confidentiality agreements
and other contractual arrangements with our employees, affiliates, distributors and others. In the United States and several other countries,
we have registered or acquired trademarks. In addition, we have registered patents in the U.S. and other
jurisdictions and have pending patent applications and provisional patents in connection with several of our products’ features.
The protective steps
we have taken may be inadequate to deter infringement upon our intellectual property rights or misappropriation of our proprietary information.
We may be unable to detect the unauthorized use of our proprietary technology or take appropriate steps to enforce our intellectual property
rights. Effective trademark, patent and trade secret protection may not be available in every country in which we offer, or intend to
offer, our products. In addition, our competitors may independently develop technologies that are substantially equivalent or superior
to our technology. Any licenses for intellectual property that might be required for our services or products may not be available on
reasonable terms. Failure to adequately protect our intellectual property rights could devalue our proprietary content, impair our ability
to compete effectively and eventually harm our operating results. Furthermore, defending our intellectual property rights, either by way
of initiating intellectual property litigation or defending such, could result in the expenditure of significant financial and managerial
resources. Moreover, any adverse outcome of litigation proceedings could impact the value of our proprietary technology and have
additional significant financial impacts, which may harm our operating results.
-
24 -
Our
products may infringe on the intellectual property rights of others.
Third parties may assert
claims that we have violated a patent, trademark, copyright or other proprietary intellectual property right belonging to them. As is
characteristic of our industry, there can be no assurance that our products do not or will not infringe the proprietary rights of third
parties, that third parties will not claim infringement by us with respect to patents or other proprietary rights, or that we would prevail
in any such proceedings. We have received in the past, and may receive in the future, communications asserting that the technology used
in some of our products requires third-party licenses. Any infringement claims, whether or not meritorious, could result in significant
costly litigation or arbitration and divert the attention of technical and management personnel. Any adverse outcome in litigation alleging
infringement could require us to develop non-infringing technology or enter into royalty or licensing agreements. If, in such situations,
we are unable to obtain licenses on acceptable terms, we may be prevented from manufacturing or selling products that infringe such intellectual
property of a third party. An unfavorable outcome or settlement regarding one or more of these matters could have a material adverse effect
on our business, reputation and operating results.
Laws,
regulations and industry standards
affecting our business are evolving, and unfavorable changes could harm our business.
Laws,
regulations and industry standards that apply to our business are becoming more prevalent and constantly evolving, particularly in the
area of data privacy and cyber security. We may be impacted by changes in privacy-related and cyber security-related regulations governing
the collection, use, retention, sharing and security of personal data that we collect, utilize, or otherwise process from our customers
and/or visitors to their websites and others. Complying with a diverse range of privacy and cyber security requirements could cause us
to incur substantial costs or require us to change our business practices in a manner adverse to our business. Any failure, or perceived
failure, by us to comply with any privacy or cyber security-related laws, government regulations or directives, or industry self-regulatory
principles could result in damage to our reputation or proceedings or actions against us by governmental entities or others, which could
potentially have an adverse effect on our business.
For
example, in the European Economic Area (EEA), we are subject
to the General Data Protection Regulation 2016/679 (GDPR) and in the United Kingdom we are subject to the United Kingdom data protection
regime consisting primarily of the UK General Data Protection Regulation and the UK Data Protection Act 2018 (UK DP Laws), in each case
in relation to our collection, control, processing, sharing, disclosure and other use of data relating to an identifiable living individual
(personal data). The GDPR, and national implementing legislation in EEA member states and the United Kingdom, impose a strict data protection
compliance regime. Our compliance with GDPR and UK DP Laws,
as well as other data privacy and cyber security laws around the world, evolving regulations of cloud computing, cross-border data
transfer restrictions and other domestic or foreign regulations, has required and will continue to require
us to invest significant resources in compliance and compliance-related areas.
-
25 -
Furthermore,
laws, regulations and industry standards are subject to constant and, at times, drastic changes that, particularly in the case of industry
standards, may arrive with little or no notice, and these could either help or hurt the demand for our solutions. If we are unable to
adapt our solutions to changing laws, regulations and industry standards in a timely manner, or if our solutions fail to assist our customers
with their compliance initiatives, our customers may lose confidence in our solutions and could switch to competing solutions. Recent
legal developments in Europe have created complexity and uncertainty regarding transfers of personal data from the EEA and the United
Kingdom to the United States. These recent developments may require us to review and amend the
legal mechanisms by which we make and/or receive personal data transfers to or in the U.S. Such legal developments also cause us to look
at our operations and review our data flows to ensure we can continue to meet clients’ increasing requests for data to remain in-country
or in-region. At the same time, if, contrary to this trend, regulations and standards related to cyber
security are changed in a manner that makes them less onerous, our customers may view government and industry regulatory compliance as
less critical to their businesses, and our customers may purchase fewer of our solutions, or none at all. In either case, our sales and
financial results would be negatively impacted and could be materially adversely affected.
Some
of our solutions contain “open source” and third-party software, and any failure to comply with the terms of one or more of
these open source and third-party software licenses could negatively affect our business.
Some
of our products utilize open source technologies. Some open source software licenses require users who distribute or make available as
a service open source software as part of their own software product to publicly disclose all or part of the source code of the users’
software product or to make available any derivative works of the open source code on unfavorable terms or at no cost. We have established
processes to help alleviate these risks, including a review process for screening requests from our development organization for the use
of open source software, but we cannot be sure that all open source software is submitted for approval prior to use in our products. In
addition, open source license terms may be ambiguous and many of the risks associated with use of open source software cannot be eliminated,
and could, if not properly addressed, negatively affect our business. We may face ownership claims from third parties over, or seeking
to enforce the license terms applicable to, such open source software, including by demanding the release of the open source software,
derivative works or our proprietary source code. Any such requirement to disclose our source code or other confidential information related
to our products could materially and adversely affect our competitive position and may adversely impact our business, results of operations
and financial condition. In addition, if the license terms for the open source code change, we may be forced to re-engineer our software
or incur additional costs.
In
addition, some of our solutions include other software
or intellectual property licensed from third parties. This exposes us to risks over which we may have little or no control. There can
be no assurance that the licenses from such third-party licensors will continue to be available to us on acceptable terms, if at all.
In addition, while we believe we are compliant with the terms of our third-party licenses, such licensors
may still assert that we are in breach of the terms of a license, which could give such licensors the right to terminate a license or
seek damages from us, or both. Our inability to maintain such licenses or the need to engage in litigation regarding these matters, could
result in delays in releases of new products, and could otherwise disrupt our business, unless and until equivalent technology can be
identified, licensed or developed at substantially the same costs to us.
-
26 -
An
increasing amount of intangible assets and goodwill on our books may in the future lead to significant impairment charges.
The amount of goodwill
and intangible assets on our consolidated balance sheets was, as of December 31, 2022, approximately $87.7 million, compared to $51.9
million as of December 31, 2021. We regularly review our intangible and tangible assets, including goodwill, for impairment. Goodwill
is subject to impairment review at least annually, and other intangible assets are reviewed for impairment when there is an indication
that impairment may have occurred. Impairment testing has led to, and may in the future lead to, significant additional impairment charges.
Additional
tax liabilities, including due to tax positions we have taken, could materially adversely affect our results of operations and financial
condition.
We operate our business
in various countries, and we attempt to utilize an efficient operating model to optimize our tax payments based on the laws in the countries
in which we operate. This can cause disputes between us and various tax authorities in the countries in which we operate, whether due
to tax positions that we have taken in various tax returns we have filed or due to determinations we have made not to file tax returns
in certain jurisdictions. In particular, not all of our tax returns are final and may be subject to further audit and assessment by applicable
tax authorities. There can be no assurance that the applicable tax authorities will accept our tax positions, and, if they do not, we
may be required to pay additional taxes. In the past few years, certain tax authorities who have audited our tax returns have rejected
our tax positions, and, while we intend to vigorously maintain our positions, we cannot be sure that our positions will be accepted, and
we may end up paying additional taxes, whether as a result of litigation, if instituted, or settlement negotiations. While we have established
reserves based on assumptions and estimates that we believe are reasonable to cover such positions, these reserves may prove to be insufficient
and as such, our future results may be adversely affected.
In recent years, we
have seen changes in tax laws resulting in an increase in applicable tax rates, especially increased liabilities of corporations and limitations
on the ability to benefit from strategic tax planning, with these laws particularly focused on international corporations. Such legislative
changes in one or more jurisdictions in which we operate may have implications on our tax liability and have a material adverse effect
on our results of operations and financial condition. For example, the Organization for Economic Cooperation and Development, or the OECD,
an intergovernmental organization that aims to promote the economic and social well-being of people around the world, introduced the base
erosion and profit shifting (BEPS) project. The BEPS project contemplates changes to numerous international tax principles, as well as
national tax incentives, and these changes, if adopted by individual countries, could adversely affect our provision for income taxes.
Countries have only recently begun to translate the BEPS recommendations into specific national tax laws, and it remains difficult to
predict with accuracy the magnitude of any impact that such new rules may have on our financial results. The U.S. and Israel, among other
countries in which we have operations, are members of the OECD.
-
27 -
The enactment of legislation
changing the United States’ taxation of international business activities could materially impact our financial position and results
of operations.
Due to the expansion of our international business activities,
any changes in the U.S. taxation of such activities may increase our worldwide effective tax rate, and adversely affect our financial
position and results of operations. The U.S. presidential administration and members of the U.S. Congress have proposed significant changes
in U.S. federal income tax law, regulation and government policy within the United States, which could affect us and our business. For
example, the recent Inflation Reduction Act enacted in the United States introduced, among other changes, a 15% corporate minimum tax
on certain United States corporations and a 1% excise tax on certain stock redemptions by United States corporations (which the U.S. Treasury
indicated may also apply to certain stock redemptions by a foreign corporation funded by certain United States affiliates). Further,
other foreign governments may enact tax laws in response to any changes in the U.S. taxation of international business activities that
could result in further changes to global taxation and materially affect our financial position and results of operations. We are currently
unable to predict whether these or other changes will occur and, if so, the ultimate impact on our business. To the extent that such changes
have a negative impact on us, our suppliers or our consumers, including as a result of related uncertainty, these changes may materially
and adversely impact our business, financial condition, results of operations and cash flow.
If
we are unable to realize our investment objectives, our financial condition and results of operations may be adversely affected.
We maintain substantial
balances of cash and liquid investments as strategic assets for purposes of acquisitions and general corporate purposes, including share
repurchases. Our cash, cash equivalents, short- and long-term bank deposits and marketable securities totaled $432.0 million as of December 31,
2022, compared to $465.8 million as of December 31, 2021. The performance of the capital markets is the primary factor that affects
the values of funds that are held in marketable securities. While we believe we have taken a conservative approach in our investments,
by investing the majority of our debt marketable securities portfolio at securities that are rated A- or higher, these assets are subject
to market fluctuations and various developments, including, without limitation, rating agency downgrades that may impair their value.
We expect that market conditions will continue to fluctuate and that the fair value of our investments may be affected accordingly, including,
without limitation, by the economic effects of the COVID-19 pandemic and the rising levels of inflation and interest rates.
-
28 -
Financial income is
a component of our net income and the outlook for our financial income is dependent, in part, on the future direction of interest rates,
exchange rates, the amount of any share repurchases or acquisitions that we make and the amount of cash flows from operations that are
available for investment. For example, for the years ended December 31, 2022 and 2021, we had $8.1 million and $4.4 million, respectively,
of net financial income, that was primarily derived from the value of our investments. The performance of the capital markets affects
the values of our funds that are held in marketable securities. These assets are subject to market fluctuations and will yield uncertain
returns. Due to certain market developments, including investments’ rating downgrades, the fair value of these investments may decline.
If market conditions continue to fluctuate, the fair value of our investments may be impacted accordingly. Although our investment guidelines
stress diversification and capital preservation, our investments are subject to a variety of risks, including risks related to general
economic conditions, interest rate fluctuations and market volatility.
In particular, our investment portfolios
include a significant amount of interest rate-sensitive instruments, such as bonds, which, in addition to the inherent risk associated
with the debt, may be adversely affected by changes in interest rates. Changes in interest rates and credit quality may also result in
fluctuations in the income derived from, or the valuation of, our fixed income securities. Interest rates are highly sensitive to many
factors, including governmental monetary policies, domestic and international economic and political conditions and other factors beyond
our control. For example, benchmark interest rates, such as the U.S. Federal Funds Rate, are currently relatively high, which is likely
to significantly impact our investment income. Additional increases in interest rates might decrease the value of our investments
in fixed-income securities. If increases in interest rates occur during periods when we sell investments to satisfy liquidity needs, we
may experience investment losses. Conversely, if interest rates decline, reinvested funds and our investment in bank deposits will earn
less than expected.
In terms of credit
risk, our investment portfolio policy is “buy and hold” while minimizing credit risk by setting maximum concentration limit
per issuer and credit rating. Our investments consist primarily of government and corporate bonds and bank deposits. Although we believe
that we generally adhere to conservative investment guidelines, if turmoil in the financial markets reoccurs in the future, it may result
in impairments of the carrying value of our investment assets since we classify our investments in marketable securities as available-for-sale.
Changes in the fair value of investments classified as available-for-sale are not recognized as income (loss) during the period, but rather
are recognized as a separate component of equity until realized. Realized losses in our investments portfolio may adversely affect our
financial position and results. For example, if we had reported all the changes in the fair values of our investments into income (loss),
our reported net loss would have increased by $4.4 million during the year ended December 31, 2022, and our net income would have decreased
by $0.5 million during the year ended December 31, 2021. Any significant decline in our financial income or the value of our investments
as a result of continued high interest rates, deterioration in the credit worthiness of the securities in which we have invested, general
market conditions or other factors could have an adverse effect on our results of operations and financial condition.
-
29 -
We
rely on information systems to conduct our businesses, and failure to protect these systems against security breaches and otherwise to
implement, integrate, upgrade and maintain such systems in working order could have a material adverse effect on our results of operations,
cash flows or financial condition.
The efficient operation
of our businesses depends on our computer hardware and software systems. For instance, we rely on information systems to process customer
orders, manage accounts receivable collections, manage accounts payable processes, track costs and operations, maintain client relationships
and accumulate financial results. Despite our implementation of industry-accepted security measures and technology, our information systems
are vulnerable to, and have been in the past subject to, computer viruses, attempts to insert malicious codes, unauthorized access, phishing
efforts, denial-of-service attacks and other cyber-attacks, and we expect to be subject to similar attacks in the future as such attacks
become more sophisticated and frequent. A breach of our information systems could result in decreased performance, operational difficulties
and increased costs, any of which could have a material adverse effect on our business and operating results.
Major
disruptions or deficiencies of our information systems could disrupt our operations and cause unanticipated increases in our costs.
We have invested, and
intend to continue to invest, significant capital and human resources in our information systems, including in a project for company-wide
sales, operations and services support systems. Any major disruptions or deficiencies in the design and implementation of our information
systems, particularly those that impact our operations, could adversely affect our ability to process customer orders, ship products,
provide services and support to our customers, bill and track our customers, timely report our financial results and otherwise run our
business.
Our
business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well
as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings
with Russian entities by many multi-national businesses across a variety of industries.
As a result of Russia’s
military conflict in Ukraine, governmental authorities in the United States, the European Union and the United Kingdom, among others,
launched an expansion of coordinated sanctions and export control measures, including:
| • |
blocking sanctions on some of the largest state-owned and private Russian financial institutions (and
their subsequent removal from SWIFT); |
| • |
blocking
sanctions against Russian and Belarusian individuals, including the Russian President, other politicians and those with government connections
or involved in Russian military activities;
|
-
30 -
| • |
blocking sanctions against certain Russian businessmen and their businesses, some of which have significant
financial and trade ties to the European Union; |
| • |
blocking of Russia’s foreign currency reserves and prohibition on secondary trading in Russian
sovereign debt and certain transactions with the Russian Central Bank, National Wealth Fund and the Ministry of Finance of the Russian
Federation; |
| • |
expansion of sectoral sanctions in various sectors of the Russian and Belarusian economies and the defense sector; |
| • |
United Kingdom sanctions introducing restrictions on providing loans to, and dealing in securities issued by, persons connected with
Russia; |
| • |
restrictions on access to the financial and capital markets in the European Union, as well as prohibitions on aircraft leasing operations;
|
| • |
sanctions prohibiting most commercial activities of U.S. and EU persons in Crimea and Sevastopol; |
| • |
enhanced export controls and trade sanctions targeting Russia’s imports of technological goods as a whole, including tighter
controls on exports and re-exports of dual-use items, stricter licensing policy with respect to issuing export licenses, and/or increased
use of “end-use” controls to block or impose licensing requirements on exports, as well as higher import tariffs and a prohibition
on exporting luxury goods to Russia and Belarus; |
| • |
closure of airspace to Russian aircraft; and |
| • |
ban on imports of Russian oil, liquefied natural gas and coal to the United States. |
As the conflict in Ukraine
continues, there can be no certainty regarding whether the governmental authorities in the United States, the European Union, the United
Kingdom or other counties will impose additional sanctions, export controls or other measures targeting Russia, Belarus or other territories.
Furthermore, in retaliation against new international sanctions and as part of measures to stabilize and support the volatile Russian
financial and currency markets, the Russian authorities also imposed significant currency control measures aimed at restricting the outflow
of foreign currency and capital from Russia, imposed various restrictions on transacting with non-Russian parties, banned exports of various
products and other economic and financial restrictions.
Our business must be
conducted in compliance with applicable economic and trade sanctions laws and regulations, including those administered and enforced by
the U.S. Department of Treasury’s Office of Foreign Assets Control, the U.S. Department of State, the U.S. Department of Commerce,
the United Nations Security Council and other relevant governmental authorities. We must be ready to comply with the existing and any
other potential additional measures imposed in connection with the conflict in Ukraine. The imposition of such measures could adversely
impact our business, including preventing us from performing existing contracts, recognizing revenue, pursuing new business opportunities
or receiving payment for products already supplied or services already performed with customers.
-
31 -
In 2022 and 2021, 7%
and 5%, respectively, of our total revenues were from sales to customers located in Russia. We continuously review and monitor our
contractual relationships with suppliers and customers to establish whether any of them are the target of the applicable sanctions. In
the event that we identify a party with which we have a business relationship that is the target of applicable sanctions, we would immediately
activate a legal analysis of what gives rise to the business relationship, including any contract, to estimate the most appropriate course
of action to comply with the sanction regulations, together with the impact of a contractual termination according to the applicable law,
and then proceed as required by the regulatory authorities. However, given the range of possible outcomes, the full costs, burdens, and
limitations on our and our customer’s and business partners’ businesses are currently unknown and may become significant.
Furthermore, even if
an entity is not formally subject to sanctions, customers and business partners of such entity may decide to reevaluate or cancel projects
with such entity for reputational or other reasons. As result of the ongoing conflict in Ukraine, many U.S. and other multi-national businesses
across a variety of industries, including consumer goods and retail, food, energy, finance, media and entertainment, tech, travel and
logistics, manufacturing and others, have indefinitely suspended their operations and paused all commercial activities in Russia and Belarus.
Depending on the extent and breadth of sanctions, export controls and other measures that may be imposed in connection with the
conflict in Ukraine, it is possible that our business, financial condition and results of operations could be materially and adversely
affected.
Climate
change may have an adverse impact on our business.
Global climate change may result in certain natural disasters occurring more frequently
or with greater intensity, such as drought, wildfires, storms, sea-level rise, and flooding and many believe that the risks related to
climate change are increasing in both impact and type of risk. While we do not believe there will be significant near-term impacts to
our business and operations due to climate change, long-term impacts remain unknown. These include operational risks impacting, among
other things, our supply chain, our personnel or electrical power availability from climate changed-related weather events as well as
business and regulatory risks. For example, regulatory risks resulting from changes in laws and regulations on climate change may increase
our compliance costs and limit our ability to operate. Similarly, the evolving customer and other stakeholder expectations and regulatory
requirements to reduce carbon emissions could present a risk of loss of business if we are not able to meet those expectations or requirements.
Our
disclosures and initiatives related to environmental, social and governance (ESG) matters expose us to numerous risks, including risks
to our reputation, business, financial performance and growth.
There has been increasing
public focus by investors, customers, environmental activists, the media and governmental and nongovernmental organizations on a variety
of ESG matters, which may result in increased costs (including but not limited to increased costs related to compliance, stakeholder engagement,
and contracting), impact our reputation, or otherwise affect our business performance. As we identify ESG topics for voluntary disclosure,
we have expanded and, in the future, may continue to expand, our voluntary disclosures in these areas. Statements about our ESG initiatives
and goals, and progress against those goals, may be based on standards for measuring progress that are still developing, internal controls
and processes that continue to evolve, and assumptions that are subject to change in the future. If our ESG-related data, processes and
reporting are incomplete or inaccurate, or if we fail to achieve progress with respect to our ESG goals on a timely basis, or at all,
our reputation, business, financial performance and growth could be adversely affected. In addition, this emphasis on ESG matters has
resulted and may result in the adoption of new laws and regulations, including new reporting requirements. If we fail to comply with new
laws, regulations or reporting requirements, our reputation and business could be adversely impacted.
-
32 -
Risks Related to the Market
for Our Ordinary Shares
Yehuda
Zisapel, our chairman of the board, Nava Zisapel, and Roy Zisapel, our President, Chief Executive Officer and director, may exert significant
influence in the election of our directors and over the outcome of other matters requiring shareholder approval.
As of March 26, 2023, Yehuda Zisapel, the Chairman of our Board of Directors, beneficially
owned approximately 4.44% of our outstanding ordinary shares; Nava Zisapel, beneficially owned approximately 6.98% of our outstanding
ordinary shares; and their son, Roy Zisapel, our President, Chief Executive Officer and director, beneficially owned approximately 3.40%
of our outstanding ordinary shares (see Item 6.E “Share Ownership”). As a result, if these shareholders act together,
they could exert significant influence on the election of our directors and on decisions by our shareholders on matters submitted to shareholder
vote, including mergers, consolidations and the sale of all or substantially all of our assets. This concentration of ownership of our
ordinary shares could delay or prevent proxy contests, mergers, tender offers, or other purchases of our ordinary shares that might otherwise
give our shareholders the opportunity to realize a premium over the then-prevailing market price for our ordinary shares. This concentration
of ownership may also adversely affect our share price.
Provisions
of our Articles of Association and Israeli law as well as the terms of our equity incentive plan could delay, prevent or make a change
of control of us more difficult or costly, which could depress the price of our ordinary shares.
