ITEM
1. BUSINESS
Recent
Reverse Merger
On
July 1, 2022 (the “Closing Date”) the Company, then known as Cipherloc Corporation, a Delaware corporation, completed its
acquisition (“Business Combination”) of all the outstanding equity securities of SideChannel, Inc., a Massachusetts corporation
pursuant to an Equity Securities Purchase Agreement dated May 16, 2022 (the “Purchase Agreement”). On September 9, 2022,
SideChannel, Inc. the acquired Massachusetts corporation and a subsidiary of the registrant, changed its name to SCS, Inc. (the “Subsidiary”
or “SCS”) and Cipherloc Corporation, the Delaware parent company of the subsidiary has changed its name to SideChannel, Inc.
The
transaction was accounted for as a reverse acquisition in accordance with accounting principles generally accepted in the United States
of America (“GAAP”). Under this method of accounting, SCS was deemed to be the accounting acquirer for financial reporting
purposes. This determination was primarily based on the facts that, immediately following the Business Combination: (1) the majority of the Board of Directors of the combined company will be composed of directors designated by the Sellers under the terms of the Purchase Agreement;
and (2) existing members of SCS management constituted the management of the combined company. Because SDS has been determined to be
the accounting acquirer in the Business Combination, but not the legal acquirer, the transaction is deemed a reverse acquisition under
the guidance of the Financial Accounting Standards Board (“FASB”) Accounting Standards Codification (“ASC”) Topic
805, Business Combinations. As a result, the historical financial statements of SideChannel are the historical financial statements of
the combined company.
Following
the closing of the Business Combination, SCS, Inc. became a wholly owned subsidiary of the Company. As used herein, the words “the
Company” refers to, for periods following the Business Combination, SideChannel, together with its subsidiaries, and for periods
prior to the Business Combination, SideChannel Inc., and its direct and indirect subsidiaries, as applicable.
On
August 2, 2022, the Company changed its ticker symbol from CLOK to SDCH.
Business
Overview & Strategy
The
Company is a provider of cybersecurity services and technology to middle market companies. The Company’s website is www.sidechannel.com.
Our
mission is to make cybersecurity easy and accessible for mid-market and emerging companies, a market that we believe is currently underserved.
We believe that our cybersecurity offerings will reduce risks for our customers through identifying and developing cybersecurity, privacy,
and risk management solutions. We anticipate that our target customers will continue to need cost-effective security solutions beginning
with but not limited to what we refer to as virtual Chief Information Security Officer services (“vCISO” or “vCISO
Services”). We also have announced development of a new software product, Enclave, that we believe offers mid-market and emerging
companies the means to simplify several crucial cybersecurity infrastructure procedures, including encryption, microsegmentation and
access control (“Enclave”).
Our
strategy focuses on growth from these three areas
|
1. |
Securing new vCISO clients |
|
2. |
Adding new Cybersecurity
Software and Services offerings such as Enclave |
|
3. |
Increasing adoption of
Cybersecurity Software and Services offerings at vCISO clients, including Enclave |
In
support of securing new vCISO clients, we expanded the sales and marketing team from one dedicated person to five during the fiscal quarter
ended during September 30, 2022. On October 27, 2022, we announced that during the same fiscal quarter we acquired six (6) new clients
with potential annual revenue of $1.3 million. vCISO engagements are typically twelve (12) month engagements containing a monthly subscription
and an annual renewal option. Hourly rates for vCISO time and material projects range from $350 to $400. Each of our vCISO’s is
generally embedded into the C-suite executive teams of two (2) to four (4) of our clients.
We
have implemented an account management organization responsible for delivering services and software to our clients. Our vCISO’s
and the security and privacy engineers that support them are part of our account management organization. As this team delivers vCISO
Services for our clients, we often identify projects to implement and maintain programs that reduce cybersecurity risks which expand
our scope of work and increase our revenue generating potential. Similarly, as this team delivers a new cybersecurity service or installs
cybersecurity software at a client, we often learn about opportunities to improve the protection of our clients’ digital assets
through additional service and software engagements.
Our
vCISO engagements provide our clients with the C-suite cybersecurity leadership needed to effectively mitigate cybersecurity risks and
support ongoing operation of critical business functions. This strategic cybersecurity leadership will often result in additional statements
of work for SideChannel to deliver the Cybersecurity Software and Services needed to address gaps in our clients’ cybersecurity
framework. We track revenue and other key performance indicators using the vCISO Services category and Cybersecurity Software and Services
category. Detail on the performance of these categories is discussed in our Management’s Discussion and Analysis of Financial Condition
and Results of Operations in Part II, Item 7 later in this filing.
We
currently provide Cybersecurity Software and Services and intend to increase our delivery of more tech-enabled services to address the
needs of our customers, including:
|
● |
Additional Virtual Chief
Information Security Officers |
|
● |
Zero trust |
|
● |
Third-party risk management |
|
● |
Due diligence |
|
● |
Privacy |
|
● |
Threat intelligence, and |
|
● |
Managed end-point security
solutions |
We
now have over 20 C-suite level information security officers, who possess combined experience of over 400 years in the industry. Since
inception, SideChannel has created over 50 multi-layered cybersecurity programs for its clients.
We
believe that our customers, and prospective customers, in the mid-market will favor our approach, as it provides them with an efficient
way to work with a single vendor to manage and oversee their cybersecurity programs. We also believe that our approach will reduce our
customers’ overall security costs and streamline their ability to increase their sales, reduce regulatory risks and monitor their
risk posture.