The provisions in our
Articles of Association relating to the election of our directors in three staggered classes, the submission of shareholder proposals
for shareholders meetings and the quorum requirement for adjourned shareholder meetings may have the effect of delaying or making an unsolicited
acquisition of our Company more difficult. Israeli corporate and tax laws, including the ability of our Board of Directors to adopt a
shareholder rights plan without further shareholder approval, may also have the effect of delaying, preventing or making an acquisition
of us more difficult. For example, under the Companies Law, upon the request of a creditor of either party to a proposed merger, an Israeli
court may delay or prevent the merger if it concludes that there is a reasonable concern that, as a result of the merger, the surviving
company will be unable to satisfy the obligations of any of the parties to the merger. In addition, our Key
Employee Share Incentive Plan (1997), as amended, or the Share Incentive Plan provides that, in the event of a “Hostile Takeover”
(which is defined to include, among others, an unsolicited acquisition of more than 20% of our outstanding shares), the vesting of all
or a portion of our outstanding equity awards will accelerate, unless otherwise determined by our Board of Directors (or a committee thereof).
As a result, an acquisition of our Company that triggers the said acceleration will be more costly to a potential acquirer. These provisions
could cause our ordinary shares to trade at prices below the price for which third parties might be willing to pay to gain control over
us. Third parties who are otherwise willing to pay a premium over prevailing market prices to gain control of us may be unwilling to do
so because of these provisions.
-
33 -
Our
share price has been volatile in the past and may be subject to volatility in the future.
The market price for
our ordinary shares, as well as the prices of shares of other technology companies, has been volatile. For example, during 2022 the lowest
closing price of our share was $17.42, compared to the highest closing price of our share of $41.67 during the same year. The volatility
of our share price may have a negative impact on our financial performance as a result of its negative impact on employee retention. Numerous
factors, many of which are beyond our control, may cause the market price and trading volume of our ordinary shares to fluctuate significantly
and decrease further, including:
| • |
operating results that do not meet forecasts by securities analysts; |
| • |
announcements concerning us or our competitors; |
| • |
the introduction of new products and new industry standards; |
| • |
general market conditions and changes in market conditions in our industry; |
| • |
the general state of securities markets (particularly the technology sector); |
| • |
political,
economic and other developments in the State of Israel, the U.S. and worldwide, including, for example, the recent
military conflict in Ukraine; and |
| • |
any of the events underlying any of the other risks or uncertainties set forth elsewhere in this annual
report actually occurs. |
If
we are characterized as a passive foreign investment company, our U.S. shareholders may suffer adverse tax consequences.
Generally, if for any taxable year, after applying
certain “look through” tax rules, (i) 75% or more of our gross income is passive income, or (ii) at least 50% of the fair
market value of our assets, averaged quarterly over our taxable year, are held for the production of, or produce, passive income, we would
be characterized as a passive foreign investment company, or PFIC, for U.S. federal income tax purposes. If we are classified as a PFIC,
our U.S. shareholders could suffer adverse U.S. tax consequences, including having gain realized on the sale of our ordinary shares treated
as ordinary income, as opposed to capital gain income, and having potentially punitive interest charges apply to such gain. Similar rules
would apply to certain “excess distributions” made with respect to our ordinary shares.
-
34 -
For our taxable year
ended December 31, 2022, we do not believe that we should be classified as a PFIC. There can be no assurance, however, that the IRS will
not challenge this treatment, and it is possible that the IRS could attempt to treat us as a PFIC for 2022 and prior taxable years.
The tests for determining PFIC status are applied annually, and require a factual determination that depends on, among other things, the
composition of our income, assets and activities in each taxable year, and can only be made annually
after the close of each taxable year. Furthermore, the aggregate value of our gross assets is likely to be determined in part by reference
to the trading price of our ordinary shares, which could fluctuate significantly. We have
a substantial balance of cash and other liquid investments, which are passive assets for purposes of the PFIC determination. Accordingly,
if our market capitalization declines significantly, it may make our classification as a PFIC more likely for the current or future taxable
years. Accordingly, there can be no assurance that we will not become a PFIC in future taxable years.
U.S. shareholders should consult with their U.S. tax advisors with respect to the U.S. tax consequences of investing in our ordinary
shares. For a more detailed discussion of the rules relating to PFICs and related tax consequences,
please see the section of this annual report titled Item 10.E “Taxation—United States Federal Income Tax Considerations.”
If
a U.S. person is treated as owning at least 10% of our ordinary shares, such holder may be subject to adverse U.S. federal income tax
consequences.
Depending upon the aggregate value and voting power of our ordinary shares that U.S.
persons are treated as owning (directly, indirectly, or constructively), we could be treated as a controlled foreign corporation (a “CFC”).
Additionally, because our group consists of one or more U.S. subsidiaries, certain of our non-U.S. subsidiaries will be treated as CFCs,
regardless of whether or not we are treated as a CFC. If a U.S. person is treated as owning (directly, indirectly or constructively) at
least 10% of the value or voting power of our ordinary shares, such person may be treated as a “U.S. shareholder” with respect
to each CFC in our group (if any), which may subject such person to adverse U.S. federal income tax consequences. Specifically, a U.S.
shareholder of a CFC may be required to annually report and include in its U.S. taxable income its pro rata share of each CFC’s
“Subpart F income,” “global intangible low-taxed income” and investments in U.S. property, whether or not we make
any distributions of profits or income of a CFC to such U.S. shareholder. If you are treated as a U.S. shareholder of a CFC, failure to
comply with these reporting obligations may subject you to significant monetary penalties and may prevent the statute of limitations with
respect to your U.S. federal income tax return for the year for which reporting was due from starting. Additionally, a U.S. shareholder
that is an individual would generally be denied certain tax deductions or indirect foreign tax credits that may otherwise be allowable
to a U.S. shareholder that is a U.S. corporation. We cannot provide any assurances that we will assist investors in determining whether
we or any of our non-U.S. subsidiaries are treated as CFCs or whether any investor is treated as a U.S. shareholder with respect to any
of such CFC, nor do we expect to furnish to any U.S. shareholders information that may be necessary to comply with the aforementioned
reporting and tax paying obligations. The United States Internal Revenue Service provided limited guidance on situations in which investors
may rely on publicly available alternative information to comply with their reporting and tax paying obligations with respect to foreign-controlled
CFCs. U.S. investors should consult their advisors regarding the potential application of these rules to their investment in our ordinary
shares.
-
35 -
Risks Related to Operations
in Israel
Political,
economic and military instability in the Middle East or Israel may harm our business.
We are incorporated under
Israeli law, and our principal offices and manufacturing and research and development facilities are located in Israel. In addition, the
majority of our key employees, officers and directors are residents of Israel. Accordingly, political, economic and security conditions
in Israel and the surrounding region could directly affect our business and our operations and financial results could be adversely affected
in the event of any political, instability, terrorism, armed conflicts, or other hostilities involving Israel should occur in the
Middle East.
Over the past several
decades, a number of armed conflicts have taken place between Israel and its Arab neighbors, and a state of hostility and violence, varying
in degree and intensity, has existed between Israel and certain other countries or militant groups in the region as well as, since late
2000, between Israel and the Palestinians. These conflicts have strained Israel’s relationship with its Arab citizens, Arab countries
and, to some extent, with other countries around the world. In addition, Israel faces threats, including cyber threats, from more
distant neighbors, such as Iran (which has previously threatened to attack Israel and is believed to have a presence in Syria as well
as influence over Hamas in Gaza and Hezbollah, a militia and political group operating in Lebanon). This situation may potentially escalate
in the future and this instability in the region may affect the global economy and marketplace. There can be no assurance that the political
and security situation will not have any material impact on our business in the future.
Furthermore, some of
our directors, officers and employees are, unless exempt, obligated to perform annual military reserve duty, depending upon their age
and prior position in the army. They may also be subject to being called to active duty at any time under emergency circumstances. Our
operations could be disrupted by the absence, for a significant period, of one or more of these officers or other key employees due to
military service, and any disruption in our operations could harm our business. The full impact on our workforce or business if some of
our officers and employees are called upon to perform military service, especially in times of national emergency, is difficult to predict.
Our commercial insurance
does not cover losses that may occur as a result of events associated with the security situation in the Middle East, such as damages
to our facilities resulting in the disruption of our operations. Although the Israeli government currently covers the reinstatement value
of direct damages that are caused by terrorist attacks or acts of war, we cannot be assured that this government coverage will be maintained
or will be adequate in the event we submit a claim. We could be adversely affected by any major hostilities, including acts of terrorism
as well as cyber-attacks or any other hostilities involving or threatening Israel, the interruption or curtailment of trade between Israel
and its trading partners, a significant downturn in the economic or financial condition of Israel, or a significant increase in the rate
of inflation.
-
36 -
Furthermore, some neighboring
countries, as well as certain companies, organizations and movements, continue to participate in a boycott of Israeli firms and others
doing business with Israel or with Israeli companies. In the past several years, there have been increased efforts by activists to
cause companies and consumers to boycott Israeli goods based on Israeli government policies. Similarly, Israeli companies are limited
in conducting business with entities from several countries. Restrictive laws, policies or practices directed towards Israel or Israeli
businesses could have an adverse impact on our operating results, financial condition or the expansion of our business.
Furthermore, the Israeli
government is currently pursuing extensive changes to Israel’s judicial system. In response to the foregoing developments, certain
leading international financial institutions, including investment banks, investors and key economists, have indicated several causes
for concern, including that such proposed changes, if adopted, may cause a downgrade to Israel’s sovereign credit rating and Israel’s
international standing, which would adversely affect the macroeconomic condition in which we operate, and also potentially deter foreign
investment into Israel or Israeli companies, which may, among other things, hinder our ability to raise additional funds, if deemed necessary
by our management and board of directors.
The
tax benefits we may receive in connection with our preferred enterprise program require us to satisfy prescribed conditions and may be
terminated or reduced in the future. This would increase taxes and decrease our net profit.
We have in the past benefited,
and currently benefit, from certain government programs and tax benefits in Israel, including in connection with our preferred enterprise
program (see under Item 10.E “Taxation—Israeli Tax Considerations”). To remain
eligible to obtain such tax benefits, we must continue to meet certain conditions. If we fail to comply with these conditions in the future,
the benefits we receive could be cancelled, and we may have to pay certain taxes. We cannot guarantee that these programs and tax benefits
will be continued in the future, at their current levels or at all. If these programs and tax benefits are ended, our tax expenses
and the resulting effective tax rate reflected in our financial statements may increase and as such our business, financial condition
and results of operations could be materially and adversely affected.
We
have obtained benefits from the Israeli Innovation Authority that subject us to ongoing restrictions.
We have in the past received,
and in the future may apply for, royalty-bearing or non-royalty bearing grants from the Israeli Innovation Authority (formerly known as
the Office of the Chief Scientist of the Israeli Ministry of Economy and Industry), or the IIA, for research and development programs
that meet specified criteria pursuant to the Law for the Encouragement of Research, Development and Technological Innovation in Industry,
1984 (formerly known as the Law for Encouragement of Research and Development in Industry, 1984), and the regulations promulgated thereunder,
or the Innovation Law. The terms of the IIA grants limit our ability to manufacture products outside of Israel or to transfer technologies
in or outside Israel if such products or technologies were developed using know-how developed with or based upon IIA grants. In addition,
a change of control in us and the acquisition of 5% or more of our ordinary shares by a non-Israeli may require notification to the IIA
and the provision of an undertaking to comply with the Innovation Law, some of the principal restrictions and penalties of which are the
transferability limits described above and elsewhere in this annual report.
-
37 -
It
may be difficult to enforce a U.S. judgment against us or our officers and directors and to assert U.S. securities laws claims in Israel.
We are incorporated under
the laws of the State of Israel, our corporate headquarters is located in Israel and several of our current officers and directors reside
in Israel. Service of process upon us, our Israeli subsidiary, our directors and officers and the Israeli
experts, if any, named in this annual report, substantially all of whom reside outside the United States, may be difficult to obtain
within the United States. Furthermore, because a majority of our assets and investments, and substantially all of our directors, officers
and such Israeli experts are located outside the United States, any judgment obtained in the
United States against us or any of them may be difficult to collect within the United States
and may not be enforced by an Israeli court.
We
have been informed by our legal counsel in Israel that it may also be
difficult to assert U.S. securities law claims in original actions instituted in Israel. Israeli courts may refuse to hear a claim
based on an alleged violation of U.S. securities laws if they determine that Israel is not the
most appropriate forum to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli
law and not U.S. law is applicable to the claim. There is little binding case law in Israel addressing
these matters. If U.S. law is found to be applicable, the content of applicable U.S. law must be proven as a fact, which can be
a time-consuming and costly process. Certain matters of procedure will also be governed by Israeli law.
Subject to specified
time limitations and legal procedures, under the rules of private international law currently prevailing in Israel, Israeli courts may
enforce a U.S. judgment in a civil matter, including a judgment based upon the civil liability provisions of the U.S. securities laws
as well as a monetary or compensatory judgment in a non-civil matter, only if the following key conditions
are met:
| • |
subject to limited exceptions, the judgment is final and non-appealable; |
| • |
the judgment was given by a court competent under the laws of the state of the court and is otherwise enforceable in such state;
|
| • |
the judgment was rendered by a court competent under the rules of private international law applicable in Israel; |
| • |
the laws of the state in which the judgment was given provide for the enforcement of judgments of Israeli courts; |
| • |
adequate service of process has been effected and the defendant has had a reasonable opportunity to present his arguments and evidence;
|
| • |
the judgment is enforceable under the laws of State of Israel and its enforcement is not contrary to the law, public policy, security
or sovereignty of the State of Israel; |
-
38 -
| • |
the judgment was not obtained by fraud and does not conflict with any other valid judgment in the same matter between the same parties;
and |
| • |
an action between the same parties in the same matter was not pending in any Israeli court at the time the lawsuit was instituted
in the U.S. court. |
Your rights
and responsibilities as a shareholder will be governed by Israeli law, which may differ in some respects from the rights and responsibilities
of shareholders of U.S. companies.
The rights and responsibilities
of the holders of our ordinary shares are governed by our Articles of Association and Israeli law. These rights and responsibilities differ
in some respects from the rights and responsibilities of shareholders in typical U.S.-based corporations. For example, a shareholder of
an Israeli company has a duty to act in good faith toward the company and other shareholders and to refrain from abusing its power in
the company, including, among other things, in voting at the general meeting of shareholders on matters such as amendments to a company’s
articles of association, increases in a company’s authorized share capital, mergers and acquisitions and interested party transactions
requiring shareholder approval. In addition, a shareholder who knows that it possesses the power to determine the outcome of a shareholder
vote or to appoint or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company.
There is limited case law available to assist us in understanding the implications of these provisions that govern shareholders’
actions. These provisions may be interpreted to impose additional obligations and liabilities on holders of our ordinary shares that are
not typically imposed on shareholders of U.S. corporations.
| ITEM 4. |
INFORMATION ON THE COMPANY |
A.
History and Development of the Company
Corporate
History and Details
Radware Ltd. was organized
in May 1996 as a corporation under the laws of the State of Israel and commenced operations in 1997. Our principal executive offices are
located at 22 Raoul Wallenberg Street, Tel Aviv 6971917, Israel and our telephone number is 972-3-766-8666. Our website address is www.radware.com
(information contained on our website is not incorporated herein by reference and shall not constitute part of this annual report).
In addition, the SEC maintains a website that contains reports, proxy and information statements, and other information regarding
issuers that file electronically with the SEC: http://www.sec.gov.
As of September 1, 1998,
we established Radware Inc., our wholly owned subsidiary in the United States (Radware US), which conducts the sales and marketing of
our products and services in the Americas and is our authorized representative and agent in the United States. The principal offices of
Radware US are located at 575 Corporate Dr., Lobby 2, Mahwah, New Jersey 07430 and its telephone number is 201-512-9771. We also have
several other wholly owned subsidiaries worldwide handling primarily local support and promotion activities.
In
September 1999, we conducted the initial public offering of our ordinary shares that commenced trading on the Nasdaq.
-
39 -
In the past decade we
have made several acquisitions, including, most recently (February 2022), the acquisition of the technology and operations of DC Security
Ltd. (previously known as SecurityDAM Ltd. (SecurityDAM)), a related party and a cloud DDoS network operator that supplied us with scrubbing
center services used for the provision of our cloud DDoS Protection Service.
Recent
Major Business Developments
In February 2022, we
announced a strategic initiative to accelerate the growth of our cloud security business, which entails, among other things, the acquisition
of the technology and operations of SecurityDAM, growing our innovation center in India, and expanding our cloud service capacity and
delivery network. For additional details, see also Item 7.B “Related Party Transactions.”
In May 2022, we announced
the launch of SkyHawk (CNP) Security Ltd., or SkyHawk Security, a spinoff of our Cloud Native Protector business with a strategic external
investment of an affiliate of Tiger Global Management.
For recent major product
activities, see Item 4.B “Business Overview—Our Solutions” under the captions “Recent Solution Offering Activities”
and “Recent Technology Partnerships Activity.”
For a discussion of our
capital expenditures and divestitures, see Item 5.B “Liquidity and Capital Resources - Principal Capital Expenditures and Divestitures.”
B.
Business Overview
Overview
We are a provider of
cyber security and application delivery solutions for cloud, on-premise, and software defined data centers (SDDC). Our solutions secure
the digital experience by providing infrastructure, application, and network protection and availability services to enterprises globally.
Our solutions are deployed by, among others, enterprises, carriers and cloud service providers.
Our solutions are offered
in two main categories:
| • |
Products
– We offer a range of cloud-based subscriptions, on-premise products, software products and product subscriptions (or a combination
of these) to our customers. |
| • |
Services – We
offer technical support, professional services, managed services and training and certification to our customers. |
-
40 -
The sections below provide
an overview of our key solutions and services according to the above GTM targets.
Our
Products
Our
cloud-based subscription
offering consists of the following key cloud-based subscriptions:
| o |
Cloud DDoS
Protection Service. Our
Cloud DDoS Protection Service provides a full range of enterprise-grade DDoS protection services in the cloud. Based on our DDoS protection
technology, it aims to offer organizations wide security coverage, accurate detection and short time to protect from today’s dynamic
and evolving DDoS attacks. We offer a multi-vector DDoS attack detection and mitigation service, handling network-layer attacks, server-based
attacks and application-layer DDoS attacks. |
Our Cloud DDoS Protection
Service is offered in multiple deployment options to meet an organization’s specific needs:
| ◾ |
Always-On
Cloud DDoS Protection Service. This
service provides always-on protection where traffic is always routed through Radware’s cloud security scrubbing centers with no
on-premise device required for detection and mitigation. This service is recommended for organizations that have applications hosted in
the cloud or those that are not able to deploy an on-premise attack mitigation device in their data center. |
| ◾ |
Always-On
Hybrid Cloud DDoS Protection Service. This service integrates
with our on-premise DDoS Protection device. The traffic is mitigated in the on-premise device and diverted through Radware’s cloud
security scrubbing centers upon a large volumetric DDoS attack that aims to saturate the internet pipe. This service is recommended for
organizations that place a high premium on the user experience and wish to avoid even the slightest possible downtime as a result of DDoS
attacks. |
| ◾ |
On-Demand
Cloud DDoS Protection Service. This service protects against
internet pipe saturation and is activated when the attack threatens to saturate the organization’s internet pipe. This service is
recommended for organizations that are looking for the lowest cost solution and are less sensitive to real-time detection of DDoS attacks.
|
| ◾ |
On-Demand
Cloud Hybrid DDoS Protection Service. The on-premise
DefensePro device detects and mitigates all types of DDoS attacks in real-time, while volumetric DDoS attacks are diverted and mitigated
in the cloud. This service is recommended for organizations that can deploy an on-premise device in their data centers. |
| o |
Cloud WAF
Service. Our
Cloud WAF Service provides enterprise-grade, continuously adaptive web application and API protection. Based on our ICSA Labs certified
web application firewall, it provides full coverage of OWASP Top-10 threats and automatically adapts protections to evolving threats and
protected assets. Cloud WAF service includes built-in DDoS protection, integrated bot mitigation and application analytics to simplify
security event management by taking massive amounts of alerts and consolidating them into a small, manageable set of user activities.
With our SecurePath™ architecture, Cloud WAF Service can be easily deployed as an API-based, out-of-path service across any hybrid
or cloud environment, securing applications with centralized visibility and management console. Our Cloud WAF is available in two packages: |
-
41 -
| o |
Enterprise
Package: Includes a comprehensive web security coverage,
including OWASP Top-10, advanced attacks and zero-day attack protection, that is fully managed and monitored 24x7 and designed to guarantee
service availability at any given time with protection against today’s emerging web application and DDoS attacks. |
| o |
Enterprise
Premium Package: Includes all web security and managed
services offered in the Enterprise package, in addition to a dedicated technical account manager and ERT expert as well as pre and post
attack alerts and reports and ongoing updates from Radware’s security experts. |
| o |
Bot Manager.
Our Bot Manager provides comprehensive protection of web applications, mobile apps and APIs from automated threats like bots. Bot Manager
provides precise bot management across all channels by combining behavioral modeling for granular intent analysis, collective bot intelligence
and fingerprinting of browsers, devices and machines. It is designed to protect against all forms of account takeover (credential stuffing,
brute force, etc.), denial of inventory, DDoS, ad and payment fraud and web scraping to help organizations safeguard and grow their online
operations. |
| o |
Cloud Native
Protector (CNP) Service. The CNP service
provides an agentless cloud-native security solution for
applications, workloads and infrastructure hosted on AWS and Microsoft Azure. The CNP service offers multi-layered protection to reduce
risk by continuously verifying compliance against multiple security standards, identifying publicly exposed assets, keeping track of asset
inventory with prioritized cross-cloud visibility, fortifying the cloud threat surface with context-aware smart hardening, and providing
advanced attack detection and remediation capabilities to stop data theft attempts. |
| o |
Cloud Application
Protection Services. Our Cloud Application Protection Services
secures business applications through a single platform, including WAF, bot management, API protection and application DDoS protection.
Our Cloud Application Protection Services offers the following application security capabilities: |
| ◾ |
Protect Digital Assets and Data. Our Cloud Application Protection Services protects digital assets and
customer data in multiple environments, such as on-premise, virtual clouds, private clouds, public clouds, hybrid environments, or Kubernetes.
|
-
42 -
| ◾ |
Protect Against OWASP Vulnerabilities. Our solution protects against various known attack vectors, including
the OWASP Top 10 Web Application Security Risks, Top 10 API Security Vulnerabilities and Top 21 Automated Threats to Web Applications.
|
| ◾ |
Protect Against Zero-Day Attacks. Our positive security model assists in stopping unknown threats in
their tracks. Our machine-learning analysis engine continuously studies application traffic and end-user behavior to build and enhances
security policies that reduce exposure to zero-day attacks. |
| ◾ |
Detect, Manage, and Mitigate Bots. Our solution detects and distinguishes between “good”
bots and “bad” bots to protect websites, mobile apps and APIs against a wide range of application attacks such as account
takeover credential, denial of inventory, ad and payment fraud, web scraping and more. |
| ◾ |
Protect APIs. API attacks are a rapidly growing threat to business applications and customer data. Our
solution combines behavioral analysis and policy automation to protect evolving API matrix from increasingly sophisticated API assaults.
|
| ◾ |
Mitigate Application-Level DDoS Assaults. Our DDoS protection technologies detect and mitigate HTTP-based
DDoS assaults. Utilizing a patented keyless SSL protection technology, it keeps applications protected while maintaining user data confidentiality
and compliance with privacy regulations. |
Our
physical and software products consist of the following key products:
| o |
DefensePro Attack Mitigation
Device. DefensePro® is a real-time
network attack mitigation device that protects the data center and application infrastructure against network and application denial of
service, application vulnerability exploitation, network anomalies and other emerging network attacks. |
| o |
Radware Kubernetes WAF. Radware
Kubernetes WAF is a Web Application Firewall solution for CI/CD environments orchestrated by Kubernetes. Our Kubernetes WAF integrates
with common software provisioning, testing and visibility tools in the CI/CD pipeline offering both IT security and DevOps personnel detailed
insight down to the pod and container levels, and enables organizations to implement application and data security in on-premise and cloud-based
implementations. |
| o |
Cyber Controller.
Our Cyber Controller is a unified solution for management, configuration and attack lifecycle. The Cyber Controller provides enhanced
security, increased visibility and an improved user experience via multiple security operation dashboards for a unified view into attack
lifecycle and mitigation analysis for both inline and out-of-path DDoS deployments. Cyber Controller provides network analytics with comprehensive
visibility of traffic statistics during peacetime and attack, simplified management and configuration with unified visibility and control.
|
-
43 -
| o |
Alteon®
Application Delivery Controller (ADC). Alteon is our application
delivery and security solution that manages application traffic across cloud and data center locations, optimizing availability and performance.
It provides advanced, end-to-end local and global load balancing capabilities for web, cloud and mobile-based applications. Alteon integrates
multiple application protection services to provide protection against an array of cyberthreats. Alteon’s analytics also provides
insightful visibility so that IT managers can manage and guarantee application service level agreement (SLA) and stay ahead of cyberattacks.
|
We
offer Alteon ADC in three different packages (available on each of its models and throughput levels) to address different deployment scenarios
and needs:
| • |
Alteon Deliver Package. For
applications that require high performance ADCs with advanced layer 4-7 ADC functionality. |
| • |
Alteon Perform Package.
For deployments requiring performance optimization, advanced application performance monitoring, global server load balancing, link load
balancing and automated/optimized ADC service operation. |
| • |
Alteon Secure Package.
For applications that require our most advanced protections, including an embedded Web Application Firewall (WAF) module, authentication
gateway, bot management, threat intelligence feeds (ERT Security Updates Service, ERT Active Attackers Feed and ERT Location-based Mitigation)
and SSL processing from perimeter security devices (with its embedded SSL inspection module). |
| o |
LinkProof
NG. LinkProof® NG is a multi-homing and enterprise
gateway solution that allows service level availability and continuous connectivity of enterprise and cloud-based applications. It is
an application-aware multi-homing and link load balancing module that delivers 24/7 continuous connectivity and service level assurance,
improved performance and cost-effective scalability of bandwidth for corporate and cloud-based applications. |
Our
product-based subscription
offering consists of the following product-based subscriptions:
| o |
ERT Security Updates Subscription
(SUS). Our Security Update Subscription is a security-advisory
and managed monitoring and detection system dedicated to protecting network elements, hosts and applications against the latest security
vulnerabilities and threats. The Security Update Subscription delivers periodic, emergency and custom attack signature updates to subscribers
to protect against known attack patterns. The service is available for DefensePro and Alteon Integrated WAF. |
| o |
ERT Active Attackers Feed.
Our ERT Active Attackers Feed (EAAF) is a threat intelligence feed designed to protect against emerging DDoS threats, including those
involving Internet of Things (IoT) botnets and new DNS attack vectors. The EAAF subscription enhances our attack mitigation solution by
identifying and blocking IP addresses involved in major attacks in real time to offer preemptive protection from known attackers. This
subscription is available for DefensePro, Alteon ADC and Cloud Application Protection Services. |
-
44 -
| o |
ERT Protection Packages. Our
ERT Protection packages bundle our ERT services into two packages: ERT Silver Protection Package and ERT Gold Protection Package. ERT
Silver Protection Package consolidates ERT Security Update Subscription, ERT Active Attackers Feed, and Location-based Mitigation. ERT
Gold Protection Package includes ERT under Attack Service on top of the ERT Silver Package. |
| o |
Alteon Global Elastic License
(GEL). Alteon GEL is a purchasing and deployment subscription
that enables a high level of flexibility for ADC services across datacenters, private and public clouds. GEL enables dynamic ADC capacity
allocation and the ability to move that capacity across environments, without having to invest separately in a dedicated ADC infrastructure
for each and every location where organization’s applications are deployed (e.g. on premise, public cloud etc.). This application
delivery licensing model helps to eliminate planning risks in the purchase and deployment of ADC services, enabling continuous investment
protection of the ADC infrastructure throughout its lifecycle duration. |
| o |
APSolute Vision.
APSolute Vision is the network management tool and network monitoring tool for the Radware family of cyber security and application delivery
solutions. It provides our customers immediate visibility to health, real-time status, performance and security of our products from one
central, unified console (even if the customer has multiple data centers). A vision analytics module provides an intuitive, customizable
GUI with granular forensic insights into application performance, denial-of-service and web application attacks. |
| o |
MSSP Portal.
The Managed Security Service Provider (MSSP) Portal is a turnkey, multi-tenant DDoS detection and mitigation service portal. The Portal
collects and aggregates security attack measurement and events (including traffic utilization, attack distribution and alerts) and displays
them in real-time and historical reports. Our MSSP Portal enables service providers to resell cyber security mitigation services to their
customers as a managed service. |
| o |
Location-based Mitigation. Our
location-based mitigation solution is a subscription offering that enables network traffic filtering by countries and regions based on
the geolocation mapping of IP subnets. The subscription also supports per-policy block and allow lists, making it a beneficial solution
for carriers and service providers that wish to protect multitenant networks. The subscription helps organizations comply with global
and industry regulation requirements such as the Office of Foreign Assets Control and others. This subscription is available for DefensePro
and Alteon ADC. |
Customer
Services
We offer technical support, professional services, managed services
and training and certification to our customers. Our key customer services consist of the following:
| o |
Certainty Support
Program. We offer technical support for all our products through our Certainty
Support Program. Certainty support levels include: |
| o |
Basic.
This level provides business day access, including weekends from 9 a.m. to 5 p.m. (local time) to technical support center services, and
technical documentation, either via the Web, e-mail or direct phone support during working days. New software releases are available for
units covered under the certainty support program. |
-
45 -
| o |
Standard.
This level increases access to the technical support center 24/7/365 and adds next business day replacement of failed hardware and waives
customer shipping costs. |
| o |
Advanced.
This level increases the certainty support level standard to four hours' replacement of failed hardware advanced replacement.
|
| o |
Professional Services.
Our professional services group is staffed by a global team of experts possessing extensive knowledge and experience in security and application
delivery both in data centers and the cloud. The group offers a full range of services to design, implement, automate and optimize our
customer solutions. We offer the following key professional services: |
| o |
Design and Planning.
This service plans and designs applications for future growth with Radware engineers. The service starts with a review of business goals,
network optimization assessment and an overview of application architecture and security requirements to help create a comprehensive deployment
plan that is tailored to organizational IT requirements. |
| o |
Application and Security Optimization
Services. This service analyzes and reviews the current
implementation and design and provides recommendations to help optimize the system and achieve business goals. |
| o |
Resident Engineer.
Our Resident Engineer service is a proactive on-site engineer who performs operations, design and automation activities. From initial
deployment to ongoing management and day-to-day operation, our Resident Engineer service decreases the time demands on our customers’
staff, allowing them to focus on their core business. |
| o |
Technical Account Manager.
Our technical account manager (TAM) is a proactive consultant that implements best practices, provides guidance and optimizes networking
and application resources. |
| o |
ERT Service.
Our Emergency Response Team (ERT) is a group of security experts available 24x7 for proactive security support services for customers
facing an array of application- and network-layer attacks. These services include: |
| o |
ERT Managed Security Service.
Our ERT offers a fully managed application- and network-security service. The service covers a broad range of attack types from different
forms of DDoS to a variety of application attacks against our customers’ servers or data centers. It includes immediate response,
onboarding, consulting, remote management and reporting. |
| o |
ERT Under-Attack Service. The
ERT under-attack service offers 24x7 access to a security expert within 10 minutes. The ERT engineer will take the lead, fight off attacks
and provide postmortem analysis of security events. The ERT under-attack service lets organizations know there is someone to rely on,
guaranteeing support throughout the attack life cycle from the moment it begins. The ERT experts are available 24x7 and assist large enterprises
worldwide with complex multi-vector attacks against their networks, data centers and application services. |
-
46 -
Recent
Solution Offering Activities
During 2022, we announced
a strategic initiative that focuses on cloud and application security. This initiative consists of the following:
| • |
In response to the ever-increasing volume of attacks and strong business demand, we have continued to expand our Cloud Security Services
network: |
| o |
We have acquired the assets and operation of SecurityDAM, our DDoS scrubbing centers provider, including its scrubbing centers infrastructure,
India innovation center, cloud services division and technology, operations, and headcount. |
| • |
We have expanded our Cloud Security Service capacity to mitigate DDoS attacks of up to 12Tbps. We have announced the opening of additional
Cloud Security centers in Milan, Italy, Dubai, UAE, Taipei, Taiwan and Santiago, Chile. We have continued our investment to extend
our Application Security services portfolio to enhance protection against emerging attacks and adapt our solutions to multi-cloud and
hybrid-cloud environments: |
| o |
We have introduced SecurePath™, a new cloud-based application security architecture for our Cloud Application Protection Services.
The SecurePath architecture helps organizations protect applications deployed in multi- and hybrid-cloud environments. Built with a dual
deployment model that departs from traditional industry paradigms, SecurePath addresses the need for security that delivers full application
visibility and centralized security management regardless of where applications are deployed. |
| o |
We extended our cloud application security offering, adding fully automated API Discovery capabilities. These capabilities, combined
with newly automated security policy optimization, are part of our integrated Cloud Application Protection Services, which includes
WAF, Bot Management, API security, and DDoS protection. |
| o |
We have added an automated security policy refinement capability to our Cloud Application Protection Services. A primary challenge
of application protection is keeping pace with application development and new threats while maintaining accurate security policies with
minimal false-positives. The automated policy refinement capability continuously reviews log files in predefined intervals, identifies
anomalies with a high level of accuracy and automatically suggests policy refinements for the ERT team to examine and prioritize, and
for customers to review and approve. The result is a more accurate, tighter protection with fewer false positives. |
-
47 -
| o |
We have added to our cloud security services (Cloud DDoS protection and Cloud Application Protection
Services) protection against Application DDoS flood attacks. HTTP and HTTPS attacks have become prevalent, and attackers use sophisticated
dynamic techniques to bypass standard detection methods. The new capability detects and mitigates a variety of application attacks, including
HTTP DDoS Tsunamis, HTTP bombs, low-and-slow assaults, Brute Force attacks, as well as new, unknown and zero-day attacks. |
| o |
We have enhanced our Bot Manager with a new set of crypto mitigation algorithms. Based on blockchain methodologies, the algorithms
help close security gaps that let sophisticated bots evade traditional CAPTCHA solutions to harm a website or application. At the same
time, they enable genuine website visitors to enjoy a CAPTCHA-free user experience. |
| • |
We have added to our Cloud DDoS Protection service a new module of Cloud Network Analytics. The Network Analytics service provides
users with detailed, granular insight into network traffic, network services in use, and much more. The Network Analytics service allows
administrators to eliminate errors when planning network deployments and stay ahead of DDoS threats via early detection of network abuse
and intrusion. |
| • |
We have announced a new terabit DDoS mitigation platform, DefensePro® 800. The new evolution in our DefensePro product
series offers Tier-1 service providers and large enterprises the complete set of protection capabilities and performance needed to meet
new network requirements related to 5G, edge computing, and network virtualization, as well as the significant increase in bandwidth demand.
DefensePro 800 is equipped with 400G interfaces and delivers an attack prevention rate up to 1.2 billion packets per second (PPS) and
a mitigation capacity up to 800 gigabits per second (Gbps). |
| • |
We have announced the spinoff of our Cloud Native Protector (CNP) business to form SkyHawk Security. With this spinoff, we are creating
a company focused solely on the CNP market. This will enable us to add more R&D, sales, and marketing personnel to cover the
market opportunity faster and in a more dedicated fashion. Forming a new company allows us to invest more in the business while at the
same time not to limit Radware’s investments in our critical areas of Application Protection, DDoS Protection and Application Delivery.
This spinoff does not change our sales go-to-market strategy and approach. Radware will continue to sell CNP as part of our portfolio,
and our support and services for existing customers will remain the same. |
-
48 -
We continued to add capabilities
to our Alteon ADC including:
| • |
ADC automation in private cloud environment: To enable simplified management of application delivery services, we have integrated
Alteon with orchestration systems such as VMware, vRealize Orchestrator and OpenStack, as well as automation tools such as Ansible and
REST API. This allows IT administrators and DevOps teams to automate all ADC solution lifecycle tasks, including spinning up Alteon VA
instances (Day 0), L2-L3 instance configuration (Day 1), application delivery service deployment (Day 2) and maintenance (Day 3).
|
| • |
Alteon integration with our Cloud WAF solution: As part of our SecurePath architecture, customers can protect on-premise applications
through our Cloud WAF, without the hassle of diverting traffic, sharing SSL keys or adding latency, while providing application protection
consistency in multi- and hybrid-cloud environments. |
Recent
Technology Partnerships Activities
During 2022, our key
activities regarding our offerings through technology partners and solution providers consisted of the following:
| • |
We continued our investment in the OEM agreement with Israeli-based Check Point Software Technologies Ltd. (Check Point) by adding
API protection to the Check Point offering. Check Point now offers their customers a full suite of managed cloud security- as-a-service,
including WAF, API protection, Bot Manager and DDoS Protection. |
| • |
We announced our
entry into a multi-year agreement to expand our partnership with Presidio, Inc. (Presidio), a global digital services and solutions
provider that accelerates business transformation through security technology modernization. To protect its customers’ on-premise,
cloud, and hybrid environments, Presidio is adding Radware’s Cloud Application Protection Services and DDoS protection
solutions, and Cloud Native Protector to its cyber security suite. |
Our Competitive Strengths
Our solutions incorporate
proprietary and innovative cyber security and application delivery technologies that help our customers to secure the digital experience
for users of business-critical applications. We believe our competitive strengths are based on several elements, including the following:
| • |
Innovation, Proprietary Technologies
and Thought Leadership. We are offering innovative solutions
in our domain. We were one of the first companies to offer hybrid attack mitigation solutions; behavioral DDoS attacks detection with
automated real-time signature creation for attack mitigation; device fingerprinting technology implementation for Bot-based attacks detection;
auto-policy generation for our WAF solution; protection against encrypted attacks without opening the sessions for DDoS protection; and
artificial intelligence (AI) to detect attacks targeting workloads in public clouds. We believe this has given us significant expertise,
know-how and leadership in the market for cyber-attack mitigation solutions, and we take part in many technology communities, standard
organizations and open source projects. At the same time, we continue to invest in research and development of cyber security and application
delivery technologies in order to introduce new and innovative solutions, which are supported and protected by multiple patents and proprietary
rights. |
-
49 -
| • |
Automation. We
are offering automated attack detection and mitigation solutions that reduce the total cost of ownership of cyber security solutions,
including behavioral analysis technology to detect zero-day DDoS attacks; automated real-time signature creation for DDoS attacks mitigation;
intent-based behavioral analysis and machine learning models to detect automated Bot attacks; and machine learning (positive security
model) to detect zero-day web application attacks. |
| • |
Wide attacks coverage.
Our solutions offer a wide coverage against attacks, including mitigation of all four generations of Bot attacks; negative and positive
security models to defend against known (OWASP top-10) and zero-day web application attacks (standard solutions typically cover OWASP
top-10 attacks only); and advanced DDoS attacks protection such as DNS flood attacks, burst floods, SSL flood attacks and IoT botnets.
|
| • |
Industry Awards.
We gained multiple industry awards during 2022, including the following: |
| o |
Quadrant Knowledge Solutions – 2022 DDoS Mitigation SPARK Matrix™, June 2022 -- Leader |
| o |
Quadrant Knowledge Solutions – 2022 WAF SPARK Matrix™, December 2022 -- Leader |
| o |
Quadrant Knowledge Solutions – 2022 Bot Management SPARK Matrix™, October 2022 -- Leader |
| o |
Gartner Magic Quadrant for Web Application and API Protection (WAAP) – August 2022, Visionary |
| o |
Gartner Critical Capabilities for Cloud Web Application and API Protection (WAAP) – September 2022, #2 in API & High Security
|
| o |
Forrester Research – The Forrester Wave™: Cloud Workload Security, Q1 2022 – March 2022, Contender |
| o |
Kuppinger Cole Analysts – WAF Leadership Compass: July 2022, Overall Leader, Market Champion, Innovation Product, and Technology
Leader |
| o |
GigaOm Research – GigaOm Radar for Application and API Protection: March 2022, Leader and Outperformer |
-
50 -
| o |
Aite-Novarica Group – Aite Matrix™ Leading Bot Detection and Management Providers, August 2022, Best-In-Class |
We are not responsible
for any of these awards or the entities or publications that award them.
Our
Growth Strategy
Our growth strategy is based on several
key elements:
| • |
Focus on cloud and application
security. We aim to offer superior and innovative cyber security
solutions and cloud-based solutions and expand our portfolio in these two dimensions. We also invest in go-to-market efforts related to
cloud security services and public cloud solutions. |
| • |
Invest in data center solutions.
We continue to develop and sell holistic cyber security and application delivery solutions for physical, cloud and hybrid data centers
and cloud applications. |
| • |
Increase our market footprint.
We believe that a significant market opportunity exists to sell our solutions with the complementary products and services provided by
other organizations with whom we wish to collaborate. To that end, we have already established strategic relationships with various third
parties, including leading global-class partners, such as Cisco, Check Point and Nokia, which provide critical access to certain large
customers allowing us to sell our solutions. We intend to further increase our market footprint through collaboration with leading partners.
|
| • |
Expand our footprint in the
medium sized enterprise market. The needs of the mid-market
enterprises regarding the management of cyber security risks are substantially similar to the needs of the large enterprise market, but
their capacity and access to skilled talent are more limited. We believe that our fully managed cloud security services can be a great
fit for this market, and we intend to further expand our market footprint in this segment. |
| • |
Pursue acquisitions and investments.
In order to achieve our business objectives, we may evaluate and pursue the acquisition of, or significant investments in, other complementary
companies, technologies, products and/or businesses that enable us to enhance and increase our technological capabilities and expand our
product and service offerings. |
Sales and Marketing
Sales.
We market and sell our products and services primarily
through indirect sales channels that consist of distributors and resellers located in North, Central and South America, Europe, Africa,
Asia and Australia. In addition, we generate direct sales to selected customers mainly in the United States. Our direct sales channels
are supported by our sales and marketing managers who are also responsible for recruiting potential distributors and resellers and for
initiating and managing marketing projects in their assigned regions. The sales managers are supported by our internal sales support staff
that help generate and qualify leads for the sales managers. We have subsidiaries and representative offices and branches in multiple
countries to cover the above mentioned regions (see Item 4.C “Organizational Structure”), to promote and market our products
and services and provide customer support in their respective regions.
-
51 -
Marketing.
Our marketing strategy is to enhance brand recognition
and maintain our reputation as a provider of technologically advanced, quality cyber security and application delivery solutions to help
drive demand for our products and services. We seek to build upon our marketing and branding efforts globally to achieve greater
worldwide sales and leverage sophisticated digital platforms and activity to scale our presence globally. Our marketing initiatives are
principally directed at developing brand awareness, optimizing our digital presence, searchability and awareness, generating qualified
leads and providing sales and marketing tools to our distributors/resellers to promote sales. We participate in major trade shows and
virtual events, regionally based events/seminars and offer support to our distributors and resellers who participate in these events.
We also participate in our partners’ events, such as Cisco Live and Checkpoint Experience, to promote our solutions within their
audiences. Additionally, we focus on our customer base to deliver an integrated Customer 360 experience including regular communications,
facilitating support and training needs, maximizing customer lifetime value and developing customer advocacy. We also invest in online
and search engine advertising campaigns, public relations and regionalized field marketing campaigns. In addition to our independent marketing
efforts, we invest in joint marketing efforts with our distributors, OEMs, VARs, GSIs and other companies that have formed strategic alliances
with us.
Customers and End-Users
With the exception of
our limited direct sales to selected customers, we sell our products and services through distributors or resellers who then sell our
products and services to end-users.
We have a globally diversified
end-user base, consisting of corporate enterprises, including banks, insurance companies, manufacturing, retail companies, media companies,
government agencies and utilities, and service providers, such as telecommunication carriers, internet service providers, cloud service
providers and application service providers. Customers in these different vertical markets deploy Radware products for availability, performance
and security of their applications.
In 2022, approximately
42% of our revenues were in the North, Central and South America (principally in the United States), 36% were in Europe, Middle East and
Africa (EMEA) and 22% in Asia-Pacific, compared to 45%, 34% and 21%, respectively, in 2021, and 46%, 31% and 23%, respectively, in 2020.
Other than the United States, which accounted for 32% of our total revenues in 2022, no other single country accounted for more than 10%
of our revenues for 2022, 2021 and 2020.
In 2022, approximately
59% of our revenues derived from product sales and 41% derived from service sales, compared to 59% and 41%, respectively, in 2021
and 53% and 47%, respectively, in 2020.
-
52 -
In 2022, approximately
74% of our revenues derived from the enterprise market and 26% derived from the carrier market, compared to approximately 73% and 27%,
respectively, in 2021 and 71% and 29%, respectively, in 2020.
As of December 31, 2022,
2021 and 2020, no single customer accounted for more than 10% of our revenues.
For additional details
regarding the breakdown of our revenues by geographical distribution and by activity, see Item 5.A – “Operating Results.”
Seasonality
Our quarterly operating
results have been, and are likely to continue to be, influenced by seasonal fluctuations in our sales and by
seasonal purchasing patterns of some of our customers. Our operating results in the fourth quarter tend to be higher than other
quarters as some of our customers tend to make greater capital and operational expenditures as well as expenditures relating to service
renewals towards the end of their own fiscal years, thereby increasing orders for our products, support and subscription services in the
fourth quarter.