We
believe that we provide a full range of cybersecurity solutions through our employees, and through our network of subcontractors, and
our array of partnerships with third party service providers and software companies. We work with our clients to help them select the
right cybersecurity tools, products, and solutions. We believe that our use of a combination of employees and subcontractors allows us
to cost effectively grow our client base and broaden the subject matter expertise on our bench while maintaining the agility needed to
move directly into implementation of projects, which we believe reduces the risk to our customers. Our subcontractors also provide us
with sales leads and referrals, and may resell our services to their own client base.
Enclave,
A SideChannel Proprietary Software Product
We
are developing products and services around our unique insight into mid-market and emerging companies. During September 2022, SideChannel
announced a proprietary product, Enclave, which simplifies a particularly important cybersecurity task called “microsegmentation”.
Industry standard cybersecurity and risk management frameworks, such as National Institute of Standards and Technology Cybersecurity
Framework (“NIST CSF”) and Center for Internet Security Controls (“CIS”), prioritize inventory of assets and
access control as top requirements for a sustainable and compliant cybersecurity program. CIS version 8 controls call for organizations
to:
|
● |
Control
1 - “Establish and maintain an accurate, detailed, and up-to-date inventory of all enterprise assets with the potential to
store or process data”, |
|
● |
Control
2 - “Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that
only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation
or execution.” |
|
● |
Control
3 - “Configure data access control lists based on a user’s need to know. Apply data access control lists, also known
as access permissions, to local and remote file systems, databases, and applications.” |
We
built Enclave to address these extremely critical cybersecurity controls along with many others. Enclave seamlessly combines access control,
microsegmentation, encryption and other secure networking concepts to create a comprehensive solution. It allows Information Technology
(IT) to easily segment the enterprise network, place the right staff in those segments and direct traffic. Unlike open, traditional models,
Enclave allows for near-limitless micro-segmented networks to operate insulated from one another.
According
to statistics published by Varonis, a global data protection company, organizations with a zero-trust approach to cybersecurity
saw an average breach cost $1.8 million less than organizations without. Enclave reduces the attack surface; which means there is less
surface area to search. Checkpoint’s Cloud Security Report stated, forty-three percent (43%) of breaches start with an insider;
either intentional or unintentional. Enclave reduces the time to containment by reducing the surface area visible to an intruder. This
also limits the scope of a post-event search to uncover situational facts. IBM reported that when remote work is a factor in causing
a data breach, the average cost per breach is $1.1 million higher. Add that to productivity lost waiting for network slowdowns caused
by VPN (“Virtual Private Network”) tunnels, and the costs go up even more.
Enclave
provides:
Simplified
Security Operations
|
● |
Simple,
fast, no training required. Deploy in minutes and configure in seconds. |
Enhanced
Resilience
|
● |
Gain
confidence that only authorized systems, people and data are interacting at any time. |
Capacity
to Scale and Deploy
|
● |
Deploy
and scale across virtual machines, Kubernetes containers, on premises, or in the cloud |
Real-time
Visibility of Network Flows
|
● |
Visualize
application dependencies without the need for any knowledge of the underlying architecture. |
Monitoring
& Reporting
|
● |
Enclave
stores flow records with workload context, enabling network and security teams to use this data for compliance reports. |
Stronger
Security
|
● |
Easily
deployable end-to-end encryption protects data in transit. |
Scalable
Solution
|
● |
As
your environment scales, Enclave will adapt automatically – on premises or in the public cloud. |
Further
information about Enclave is available at https://sidechannel.com/product/enclave/.
Company
History
The
Company was incorporated in the State of Texas on June 22, 1953 as American Mortgage Company. During 1996, the Company acquired the operations
of Eden Systems, Inc. (“Eden”) as a wholly owned subsidiary. Eden was engaged in water treatment and the retailing of cleaning
products. Eden’s operations were sold on October 1, 1997. On May 16, 1996, the Company changed its name to National Scientific
Corporation. From September 30, 1997 through the year ended September 30, 2001, the company aimed its efforts in the research and development
of semiconductor proprietary technology and processes and in raising capital to fund its operations and research. Effective August 27,
2014, the Company changed its name to “Cipherloc Corporation.” The Company became a Delaware corporation on September 30,
2021.
Business
Combination Between Cipherloc Corporation and SideChannel, Inc. (now known as SCS, Inc.)
Pursuant
to the Purchase Agreement, on the Closing Date, the former shareholders of the Subsidiary (the “Sellers”) exchanged all of
their equity securities in the Subsidiary for a total of 59,900,000 shares of the Company’s common stock (the “First Tranche
Shares”), and 100 shares of the Company’s newly designated Series A Preferred Stock, $0.001 par value (the “Series
A Preferred Stock”). The Sellers are entitled to receive up to an additional 59,900,000 shares of the Company’s common stock
(the “Second Tranche Shares”) at such time that the operations of the Subsidiary, as a subsidiary of the Company, achieves
at least $5.5 million in revenue (the “Milestone”) for any twelve-month period occurring after the Closing Date and before
June 30, 2026, the 48-month anniversary of the execution of the Purchase Agreement.
On
the Closing Date, the Sellers acquired approximately 40.4% of the Company’s outstanding common stock. If the Subsidiary achieves
the Milestone, and the Sellers are issued the Second Tranche Shares, and assuming that there is no other change in the number of shares
outstanding prior to the issuance of the Second Tranche Shares, the Sellers will hold a total of approximately 57.5% of the Company’s
outstanding common stock. The number of the Second Tranche Shares may be reduced or increased, based upon whether the Subsidiary’s
working capital as of the Closing Date was less than or more than $0. The number of the Second Tranche Shares may also be subject to
adjustment based upon any successful indemnification claims made by the Company pursuant to the Purchase Agreement.
The
Shares are subject to a Lock-Up/Leak-Out Agreement, pursuant to which, subject to certain exceptions, the Sellers may not directly or
indirectly offer to sell, or otherwise transfer, any of the Shares for twenty-four months after the Closing Date without the prior written
consent of the Company. Notwithstanding the foregoing, pursuant to the Lock-Up/Leak-Out Agreement, each of the Sellers may sell up to
20% of their Shares beginning twelve (12) months after the Closing Date, and the remaining 80% of their shares of Common Stock beginning
twenty-four (24) months after the Closing Date.
On
July 1, 2022, Sammy Davis and David Chasteen resigned from the Company’s Board of Directors (the “Board”). On that
date, (i) the Board appointed Deborah MacConnel and Kevin Powers to fill the vacancies resulting from those resignations. and (ii) the
Board expanded the number of members of the Board by two members and approved the appointments of Brian Haugli and Hugh Regan to fill
the new seats. Mr. Haugli’s and Mr. Regan’s appointment were effective on July 19, 2022. Ms. MacConnel, Mr. Powers, and Mr.
Regan are considered independent directors. As of July 19, 2022, the total number of members of the Board was six (6), including four
(4) independent directors.
On
July 1, 2022, the Board appointed Brian Haugli to the position of Chief Executive Officer of the Company, following the resignation of
David Chasteen from that position. Mr. Chasteen was appointed of Executive Vice President of the Company on the same date.
FASB
issues authoritative literature in the Accounting Standards Codification. ASC 805 Business Combinations (“ASC 805”) provides
guidance for accounting for mergers and acquisitions. The standard defines a business combination, including criteria for both the transaction
to qualify as a business combination and determining whether an entity is a business, and then provides details how to account for the
transaction. Applying ASC 805 to the Acquisition, the Company determined that SCS will be the accounting acquirer for financial reporting
purposes. In order to account for the acquisition, management closed the books of Cipherloc on the Closing Date, closed all equity accounts
to additional paid in capital and merged the balance sheets as of the Closing Date. SCS maintained its historical financial statements,
only consolidating Cipherloc’s assets, liabilities, and equity as of the Closing Date.
Research
and Development
Our
research and development expenditures for the fiscal years ended September 30, 2022 and September 30, 2021 were $178,000 and $0, respectively.
These costs were incurred to develop Enclave which is a product acquired in the Business Combination.
Competition
The
cybersecurity software and services market sectors are highly competitive, subject to rapid change, and significantly affected by new
product introductions and other activities of market participants.
Some
of our competitors have greater financial, technical, sales, marketing and other resources than we do. Because of these and other factors,
competitive conditions in the markets we compete in are likely to continue to intensify in the future, as participants compete for market
share. Increased competition could result in price reductions for our products and services, possibly reducing our net revenue and profit
margins and resulting in a loss of our market share, any of which would likely harm our business.
We
believe that our future results depend largely upon our ability to serve our clients and customers with the products and services described
above better than our competitors, and by offering new services and product enhancements, whether such product and service offerings
are developed internally or through acquisition. We also believe that we must provide product and service offerings that compete favorably
against those of our competitors with respect to ease of use, reliability, performance, range of useful features, reputation and price.
We
anticipate that we will face increasing pricing pressures from our competitors in the future. Since there are low barriers to entry into
the cybersecurity services and software markets, which are both subject to rapid technological change, we believe competition in our
market will persist and intensify in the future.
Intellectual
Property
Protective
Measures
We
believe that our intellectual property is an important and vital asset, which enables us to develop, market, and sell our products and
services, and enhance our competitive position. Our intellectual property includes our proprietary business and technical know-how, inventions,
works of authorship, and confidential information. To protect our intellectual property, we rely primarily upon legal rights in trade
secrets, patents, copyrights, and trademarks, in addition to our policies and procedures, security practices, contracts, and relevant
operational measures.
We
protect the confidentiality of our proprietary information by entering into non-disclosure agreements with our employees, contractors,
and other entities with which we do business. In addition, our license agreements related to our software and proprietary information
include confidentiality terms. These agreements are generally non-transferable. We also employ access controls and associated security
measures to protect our facilities, equipment, and networks.
Patents,
Copyrights, Trademarks, and Licenses
Our
products, particularly our software and related documentation, are protected under domestic and international copyright laws and other
laws related to the protection of intellectual property and proprietary rights. Currently, we have six patents filed with the U.S. Patent
and Trademark Office. We employ procedures to label copyrightable works with the appropriate proprietary rights notices, and we actively
enforce our rights in the United States and abroad. However, these measures may not provide us with adequate protection from infringement,
and our intellectual property rights may be challenged.
Our
SideChannel and Enclave logos are registered trademarks with the U.S. Patent and Trademark Office. In the United States, we can maintain
our trademark rights and renew trademark registrations for as long as the trademarks are in use.
Government
Regulation
Export
Control Regulations. We expect that all of our products will be subject to U.S. export control laws and applicable foreign government
import, export and/or use requirements. The level of such control generally depends on the nature of the products in question. Often,
the level of export control is impacted by the nature of the software and cybersecurity incorporated into our products. In those countries
where such controls apply, the export of our products may require an export license or authorization. However, even if a transaction
qualifies for a license exception or the equivalent, it may still be subject to corresponding reporting requirements. For the export
of some of our products, we may be subject to various post-shipment reporting requirements. Minimal U.S. export restrictions apply to
all our products, whether or not they perform cybersecurity functions. If we become a Department of Defense contractor in the future,
certain registration requirements may be triggered by our sales. In addition, certain of our products and related services may be subject
to the International Traffic in Arms Regulations (ITAR) if our software or services are specifically designed or modified for defense
purposes. If we become engaged in manufacturing or exporting ITAR-controlled goods and services (even if we do not export such items),
we will be required to register with the U.S. State Department.
To
date, Export Control Regulations have had no material impact on our business.