Customer Support Services
Our technical support
team, which consisted of 364 employees worldwide as of December 31, 2022, supports our sales force during the sales process, assists our
customers, resellers and distributors with the initial installation, set-up and ongoing support of our products, and trains them on how
to best use our solutions. The technical support team also assists with service onboarding processes and provides training to end-users
of our services. In addition, our technical team trains and certifies our distributors and resellers to provide limited technical support
in each of the geographical areas in which our products are sold and is directly responsible for remote support. Our Certainty Support
Program offerings allow customers to automatically obtain new software versions of their products and obtain optimized performance by
purchasing any of the following optional offerings: extended warranty, software updates, 24x7 help-desk (directly to our customers and
through our distributors), on-site support and unit replacement. Some of our on-site services are provided by third-party contractors.
Research and Development
We invest in research
and development to expand and enhance the features of our existing solutions, to develop new solutions and features and to improve our
existing technologies and features. We believe that our future success is dependent upon our ability to maintain our technological expertise,
enhance our existing solutions and introduce, on a timely basis, new commercially viable solutions that will address the needs of our
customers. Accordingly, we intend to continue devoting a significant portion of our personnel and financial resources to research and
development. In order to identify market needs and to define appropriate product specifications, as part of the product development process
we seek to maintain close relationships with current and potential distributors, customers and vendors in related industry sectors.
-
53 -
As of December 31, 2022,
our research and development staff consisted of 419 employees and 75 subcontractors. Research and development activities take place mainly
at our facilities in Israel; Bangalore, India; Vancouver, Canada; and North Carolina, United States. We employ established procedures
for the required management, development and quality assurance of our new product developments. Our research and development organization
is divided into Application Security, Infrastructure Security, Application Delivery, Management and Control, Cloud Services and
Chief Technology Officer groups. Within those groups the organization is divided according to our existing product solutions. Each
product group is headed by a group leader and includes team leaders and engineers. Each group has a dedicated quality assurance team.
In addition, we have an infrastructure department responsible for the development of our platforms that are the basis for all products,
serving all product groups, which consist of a senior group leader, group leaders, team leaders, and engineers. The heads of all research
and development divisions report to either the Chief Operating Officer or the Chief Technology Officer.
See also below under
"Government Regulations – Israeli Innovation Authority.”
Manufacturing and Suppliers
Our quality assurance
testing, final integration, packaging and shipping operations as well as part of our final assembly activities are primarily performed
at our facility in Jerusalem, Israel. All our products are Underwriters Laboratories (UL) and ISO 9001:2008 compliant and some of them
have also achieved industry certifications.
We rely to a large extent
on third-party manufacturing vendors to provide our finished products. In this respect, these vendors primarily provide us with manufacturing
assembly services in order to deliver the finished goods while we perform the final integration of the products. All components and subassemblies
included in our products are supplied to the manufacturing vendors by several suppliers and subcontractors. Each of the manufacturing
vendors monitors each stage of the components production process, including the selection of components and subassembly suppliers. Thereafter,
each of the manufacturing vendors makes the final assembly in their own facility. Our primary manufacturing vendors are ISO 9001 certified,
indicating that each of their manufacturing processes adheres to established quality standards.
We primarily rely on
two ODMs to manufacture and to supply our hardware platforms, whereby, in 2022, approximately 62% of our direct product costs were from
one of these vendors and 17% were from the other vendor.
We conduct a business
continuity plan (BCP) with all our vendors to ensure an immediate recovery in case of crisis that might jeopardize the supply of our products
and services. For example, in order to overcome the risk of not meeting the committed SLA to our customers
due to importation blocking in different countries associated with the outbreak of the COVID-19 pandemic,
we had allocated sufficient inventory that was sent directly from the ODM vendors to worldwide warehouses to be shipped to customers,
when needed, at the destination country, rather than being shipped from Israel. In this respect, we have been certified during
2021 for ISO 22301 (Business Continuity Management System). Furthermore, in order to minimize potential
delays in product supplies by certain of our ODMs whose lead time had been significantly extended due to the worldwide chipset shortage,
we had paid expedite fees to several components manufacturers. However, if we are unable to continue to acquire those platforms
or components from these platform manufacturers and vendors on acceptable terms, or should any of these suppliers cease to supply us,
on a timely basis, with such platforms or components for any reason, we may not be able to identify and integrate an alternative source
of supply in a timely fashion or at the same costs. Any transition to one or more alternate suppliers would likely result in delays, operational
problems and increased costs, and may limit our ability to deliver our products to our customers on time for such transition period, although
we believe we have levels of inventory that will assist us to transition to alternate suppliers smoothly.
-
54 -
Proprietary Rights
We rely on patent, trademark
and trade secret laws, as well as confidentiality agreements and other contractual arrangements with our employees, distributors and others
to protect our technology. We have a policy that requires our employees to execute employment agreements, including confidentiality
and non-competition provisions.
We have registered trademarks
for, among others, Radware®, Radware Logo:
®,
OnDemand Switch®, Alteon®, APSolute®, LinkProof®, DefensePro®, CID®, SIPDirector®, AppDirector®,
AppXcel®, AppXML®, AppWall®, APSolute Insite®, StringMatch Engine®, Web Server Director®, APSolute Vision®,
vDirect®, Alteon VA®, AppShape®, FastView®, DefenseFlow®, Virtual DefensePro®; VADI® (Virtual Application
Delivery Infrastructure), ShieldSquare® and the ShieldSquare Logo: ®,
and we have non-registered trademarks for, among others, ADC-VX™, Inflight™, CyberStack™ and SecurePath™.
We own registered U.S. copyrights in all of our primary software product lines.We have registered patents in the United States, Canada and other jurisdictions for,
among others, our triangle redirection method used for the global load balancing in our AppDirector product; our mechanism for efficient
management and optimization of multiple links used in our LinkProof product; our method for load balancing by global proximity used in
our AppDirector product; our method for controlling traffic on links between autonomous Border Gateway Protocol (BGP) systems; the stateful
distribution of copied SSL traffic; the transparent inspection of encrypted client traffic; the activation of multiple virtual services
on a switching platform; the behavioral analysis and detection of zero-day and DDoS network attack patterns; a new method based on Quantiles
for network edge DDoS and network anomalies protection in our DefensePro product; our new paraphrase-based algorithm for hypertext transfer
protocol (HTTP) and keyless HTTPS attack mitigation behavioral mechanisms in our DefensePro; our domain name service floods behavioral
protection; our web and API application protection, including our Bot Manager augmented by the new block-chain based methods for addressing
automated threats (for public-facing services) and advanced threats (for private or authenticated services); new AI/ML methods to address
and automate analysis of our CWAF customer’s applications for proactive false-positive and false-negative service tuning, a geographically
based traffic distribution; a generic proximity based site selection for global load balancing; an internal hardware connectivity plane
architecture; a specific proximity based site selection for global load balancing of HTTP transactions implemented in our Alteon products;
and additional patents in the software-defined networking (SDN) field, around a new concept of cyber control and automation for our DefenseFlow
product.
-
55 -
We have pending patent
applications and provisional patents in connection with several methods and features used in our products or that we plan to implement
in the future. These applications may not result in any patent being issued, and, even if issued, the patents may not provide adequate
protection against competitive technology and may not be held valid and enforceable if challenged. In addition, other parties may
assert rights as inventors of the underlying technologies, which could limit our ability to fully exploit the rights conferred by any
patent that we receive. Our competitors may be able to design around a patent we receive, and other parties may obtain patents that we
would need to license or circumvent in order to exploit our patents.
Competition
The cyber security and
application delivery market is highly fragmented and competitive, and we expect competition to intensify in the future.
Our principal competitors
are:
| • |
DDoS Mitigation: Akamai Technologies, Inc., or Akamai, Imperva Inc., or Imperva, Netscout Systems, Inc., and Cloudflare, Inc.
|
| • |
Web Application Firewalls and Bot Management: Akamai, Imperva, Cloudflare, Inc., F5 Networks, Inc., or F5, and AWS |
| • |
Application Delivery: F5, A10 Networks, Inc. and Citrix Systems, Inc. |
We expect to continue
to face additional competition as new participants enter the market or extend their portfolios into related technologies. Larger companies
with substantial resources, brand recognition and sales channels may also form consolidation and alliances with or acquire competing providers
of application delivery or application and network security solutions and emerge as significant competitors.
We are seeing new
types of competitors from within the public cloud providers – as more companies rely on these environments to host their services
and applications, these vendors start providing cyber security solutions that are typically fairly basic and customized for their own
environment. As we see more and more companies relying on more than one public cloud vendor, we expect to see additional competitors
and rapid evolution of solutions and offerings.
An increase in competition
may lower prices and reduce demand and margins as well as increase costs associated with sales and marketing to maintain or increase market
share; which, in turn, may impair our ability to increase profitability. Furthermore, the dynamic market environment, as illustrated by
the above acquisitions, poses a challenge in predicting market trends and expected growth. We believe that our products and services have
several competitive advantages in performance and accuracy and that our future success will depend primarily on our continued ability
to provide more technologically advanced and cost-effective application delivery and cyber security solutions, and more responsive customer
service and support, than our competitors. However, we cannot assure you that all products and services we offer in our portfolio
will compete successfully with similar competitor solutions. See also above under “Business Overview”.
-
56 -
Government Regulations
Data
Privacy and Data Protection Laws
Our
activities in the cyber security market require that we
comply with laws and regulations in the area of data privacy and data protection governing the collection,
use, retention, sharing and security of personal data. For example, the GDPR and UK DP Laws (each as referenced above),
include operational requirements for companies that receive or process personal data of residents of the European Union and the
UK, and non-compliance will result in significant penalties. Many other countries in which we operate
have their own data protection and data security laws that we need to comply with in collecting, utilizing, or otherwise processing personal
data from our customers and/or visitors to their websites and others.
Environmental
and Security Management Regulations
Our activities in Europe
require that we comply with European Union Directives with respect to product quality assurance standards and environmental standards.
The “RoHs” and RoHs II Directives require products sold in Europe to meet certain design specifications, which exclude the
use of hazardous substances. Directive 2002/96/EC on Waste Electrical and Electronic Equipment
(known as the “WEEE” Directive) requires producers of electrical and electronic equipment to register in different European
countries and to provide collection and recycling facilities for used products. We believe
we are currently in compliance with the RoHs and WEEE regulations, ISO 14001 standards (regrading Environmental Management Systems), ISO/IEC
27001:2013 and ISO 27032: 2012 standards (both in regard to Information Security Management System), ISO 28000 (Supply Chain Security
management) and OHSAS 18001:2007 (Occupational Health and Safety Management).
Israeli
Innovation Authority
From time to time, eligible
participants may receive grants under programs of the IIA. This governmental support is conditioned upon the participant’s ability
to comply with certain applicable requirements and conditions specified in the IIA’s programs and the Innovation Law.
Under the Innovation
Law, research and development programs that meet specified criteria and are approved by the Research Committee of the IIA are eligible
for grants usually of up to 55% of certain approved expenditures of such programs, as determined by said committee.
The Innovation Law provides
that know-how developed under an approved research and development program or rights associated with such know-how (1) may not be transferred
to third parties in Israel without the approval of the IIA (such approval is not required for the sale or export of any products resulting
from such research or development) and (2) may not be transferred to any third parties outside Israel, except in certain special circumstances
and subject to the IIA’s prior approval, which approval, if any, may generally be obtained, subject to payment of a transfer fee
pursuant to which the grant recipient pays to the IIA a portion of the sale price paid in consideration for such IIA-funded know-how;
or a portion of the consideration paid in respect of licensing the IIA-funded know-how, as the case may be (according to certain formulas,
which may result in repayment of up to 600% of the grant amounts plus interest). Under certain circumstances, such as in the event that
the grant recipient receives know-how from a third party in exchange for its IIA-funded know-how, such transfer fee may not apply.
-
57 -
The Innovation Law imposes
reporting requirements with respect to certain changes in the ownership of a grant recipient. The law requires the grant recipient and
its controlling shareholders and foreign interested parties to notify the IIA of any change in control of the recipient or a change in
the holdings of the means of control of the recipient and requires a non-Israel interested party to undertake to the IIA to comply with
the Innovation Law. In addition, the rules of the IIA may require additional information or representations in respect of certain
of such events. For this purpose, “control” is defined as the ability to direct the activities of a company other than any
ability arising solely from serving as an officer or director of the company. A person is presumed to have control if such person
holds 50% or more of the means of control of a company. “Means of control” refers to voting rights or the right to appoint
directors or the chief executive officer. An “interested party” of a company includes a holder of 5% or more of its outstanding
share capital or voting rights, its chief executive officer and directors, someone who has the right to appoint its chief executive officer
or at least one director, and a company with respect to which any of the foregoing interested parties owns 25% or more of the outstanding
share capital or voting rights or has the right to appoint 25% or more of the directors. Accordingly, any non-Israeli who acquires 5%
or more of our ordinary shares will be required to notify us that it has become an interested party and needs to sign an undertaking to
comply with the Innovation Law.
The Israeli authorities
have indicated in the past that the government may further reduce or abolish the IIA grants in the future. Even if these grants
are maintained, we cannot presently predict what would be the amounts of future grants, if any, that we might receive.
In 2022, 2021 and 2020
we were qualified to participate in projects funded by the IIA to develop generic technology relevant to the development of our products.
We were eligible to receive grants constituting between 30% and 55% of certain research and development expenses relating to these projects.
The grants under these projects are not required to be repaid by way of royalties. Research and development grants deducted from research
and development expenses, net amounted to $1.3 million, $1.0 million and $0.9 million for the years ended December 31, 2022, 2021 and
2020, respectively.
In addition, one of our
Israeli subsidiaries received royalty-bearing grants from the IIA for an approved research and development project. The grants under this
project are required to be repaid based on revenues from the sale of products incorporating know-how developed, in whole or in part with
the grants. These grants amounted to $0.3 million for the year ended December 31, 2022.
Environmental,
Social and Governance Matters
At
Radware, we aim to help customers protect their critical applications and secure their digital experiences. As we pursue this goal, we
recognize our responsibility to promote socially and environmentally responsible economic growth through our business practices. In order
to promote this corporate responsibility and sustainability approach, we have implemented, and will continue to implement, various Environmental,
Social and Governance (ESG) principles and activities into our daily business practices, including, but not limited to, those summarized
below.
-
58 -
Most
recently, in December 2021, we have also released our inaugural ESG Report available at www.radware.com/corporategovernance (information
contained on our website, including in our ESG report, is not incorporated herein by reference and shall not constitute part of this annual
report) to expand our ESG-related disclosures regarding what we have accomplished thus far on this front and what we strive to achieve.
Environmental
We aim to build a more
sustainable world through the products, services and solutions we offer and the way we operate. This means, among other things, that we
aim to operate our business in a manner which meets or exceeds all environmental laws and compliance guidelines and strive to improve
our environmental performance across our entire supply chain.
While we continue to
develop a program that recognizes our environmental impact, we have already implemented various activities to measure and foster our environmental
focus, including the following highlights:
| • |
We have implemented key performance indicators (KPIs), which set quantitative reduction goals for the use of water, power and paper;
|
| • |
We work with our suppliers to maintain compliance with various environmental laws and guidelines,
such as RoHS and WEEE in the EU, and adopted our Conflict Minerals Policy available at www.radware.com/corporategovernance/conflictminerals
(information contained on our website, including in our Conflict Minerals Policy, is not incorporated herein by reference and shall
not constitute part of this annual report) which outlines our practices and procedures with respect to responsible sourcing of minerals
from conflict-affected and high-risk areas; and |
| • |
Our corporate headquarters in Tel Aviv, Israel, as well as our training rooms in Tel Aviv are designed in the “TED” style
to serve as multifunctional work spaces while the operations room utilizes NVX video technology in order to minimize the amount of copper
wiring required to function and travel. At our headquarters, we offer EV charging stations to our employees and visitors, and where applicable
according to local requirements, we offer recycling and properly dispose of e-waste. |
Social
We believe that the foundation
of our success lies in our diverse, engaged and motivated workforce, and we continuously advocate for our team by creating a work environment
in which our employees can thrive in the spirit of productivity and development. This means, among other things, that we aim to operate
our business in a manner which promotes a work environment that is free of discrimination and harassment and otherwise attends to our
employees’ wellbeing.
-
59 -
While we continue to
develop a program that recognizes our social impact, we have already implemented various activities to measure and foster our focus on
social impact, including the following highlights:
| • |
We are an equal-opportunity employer and make employment decisions based on a person’s qualifications and our business
needs. This is demonstrated by our Human Rights and Labor Standards Policy; |
| • |
Our corporate policy maintains zero tolerance for harassment, sexual harassment and discrimination, and it imposes significant consequences
for behavior deemed to create a hostile work environment. This is demonstrated by our Code of Conduct and Ethics as well as our Human
Rights and Labor Standards Policy; |
| • |
We offer what we believe is an attractive mix of compensation and benefit plans to support our employees and their families’
physical, mental, and financial well-being. This includes allowing the majority of our employees to have a direct ownership interest in
Radware by participating in our equity-based incentive plans; and |
| • |
We are focused on maintaining a healthy, safe, and secure work environment that protects our employees
and the public from harm. This is demonstrated by the measures we implemented in order to overcome the challenges presented by the COVID-19
pandemic. We implemented hybrid work model whereby we enable our employees to work partly from remote and partly from the office. We
believe that this flexibility drives increased job satisfaction while addressing the major challenges of remote work, such as isolation
and lack of community. |
Governance
As part of our sustainable
and other ESG operations policies, we aim to conduct our corporate governance and build corporate behavior mechanisms to align with the
interest of all our stakeholders. This means, among other things, that we developed and strive to maintain a strong set of corporate values
that will inspire ethical behavior across all decision-making processes, and a management and control system so that ethics and security
issues are given their due weight.
While we continue to
develop a program that recognizes our corporate governance and ethical conduct, we have already implemented various activities to measure
and foster this focus, including the following highlights:
| • |
Corporate Governance and Board Practices: Our corporate governance policies and practices are designed to foster effective board
oversight in service of the long-term interests of our shareholders. Our Board of Directors consists of eight (8) members, of whom six
(6) qualify as “independent directors” under the Nasdaq rules and one (1) is a woman. The Audit and Compensation
Committees of our Board of Directors, which are charged with significant functions in our risk oversight and compensation philosophy,
respectively, both currently consist of four (4) members, all of whom qualify as “independent directors” under the Nasdaq
rules. For further details on our corporate governance as well as our Board of Directors and its committees’ roles and practices,
see Items 6.C “Board Practices” and 16.G “Corporate Governance”. |
-
60 -
| • |
Ethical Business Conduct: All our directors, officers, consultants, service providers and employees are expected to conduct themselves
in accordance with our Code of Conduct and Ethics available at http://www.radware.com/corporategovernance/ (information contained on our
website, including in our Code of Conduct and Ethics, is not incorporated herein by reference and shall not constitute part of this annual
report). Our Code of Conduct and Ethics is intended to promote various elements of ethical business conduct, such as compliance with laws;
avoiding conflict of interests and personal exploitation of corporate opportunities; fair dealing; confidentiality of information; and
other policies and guidelines in connection with insider trading and anti-corruption laws and policies. |
C. Organizational
Structure
We have a wholly owned
subsidiary in the United States, Radware Inc., which conducts the sales and marketing of our products and services in the United States.
We also have subsidiaries in other countries, most of which typically conduct sales and marketing of our products and services in their
respective locations. Our subsidiaries include (unless otherwise indicated, all subsidiaries are wholly owned):
|
Name
of Subsidiary |
Place
of Incorporation |
|
Radware Inc. |
New Jersey, United States |
|
Radware UK Limited |
United Kingdom |
|
Radware France |
France |
|
Radware Srl |
Italy |
|
Radware GmbH |
Germany |
|
Nihon Radware KK |
Japan |
|
Radware Australia Pty. Ltd. |
Australia |
|
Radware Singapore Pte. Ltd. |
Singapore |
|
Radware Korea Ltd. |
Korea |
|
Radware Canada Inc. |
Canada |
|
Radware India Pvt. Ltd. |
India |
|
Kaalbi Technologies Limited Ltd. |
India |
|
Radware (India) Cyber Security Solutions Private Limited |
India |
|
Radware China Ltd. 睿伟网络科技(上海)有限公司
|
China |
|
Radware (Hong Kong) Limited |
Hong Kong |
|
Radyoos Media Ltd.* |
Israel |
|
Radware Canada Holdings Inc. |
Canada |
|
Radware Iberia, S.L.U. |
Spain |
|
Edgehawk Security Ltd. |
Israel |
|
SkyHawk (CNP) Security Ltd.** |
Israel |
|
CSR Cloud Security Ltd. |
Israel |
* We own approximately 91.0% of this subsidiary,
which ceased its activities in 2017.
** We own approximately 76.2% of this subsidiary.
-
61 -
Yehuda Zisapel, one of
our co-founders and shareholders, is the Chairman of our Board of Directors and the father of Roy Zisapel, our President, Chief Executive
Officer and director. Either Yehuda Zisapel, his brother, Zohar Zisapel, and Nava Zisapel (or all of them together) are founders,
directors and/or shareholders of several other companies which, together with our Company and our subsidiaries listed above, are known
as the RAD-Bynet Group. These companies include, among others:
|
AB-NET Communications Ltd.
Binat Business Ltd.
BYNET Data
Communications Ltd.*
CloudRide Ltd.*
BYNET Electronics Ltd.*
BYNET SEMECH (outsourcing) Ltd.* Bynet Software Systems Ltd.
Bynet System Applications Ltd.*
|
Ceragon Networks Ltd.
Internet Binat Ltd.*
Nuance Hearing Ltd.
Packetlight Networks Ltd.
RAD-Bynet Properties and Services (1981) Ltd.*
Radbit Computers, Inc.
RADCOM Ltd.
RAD Data Communications Ltd.*
Radiflow Ltd.
|
RADWIN Ltd.
DC Protection Ltd. (previously known as
SecurityDAM Ltd.)
|
*Denotes a RAD-Bynet Group company with
which we currently transact business
The RAD-Bynet Group also
includes several other holdings, real estate companies, biotech and pharmaceutical companies and the above list does not constitute a
complete list of all entities within the RAD-Bynet Group or of all the holdings of Messrs. Yehuda and Zohar Zisapel and Ms. Nava Zisapel.
-
62 -
Members of the RAD-Bynet
Group are actively engaged in designing, manufacturing, marketing and supporting data communications products, none of which currently
compete with our products. Some of the products of members of the RAD-Bynet Group are complementary to, and may be used in connection
with, our products and services. See also Item 7.B “Related Party Transactions.”
D.
Property, Plants and Equipment
General.
We operate from leased premises mainly in Tel Aviv and Jerusalem in Israel and New Jersey in the United States. We also lease premises
in several locations in Europe, South America and Asia-Pacific for the activities of our subsidiaries, representative offices and branches.