Enhancements
to our existing products may be subject to review under the Export Administration Act to determine what export classification they will
receive. In addition, any new products that we release in the future will also be subject to such review before we can export them. The
U.S. Congress continues to discuss the correct level of export control in possible anti-terrorism legislation. Such export regulations
may be modified at any time. Modifications to these export regulations could reduce or eliminate our ability to export some or all of
our products from the United States in the future, which could put us at a disadvantage in competing with companies located outside of
the U.S. Modifications to U.S. export regulations could restrict us from exporting our existing and future products. Any such modifications
to export regulations may put us at a competitive disadvantage with respect to selling our products internationally.
Privacy
Laws. We may be subject to various international, federal and state regulations regarding the treatment and protection of personally
identifying and other regulated information. Applicable laws may include U.S. federal laws and implementing regulations, such as the
GLBA and HIPAA, as well as state and international laws and regulations, including the California Consumer Privacy Act (CCPA) and the
European Union General Data Protection Regulation (GDPR). Some of these laws have requirements on the transmittal of data from one jurisdiction
to another. In the event our systems are compromised, many of these privacy laws require that we provide notices to our customers whose
personally identifiable data may have been compromised. Additionally, if we transfer data in violation of these laws, we could be subjected
to substantial fines. To mitigate the risk of having such data compromised, we use cybersecurity, software and other security procedures
to protect our databases.
Personnel
As
of November 30, 2022, we had nineteen (19) full-time employees. We also have thirteen (13) independent contractors that provide services
to us. We anticipate that we will need to increase our staffing in the foreseeable future.
ITEM
1A. RISK FACTORS
Our
business, financial condition and results of operations and the market price for our common stock are subject to numerous risks, many
of which are driven by factors that we cannot control or predict. An investment in our common stock involves a high degree of risk. You
should carefully consider the following information about these risks, together with the other information contained in this Annual Report
on Form 10-K, including the information regarding “Forward-Looking Statements” earlier in this Form 10-K immediately prior
to Part I, Item 1 and “Part II, Item 7, Management’s Discussion and Analysis of Financial Condition and Results of Operations”,
before investing in our common stock. If any of the events anticipated by the risks described below occur, our results of operations
and financial condition could be adversely affected, which could result in a decline in the market price of our common stock, causing
you to lose all or part of your investment. Additional risks that we do not yet know of, or that we currently think are immaterial, may
also affect our business and results of operations.
Risks
Related to Our Financial Position and Need for Capital
We
have incurred net losses and may never achieve profitability.
Our
likelihood of success must be considered in light of the problems, expenses, difficulties, complications and delays frequently encountered
in connection with development of a new business enterprise. Our accumulated deficit as of September 30, 2022 was $11.9 million. During
our most recent fiscal year, we incurred one-time charges of $11.9 million related to the Business Combination which is comprised of
$6.2 million of acquisition related expenses and $5.7 million of goodwill impairment. Excluding these one-time charges, our accumulated
deficit as of September 30, 2022 would have been $0.
We
cannot assure you that that any of our new products and services currently under development will be successfully commercialized, and
the extent of our future losses and the timing of any possible profitability, if ever achieved, are highly uncertain. If we are unable
to achieve profitability, we may be unable to continue our operations.
Our
ability to continue as a going concern may depend upon our ability to raise additional capital and such capital may not be available
on acceptable terms, or at all.
We
currently believe that our cash available will allow us to fund our operations into fiscal year 2024. Nevertheless, we may need to raise
additional funds in order to support expansion, develop new or enhanced products and services, hire employees, respond to competitive
pressures, acquire technologies or respond to unanticipated events or requirements before then. Our management’s plans include
attempting to improve our profitability and our ability to generate sufficient cash flow from operations to meet our operating needs
on a timely basis, obtaining additional working capital funds through equity and debt financing arrangements, and restructuring on-going
operations to eliminate inefficiencies to reduce our expenses. However, we cannot assure you that these plans and arrangements will be
sufficient to fund our ongoing capital expenditures, working capital, and other requirements. The outcome of these matters cannot be
predicted at this time. There can be no assurance that any additional financings will be available to us on satisfactory terms and conditions,
if at all. If adequate funds are not available on acceptable terms, we may be unable to develop or enhance our products and services,
take advantage of future opportunities or respond to competitive pressures or unanticipated requirements, any of which could have a material
adverse effect on our business, financial condition and operating results. If we raise additional funds through the issuance of equity
securities, or convertible debt, the percentage ownership of our stockholders will be reduced, and holders may experience dilution in
net book value per share.
The
amount of capital we may need depends on many factors, including the progress, timing, scope and market acceptance of our product development
programs; the time and cost required to obtain any necessary regulatory approvals; our ability to enter into and maintain collaborative,
licensing and other commercial relationships; and our ability to secure commitment of time and resources from third parties to the development
and commercialization of our products.
The
capital markets have been unpredictable for unprofitable companies such as ours. The amount of capital that we may be able to raise depends
on variables that are beyond our control. As a result, we may not be able to secure financing on terms acceptable to us, or at all. Even
if we are able to consummate a financing arrangement, the amount raised may not be sufficient to meet our future needs. If adequate funds
are not available on acceptable terms, or at all, our business, including our results of operations, financial condition and our continued
viability will be materially adversely affected.
If
we can raise additional funding, we may be required to do so on terms that are dilutive to our stockholders.
Our
future issuances of new equity may dilute the ownership percentage of our existing stockholders. The extent of such dilution will depend
on the number of shares issued. Neither the amount of funds that may be received in such an equity financing, nor the price per share
of our equity securities issued are known at this time.
Risks
Related to Our Business and Results of Operations
A
pandemic, epidemic or outbreak of an infectious disease, such as COVID-19, has materially affected, and may in the future materially
and adversely affect, our business and operations.