Our aggregate annual rent expenses under these leases were approximately $6.9 million in 2022.
We believe that the following
offices and facilities are suitable and adequate for our operations as currently conducted and as currently foreseen. In the event that
additional or substitute offices and facilities are required, we believe that we could obtain such offices and facilities at commercially
reasonable rates.
Israel.
Our headquarters and principal administrative, finance,
research and development and marketing operations are located in approximately 108,000 square feet of leased office space in Tel Aviv,
Israel, in two buildings: one building, consisting of approximately 40,000 square feet, plus storage and parking space, and the second
building, consisting of approximately 68,000 square feet, plus parking spaces. Both buildings have leases that expire in June 2030 (with
one of the two buildings having a termination option by us in June 2025 by way of prior notice) and are leased from, among others, affiliated
companies owned by Yehuda, Nava and/or Zohar Zisapel, as applicable. For more information, see Item 7.B “Related Party Transactions.”
In addition, we lease
approximately 3,600 square feet of space in Jerusalem, Israel, for development facilities from an affiliated company owned by Yehuda and
Nava Zisapel. The lease expires in July 2025. We also lease approximately 15,000 square feet for manufacturing facilities in Jerusalem,
Israel, from an affiliated company owned by Yehuda, Nava and Zohar Zisapel. The lease expires in August 2028. For more information, see
Item 7.B “Related Party Transactions.”
Other
locations. In the United States, we lease approximately
16,900 square feet of property in Mahwah, New Jersey, consisting of approximately 12,700 square feet of office space and 4,200 square
feet of warehouse space from a company controlled by Yehuda, Nava and Zohar Zisapel. The lease expires in December 2025. For more information,
see Item 7.B “Related Party Transactions.”
We lease approximately
3,850 square feet of property for our research and development facilities in North Carolina, the lease for which will expire in March
2026.
We also lease facilities
for the operation of our subsidiaries and representative offices in several locations in Europe, South America and Asia-Pacific, all from
unrelated third parties.
ITEM 4A.
UNRESOLVED STAFF COMMENTS
None.
-
63 -
| ITEM 5. |
OPERATING AND FINANCIAL REVIEW AND PROSPECTS |
Our discussion and analysis
of our financial condition and results of operation are based upon our consolidated financial statements, which have been prepared in
accordance with U.S. GAAP. Our operating and financial review and prospects should be read in conjunction with our financial statements,
accompanying notes thereto and other financial information appearing elsewhere in this annual report.
A. Operating
Results
Overview
We are a provider of
cyber security and application delivery solutions for physical, cloud, and software defined data centers (SDDC). Our solutions portfolio
secures the digital experience by providing infrastructure, application, and network protection and availability services to enterprises
globally. Our solutions are deployed by, among others, enterprises, carriers and cloud service providers worldwide.
We began sales in 1997,
and currently have nearly 30 local offices, subsidiaries or branches globally across Asia-Pacific, Europe and North, Central and South
America.
We sell through sales
channels such as resellers and distributors whereas most of our direct sales are to strategic customers.
Most of our revenues
are generated in dollars or are dollar-linked, and the majority of our expenses are incurred in dollars. As such, the dollar is our functional
currency. Our consolidated financial statements are prepared in dollars and in accordance with U.S. GAAP.
Our revenues are derived
from sales of our solutions:
| • |
We recognize physical and software product revenues when control of the product is transferred to the customer (i.e., when our performance
obligation is satisfied), which typically occurs at shipment, and we recognize revenues from product and cloud subscriptions, as part
of the product revenues, ratably over the subscription period. |
| • |
Revenues from post-contract customer support (PCS), which mainly represents help-desk support and unit repairs or replacements, professional
services and ERT services, are recognized ratably over the contract or subscription period, which is typically between one year and three
years. |
We operate in one reportable
market segment, and our revenues are attributed to geographic areas based on the location of the end-users.
In the years ended December 31,
2022, 2021 and 2020, revenues derived from sales of the Company’s products and product subscriptions constituted approximately 59%,
59% and 53%, respectively, of our total revenues, with the remaining revenues being derived from services.
-
64 -
Results of Operations
The following discussion
of our results of operations for the years ended December 31, 2022, 2021 and 2020, including the following tables, which present selected
financial information in dollars and as a percentage of total revenues, are based upon our statements of operations contained in our financial
statements for those periods, and the related notes, included in this annual report.
The following table sets forth,
for the periods indicated, certain financial data concerning our operating results:
|
2022 |
2021 |
2020 |
||||||||||
|
(US $ in thousands) |
||||||||||||
|
Revenues: |
$ |
172,161 |
$ |
170,438 |
$ |
132,934 |
||||||
|
Products |
121,265 |
116,058 |
117,093 |
|||||||||
|
Services |
293,426 |
286,496 |
250,027 |
|||||||||
|
Cost of revenues: |
43,014 |
42,191 |
34,645 |
|||||||||
|
Products |
10,870 |
10,255 |
10,439 |
|||||||||
|
Services |
53,884 |
52,446 |
45,084 |
|||||||||
|
Gross profit |
239,542 |
234,050 |
204,943 |
|||||||||
|
Operating expenses, net: |
||||||||||||
|
Research and development, net |
86,562 |
74,098 |
66,836 |
|||||||||
|
Sales and marketing |
126,533 |
119,842 |
113,015 |
|||||||||
|
General and administrative |
29,786 |
21,885 |
18,924 |
|||||||||
|
Total operating expenses |
242,881 |
215,825 |
198,775 |
|||||||||
|
Operating income (loss) |
(3,339 |
) |
18,225 |
6,168 |
||||||||
|
Financial income, net |
8,052 |
4,407 |
7,796 |
|||||||||
|
Income before taxes on Income |
4,713 |
22,632 |
13,964 |
|||||||||
|
Taxes on income |
4,879 |
14,821 |
4,328 |
|||||||||
|
Net income (loss) |
(166 |
) |
7,811 |
9,636 |
||||||||
The following table
sets forth, for the periods indicated, certain financial data expressed as a percentage of our total revenues:
|
2022 |
2021 |
2020 |
||||||||||
|
Revenues: |
59 | % | 59 | % | 53 | % | ||||||
|
Products |
41 | 41 | 47 | |||||||||
|
Services |
100 | 100 | 100 | |||||||||
|
Cost of Revenues: |
||||||||||||
|
Products |
15 | 15 | 14 | |||||||||
|
Services |
4 | 3 | 4 | |||||||||
|
|
19 | 18 | 18 | |||||||||
|
Gross profit |
81 |
82 |
82 |
|||||||||
|
Operating expenses, net: |
||||||||||||
|
Research and development,
net |
30 |
26 |
27 |
|||||||||
|
Sales and marketing
|
43 |
42 |
45 |
|||||||||
|
General and administrative |
10 |
7 |
8 |
|||||||||
|
Total operating expenses |
83 |
75 |
80 |
|||||||||
|
Operating income (loss) |
(1 |
) |
6 |
2 |
||||||||
|
Financial income, net |
3 |
2 |
3 |
|||||||||
|
Income before taxes on income |
2
|
8
|
6
|
|||||||||
|
Taxes on income
|
(2 |
) |
(5 |
) |
(2 |
) | ||||||
|
Net income (loss) |
0 |
% |
3 |
% |
4 |
% | ||||||
-
65 -
Comparison
of Years Ended December 31, 2022, 2021 and 2020
Revenues.
Our revenues are derived from sales of our solutions. Revenues from physical products
and software-based products are recognized when control of the promised goods is transferred to the customer, either upon shipment or
when the product is delivered, depending on the commercial terms of each transaction. Revenues from cloud subscriptions are recognized
ratably over the subscription period. Revenues from post-contract customer support, which represent mainly help-desk support, unit repairs
or replacements, professional services and ERT services are recognized ratably over the contract period. For additional details regarding
the manner in which we recognize revenues, see the discussion under the caption “Critical Accounting Estimates – Revenue Recognition”
below.
The following table provides
a breakdown of our revenues by type of revenues both in dollars and as a percentage of total
revenues for the past three fiscal years, as well as the percentage change between such periods:
|
(US$ in thousands,
except percentages) |
2022
|
2021 |
2020 |
% Change
2022 vs. 2021 |
% Change
2021 vs. 2020 |
|||||||||||||||||||||||||||
|
Products |
172,161 |
59 |
% |
170,438 |
59 |
% |
132,934 |
53 |
% |
1 |
% |
28 |
% | |||||||||||||||||||
|
Services |
121,265 |
41 |
% |
116,058 |
41 |
% |
117,093 |
47 |
% |
4 |
% |
(1 |
)% | |||||||||||||||||||
|
Total |
293,426 |
100 |
% |
286,496 |
100 |
% |
250,027 |
100 |
% |
2 |
% |
15 |
% | |||||||||||||||||||
The following table shows
a breakdown of our total revenues by geographical distribution both in dollars and as a percentage of total revenues for the past three
fiscal years, as well as the percentage change between such periods:
|
(US$ in thousands,
except percentages) |
2022 |
2021 |
2020 |
% Change
2022 vs. 2021 |
% Change
2021 vs. 2020 |
|||||||||||||||||||||||||||
|
North, Central and South America (principally the United States)(*) |
123,947 |
42 |
% |
128,770 |
45 |
% |
114,413 |
46 |
% |
(4 |
)% |
13 |
% | |||||||||||||||||||
|
EMEA (Europe, the Middle East and Africa) |
104,219 |
36 |
% |
98,388 |
34 |
% |
78,362 |
31 |
% |
6 |
% |
26 |
% | |||||||||||||||||||
|
Asia-Pacific |
65,260 |
22 |
% |
59,338 |
21 |
% |
57,252 |
23 |
% |
10 |
% |
4 |
% | |||||||||||||||||||
|
Total |
293,426 |
100 |
% |
286,496 |
100 |
% |
250,027 |
100 |
% |
2 |
% |
15 |
% | |||||||||||||||||||
(*) For the years ended
December 31, 2022, 2021 and 2020, our revenues from the United States were $94.0 million, $98.9 million and $93.7 million, respectively,
representing 32%, 35% and 37% of total revenues for these years, respectively.
-
66 -
Revenues in 2022 were
$293.4 million compared with revenues of $286.5 million in 2021, an increase of 2%. The increase in revenues was primarily due to an increase
in both product subscriptions revenues and service subscriptions revenues as described in more detail below.
Revenues in 2021 were
$286.5 million compared with revenues of $250.0 million in 2020, an increase of 15%. The increase in revenues was due to an increase in
product revenue, in all geographic regions, primarily in EMEA as described below.
In 2022, our product revenues were $172.2 million, an increase of 1% compared to $170.4
million in 2021, reflecting an increase in product subscriptions, partially offset by a decrease in our hardware-based products. In 2021,
our product revenues were $170.4 million, an increase of 28% compared to $132.9 million in 2020, reflecting an increase in cloud subscriptions,
product subscriptions and in appliance products.
In 2022, our service
revenues were $121.3 million, an increase of 4% compared to $116.1 million in 2021. The increase in service revenues is due to the increase
in service subscriptions. In 2021, our service revenues were $116.1 million, compared to $117.1 million in 2020, the decrease in
service revenues in 2021 was due to the decrease in maintenance revenues, partially offset by an increase in service subscriptions.
During 2022, our revenues
from the enterprise market increased by 5% to $218 million from $208.2 million in 2021, whereas, in 2022, revenues from the carrier market
decreased by 4% to $75.4 million from $78.3 million in 2021. During 2021, our revenues from the enterprise market increased by 18% to
$208.2 million from $176.9 million in 2020, and revenues from the carrier market increased by 7% to $78.3 million from $73.1 million in
2020.
Our revenues in North,
Central and South America decreased in 2022 by 4% compared to 2021. Revenues from the EMEA region increased in 2022 by 6% compared to
2021. Revenues in the Asia-Pacific region increased in 2022 by 10% compared to 2021. The growth in EMEA and Asia-Pacific is attributed
mainly to our cloud and subscription business and to new logos we added to our cloud security offering; many of them are mid-sized enterprises.
The decrease in revenues in North, Central and South America is attributed mainly to elongated sales cycles influenced by the macro-economic
downturn.
-
67 -
Our revenues in North,
Central and South America increased in 2021 by 13% compared to 2020. Revenues from the EMEA region increased in 2021 by 26% compared to
2020. Revenues in the Asia-Pacific region increased in 2021 by 4% compared to 2020. The growth in North, Central and South America and
in EMEA is attributed to high demand for our cloud security solutions in those regions.
Other than the United
States, no other single country accounted for more than 10% of our revenues for each of the years ended December 31, 2022, 2021 and 2020.
Cost
of Revenues.
Cost of revenues refers
to both products and services revenues and consists primarily of the cost of circuit boards and other components required for the assembly
of our products, salaries and related personnel expenses for those engaged in the final assembly, and in providing support and maintenance
service of our products, license and hosting fees paid to third parties, fees paid to managed security service providers (related parties),
inventory write-offs, amortization of acquired technology and other overhead costs.
The following table sets
forth a breakdown of our cost of revenues between products and services for the periods indicated, in absolute figures and as a percentage
of the relative product and services revenues:
|
(US$ in thousands,
except percentages) |
2022 |
2021 |
2020
|
|||||||||||||||||||||
|
Cost of Products |
43,014 |
25.0 |
% |
42,191 |
24.8 |
% |
34,645 |
26.1 |
% | |||||||||||||||
|
Cost of Services |
10,870 |
9.0 |
% |
10,255 |
8.8 |
% |
10,439 |
8.9 |
% | |||||||||||||||
|
Total |
53,884 |
18.4 |
% |
52,446 |
18.3 |
% |
45,084 |
18.0 |
% | |||||||||||||||
Cost of products as a
percentage of product revenues in 2022 was 25.0%, compared to 24.8% in 2021. Cost of products in 2022 and 2021 included amortization of
intangible assets in the amount of $3.7 million and $1.9 million, respectively. Our cost of products as a percentage of product revenues,
excluding amortization of intangible assets, represented approximately 22.8% of product revenues in 2022, compared to 23.7% in 2021. Excluding
amortization of intangible assets, the decrease in cost of products as a percentage of product revenues is mainly due to a different mix
of sales of our products and product subscriptions, whereby there was an increase in product subscriptions and a decrease in hardware-based
products.
Cost of services as a
percentage of service revenues in 2022 was 9.0% compared to 8.8% in 2021.
Cost of products as a
percentage of product revenues in 2021 was 24.8%, compared to 26.1% in 2020. Cost of products in 2021 and 2020 included amortization of
intangible assets in the amount of $1.9 million for both 2021 and 2020. Our cost of products as a percentage of product revenues, excluding
amortization of intangible assets, represented approximately 23.7% of product revenues in 2021, compared to 24.6% in 2020. The decrease
in cost of products as a percentage of product revenues is mainly due to a different mix of sales of our products and product subscriptions.
-
68 -
Cost of services as a
percentage of service revenues in 2021 was 8.8% compared to 8.9% in 2020.
Operating
Expenses.
The following table sets
forth a breakdown of our operating expenses for the periods indicated as well as the percentage change between such periods:
|
(US$ in thousands,
except percentages) |
2022 |
2021 |
2020 |
% Change
2022 vs. 2021 |
% Change
2021 vs. 2020 |
|||||||||||||||
|
Research and development, net |
$ |
86,562 |
$ |
74,098 |
$ |
66,836 |
17 |
% |
11 |
% | ||||||||||
|
Selling and marketing |
126,533 |
119,842 |
113,015 |
6 |
% |
6 |
% | |||||||||||||
|
General and administrative |
29,786 |
21,885 |
18,924 |
36 |
% |
16 |
% | |||||||||||||
|
Total |
$ |
242,881 |
$ |
215,825 |
$ |
198,775 |
13 |
% |
9 |
% | ||||||||||
Our operating expenses
increased by 13% in 2022 to $242.9 million from $215.8 million in 2021. The increase is primarily attributed to increased personnel costs
and related expenses, additional operating costs following the acquisition of SecurityDAM in February 2022, increased share-based
compensation expenses, increased travel expenses and increased fees paid for hosting services and subcontractors.
Our operating expenses
increased by 9% in 2021 to $215.8 million from $198.8 million in 2020. The increase is primarily attributed to increased personnel costs
and related expenses, the impact of the weakening of the dollar mainly against the NIS and increased fees paid to subcontractors and consultants.
Research
and Development Expenses, Net.
Research and development,
or R&D, expenses, net consist primarily of salaries and related personnel expenses, costs of subcontractors and prototype expenses
related to the design, development, quality assurance and enhancement of our solutions, and depreciation of equipment purchased for the
development and testing processes. All R&D costs are expensed as incurred. We believe that continued investment in R&D is critical
to attaining our strategic product objectives.
R&D expenses, net were $86.6 million in 2022, an increase of $12.5 million, or 17%,
compared with R&D expenses, net of $74.1 million in 2021. This increase is primarily a result of: (1) $7.8 million due to an increase
in personnel costs, including salary raises awarded and increases in average headcount compared to the previous year and additional personnel
costs as part of the acquisition of SecurityDAM in February 2022, (2) $0.8 million related to additional rent and maintenance expenses
due to SecurityDAM office spaces, (3) a $1.5 million increase in amounts paid to subcontractors, and (4) a $1.9 million increase in share-based
compensation expenses (see also “Share-based compensation expenses” below). There was no significant impact due to the strengthening
of the dollar against the NIS since the Company hedged most of its salary related expenses.
-
69 -
R&D expenses, net
were $74.1 million in 2021, an increase of $7.3 million, or 11%, compared with R&D expenses, net of $66.8 million in 2020. This increase
is primarily a result of: (1) $1.4 million due to an increase in personnel costs, including salary raises awarded and other salary-related
expenses, partially offset by lower average headcount compared to the previous year, (2) a $3.4 million increase related to the impact
of the weakening of the dollar mainly against the NIS, (3) a $1.3 million increase in amounts paid to subcontractors, and (4) a $1.0 million
increase in share-based compensation expenses (see also “Share-based compensation expenses” below).
Sales
and Marketing Expenses.
Sales and marketing expenses
consist primarily of salaries, commissions and related personnel expenses for those engaged in the sales and marketing of our products
and services, operational costs of our offices that are located outside Israel and are engaged in the promotion, marketing and support
of our solutions, in addition to the related trade shows, advertising, promotions, website maintenance and public relations expenses,
and amortization of intangible assets.
Sales and marketing expenses were $126.5 million in 2022, an increase of $6.7 million,
or 6%, compared with sales and marketing expenses of $119.8 million in 2021. This increase is mainly related to (1) an increase of $2.3
million in marketing-related expenses, (2) $2.0 million related to an increase in travel expenses, and (3) a $2.4 million increase in
share-based compensation expenses (see also “Share-based compensation expenses” below).
Sales and marketing expenses
were $119.8 million in 2021, an increase of $6.8 million, or 6%, compared with sales and marketing expenses of $113.0 million in 2020.
This increase is mainly related to (1) an increase of $3.9 million due to a headcount increase, as well as salary raises and other salary-related
expenses such as sales incentive commissions, (2) an increase of $2.6 million related to the impact of the weakening of the dollar, mainly
against the NIS, and (3) a $0.5 million increase in share-based compensation expenses (see also “Share-based compensation expenses”
below).
General
and Administrative Expenses.
General and administrative
expenses consist primarily of salaries and related personnel expenses for executive, accounting and administrative personnel, professional
fees (which include legal, audit and additional consulting fees), bad debt expenses, acquisition related costs and other general corporate
expenses.
General and administrative expenses were $29.8 million in 2022, an increase of $7.9
million, or 36%, compared with general and administrative expenses of $21.9 million in 2021. The increase in general and administrative
expenses in 2022 was primarily due to (1) a $5.3 million increase in share-based compensation expenses (see also “Share-based compensation
expenses” below), (2) a $0.9 million increase related to personnel costs and related expenses, (3) a $1.0 million increase related
to transaction costs as part of the acquisition of SecurityDAM in February 2022, and (4) a $0.8 million increase related to revaluation
of contingent consideration recorded as part of the acquisition of SecurityDAM.
-
70 -
General and administrative
expenses were $21.9 million in 2021, an increase of $3.0 million, or 16%, compared with general and administrative expenses of $18.9 million
in 2020. The increase in general and administrative expenses in 2021 was primarily due to (1) an increase of $0.2 million related to personnel
costs and related expenses, (2) an increase of $0.9 million related to the impact of the weakening of the USD against the NIS, (3) $0.7
million related to increased fees paid to outside consultants for tax, financial and legal services, and (4) $1.4 million related to an
increase in insurance premiums, mainly due to directors and officers liability insurance. Such increase was partially offset by $0.5 million
related to lower share-based compensation expenses (see also “Share-based compensation expenses” below).
For a discussion of the
impact of foreign currency fluctuations on our business, see Item 11 “Quantitative and Qualitative Disclosures about Market Risk.”
Share-based
compensation expenses.
Our expenses also include
the recognition of share-based compensation, which is allocated among cost of sales, research and development expenses, marketing and
selling expenses and general and administrative expenses, based on the division in which the recipient of the option grant is employed.
The share-based compensation is amortized to operating expenses over the requisite service period of the individual options.
The following tables
summarize the share options and restricted share units (RSUs) that were granted during the years 2022, 2021 and 2020, and their weighted
average grant-date fair value:
Share options:
|
2022 |
2021 |
2020 |
||||||||||
|
Grants |
250,284 |
248,233 |
1,037,444 |
|||||||||
|
Weighted average grant-date fair value
|
6.77 |
6.87 |
4.74 |
|||||||||
RSUs:
|
2022 |
2021 |
2020 |
||||||||||
|
Grants |
1,947,499 |
1,143,097 |
995,419 |
|||||||||
|
Weighted average grant-date fair value
|
21.31 |
32.57 |
22.54 |
|||||||||
Share-based compensation
expenses in 2022 totaled $27.4 million, an increase of $9.8 million, or 56%, compared with expenses of $17.6 million in 2021. The increase
in our share-based compensation expenses in 2022 was primarily due to equity-based grants made to our CEO during 2022 and higher weighted
average grant date fair value of RSUs granted towards the end of 2021, which resulted in recording higher expenses in 2022.
-
71 -
Share-based compensation
expenses in 2021 totaled $17.6 million, an increase of $1.1 million, or 7%, compared with expenses of $16.5 million in 2020. The increase
in our share-based compensation expenses in 2021 was primarily due to the significant increase in our weighted average grant date fair
value of RSUs granted throughout 2021.
Financial
Income, Net.
Financial income, net
consists primarily of interest earned on short- and long-term bank deposits, amortization of premiums, accretion of discounts, interest
and dividends earned on investments in marketable securities, gain from the sale of marketable securities and from income and expenses
from the translation of monetary balance sheet items denominated in non-dollar currencies.
Financial income, net was $8.1 million in 2022, compared with $4.4 million in 2021.
The net increase of $3.7 million was primarily due to a $3.1 million increase in foreign currency exchange gains, mainly due to revaluation
of liabilities stated in NIS and $0.6 million increase in interest income and gains from our investments and bank deposits.
Financial income, net
was $4.4 million in 2021, compared with $7.8 million in 2020. The net decrease of $3.4 million was primarily due to a $3.8 million decrease
in interest from our investments, partially offset by a $0.5 million decrease in foreign currency exchange losses.
Income
Taxes.
Israeli companies are
generally subject to corporate tax on their taxable income at the rate of 23% for the 2022, 2021 and 2020 tax years. We elected to apply
the Preferred Enterprise regime under the Law for the Encouragement of Capital Investment, 1959 (the “Investments Law”) as
of the 2014 tax year. The election is irrevocable. Under the Preferred Enterprise regime, a preferred income of an enterprise located
in the center of Israel is subject to a tax rate of 16%. Pursuant to Amendment 73 to the Investments Law adopted in 2017, a company located
in the center of Israel that meets the conditions for “Preferred Technological Enterprises” is subject to a tax rate of 12%.
We believe we meet those conditions.
We operate our business
in various countries and attempt to utilize an efficient operating model to optimize our tax payments based on the laws in the countries
in which we operate. This can cause disputes between us and various tax authorities in different parts of the world.
Our effective tax rate in 2022 was 104% compared with an effective tax rate of 65% in
2021. The increase in the effective tax rate in 2022 as compared to 2021 was primarily due to an additional provision for unrecognized
tax benefit and carryforward losses of which valuation allowance was recorded.
-
72 -
Our effective tax rate in 2021 was 65% compared
with an effective tax rate of 31% in 2020. The increase in the effective tax rate in 2021 as compared to 2020 was primarily due to a settlement
we reached with the Israeli Tax Authority during November 2021 in relation to our corporate tax returns for the years 2015-2018 and the
release of Trapped Earnings as described in Item 10.E “Taxation—Israeli Tax Considerations.”
For additional disclosure
and explanations regarding our income taxes, including the Preferred Technology Enterprise program, see Note 14 to our consolidated financial
statements included elsewhere in this annual report and Item 10.E “Taxation—Israeli Tax
Considerations.”
Impact of Currency Fluctuations
and Inflation
Our financial results
may be negatively impacted by foreign currency fluctuations and inflation. Information required by this section is set forth in Item 11
“Quantitative and Qualitative Disclosures about Market Risk” and in Item 3.D “Risk Factors—Currency
exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.”
Impact of Governmental
Policies
For information on the impact of governmental policies on our operations, see Item 4.B
“Business Overview—Government Regulations”, Item 3.D “Risk Factors—Laws, regulations and industry
standards affecting our business are evolving, and unfavorable changes could harm our business” and “Item 3.D “Risk
Factors—Risks Related to Operations in Israel.”
Impact of Russia-Ukraine
Conflict
Following Russia’s military conflict in Ukraine, the United States and other
countries launched economic sanctions and severe export control restrictions against Russia and Belarus, and the United States and other
countries could launch wider sanctions and export restrictions and take other actions should the conflict further escalate. For information
on the possible impact of the Russia-Ukraine Conflict, see Item 3.D “Risk Factors—Our business may be affected by sanctions,
export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s
military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national
businesses across a variety of industries.”
Impact of COVID-19
For information on the impact of the COVID-19 pandemic, see Item 3.D “Risk Factors
– The COVID-19 pandemic has impacted and may continue to impact our business, operating results and financial condition” and
Item 5.D “Trend Information—COVID-19 Update.”
Related Parties
We have entered into
a number of agreements for the lease of real property and the purchase of certain products and services from certain companies, of which
Yehuda Zisapel, Zohar Zisapel and/or Nava Zisapel are co-founders, directors and/or shareholders, that form part of the RAD-Bynet Group.
In February 2022, we have also acquired the technology and operations of one of these RAD-Bynet Group entities, SecurityDAM. Mr. Yehuda
Zisapel, the Chairman of our Board of Directors, and Mr. Roy Zisapel, our President and Chief Executive Officer and a director, hold a
majority stake and a minority stake, respectively, in SecurityDAM. Mr. Roy Zisapel also serves
as a director of RAD Data Communications Ltd., a company in the RAD-Bynet Group.
-
73 -
We believe that the terms
of the transactions in which we have entered with these member entities of the RAD-Bynet Group are not different in any material respect
from terms we could obtain from unaffiliated third parties and are beneficial to us and no less favorable to us than terms that might
be available to us from unaffiliated third parties. The pricing of the transactions was arrived at based on negotiations between the parties.
Members of our management reviewed the pricing of the agreements and confirmed that they were not different in any material respect than
that which could have been obtained from unaffiliated third parties.
For more details about
these transactions, see below under Item 7.B “Related Party Transactions.”
B.
Liquidity and Capital Resources
General
Since our inception,
we have financed our operations through a combination of issuing equity securities, including two public offerings in October 1999 and
February 2000, research and development and marketing grants from the Government of Israel, and cash generated by operations.
The total Radware Ltd. shareholders' equity as a percentage of its total assets was
52% on December 31, 2022, compared with 58% on December 31, 2021 and 62% on December 31, 2020.
Cash and cash equivalents,
short- and long-term bank deposits and short- and long-term marketable securities were $432.0 million on December 31, 2022, compared with
$465.8 million and $448.8 million on December 31, 2021 and 2020, respectively.
Principal Capital Expenditures
and Divestitures
Capital expenditures
were $8.8 million, $5.6 million and $8.7 million for the years ended December 31, 2022, 2021 and 2020, respectively. These expenditures
were mainly comprised of investments in cloud infrastructure, enterprise resource planning (ERP) modules, leasehold improvements, machinery
and equipment, computers, lab equipment and testing tools.
We expect to engage in
additional capital spending to support possible growth in our operations, infrastructure and personnel. In 2023, we anticipate that the
majority of our capital expenditures will be primarily for additional infrastructure to support our cloud-based solutions and for R&D
testing, lab equipment and additional investments in new modules for our ERP system.
We did not have any principal
divestitures in the past three years.
-
74 -
Working Capital and Cash
Flows
The following table presents
the major components of net cash flows used in and provided by operating, investing and financing activities for the periods presented
(dollars in thousands(:
|
2022 |
2021 |
2020 |
||||||||||
|
Net cash provided by operating activities |
$ |
32,148 |
$ |
71,774 |
$ |
63,865 |
||||||
|
Net cash provided by (used in) investing activities |
(56,018 |
) |
7,849 |
(14,368 |
) | |||||||
|
Net cash used in financing activities |
(22,458 |
) |
(41,881 |
) |
(35,477 |
) | ||||||
Net cash provided by
operating activities for 2022, 2021 and 2020 was $32.1 million, $71.8 million and $63.9 million, respectively. Our net income (loss) in
2022, 2021 and 2020 was $(0.2) million, $7.8 million and $9.6 million, respectively.
Net cash provided by
operating activities was $32.1 million for the year ended December 31, 2022, compared to $71.8 million for the year ended December 31,
2021. The change resulted primarily from a decrease in our net income of $8.0 million, a decrease of $4.9 million in accrued interest
on bank deposits, a decrease of $6.6 million in deferred revenues, a decrease of $2.2 million in inventories, a decrease of $1.9 million
in operating lease liabilities, net, a decrease of $8.2 million in trade receivables, net, and a decrease in other payables of $26.3 million
mainly related to $15.4 million cash paid during the first quarter of 2022 for a settlement we reached with the Israeli Tax Authority
during November 2021. These decreases were partially offset by an increase of $1.5 million in depreciation and amortization, an increase
of $9.8 million in share-based compensation, an increase of $4.3 million in other assets and prepaid expenses and a $1.7 million increase
in trade payables.
Net cash provided by
operating activities was $71.8 million for the year ended December 31, 2021, compared to $63.9 million for the year ended December 31,
2020. The change resulted primarily from an increase of $3.6 million in accrued interest on bank deposits, an increase of $3.3 million
in deferred revenues, an increase of $2.4 million in inventories, an increase of $1.0 million in share-based compensation, an increase
of $1.8 million in accrued interest on marketable securities, an increase of $1.0 million in other assets and prepaid expenses and an
increase of $2.9 million in trade payables. These increases were partially offset by a decrease of $2.1 million in trade receivables,
net, a decrease of $1.8 million in our net income, and a $3.8 million change in deferred income taxes, net.
Net cash used in investing
activities was $56.0 million for the year ended December 31, 2022, a change of $63.9 million compared to net cash provided by investing
activities of $7.8 million for the year ended December 31, 2021. The change was primarily due to a net decrease of $30.6 million in proceeds
from short- and long-term deposits and marketable securities, a decrease of $30.0 million due to the acquisition payment of SecurityDAM
and a decrease of $3.2 million in capital expenditures.
Net cash provided by
investing activities was $7.8 million for the year ended December 31, 2021, a change of $22.2 million compared to net cash used in investing
activities of $14.4 million for the year ended December 31, 2020. The change was primarily due to a net increase of $19.0 million in proceeds
from short- and long-term deposits and marketable securities and an increase of $3.1 million due to lower capital expenditures.
-
75 -
Net cash used in financing
activities was $22.5 million for the year ended December 31, 2022, a decrease of $19.4 million compared to net cash used in financing
activities of $41.9 million for the year ended December 31, 2021. Net cash used in financing activities was attributed primarily to the
repurchase of our ordinary shares. In 2022 and 2021, we repurchased ordinary shares in the amount of $59.5 million and $52.5 million,
respectively. In addition, proceeds from the exercise of share options decreased by $8.6 million, and in 2022, we received $35.0 million
in proceeds from the issuance of Preferred A shares in our subsidiary SkyHawk Security.
Net cash used in financing
activities was $41.9 million for the year ended December 31, 2021, an increase of $6.4 million compared to net cash used in financing
activities of $35.5 million for the year ended December 31, 2020. Net cash used in financing activities was attributed primarily to the
repurchase of our ordinary shares. In 2021 and 2020, we repurchased ordinary shares in the amount of $52.5 million and $45.3 million,
respectively. In addition, proceeds from exercise of share options decreased by $1.3 million and there was a decrease of $2.1 million
in payment of deferred consideration related to the acquisition of ShieldSquare, which was paid in 2020.
Cash and Cash Equivalents
As of December 31, 2022,
we had cash and cash equivalents, including short- and long-term bank deposits and short- and long-term marketable securities, of $432.0
million, compared to $465.8 million as of December 31, 2021 and $448.8 million as of December 31, 2020. As of December 31, 2022, approximately
39%, 27% and 34% of our short- and long-term bank deposits were deposited in Israel with major Israeli banks which are rated AAA, A and
BBB+, respectively, as determined by S&P’s Maalot. As of December 31, 2022, the longest contractual duration of any of our bank
deposits was 2.0 years, the weighted average duration of our deposits was 1.36 years, and the weighted average time to maturity was 0.62
years.
Our marketable securities
portfolio includes investments in foreign banks and government debentures and in debt securities of corporations. The financial institutions
that hold our marketable securities are major U.S. financial institutions, located in the United States. As of December 31, 2022,
25% of our marketable securities portfolio was invested in debt securities of financial institutions and 75% in debt securities of corporations.
From a geographic perspective, 64% of our marketable securities portfolio was invested in debt securities of U.S. issuers, 6% was invested
in debt securities of European issuers and 30% was invested in debt securities of other geographic-located issuers. As of December 31,
2022, 95% of our marketable securities portfolio was rated A- or higher and 5% was rated BBB+, as determined by S&P.
There are no material
legal restrictions, taxes or other costs associated with transferring our funds held in U.S. financial institutions to Israeli financial
institutions, and we have access to all of our cash as needed for our operations. Although we have various subsidiaries throughout the
world, there are no material legal, tax or other cost impediments to our transferring cash to these subsidiaries for operations as and
when needed or to such subsidiaries transferring cash to us to meet our own cash obligations. Further, we believe we generate sufficient
cash from our Israeli operations to fund our operating and capital requirements and, therefore, do not need or intend to repatriate any
of the earnings of our foreign subsidiaries.
-
76 -
Other Material Contractual
Obligations
The following table summarizes
our material contractual obligations as of December 31, 2022 and the effect those commitments are expected to have on our liquidity and
cash flow.
|
Payments Due by Period (US $ in thousands)
| |||||
|
Contractual obligations |
Total |
Less than 1 year* |
1-3 years |
3-5 years |
More than 5
years |
|
Operating leases (1) |
26,290 |
3,987 |
9,353 |
6,237 |
6,713 |
|
Total contractual cash obligations (2) |
26,290 |
3,987 |
9,353 |
6,237 |
6,713 |
*
Become due during 2023.
(1) Consists of outstanding
operating leases for the Company’s facilities. The lease agreements expire in the years 2023 to 2030, although certain of our leases
have renewal options.
(2) Severance payments
of $4.7 million are payable only upon termination, retirement or death of the respective employee and there is no obligation for benefits
accrued prior to 2007 if the employee voluntarily resigns. Since we are unable to reasonably estimate the timing of settlement, such payments
are not included in the table. See also Note 2(w) of our consolidated financial statements.
Market Risk
We are exposed to market
risk, including fluctuations in interest rates and foreign currency exchange rates. Additional information about market risk is set forth
in Item 11 “Quantitative and Qualitative Disclosures about Market Risk.”
Outlook
Our capital requirements
depend on numerous factors, including market acceptance of our products and services and the resources we allocate to our operating expenses.
Since our inception, we have experienced substantial increases in our expenditures consistent with growth in our operations and personnel,
and we may increase our expenditures in the foreseeable future in order to execute our strategy.
We anticipate that operating
activities as well as capital expenditures will demand the use of our cash resources. We believe that our cash balances will provide sufficient
cash resources to finance our operations and the projected marketing and sales activities and research and development efforts and other
elements of our strategy for a period of no less than the next 12 months.
-
77 -
C. Research
and Development, Patents and Licenses, etc.
In order to accommodate
the rapidly changing needs of our markets, we place considerable emphasis on research and development projects designed to improve our
existing product lines, develop new product lines and customize our products to meet our customers’ needs. As of December 31, 2022,
we had 419 employees and 75 subcontractors engaged primarily in research and development activities, compared to 365 employees and 68
subcontractors at the end of 2021. For a further discussion of research and development, see Item 5.A “Operating Results.”
For a discussion regarding
the benefits provided under programs of the IIA, see Item 4.B “Business Overview—Israeli
Innovation Authority.”
D. Trend
Information
General
We have identified the
following key trends and uncertainties that we believe will materially influence our market, financial condition and the demand for our
solutions:
| • |
Applications are migrating to
the public cloud. The migration to public cloud exposes
organizations to new threats that require consistent security across all cloud environments. Organizations also prefer to purchase security
services as a subscription, to match the subscription-based consumption of hosting services. |
| • |
Datacenter architecture is changing.
Datacenter architecture is changing to include various models such as a physical datacenter, a virtual datacenter, a software defined
datacenter, and private or public cloud. New emerging edge clouds coupled with the emerging 5G breakouts and SD-WAN will enable enterprises
to leverage their IoT strategy effectively. Many organizations use a mixed infrastructure that includes a combination of one or more of
the above and therefore require broader overarching protection that encompasses both the datacenter and cloud-based applications that
can be built and delivered as “lift and shift” and “born-in-the cloud” modes. In addition, this mixed environment
often involves multiple vendors and creates challenges in IT staffing and operational costs, which increase the needs for hybrid cloud
services, managed services and modern automated data center technologies. |
| • |
Application modernization requires
new security tools. Application infrastructure is changing,
from monolithic applications to modern applications and websites in which deployment workflows, front-end built-tools and API-centric
architectures are used. The rise of cloud-native ecosystems, increasingly adapting cloud-direct and micro-services architecture packaged
as containers, is providing a built-in “on-demand” elasticity and availability application infrastructure. This enables introducing
and running the new generation of cloud-native applications, in a fast, adaptive and more efficient way by interacting with DevOps CICD
tools and methods. As such, the AppSec blast radius is expanded and requires injection of security controls within the application lifecycle
generation at early stages, to avoid slowdown in development, to sanitize, for example, usage of opensource software used by developers
and might leak in malicious code (recent Log4J library). Various “shift-left” methods are used and specifically adapted for
various target deployment environments. |
-
78 -
| • |
The above-mentioned cloud-native
application delivery opens the door for leakage through the open cloud interface. A
new family of attack surfaces manifested by the fact that the cloud APIs are publicly published, and DevOps processes are done from the
outside of the cloud “perimeter” (the insider becomes the outsider). “Cloud-native” infiltrations are enabled
by the usage of cloud-IAM (identify and access) misconfigurations or account take over techniques and by various vulnerabilities of publicly
exposed web and API interfaces. This creates a need for a new protection posture for compliance, permissions hardening, vulnerabilities
detection as well as cloud-native detection (infiltrations and exfiltration) and response tools under new industry categories: CIEM (Cloud
Infrastructure Entitlement Management), CSPM (Cloud Security Posture Management) and CWPP (Cloud Workload Protector Platform) and CTDR
(Cloud Threat Detection and Response). |
| • |
Organizations’ attack surfaces
are increasing due to a changing economy. This was caused
by a combination of two forces. First, working from home due to COVID-19 required organizations to enable remote access to applications
and services that were previously not exposed. This eliminated the traditional network perimeter, and now every home computer or mobile
device has become the new perimeter. Second, an increase in the online consumption of goods has accelerated organizations’ digital
transformation and migration to the cloud. The result is more opportunities for attackers to leverage the increased attack surface.
|
| • |
Increasing complexity and intensity
of security threats. The increasing complexity and intensity
of the security threats landscape requires expertise in identifying the attacks and state-of-the-art security to mitigate the attacks
and safeguard the assets. Attack delivery is aided by the growing presence of connected devices (IoT), which increases the threat
surface against any kind of infrastructure, as well as traffic encryption (dark data) assisting hiding attacks. Furthermore, attack tools
are increasingly available to all through the dark net and becoming more sophisticated as hackers use automation and weaponize artificial
intelligence. This leads to ever morphing and scalable attack vectors at all levels, from volumetric botnets through web and API-centric
attacks, as well as new attack surfaces that utilize Kubernetes-platforms (container orchestration platform of choice). The mass
amount of uncontrolled IoT devices and cloud hosting opens the door for a new generation of botnets and automated bots that are hard to
classify and block. Most organizations are not able to keep up with these developments with their internal cyber security resources and
seek managed security services. |
-
79 -
| • |
Increasing expectations for applications
availability and frictionless performance, due to the increasing dependence on applications in today’s business world.
Businesses are sensitive to the resilience and availability of their applications, given their customers’ expectations of flawless
experience and optimal performance. As such, exposed web and API based applications are the target for attackers that utilize both the
server side as well as the client/browser side platforms for spreading their malicious code. New security controls utilize the power of
artificial intelligence (AI) and machine learning (ML) to control the delivery of AppSec services (false positives) as well as detection
of zero-day. |
| • |
COVID-19
and Russia-Ukraine War. The
potential effects of the COVID-19 pandemic (see below under “COVID-19 Update”) and the Russia-Ukraine
war. |
We believe that our business,
comprised of application security and delivery solutions, is positioned to effectively navigate the headwinds resulting from the above-mentioned
industry dynamics due to the following key factors:
| • |
We have developed a broad portfolio of solutions to address the challenges and meet the requirements arising from these trends.
|
| • |
We continuously focus on innovation and believe that our solutions have, in many instances, a technological advantage over competing
solutions. |
| • |
We offer our solutions in a wide array of deployment models (on-premise solutions, managed services, cloud-based solutions, etc.),
in order to support various customers’ business models. We believe this flexibility addresses the complexity and diversity of the
current application and infrastructure ecosystem. |
We believe that the advantages
of our offerings, coupled with the above-mentioned industry dynamics and trends, place us in a position to meet our business plans. Nevertheless,
meeting our business plans and implementing our growth strategy, as more fully described under Item 4.B “Business Overview–Our
Growth Strategy” above, may not convert into revenues growth in a given period, due to our shift towards subscription-based product
sales, where revenues are recognized throughout the subscription period.
In addition, while we
believe that the above trends may present some opportunities for us, they also pose significant challenges, risks and uncertainties, including
the following:
| • |
We operate in a highly competitive environment, and some of our competitors have larger internal resources, and a larger installed
base. |
| • |
While we believe that the shift towards a subscription-based business model is a strategic transition towards higher growth and profitability
in the long term, we may not be successful in its execution, including an inability to maintain a high subscription renewal rate.
|
-
80 -
| • |
In addition, our customers’ purchasing decisions are related to the conditions in our industry and in the various regions and
geographical markets in which we operate and are tied to the overall IT spending climate. Uncertainty about current global economic conditions
continues to pose a risk as customers may postpone or reduce spending in response to such uncertainties. In particular, the COVID-19 pandemic
and the Russia-Ukraine war may negatively affect economic conditions regionally as well as globally, disrupt operations situated in countries
particularly exposed to the contagion, affect supply chains or otherwise negatively impact our business. |
| • |
The other risks and uncertainties we face, as described under Item 3.D “Risk Factors.” |
COVID-19 Update
The COVID-19 pandemic has resulted in a
widespread health crisis that has adversely affected businesses, economies and financial markets worldwide, placed constraints on the
operations of businesses, and decreased consumer mobility and activity. Our business has been affected in various ways from the COVID-19
pandemic, including the following:
| • |
Manufacturing
and Supplies: During 2022, we experienced some slowdowns
in our supply chain. Such slowdowns were mainly associated with the need to deliver appliances to customers’ locations around the
world. We have undertaken various measures in order to overcome these disruptions, primarily in order to mitigate the risk of failing
to timely respond to our customers’ delivery requirements in the face of importation blocking in different countries. As a result,
the overall impact of COVID-19 on our manufacturing and supply chain was immaterial. |
| • |
Human Resources:
At the outset of the COVID-19 pandemic, we shifted our operations to enable work from home and, in compliance with constantly developing
regulations enacted in Israel and abroad, we continue to allow our office employees to work, partially or primarily, from their homes.
|
While,
taken as a whole, we do not believe COVID-19 had a significant impact on our business in 2022, the impacts of the global pandemic on our
business and financial outlook remain unknown. In particular, there is no guaranty that any increased investments in cyber protection
solutions by our customers as described above will continue after the COVID-19 pandemic subsides and the extent to which COVID-19 will
impact our business, financial condition or results of operations will depend on future developments, which are uncertain and cannot be
predicted. We intend to continue to actively monitor the situation and may take further actions as may be required by applicable regulations
or that we deem are necessary or desirable to address the needs of our employees, customers, partners and suppliers.
E.