During
2021 and into 2022, the COVID-19 pandemic has interrupted our sales and marketing activities and restricted face-to-face interaction
between our representatives and our potential partners, clients and customers. This slowed the pace of our product and service development,
and the expansion of our list of prospective customers. Government actions related to any further acceleration of illness in the COVID-19
pandemic, or the emergence of a new viral outbreak, may negatively impact the adjustments we, our customers (if any), the customers of
our licensees and resellers, and our other business partners have made to resume business under the new protocols.
We depend significantly upon the continued involvement of our present management and on our ability to attract and retain talented employees.
Our
success depends significantly upon our present management, who are involved in our strategic planning and operations. Our business requires
that we successfully attract and retain talented employees and contractors. The competition for individuals with expertise in our industry
is intense, and we cannot assure that such individuals will be available to us on acceptable terms, or at all.
If
we are less successful in our recruiting efforts, or if we are unable to retain key existing employees, our ability to develop and deliver
successful products and services will be adversely affected. Effective succession planning is also important to our long-term success.
Our failure to ensure effective transfer of knowledge and smooth transitions involving key employees could hinder our strategic planning
and execution.
Our
products and services face significant competition in our markets, and if they do not compete successfully, our business will suffer.
Our
current and proposed products and services face, and will continue to face, intense competition from larger and smaller companies, as
well as from academic and research institutions. We compete in an industry that is characterized by: (i) rapid technological change,
(ii) evolving industry standards, (iii) emerging competition, and (iv) new service and product introductions. Our competitors have existing
products and technologies that will compete with our products and technologies and may develop and commercialize additional products
and technologies that will compete with our products and technologies. Some of these new products and services may have functionality
that ours do not have. Because many competing companies and institutions have greater financial resources than us, they may be able to:
(i) provide broader services and product lines, (ii) make greater investments in research and development, and (iii) carry on larger
research and development initiatives. Our competitors also generally have greater development capabilities than we do and have greater
experience in undertaking testing of products, obtaining regulatory approvals, and manufacturing and marketing their products. They also
have greater name recognition and better access to customers, clients, licensees, and resellers than we do. Our chief competitors include
companies such as Optiv, NCC, Coalfire, PwC, EY, Deloitte, and GuidePoint.
If
we are unable to develop new and enhanced products and services, or if we are unable to continually improve the performance, features,
and reliability of our existing products and services, our competitive position would weaken, and our business and operating results
could be adversely affected.
Our
future success depends on our ability to effectively respond to evolving threats to consumers and potential customers, as well as competitive
technological developments and industry changes, by developing or introducing new and enhanced products and services on a timely basis.
In the past, Cipherloc, has incurred significant research and development expenses. As a result of the Business Combination, we expect
to continue to incur research and development expenses as we strive to remain competitive, and as we focus on organic growth through
internal innovation. If we are unable to anticipate or react to competitive challenges or if existing or new competitors gain market
share in any of our markets, our competitive position would weaken, and we could experience a decline in our revenues and net income,
if any, which could adversely affect our business and operating results. Additionally, we must continually address the challenges of
dynamic and accelerating market trends, increasingly sophisticated cyber-attacks and intrusions and competitive developments. Customers
may require features and capabilities that our current products do not have. Our failure to develop new products and improve our existing
products to satisfy customer preferences and needs and effectively compete with other market offerings in a timely and cost-effective
manner will harm our ability to retain our customers (if any), and the ability of our licensees or resellers to retain their customers,
and to create or increase demand for our products, which may adversely impact our operating results. The development and introduction
of our new or enhanced products will involve a significant commitment of time and resources and will be subject to a number of risks
and challenges, including but not limited to:
|
● |
Lengthy development cycles; |
|
|
|
|
● |
Evolving industry and regulatory
standards and technological developments by our competitors and customers (if any), and the customers of our licensees and resellers; |
|
● |
Rapidly changing customer
preferences and needs; |
|
|
|
|
● |
Evolving platforms, operating
systems, and hardware products, such as mobile devices, and related product and service interoperability challenges; |
|
|
|
|
● |
Entering into new or unproven
markets; and |
|
|
|
|
● |
Executing new product and
service strategies. |
If
we are not successful in managing these risks and challenges, or if our new or improved products and services are not technologically
competitive in the market, or do not achieve market acceptance, our business and operating results would be adversely affected, our market
share would decline, and our margins would contract.
Our
operating results may vary significantly from period to period and have been unpredictable, which has and might continue to cause the
market price of our common stock to be volatile.
Our
operating results, in particular, our revenues, gross margins, operating margins, and operating expenses, have historically varied significantly
from period to period, and we expect such variation to continue as a result of a number of factors, many of which are outside of our
control and may be difficult to predict, including:
|
● |
our ability to attract
and retain customers (if any), and/or the ability of our licensees and resellers to retain customers or sell products and services; |
|
|
|
|
● |
the budgeting cycles, seasonal
buying patterns, and purchasing practices of potential customers and customers of our licensees and resellers; |
|
|
|
|
● |
price competition; |
|
|
|
|
● |
the timing and success
of our new product and service introductions by us or our competitors or any other change in the competitive landscape of our industry,
including consolidation among our competitors, licensees, resellers, clients, or customers, and strategic relationships entered into
by and between our competitors; |
|
|
|
|
● |
changes in the mix of our
services, products and support; |
|
|
|
|
● |
changes in the growth rate
of the cybersecurity technology market; |
|
|
|
|
● |
the timing and costs related
to the development or acquisition of technologies or businesses or strategic partnerships; |
|
|
|
|
● |
lack of synergy, or the
inability to realize expected synergies, resulting from any acquisitions or strategic partnerships; |
|
|
|
|
● |
our inability to execute,
complete or integrate efficiently any acquisitions that we have or may hereafter undertake; |
|
|
|
|
● |
increased expenses, unforeseen
liabilities, or write-downs and any impact on our operating results from any acquisitions we may consummate; |
|
|
|
|
● |
our ability to create sizeable
and productive distribution channels for our proprietary software; |
|
● |
decisions by potential
customers, or the customers of our licensees and resellers, to purchase cybersecurity solutions from larger, more established cybersecurity
software and service vendors, or from their sales channel partners; |
|
|
|
|
● |
timing of revenue recognition
from the delivery of existing and future statements of work; |
|
|
|
|
● |
Insolvency or credit difficulties
confronting customers (if any), our licensees and resellers, or the customers of our licensees and resellers, which could adversely
affect their ability to purchase or pay for our products and services and offerings; |
|
● |
the cost and potential
outcomes of any litigation, which could have a material adverse effect on our business; |
|
|
|
|
● |
seasonality or cyclical
fluctuations in our markets due to holiday schedules, industry events, or customer funding policies that may impact our ability to
secure new clients or deliver services to existing clients; |
|
|
|
|
● |
future accounting pronouncements
or changes in our accounting policies, including the potential impact of the adoption and implementation of the Financial Accounting
Standards Board’s new standard regarding revenue recognition; and |
|
|
|
|
● |
general macroeconomic conditions,
in some or all regions in which we operate. |
Any
one of the factors above, or the cumulative effect of some of the factors referred to above, may result in significant fluctuations in
our operating results including our revenue and net income. This variability and unpredictability could result in our failure to meet
our revenue, margin, or other operating result expectations, or those of securities analysts or investors for a particular period. If
we fail to meet or exceed such expectations for these or any other reasons, the market price of our common stock could decline substantially,
and we could face costly lawsuits, including securities class action suits.
We
face intense competition in our market, especially from larger, well-established companies, and we may lack sufficient financial or other
resources to maintain or improve our competitive position.
The
market for cybersecurity technologies is intensely competitive, and we expect competition to increase in the future from established
competitors and new market entrants. Our main competitors fall into three categories:
|
● |
large
companies that incorporate security or encryption features in their services and products, such as Google’s Cloud Platform,
Amazon’s AWS services, and Microsoft’s Azure, or those that have acquired, or may acquire, cybersecurity services, products
or technologies and have the technical and financial resources to bring competitive solutions to the market; |
|
|
|
|
● |
independent
security vendors, such as Optiv and Coalfire, that offer cybersecurity products; and |
|
● |
small
and large companies that offer cybersecurity technologies that compete with some of the features proposed for our services and products. |
Many
of our existing competitors have, and some of our potential competitors may have, substantial competitive advantages such as:
|
● |
greater
name recognition and longer operating histories; |
|
|
|
|
● |
larger
sales and marketing budgets and resources; |
|
|
|
|
● |
broader
distribution and established relationships with distributors and customers (if any), or the customers of our licensees and resellers; |
|
● |
greater
customer support resources; |
|
|
|
|
● |
greater
resources to make strategic acquisitions or enter strategic partnerships; and |
|
|
|
|
● |
greater
financial, technical, and other resources. |
In
addition, some of our larger competitors have substantially broader and more diverse product and service offerings, which may make them
less susceptible to downturns in a particular market and allow them to leverage their relationships based on other services and products
or incorporate functionality into existing services and products to gain business in a manner that discourages users from purchasing
our services, products and subscriptions, including through selling at zero or negative margins, offering concessions, product bundling,
or closed technology platforms. Many of our smaller competitors that specialize in providing protection from a single type of security
threat are often able to deliver these specialized cybersecurity or security products to the market more quickly than we can.
Organizations
that use legacy products and services may believe that these products and services are sufficient to meet their security needs, or that
our platform only serves the needs of a portion of the cybersecurity technology market. Accordingly, many organizations have invested
substantial personnel and financial resources to design and operate their networks and have established deep relationships with other
providers of cybersecurity services and products. As a result, these organizations may prefer to purchase from their existing suppliers
rather than add or switch to a new supplier such as us, regardless of product performance, features, or greater services offerings, or
may be more willing to incrementally add solutions to their cybersecurity infrastructure from existing suppliers than to replace it wholesale
with our solutions.
Conditions
in our market could change rapidly and significantly because of technological advancements, partnering or acquisitions by our competitors,
or continuing market consolidation. New start-up companies that innovate and large competitors that are making significant investments
in research and development may invent similar or superior services, products and technologies that compete with our services and products.
Some of our competitors have made or could make acquisitions of businesses that may allow them to offer more directly competitive and
comprehensive solutions than they had previously offered and adapt more quickly to innovative technologies and changing needs. Our current
and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance
their resources and reduce their expenses. These competitive pressures in our market or our failure to compete effectively may result
in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share. Any failure to meet and address these
factors could materially harm our business and operating results.
Our
future revenue and operating results will depend significantly on our ability to retain clients and customers and the ability to add
new clients and customers. Any decline in our retention rates or failure to add new clients and customers will harm our business prospects
and operating results.