Critical Accounting Estimates
In many cases, the accounting
treatment of a particular transaction is specifically dictated in U.S. GAAP and does not require management’s judgment in its application.
There are also areas in which management’s judgment in selecting among available alternatives would produce a materially different
result. Our management has reviewed these critical accounting policies and related disclosures with the Audit Committee of our Board
of Directors. See Note 2 to our consolidated financial statements included elsewhere in this annual report, which contains additional
information regarding our accounting policies and other disclosures required by U.S. GAAP.
-
81 -
Our management believes
that the significant accounting policies that affect its more significant judgments and estimates used in the preparation of its consolidated
financial statements and that are the most critical to aid in fully understanding and evaluating our reported financial results include
the following:
| • |
Revenue recognition; |
| • |
Investment in marketable securities; |
| • |
Business combinations; |
| • |
Goodwill and impairment of long-lived assets. |
| • |
Share-based compensation; and |
| • |
Income taxes. |
Revenue
Recognition. We recognize revenues in accordance with the
Financial Accounting Standards Board (FASB) Accounting Standards Update (ASU) No. 2014-09, “Revenue from Contracts with Customers
(Topic 606)” (ASC 606). As such, we identify a contract with a customer, identify the performance obligations in the contract, determine
the transaction price, allocate the transaction price to each performance obligation in the contract and recognize revenues when (or as)
we satisfy a performance obligation.
Our solutions are sold
primarily through distributors and resellers, all of which are considered end-users.
Our arrangements typically
contain various combinations of our products and subscriptions and PCS, which are distinct and are accounted for as separate performance
obligations. We allocate the transaction price to each performance obligation based on its relative standalone selling price (SSP). If
the SSP is not observable, we estimate the SSP taking into account available information such as geographic specific factors, customer
grouping and internally approved pricing guidelines related to the performance obligation. For PCS, we determine the standalone selling
price based on observable renewals prices. For subscriptions, we determine the standalone selling price based on standalone new subscription
transactions and renewals. For products, the SSP is not observable, and therefore, we estimate the product SSP taking into account available
information such as geographic specific factors, customer grouping and internally approved historical pricing guidelines.
-
82 -
Deferred revenues include
unearned amounts received under post-contract customer support and subscription agreements and are classified as short- and long-term
based on their contractual term. Deferred revenue amounts which represent uncollected amounts are offset against trade receivables.
We record a provision
for estimated sale returns and credits to customers on our products in the same period that the related revenues are recorded in accordance
with ASC 606. Those estimates are based on historical sales returns and other factors known to us. Such provisions amounted to $1.0 million
and $2.5 million as of December 31, 2022 and 2021, respectively.
Investment in Marketable
Securities. We account for investments in debt marketable securities in accordance with Accounting Standards Codification,
or ASC 320, “Investments – Debt Securities.” Management determines the appropriate classification of our investments
at the time of purchase and reevaluates such determinations at each balance sheet date.
We classified our debt
securities as available-for-sale securities. Available-for-sale securities are carried at fair value, with the unrealized gains and losses
reported in “accumulated other comprehensive loss, net of tax” in shareholders’ equity. Realized gains and losses on
sales of investments are included in financial income, net and are derived using the specific identification method for determining the
cost of securities.
-
83 -
The amortized cost of
debt securities is adjusted for amortization of premiums and accretion of discounts to maturity. Such amortization together with interest
on securities are included in financial income, net.
In 2020, we adopted ASU
2016-13, Topic 326 "Financial Instruments – Credit Losses: Measurement of Credit Losses on Financial Instruments," which modified
the other than temporary impairment model available for sale debt securities. Available-for-sale securities are periodically evaluated
for unrealized losses. For unrealized losses in securities that we intend to hold and will not more likely than not be required to sell
before recovery, we further evaluate whether declines in fair value below amortized cost are due to credit or non-credit related factors.
We consider credit-related impairments to be changes in value that are driven by a change in the creditor's ability to meet its payment
obligations and record an allowance and recognize a corresponding loss in financial income, net when the impairment is incurred. Unrealized
non-credit related losses and unrealized gains are reported as a separate component of accumulated other comprehensive income in our consolidated
balance sheets until realized. The amortized cost of marketable securities is adjusted for amortization of premiums and accretion of discounts
to maturity. Such amortization together with interest on securities is included in financial income, net. Credit loss impairments for
the years ended December 31, 2022, and 2021 were immaterial.
Business Combinations.
We account for business combinations in accordance with ASC No. 805, "Business Combinations" ("ASC 805"). Under ASU No. 2017-01, “Business
Combinations (Topic 805): Clarifying the Definition of a Business (“2017-01”), we first determine whether substantially all
of the fair value of the gross assets acquired is concentrated in a single identifiable asset or a group of similar identifiable assets.
If this threshold is met, the single asset or group of assets, as applicable, is not a business.
ASC No. 805 requires recognition of assets acquired, liabilities
assumed, and any non-controlling interest at the acquisition date, measured at their fair values as of that date. Any excess of the fair
value of net assets acquired over purchase price and any subsequent changes in estimated contingencies are to be recorded in earnings.
In addition, changes in valuation allowance related to acquired deferred tax assets and in acquired income tax position are to be recognized
in earnings.
When we acquire a business, the purchase price is allocated
to the tangible and identifiable intangible assets, net of liabilities assumed. Any residual purchase price is recorded as goodwill. The
allocation of the purchase price requires management to make significant estimates in determining the fair values of assets acquired and
liabilities assumed, especially with respect to intangible assets. We use the Discounted Cash Flow Method to assign fair values to acquired
identifiable intangible assets. These estimates can include, but are not limited to, the cash flows that an asset is expected to generate
in the future, forecasted future revenue, forecasted operating results, discount rates and the appropriate weighted-average cost of capital.
These estimates are inherently uncertain and unpredictable.
These models are based on reasonable estimates and assumptions
given available facts and circumstances, including industry estimates and averages, as of the acquisition dates and are consistent with
the plans and estimates of management.
During the measurement period, which may be up to one year
from the acquisition date, adjustments to the fair value of these tangible and intangible assets acquired and liabilities assumed may
be recorded, with the corresponding offset to goodwill. Upon the conclusion of the measurement period or final determination of the fair
value of assets acquired or liabilities assumed, whichever comes first, any subsequent adjustments are recorded to in our consolidated
statements of income (loss).
-
84 -
Goodwill
and impairment of long-lived assets. Goodwill represents the excess of the purchase price in a business combination over
the fair value of the net tangible and intangible assets acquired. Under ASC 350 “Intangibles – Goodwill and Other”
(ASC 350), goodwill is not amortized, but rather is subject to an annual impairment test. ASC 350 requires goodwill to be tested for impairment
at least annually or between annual tests in certain circumstances and written down when impaired. Goodwill is tested for impairment by
comparing the fair value of each reporting unit with its carrying value.
ASC 350 allows an entity
to first assess qualitative factors to determine whether it is necessary to perform a quantitative goodwill impairment test. If the entity
elects not to use this option, or if the entity determines that it is more likely than not that the fair value of a reporting unit is
less than its carrying value, then the entity prepares a quantitative analysis to determine whether the carrying value of a reporting
unit exceeds its estimated fair value. If the carrying value of a reporting unit exceeds its estimated fair value, the entity recognizes
an impairment of goodwill for the amount of this excess.
We operate in one operating
segment, and this segment comprises two reporting units. We conduct our annual test of impairment for goodwill on December 31st of each
year, or more frequently if impairment indicators are present. No impairment was recorded during 2022, 2021 and 2020.
Share-based
compensation. We account for share-based compensation in
accordance with ASC 718, “Compensation-Stock Compensation” (ASC 718). ASC 718 requires companies to estimate the fair value
of equity-based payment awards on the date of grant using an option-pricing model. The value of the portion of the award that is ultimately
expected to vest is recognized as an expense over the requisite service periods in our consolidated statement of income.
We recognize compensation
expenses for the value of our awards based on the accelerated attribution method over the requisite service period of each of the awards,
net of estimated forfeitures. Forfeitures are estimated at the time of grant and revised, if necessary, in subsequent periods if actual
forfeitures differ from those estimates. Estimated forfeitures are based on actual historical pre-vesting forfeitures.
We selected the Black-Scholes-Merton option pricing model to account for the fair value
of our share-options awards with only service conditions and whereas the fair value of the restricted share awards is based on the market
value of the underlying shares at the date of grant.
During 2020, the Board of Directors of the Company approved a market-condition based
RSUs equity grant to the Chief Executive Officer of the Company. The vesting of the market-condition based RSUs granted during 2020 is
dependent upon the Company's share performance over the requisite service period.
On July 28, 2022, the Board of Directors of the Company approved an equity grant to
the Chief Executive Officer of the Company, which is comprised of RSUs, market-condition based RSUs and market-condition based share options.
The equity grant includes grants for the years 2022, 2023 and 2024 and are fixed monetary amounts ($7,725, $5,000 and $5,000, respectively).
The number of the equity instruments for the 2023 and 2024 grants will be determined based on the Company's share price on January 1,
2023 and January 1, 2024, respectively.
Market-condition based RSUs' vesting is dependent upon the fulfillment of certain market
conditions and will vest, or partially vest, depending on the Company's share performance compared to other companies that are listed
on the NASDAQ CTA Cybersecurity Index over the requisite service period, which is up to three years.
Market-based condition Share options' vesting is dependent upon the fulfillment of certain
market conditions will vest depending on the Company's share performance over the requisite service period, which is up to three years.
For the 2023 and 2024 grants, the Company recorded a liability in the consolidated balance
sheets for the RSUs and the market-condition based RSUs as the Company has an obligation to issue a variable number of shares for which
the monetary amount is fixed and the key terms and conditions of the equity grant are known.
The fair value of the market-condition based awards was determined using a Monte Carlo
simulation methodology.
-
85 -
The option-pricing model
requires a number of assumptions, of which the most significant are the expected stock price volatility and the expected option term.
Expected volatility was calculated based upon actual historical stock price movements over a historical period equivalent to the option’s
expected term. The expected option term represents the period of time that options are expected to be outstanding. Expected term of options
is based on historical experience. The risk-free interest rate is based on the yield from U.S. treasury bonds with an equivalent term.
We have historically not paid dividends and have no foreseeable plans to pay dividends.
Income
Taxes. We account for income taxes in accordance with ASC
740, “Income Taxes.” This statement prescribes the use of the liability method whereby deferred tax assets and liability account
balances are determined based on differences between financial reporting and tax bases of assets and liabilities and are measured using
the enacted tax rates and laws that will be in effect when the differences are expected to reverse. We provide a valuation allowance,
if necessary, to reduce deferred tax assets to their estimated realizable value if it is more likely than not that a portion or all of
the deferred tax assets will not be realized.
ASC 740 contains a two-step
approach to recognizing and measuring a liability for uncertain tax positions. The first step is to evaluate the tax position taken or
expected to be taken in a tax return by determining if the weight of available evidence indicates that it is more likely than not that,
on an evaluation of the technical merits, the tax position will be sustained on audit, including resolution of any related appeals or
litigation processes. The second step is only addressed if the first step has been satisfied (i.e., the position is more likely than not
to be sustained), otherwise a full liability in respect of a tax position not meeting the more likely than not criteria is recognized.
The second step is to measure the tax benefit as the largest amount that is more than 50% likely to be realized upon ultimate settlement.
We accrue interest and penalty, if any, that are related to unrecognized tax benefits in its taxes on income. Although we believe we have
adequately reserved for our uncertain tax positions, no assurance can be given that the final tax outcome of these matters will not be
different. We adjust these reserves in light of changing facts and circumstances, such as the closing of a tax audit, the refinement of
an estimate or changes in tax laws. To the extent that the final tax outcome of these matters is different than the amounts recorded,
such differences will impact the provision for income taxes in the period in which such determination is made. The provision for income
taxes includes the impact of reserve provisions and changes to reserves that are considered appropriate, as well as the related interest
and penalties.
Accounting for tax positions
requires judgments, including estimating reserves for potential uncertainties. We also assess our ability to utilize tax attributes, including
those in the form of carryforwards for which the benefits have already been reflected in the financial statements. We do not record valuation
allowances for deferred tax assets that we believe are more likely than not to be realized in future periods. While we believe the resulting
tax balances as of December 31, 2022 and 2021 are appropriately accounted for, the ultimate outcome of such matters could result
in favorable or unfavorable adjustments to our consolidated financial statements and such adjustments could be material. See Note 14 to
our consolidated financial statements included elsewhere in this annual report for further information regarding income taxes. We have
filed or are in the process of filing local and foreign tax returns that are subject to audit by the respective tax authorities. The amount
of income tax we pay is subject to ongoing audits by the tax authorities, which often result in proposed assessments. See “Results
of Operations—Income Taxes” above.
-
86 -
While we believe that
we have adequately provided for any reasonably foreseeable outcomes related to tax audits and settlement, our future results may include
favorable or unfavorable adjustments to our estimated tax liabilities in the period the assessments are made or resolved, audits are closed
or when statutes of limitation on potential assessments expire.
| ITEM 6. |
DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES |
A.
Directors and Senior Management
The following table lists
our current directors and senior management:
|
Name
|
Age
|
Position
|
|
Yehuda Zisapel (1) |
81 |
Chairman of the Board of Directors |
|
Yair Tauman (1)(2)(3)(4) |
74 |
Director |
|
Stanley B. Stern (2)(4)(6) |
65 |
Director, Chairman of the Audit Committee |
|
Naama Zeldis (2)(3)(4)(5) |
59 |
Director |
|
Gabi Seligsohn (2)(3)(6) |
56 |
Director, Chairman of the Compensation Committee |
|
Yuval Cohen (1)(2)(3)(4) |
60 |
Director |
|
Meir Moshe(2)(5) |
68 |
Director |
|
Roy Zisapel (5) |
52 |
President, Chief Executive Officer and Director |
|
Guy Avidan |
60 |
Chief Financial Officer |
|
Yoav Gazelle |
53 |
Chief Business Officer |
|
David Aviv |
67 |
Chief Technology Officer |
|
Gabi Malka |
47 |
Chief Operating Officer |
|
Sharon Trachtman |
54 |
Chief Marketing Officer |
|
Riki Goldreich |
46 |
Chief People Officer |
(1) Term as director
expires at the annual meeting of shareholders to be held in 2024.
(2)
Qualified as an independent director, as determined under the Nasdaq
rules.
(3) Serves on
the Compensation Committee of the Board of Directors.
(4) Serves on
the Audit Committee of the Board of Directors.
(5)
Term as director expires at the annual
meeting of shareholders to be held in 2025.
(6) Term as director
expires at the annual meeting of shareholders to be held in 2023.
-
87 -
Yehuda Zisapel, co-founder
of our Company, has served as a member of our Board of Directors since our inception in May 1996 and served as Chairman of our Board of
Directors from May 1996 until August 2006 and again since November 2009. In addition, Mr. Zisapel serves as a director of Radware US and
other subsidiaries. Mr. Zisapel is also a founder and a director of RAD Data Communications Ltd., a worldwide data communications company
headquartered in Israel, and BYNET Data Communications Ltd., a distributor of data communications products in Israel and serves as a director
of other private companies in the RAD-Bynet Group. See Item 4.C “Organizational Structure”. Mr. Zisapel has a B.Sc.
and a M.Sc. degree in electrical engineering as well as an Award of Honorary Doctorate (DHC-Doctor Honoris Causa) from the Technion, Israel
Institute of Technology and an M.B.A. degree from Tel Aviv University, Israel. Yehuda Zisapel is the father of Roy Zisapel, our President,
Chief Executive Officer and director.
Professor
Yair Tauman has served as a member of our Board of Directors
since October 2010 (until February 2020, as an external director). He is the Dean of the Adelson School of Entrepreneurship in the Interdisciplinary
Center (IDC) in Herzliya, Israel and was previously the Dean of the Arison School of Business in the IDC. He is also a Leading Professor
of Economics and the Director of the Stony Brook Center for Game Theory, New York. He was a professor at Tel Aviv University for 25 years
until 2009 and, prior thereto, served as a professor at the Kellogg School of Management at Northwestern University. His areas of research
include game theory and industrial organization. Professor Tauman currently serves on the board of directors of other private companies
from different sectors, including online auctions, social networking and fintech. Professor Tauman obtained his Ph.D. and M.Sc. degrees
in mathematics as well as a B.Sc. in mathematics and statistics from The Hebrew University, Israel.
Stanley
B. Stern has served
as a member of our Board of Directors since September 2020. Mr. Stern is currently the chairman of the board of directors of AudioCodes
Ltd. (Nasdaq, TASE: AUDC) (AudioCodes), a leading vendor of advanced communications software, products and productivity solutions for
the digital workplace, and serves as a member of the boards of directors of the following public companies: Ormat Technologies, Inc. (NYSE:
ORA), Ekso Bionics Holdings, Inc. (Nasdaq: EKSO). Since 2013, Mr. Stern has served as the president of Alnitak Capital, a strategic advisory
firm, engaged primarily in high-tech, alternative energy and healthcare. Previously, from 1982 until 2000 and from 2004 until 2013, Mr.
Stern served in various positions at Oppenheimer & Co., including as a Managing Director and Head of Investment Banking, Technology,
Israeli Banking and FIG. From 2002 until 2004, he was a Managing Director and the Head of Investment Banking at C.E. Unterberg, Towbin.
From January 2000 until January 2002, Mr. Stern was the President of STI Ventures Advisory USA Inc., a venture capital firm focusing on
technology investments. In the past, Mr. Stern was a board member of several public and private companies, including Given Imaging Ltd.
and Fundtech Ltd., and the chairman of the boards of directors of Tucows, Inc. and of SodaStream International Ltd., until its sale to
Pepsico in December 2018. Mr. Stern holds a B.A. degree in economics and accounting from City University of New York, Queens College,
and an M.B.A. from Harvard University.
Naama
Zeldis has served
as a member of our Board of Directors since September 2020. Ms. Zeldis served as the Chief Executive Officer of Aquarius-Spectrum Ltd.,
a private company specializing in innovative solutions for monitoring urban water pipes and detecting hidden leaks from the earliest stage,
until January 2023. Formerly, Ms. Zeldis served as Chief Financial Officer for a variety of high-tech and industrial companies, such as
Tahal Group from 2013 to 2020, Netafim Ltd. from 2005 to 2013, the Israeli subsidiary of Electronic Data Systems from 2001 to 2005 and
Radguard Ltd., formerly with the RAD-Bynet Group, from 1999 to 2001. Ms. Zeldis currently serves on the board of directors of Orbit Technologies
Ltd. (TASE: ORBI), a company specializing in satellite communications, tracking systems, airborne communication and audio managements
solutions, and on the board of directors of Aquarius Engines (A.M.) Ltd. (TASE: AQUA), a developer of a Free Piston Linear Engine, which
is integrated into a comprehensive, reliable, cost-effective, green energy generator. Ms. Zeldis has also served as a member of the boards
of directors of several other companies, including Nova Measuring Instruments Ltd. (Nasdaq: NVMI), Rafael Advanced Defense Systems Ltd.
and Metalink Ltd. She holds a B.A. degree in accounting from the Tel Aviv University and a B.A. degree in economics and an M.B.A. from
the Hebrew University in Jerusalem.
-
88 -
Gabi Seligsohn has served
as a member of our Board of Directors since May 2020. Mr. Seligsohn served as the Chief Executive Officer of Kornit Digital Ltd. (Nasdaq:
KRNT) from April 2014 through July 2018 and led its successful IPO in April 2015 and remains a Director on its board. From August 2006
until August 2013, Mr. Seligsohn served as the President and Chief Executive Officer of Nova Measuring Instruments Ltd. (Nasdaq:
NVMI). From 1998 to 2006, he served in several leadership positions in Nova. Mr. Seligsohn also served as a director of DSP Group
(Nasdaq: DSPG). Mr. Seligsohn holds an LL.B. degree from the University of Reading, England.
Yuval
Cohen has served as a member of our
Board of Directors since December 2021. He is the founding and managing partner of Fortissimo Capital Fund, a private equity fund headquartered
in Israel, that was established in 2004. From 1997 through 2002, Mr. Cohen was a General Partner at Jerusalem Venture Partners, an Israeli-based
venture capital fund, and prior thereto, he held executive positions at various Silicon Valley companies, including DSP Group, Inc. (Nasdaq:
DSPG) and Intel Corporation (Nasdaq: INTC). Currently, Mr. Cohen serves as the chairman of the board of directors of Kornit Digital Ltd.
(Nasdaq: KRNT). He also serves on the board of directors of several privately-held portfolio companies of Fortissimo. Mr. Cohen holds
a B.Sc. degree in industrial engineering from the Tel Aviv University and an M.B.A. from Harvard University.
Meir
Moshe has served as a member of our Board of Directors
since May 2022. Mr. Moshe has held senior positions in the financial sector over the past four decades, including as our Chief Financial
Officer from 1999 to 2016 and as our interim Chief Financial Officer from June 2021 to February 2022. Mr. Moshe has served as a director
and member of the audit committee in multiple public companies, including Ability Inc. (from 2016 to 2017), Carasso Motors Ltd. (from
2018 to 2019) and Albert Technologies Ltd. (from 2018 to 2019). He currently provides consulting services to public companies. He holds
a B.Sc. degree in economics and accounting from Tel Aviv University, Israel and is a certified public accountant.
Roy
Zisapel, co-founder of our Company,
has served as our President and Chief Executive Officer and a director since our inception in May 1996. Mr. Zisapel also serves
as a director of Radware US and other subsidiaries. From 1996 to 1997, Mr. Zisapel was a team leader of research and development projects
for RND Networks Ltd. From 1994 to 1996, Mr. Zisapel was employed as a software engineer for unaffiliated companies in Israel. Currently,
Mr. Zisapel serves on the board of directors of Israel Acquisitions Corp (NASDAQ: ISRL). Mr. Zisapel also serves as a
director of Rad Data Communications Ltd., a private company in the RAD-Bynet Group. Mr. Zisapel has
a B.Sc. degree in mathematics and computer science from Tel Aviv University, Israel. Roy Zisapel is the son of Yehuda Zisapel, who is
the Chairman of the Board of Directors of the Company, and Nava Zisapel, who is one of our major shareholders.
-
89 -
Guy
Avidan has served as our Chief Financial Officer since
February 2022. Prior to joining Radware, he was with Kornit Digital, where he served as President at KornitX from November 2020 to November
2021 and as Chief Financial Officer from November 2014 to November 2020, in which role he led Kornit to its initial public offering on
Nasdaq. Prior to joining Kornit Digital, Mr. Avidan was Vice President of Finance and Chief Financial Officer at AudioCodes (NASDAQ:
AUDC). In addition, Mr. Avidan has 15 years of experience serving in various other executive capacities, including co-President and Chief
Financial Officer at MRV Communications, Inc. (NASDAQ: MRVC), as well as Vice President of Finance and Chief Financial Officer at Ace
North Hills, which was acquired by MRV Communications. Mr. Avidan is a certified public accountant and holds a B.A. degree in economics
and accounting from Haifa University in Israel.