We
anticipate that our future revenue and operating results will depend significantly on our ability to retain clients and customers and
our ability add new clients and customers. In addition, we may not be able to predict or anticipate accurately future trends in retention
or effectively respond to such trends. Our retention rates may decline or fluctuate due to a variety of factors, including the following:
|
● |
our clients and customers’
levels of satisfaction or dissatisfaction with our products and services; |
|
|
|
|
● |
the quality, breadth, and
prices of our products and services; |
|
|
|
|
● |
our general reputation
and events impacting that reputation; |
|
|
|
|
● |
the products and services
and related pricing offered by our competitors; |
|
|
|
|
● |
disruption by new services
or changes in law or regulations that impact the need for or efficacy of our products and services; |
|
● |
our customer service activities
and responsiveness to any customer issues; |
|
|
|
|
● |
customer dissatisfaction
if they do not receive the full benefit of our services due to their failure to provide all relevant data; |
|
|
|
|
● |
customer dissatisfaction
with the methods or sufficiency of our remediation services; and |
|
|
|
|
● |
changes in target customers’
planned spending levels as a result of general economic conditions or other factors such as inflation. |
If
we do not retain our existing clients and customers, or add new clients and customers, we may not generate revenue and/or our revenue
may grow more slowly than expected, or decline, and our operating results and gross margins will be negatively impacted. In addition,
our business and operating results may be harmed if we are unable to increase our retention rates or if they decline.
We
also must continually add new clients and customers, both to replace those who cancel or elect not to renew their agreements with us
and to grow our business beyond our current level. If we are unable to attract new clients and customers in numbers greater than number
that cancel or elect not to renew their agreements with us, our client base will decrease, and our business, operating results, and financial
condition would be adversely affected.
A
network or data security incident may allow unauthorized access to our or our end users’ network or data, harm our reputation,
create additional liability and adversely impact our financial results.
Increasingly,
companies are subject to a wide variety of attacks on their networks on an ongoing basis. In addition to traditional computer “hackers,”
malicious code (such as viruses and worms), phishing attempts, employee theft or misuse, and denial of service attacks, sophisticated
nation-state and nation-state supported actors engage in intrusions and attacks (including advanced persistent threat intrusions) and
add to the risks to internal networks, cloud deployed enterprise and customer-facing environments and the information they store and
process. Despite significant efforts to create security barriers to such threats, it is virtually impossible for us to entirely mitigate
these risks. We, and our third-party software and service providers, may face security threats and attacks from a variety of sources.
Our data, corporate systems, third-party systems and security measures and/or those of our licensees, resellers, clients, customers,
software providers, independent contractors, employees, end users may be breached due to the actions of outside parties, employee error,
malfeasance, a combination of these, or otherwise, and, as a result, an unauthorized party may obtain access to our or our customers’
data. Furthermore, as a provider of cybersecurity technologies, we may be a more attractive target for such attacks. A breach in our
data security or an attack against our service availability, or that of our third-party service providers, could impact our networks
or networks secured by our services, products and subscriptions, creating system disruptions or slowdowns and exploiting security vulnerabilities
of our services, products, and the information stored on our networks or those of our third-party service providers could be accessed,
publicly disclosed, altered, lost, or stolen, which could subject us to liability and cause us financial harm. Any actual or perceived
breach of network security in our systems or networks, or any other actual or perceived data security incident we or our third-party
service providers suffer, could result in damage to our reputation, negative publicity, loss of channel partners, licensees, resellers,
clients, customers, and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise
respond to any incident, regulatory investigations and enforcement actions, costly litigation, and other liability. In addition, we may
incur significant costs and operational consequences of investigating, remediating, eliminating and putting in place additional tools
and devices designed to prevent actual or perceived security incidents, as well as the costs to comply with any notification obligations
resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our services, products
and customer and investor confidence in our company and, moreover, could seriously harm our business or operating results.
It
is essential to our business strategy that our technology and network infrastructure remain secure and are perceived by any clients and
customers we have, and others, to be secure. Despite security measures, however, any network infrastructure may be vulnerable to cyber-attacks
by hackers and other security threats. We may face cyber-attacks that attempt to penetrate our network security, sabotage or otherwise
disable our research, products and services, misappropriate our proprietary information, or that of our licensees and resellers, or their
or our customers and partners, which may include personally identifiable information, or cause interruptions of our internal systems
and services. Any cyber-attacks could negatively affect our reputation, damage our network infrastructure and our ability to deploy our
products and services, harm our business relationships, and expose us to financial liability.
Our
services, products, systems, and website and the data on these sources may be subject to intentional disruption that could materially
harm our reputation and future sales.
Despite
our precautions and ongoing investments to protect against security risks, data protection breaches, cyber-attacks, and other intentional
disruptions of our products and services, we expect to be an ongoing target of attacks specifically designed to impede the performance
and availability of our offerings and harm our reputation as a company. Similarly, experienced computer programmers or other sophisticated
individuals or entities, including malicious hackers, state-sponsored organizations, and insider threats including actions by employees
and third-party service providers, may attempt to penetrate our network security or the security of our systems and websites and misappropriate
proprietary information or cause interruptions of our services. This risk may be increased during the current COVID-19 pandemic as more
individuals are working from home and utilize home networks for the transmission of sensitive information. Such attempts are increasing
in number and in technical sophistication, and if successful could expose us and the affected parties, to risk of loss or misuse of proprietary
or confidential information or disruptions of our business operations. While we engage in a number of measures aimed to protect against
security breaches and to minimize problems if a data breach were to occur, our information technology systems and infrastructure may
be vulnerable to damage, compromise, disruption, and shutdown due to attacks or breaches by hackers or due to other circumstances, such
as error or malfeasance by employees or third-party service providers or technology malfunction. The occurrence of any of these events,
as well as a failure to promptly remedy these events should they occur, could compromise our systems, and the information stored in our
systems could be accessed, publicly disclosed, lost, stolen, or damaged. Any such circumstance could adversely affect our ability to
attract and maintain licensees and resellers, and/or for us or our licensees and resellers to retain customers, as well as strategic
partners, cause us to suffer negative publicity, and subject us to legal claims and liabilities or regulatory penalties. In addition,
unauthorized parties might alter information in our databases, which would adversely affect both the reliability of that information
and our ability to market and perform our services. Techniques used to obtain unauthorized access or to sabotage systems change frequently,
are constantly evolving and generally are difficult to recognize and react to effectively. We may be unable to anticipate these techniques
or to implement adequate preventive or reactive measures. Several recent, highly publicized data security breaches at other companies
have heightened consumer awareness of this issue and may embolden individuals or groups to target our systems or those of our licensees,
resellers, or strategic partners, or our or their customers.