Yoav
Gazelle has served as our Chief Business Officer since
January 2022 and as our Vice President, International Sales since January 2019. Prior to that, Mr. Gazelle served as our Vice President,
EMEA & CALA from June 2013 to January 2019. Prior to joining Radware, between 2000 and 2013, Mr. Gazelle held a variety of sales,
marketing and business development positions in ECI Telecom Ltd., including President, Head of Europe and the Americas from January 2012
to March 2013. Mr. Gazelle holds a B.Sc. degree in electrical and electronic engineering from the Technion – The Israeli Institute
of Technology, Israel.
David
Aviv has served as our Chief Technology Officer since 2016
and as our Vice President, Advanced Services, since 2004. Mr. Aviv oversees the technology strategy
for the Company’s solutions for enterprise, carrier and cloud solutions and is involved in researching and developing key algorithms
and concepts that will guide the direction of the Company’s future solutions. Prior to joining Radware, he was the VP of Engineering
at Ofek, an Israel-based ILEC and a senior consultant. Prior to that, until 2000, Mr. Aviv served in the Israeli Air Force as a senior
technical leader. He also serves as the Technical Chairman of the Israeli Telecom Standards Body committee. Mr. Aviv holds a Ph.D.
degree in Electrical Engineering (EE) from the Naval Postgraduate School in Monterey, California, a B.S. degree in Electrical Engineering
from Ben-Gurion University and an M.S. degree in Electrical Engineering from Tel Aviv University, Israel.
Gabi
Malka has served as our Chief Operating
Officer since March 2014. Mr. Malka oversees product management, research & development, cloud services, and customer support. From
May 2005 to February 2014, Mr. Malka served as Vice President of Research & Development at HP Software (formerly Mercury). Prior to
HP Software, from 2000 to 2005, Mr. Malka served as Vice President of Research & Development of AppStream (acquired by Symantec).
Prior to AppStream, from 1998 to 2000, Mr. Malka directed Research & Development at Amdocs Limited. Mr. Malka holds a B.A. from American
InterContinental University and has furthered his post-graduate education at Tel Aviv University (Lahav Business School) and Harvard Business
School.
-
90 -
Sharon
Trachtman has served as our Chief Marketing Officer since
February 2021. In parallel she continues to serve as our Chief Business Operation Officer. Ms. Trachtman has been with our Company since
its start of operations in 1997. Since September 1997 she held various senior positions in Radware, such as Product Management Vice President
and Marketing Vice President. From November 1994 to September 1997, Ms. Trachtman was a product line marketing manager for Scitex
Corporation. Ms. Trachtman holds a B.A. degree in computer science and philosophy from Bar-Ilan University, Israel.
Riki
Goldreich has served as our Global VP HR since 2016 and
as our Chief People Officer since 2022. Ms. Goldriech brings more than 13 years of human resources experience to her role. Prior to Radware,
Ms. Goldriech managed the human resources function at Hewlett-Packard Enterprise (HPE) Software in Israel. Ms. Goldriech has also held
multiple human resources posts at HPE Israel. Ms. Goldriech holds a B.Sc. degree in computer science and logistics-economics and an MBA
from Bar-Ilan University.
Additional Information
Under Nasdaq requirements,
a majority of the members of our Board of Directors are required to be “independent” as defined under the Nasdaq rules. We
currently satisfy this requirement because six of our eight directors (namely, Mr. Stanley Stern, Prof. Yair Tauman, Mr. Gabi Seligsohn,
Ms. Naama Zeldis, Mr. Yuval Cohen and Mr. Meir Moshe) qualify as “independent directors” under the Nasdaq rules.
Yehuda Zisapel, the Chairman
of the Board of Directors, co-founder of the Company, and a shareholder of our Company, is the father of Roy Zisapel, our President, Chief
Executive Officer and director. In accordance with the Companies Law, Mr. Zisapel’s service as our Chairman was approved by our
shareholders in November 2020. There are no other family relationships between any of the directors or members of senior management named
above.
We are not aware of
any arrangements or understandings with major shareholders, customers, suppliers or others, pursuant to which (1) any person referred
to above was selected as a director or member of senior management or (2) any director will receive compensation by a third party in connection
with his or her candidacy or board service in the Company.
B.
Compensation
General
Our objective is to attract,
motivate and retain highly skilled personnel who will assist Radware to reach its business objectives, performance and the creation of
shareholder value and otherwise contribute to our long-term success. Our compensation policy for our executive officers and directors,
or the Compensation Policy, which is approved by our shareholders, is designed to correlate executive compensation with our objectives
and goals.
The following table sets
forth all salaries, fees, commissions and bonuses and pension retirement and other similar benefits we paid or accrued with respect to
all of our directors and officers as a group for the 2022 fiscal year. The table does not include any amounts we paid to reimburse any
of our affiliates for costs incurred in providing us with services during such period.
-
91 -
|
Salaries, fees, commissions and bonuses |
Pension, retirement and other similar benefits |
|||||||
|
2021 - All directors and officers as a group, consisting of 13
persons* |
$ |
3,864,790 |
$ |
531,240 |
||||
|
2022 - All directors and officers as a group, consisting of 14
persons** |
$ |
3,307,407 |
$ |
527,559 |
||||
* Includes three persons who served as our
officers in 2021 and are no longer serving as our officers and one director who was appointed during 2021.
** Includes one person who served as our
officer in 2022 and is no longer serving as our officer and one director who was appointed during 2022.
During 2022, we granted to our directors
and officers listed in Item 6.A “Directors, Senior Management and Employees”, in the aggregate, 763,150 RSUs at a weighted
average grant date fair value per RSU of $15.19 and options to purchase 228,700 ordinary shares at a weighted average exercise price per
share of $24.78. The options expire sixty-two months after grant. The weighted average grant date fair value of these options was $6.70 per
option.
For a discussion of the
accounting method and assumptions used in valuation of such share-based compensation, see Note 2(s) to our consolidated financial statements
included elsewhere in this annual report. See also Item 6.E “Share Ownership”.
For a discussion of the
compensation granted to our five most highly compensated executive officers during 2022, see “Compensation of Executive Officers”
below, and for a discussion of the compensation paid to our non-employee directors, see “Compensation of Directors” below.
We currently hold directors
and officers liability insurance with an aggregate coverage limit of $35 million, including side A coverage. In addition, we provide our
directors and officers indemnification pursuant to the terms of a Letter of Indemnification substantially in the form approved by our
shareholders.
-
92 -
Compensation of Executive Officers
The table and summary
below outline the compensation granted to our five most highly compensated executive officers during or with respect to the year ended
December 31, 2022. We refer to the five individuals for whom disclosure is provided herein as our “Covered Executives.”
For purposes of the table
and the summary below, “compensation” includes base salary, bonuses, equity-based compensation, retirement or termination
payments, benefits and perquisites such as car, phone and social benefits, and any undertaking to provide such compensation. All amounts
reported in the table are in terms of cost to the Company, as recognized in our financial statements for the year ended December 31, 2022.
|
Name and Principal Position (1) |
Year |
Salary |
Bonus (including Sales Commissions) (2) |
Equity-Based |
All Other |
|
|
Compensation (3) |
Compensation (4) |
Total | ||||
|
(US$
In Thousands )
| ||||||
|
Roy Zisapel, President, Chief Executive Officer and Director
|
2022 |
452 (5) |
382 (6) |
2,327 |
140* |
3,301 |
|
Guy Avidan, Chief Financial Officer |
2022 |
278 |
72 |
1,475 |
68 |
1,893 |
|
Yoav Gazelle, Chief Business Officer |
2022 |
239 |
228 |
1,250 |
39 |
1,756 |
|
Gabi
Malka, Chief Operating Officer |
2022 |
321 |
85 |
557 |
79 |
1,042 |
|
David Aviv, Chief Technology Officer |
2022 |
304 |
64 |
489 |
71 |
928 |
| (1) |
Unless otherwise indicated herein, all Covered Executives are (i) employed on a full-time (100%) basis; and (ii) subject to customary
confidentiality, intellectual property assignment and non-solicitation provisions as well as an undertaking not to compete with us or
in our field of business for at least 12 months following termination of employment. |
| (2) |
Amounts reported in this column represent annual bonuses, including sales commissions. Consistent with our Compensation Policy, such
bonuses are based upon (i) for non-sales executive officers - achievement of milestones and targets
and the measurable results of the Company, as compared to our budget and/or work plan for the relevant year. The bonus (of up to 10% of
the annual bonus) is based on the achievement and performance of pre-determined key performance indicators (KPIs), and, in any event,
not to exceed the amount of two hundred (200%) of the base salary; and (ii) for sales executive officers - achievement of targets of revenues
generated by the individual and/or his/her team or division and/or the Company and in any event, not to exceed the amount of four annual
base salaries of such executive. |
-
93 -
| (3) |
Amounts reported in this column represent the grant date fair value in accordance with accounting guidance for share-based compensation.
For a discussion of the assumptions used in reaching this valuation, see Note 2(s) to our consolidated financial statements included elsewhere
in this annual report. |
| (4) |
Amounts reported in this column include benefits and perquisites, including those mandated by applicable
law. Such benefits and perquisites may include, to the extent applicable to the Covered Executive, payments, contributions and/or allocations
for savings funds (e.g., Managers Life Insurance Policy), education funds (“keren hishtalmut”), pension, severance, vacation,
car or car allowance, medical insurances and benefits, risk insurances (e.g., life or work disability insurance), phone, convalescence
or recreation pay, relocation, payments for social security, tax gross-up payments and other benefits and perquisites consistent with
Radware's guidelines. Unless otherwise indicated herein, all Covered Executives (i) are entitled to a notice period of at least one month
prior to termination (other than termination for cause), during which they are generally entitled to all compensation and rights under
their employment agreements; and (ii) are not entitled to any special bonuses or benefits upon a change of control of our Company, other
than a potential acceleration of the vesting of their share options pursuant to our equity incentive plan, as more fully described in
Item 6.E “Share Ownership” |
| (5) |
As approved by our shareholders on July 28, 2022, as of such date, Mr. Roy Zisapel’s gross base salary increased from $400,000
to $450,000 and his annual bonus increased from $400,000 to $600,000 (however, the actual payout, based on performance, could reach $900,000
for overperformance). Prior to July 28, 2022, Mr. Zisapel’s annual salary was $400,000, which was impacted by the $/NIS exchange
rate from the date of the Annual General Meeting of Shareholders in 2012 where Mr. Zisapel’s salary was approved to the average
$/NIS exchange rate in 2022. |
| (6) |
Consistent with our Compensation Policy, and as approved by our shareholders on July 28, 2022, Mr. Roy Zisapel is entitled to an
annual bonus of up to $600,000 (however, the actual payout, based on performance, could reach $900,000 for overperformance). |
*
Social contributions paid in Israel are denominated in NIS whereas our functional currency is dollars and therefore fluctuations in dollar
amounts may be attributed to exchange rate fluctuations.
As approved by our shareholders
on July 28, 2022, the terms of compensation of Roy Zisapel, our President, Chief Executive Officer and director, were modified, such that,
commencing July 28, 2022, (i) his gross base salary is $450,000 per annum (payable in NIS); (ii) his annual bonus is $600,000 (payable
in NIS) for on-target (100%) performance; however, the actual payout, based on performance, could reach $900,000 for overperformance (or
the equivalent in NIS); and (iii) he is entitled to annual grants of a combination of time-based restricted share units (the “CEO
RSUs”), performance-based restricted share units (the “CEO PSUs”), and performance-based share options (the “CEO
PSOs”), with a total grant value of $7.725 million, $5.0 million and $5.0 million, for 2022, 2023 and 2024, respectively. For additional
details, see Proposal 3 of the Proxy Statement filed as Exhibit 99.2 to the Report of Foreign Private Issuer on Form 6-K we submitted
to the SEC on June 23, 2022.
Compensation of Directors
Our non-employee directors are entitled
to the following compensation: (i) annual compensation in the amount of NIS 120,800 (equivalent to approximately $33,556, based on the
exchange rate published by the Bank of Israel on March 10, 2023, which was NIS 3.60 = $1.00) per year of service; (ii) per meeting
remuneration of NIS 3,600 (equivalent to approximately $1,000, based on the exchange rate published by the Bank of Israel on March 10,
2023, which was NIS 3.60 = $1.00) for each board or committee meeting attended, provided that the director is a member of such committee;
(iii) compensation for telephonic participation in board and committee meetings (where other members physically attend) in an amount of
60% of what is received for physical participation; and (iv) compensation for board and committee meetings held via electronic means without
physical participation in an amount of 50% of what is received for physical meetings. All amounts payable under items (i), (ii), (iii)
and (iv) above are subject to adjustment for changes in the Israeli consumer price index after December 2007 and changes in the amounts
payable pursuant to Israeli law from time to time.
-
94 -
In addition, our non-employee
directors are entitled to a grant of options under our share option plans to purchase 20,000 ordinary shares for each year in which such
non-employee director holds office. The options are granted for three years in advance, and therefore
every director receives an initial grant of options to purchase 60,000 ordinary shares that vest
over a period of three years, with a third (20,000) to vest upon each anniversary of service, provided that the director still serves
on the Company’s Board of Directors on the date of vesting. The grant is made on the date of the director’s election (or the
date of commencement of office, if different), and thereafter, every three years, if reelected, an additional grant of options to purchase
an additional 60,000 ordinary shares will be made on the date of each annual meeting in which such director is reelected. The exercise
price of all options shall be equal to the fair market value of the ordinary shares on the date of the grant (i.e., an exercise price
equal to the market price of our ordinary shares on the date of the annual meeting approving the election or reelection of a director
or the date of commencement of office, if different).
C.
Board Practices
Introduction
Since we are incorporated
as an Israeli company, we are subject to the provisions of the Companies Law and the regulations adopted thereunder. In addition, since
our ordinary shares are listed on the Nasdaq Global Select Market, we are also subject to the Nasdaq rules.
According to the Companies
Law and our Articles of Association, the oversight of the management of our business is vested in our Board of Directors. Our Board
of Directors may exercise all powers and may take all actions that are not specifically granted to our shareholders. As part of its powers,
our Board of Directors may cause us to borrow or secure payment of any sum or sums of money for our purposes, at times and upon terms
and conditions as it determines, including the grant of security interests in all or any part of our property.
Our
Articles of Association provide for a Board of Directors of not less than five and not more than nine directors. Currently, our
Board of Directors consists of eight directors. In accordance with
current Nasdaq requirements, nominees for election as directors are approved and recommended to the Board of Directors by a majority of
our independent directors.
Under
the Companies Law, our Board of Directors is required to determine the minimum number of directors having accounting and financial expertise,
as defined in regulations promulgated under the Companies Law, that our Board of Directors should have. In determining the number
of directors required to have such expertise, the Board of Directors must consider, among other things, the type and size of the company
and the scope and complexity of its operations. Our Board of Directors has determined that we require at least one director with the requisite
financial and accounting expertise and that Ms. Naama Zeldis has such expertise.
-
95 -
Staggered
Board
In accordance with the
terms of our Articles of Association, our Board of Directors is divided into three classes with each class of directors serving until,
generally, the third annual meeting following their election as follows:
|
Class |
Term expiring at
the annual meeting for the year |
Directors | ||
|
Class III |
2023 |
Gabi Seligsohn and Stanley Stern | ||
|
Class I |
2024 |
Yehuda Zisapel, Yair Tauman and Yuval Cohen | ||
|
Class II |
2025 |
Roy Zisapel, Naama Zeldis and Meir Moshe |
At each annual meeting
of shareholders after the initial classification, the successors to directors whose terms will then expire will be elected to serve from
the time of election and qualification until the third annual meeting following such election. Directors are elected by a simple
majority of the votes cast by our shareholders at an annual general meeting, whereas a director’s removal from office requires the
vote of at least 75% of the voting power represented at the general meeting. Any additional directorships resulting from an increase in
the number of directors will be distributed among the three classes so that, to the nearest extent possible, each class will consist of
one-third of the directors. This classification of our Board of Directors may have the effect of delaying or preventing changes in control
or management of our Company.
For
a description of how long our directors and officers have served in their current positions, please see Item 6.A “Directors and
Senior Management.”
External
Directors and Israeli Relief Regulations
Under the Companies Law,
companies incorporated under the laws of Israel whose shares are listed for trading on a stock exchange or have been offered to the public
in or outside of Israel, are required to appoint at least two external directors. However, pursuant to Israeli regulations promulgated
under the Companies Law, companies whose shares are traded on specified non-Israeli stock exchanges, including Nasdaq, and which
do not have a controlling shareholder, such as Radware, may elect to opt out of the requirement to maintain external directors as
well as elect to opt out of the composition requirements under the Companies Law with respect to the audit and compensation committees.
-
96 -
Consistent with the aforesaid
relief regulations, in February 2020, we elected to opt out from the requirement to appoint external directors and from the composition
requirements for the audit and compensation committees under the Companies Law. Our eligibility to opt out is conditioned upon: (i) the
continued listing of our ordinary shares on the Nasdaq (or one of a few other specified non-Israeli stock exchanges); (ii) there not being
a controlling shareholder of our Company; and (iii) our compliance with the SEC rules and Nasdaq requirements as to the composition of
(a) our board of directors (which requires that we maintain a majority of independent directors on our board of directors) and (b) the
audit and compensation committees of our board of directors (which, subject to certain exceptions, requires that such committees consist
solely of independent directors (at least three and two members, respectively), as described under the Nasdaq rules).
Our election to exempt
our Company from compliance with the external director and audit and compensation committee requirements can be reversed at any time by
our Board of Directors, in which case we would need to hold a shareholder meeting to once again appoint external directors, whose election,
by a special majority, would initially be for a three-year term.
Our
Committees
The Board of Directors
appoints committees to help carry out its duties. Each committee reports the results of its meetings to the full Board of Directors. The
Board of Directors established an Audit Committee and a Compensation Committee and, from time to time, establishes other “ad-hoc"
committees of members of the Board of Directors for specific duties or assignments and limited duration.
Audit
Committee
Our
ordinary shares are listed on the Nasdaq Global
Select Market, and we are subject to the Nasdaq rules applicable to listed companies. Under the
Nasdaq rules, we are required to have an audit committee consisting of at least three independent directors, all of whom are financially
literate and one of whom has accounting or related financial management expertise. To the extent a company is required to appoint external
directors, the audit committee must include all of the external directors and comply with additional requirements as to the composition
thereof under the Companies Law. However, when we elected to exempt our Company from the external director requirement, we concurrently
elected to exempt our Company from all of such requirements.
Our Board has determined
that all directors serving on our Audit Committee (namely, Mr. Stanley Stern, Ms. Naama Zeldis, Prof. Yair Tauman and Mr. Yuval Cohen)
meet the independence standards required of Audit Committee members by the Securities Exchange Act of 1934, as amended (the “Exchange
Act”) and the Nasdaq rules. In addition, the Board of Directors has determined that Ms. Naama Zeldis is considered an “audit
committee financial expert” (as defined by SEC rules).
In accordance with the
Nasdaq rules, our Audit Committee has adopted a charter that sets forth the Audit Committee’s purpose and responsibilities, which
include, among other things, (1) assisting the Board of Directors in fulfilling its responsibility for oversight of the quality and integrity
of our accounting, auditing and financial reporting practices and financial statements and the independence qualifications and performance
of our independent auditors, and (2) selecting, evaluating and, where appropriate, recommending to replace the independent auditors (or
to nominate the independent auditors subject to shareholder approval) and pre-approving audit engagement fees and all permitted non-audit
services and fees. Our Audit Committee must also review and approve all related party transactions specified under Item 7.B “Related
Party Transactions” of Form 20-F.
-
97 -
In accordance with the
Companies Law, the duties of our Audit Committee, in addition to the requirements imposed by the Nasdaq rules, include, among other things,
(1) identifying irregularities in the business management of the Company, including in consultation with the internal auditor and/or the
Company’s independent accountants, and recommending remedial measures to the Board of Directors, (2) reviewing, and, where appropriate,
approving certain interested party transactions specified under the Companies Law, as more fully described in Exhibit 2.1 to this annual
report under the heading “Approval of Specified Related Party Transactions under Israeli Law,” and (3) examining and monitoring
the work of our internal auditor.
Our Audit Committee also
functions as our Qualified Legal Compliance Committee, or the QLCC. In its capacity as the QLCC, our Audit Committee is responsible for
investigating reports of perceived material violations of U.S. federal or state securities laws, breaches of fiduciary duty or similar
violations by our officers, directors, employees or any of our agents.
Compensation
Committee
Pursuant to applicable
Nasdaq rules, the compensation payable to a company’s chief executive officer and other executive officers must generally be approved
by a compensation committee comprised solely of independent directors. To the extent a company is required to appoint external directors,
the compensation committee must include all of the external directors and comply with additional requirements as to the composition thereof
under the Companies Law. However, when we elected to exempt our Company from the external director requirement, we concurrently elected
to exempt our Company from all of such requirements.
Under the Companies Law,
the role of the compensation committee includes recommending to the Board of Directors, for ultimate shareholder approval by a special
majority, a policy governing the compensation of office holders based on specified criteria; reviewing, from time to time, modifications
to the compensation policy and examining its implementation; approving the actual compensation terms of office holders prior to approval
thereof by the Board of Directors; and resolving whether to exempt the compensation terms of a candidate for chief executive officer from
shareholder approval. The Companies Law defines the term “office holder” of a company to include a director, the chief executive
officer, the chief financial officer, a vice president and any officer of the company that reports directly to the chief executive officer.
Pursuant to its charter,
our Compensation Committee is authorized to make decisions regarding executive compensation and terms and conditions of employment, to
follow market trends and provide recommendations to the Board of Directors in connection with the Company’s general compensation
philosophy and policies, as well as to recommend that the Board of Directors issue options under our share option plans. The Compensation
Committee reviews, recommends and determines, on behalf of the Board of Directors, the amounts and types of compensation to be paid to
the Company’s Chief Executive Officer and other executive officers.
-
98 -
Our Compensation Committee
currently consists of Mr. Gabi Seligsohn, Prof. Yair Tauman, Ms. Naama Zeldis and Mr. Yuval Cohen, all of whom are independent directors.
Nomination
of Directors
Our independent directors
consider and approve nominations of individuals for election by shareholders to serve on our Board of Directors.
Board
and Committee Meetings
The
table below describes the number of meetings and attendance rates of our Board of Directors, Audit Committee and Compensation Committee
in 2022*:
|
Name of Body |
No. of Meetings in 2022 |
Average Attendance Rate** |
||||||
|
Board of Directors |
18 |
|||||||