Our
products are complex and operate in a wide variety of environments, systems and configurations, which could result in failures of our
products to function as designed and negatively impact our brand recognition and reputation.
Because
we offer very complex products, errors, defects, disruptions, or other performance problems with our products may and have occurred.
For example, we may experience disruptions, outages, and other performance problems due to a variety of factors, including infrastructure
changes, human or software errors, capacity constraints due to an overwhelming number of users accessing our websites simultaneously,
fraud, or security attacks. In some instances, we may not be able to identify the cause or causes of these performance problems within
an acceptable period of time. Interruptions in our products could impact our revenues or cause licensees, resellers, clients, and customers
to cease doing business with us. Our operations are dependent upon our ability to protect our technology infrastructure against damage
from business continuity events that could have a significant disruptive effect on our operations. We could potentially lose end user/customer
data or experience material adverse interruptions to our operations or delivery of products and services to our clients in a disaster
recovery scenario. Further, our business would be harmed if any of these types of events caused our licensees, resellers, or customers,
or our licensees’ and resellers’ customers or potential customers, to believe that our products are unreliable. We believe
that our brand recognition and reputation are critical to retaining existing licensees, resellers, clients and customers, and attracting
new licensees, resellers, clients, and customers. Furthermore, negative publicity, whether or not justified, relating to events or activities
attributed to us, our employees, our strategic partners, our affiliates, or others associated with any of these parties, may tarnish
our reputation and reduce the value of our brands. Damage to our reputation may reduce demand for our products and have an adverse effect
on our business, operating results, and financial condition. Moreover, any attempts to rebuild our reputation and restore the value of
our brands after such an event may be costly and time consuming, and such efforts may not ultimately be successful.
If
our products and services do not work properly, our business, financial condition and financial results could be negatively affected,
and we could experience negative publicity, declining sales and legal liability.
We
produce complex products that incorporate leading-edge technology that must operate in a wide variety of technology environments. Software
may contain defects or “bugs” that can interfere with expected operations in these varying technological environments. There
can be no assurance that our testing programs will be adequate to detect all defects prior to the product being introduced, which might
decrease customer satisfaction with our products and services. The product reengineering cost to remedy a product defect could be material
to our operating results. Our inability to cure a product defect could result in the temporary or permanent withdrawal of a product or
service, negative publicity, damage to our reputation, failure to achieve market acceptance, lost revenue and increased expense, any
of which could have a material adverse effect on our business, financial condition and financial results.
Outages
or problems with systems and infrastructure supplied by third parties could negatively affect our business, financial condition and financial
results.
Our
business relies on third-party suppliers of the telecommunications infrastructure. We, our clients and customers and our licensees and
resellers, and their customers, will use various communications service suppliers and the global internet to provide network access between
our data centers and our customers and end-users of our services. If those suppliers do not enable us to provide our clients and customers,
or our licensees’ and resellers’ customers with reliable, real-time access to our systems (to the extent required), we may
be unable to gain or retain clients, customers, licensees and resellers. These suppliers periodically experience outages or other operational
problems as a result of internal system failures or external third-party actions. Supplier outages or other problems could materially
adversely affect our business, financial results and financial condition.
Current
global financial conditions have been characterized by increased volatility, which could negatively impact our business, prospects, liquidity
and financial condition.
Current
global financial conditions and recent market events have been characterized by increased volatility, and the resulting tightening of
the credit and capital markets has reduced the amount of available liquidity and overall economic activity. We cannot guarantee that
debt or equity financing, or the ability to generate cash from operations, will be available or sufficient to meet or satisfy our initiatives,
objectives or requirements. Our inability to access sufficient amounts of capital on terms acceptable to us for our operations will negatively
impact our business, prospects, liquidity and financial condition.
If
we experience delays and/or defaults in payments, we could be unable to recover all expenditures.
Because
of the nature of our contracts, at times we will commit resources to projects prior to receiving payments from the counterparty in amounts
sufficient to cover our expenditures on projects as they are incurred. Delays in payments may require us to make a working capital investment.
Defaults by any of our clients, customers, licensees, and resellers could have a significant adverse effect on our revenues, profitability
and cash flow. Our clients, customers, licensees, and resellers may in the future default on their obligations to us or them due to bankruptcy,
lack of liquidity, operational failure or other reasons deriving from the current general economic environment. If a client, customer,
or licensee defaults on its obligations to us or our licensee, or a licensee or reseller defaults in its payments to us, it could have
a material adverse effect on our business, financial condition, results of operations or cash flows.
Risks
Related to Our Industry
We
face intense competition.
We
expect to experience intense competition across all markets for our products and services. Our competitors that are focused on narrower
product lines may be more effective in devoting technical, marketing, and financial resources to compete with us. In addition, barriers
to entry in our businesses generally are low, and products and services, once developed, can be distributed broadly and quickly at a
relatively low cost. Open-source software vendors are devoting considerable efforts to developing software that mimics the features and
functionality of our current and anticipated products. These competitive pressures may result in decreased sales volumes, price reductions,
and/or increased operating costs, such as for marketing and sales incentives, resulting in lower revenue, gross margins, and operating
income.
Delays
in product development schedules may adversely affect our revenues.
The
development of cybersecurity products and services is a complex and time-consuming process. New products and services can require long
development and testing periods. Future revenues may include the sale of new products and services that may not yet be developed. Significant
delays in product development, including quality assurance testing or significant problems in creating new products and services, could
adversely affect our revenue recognition from new products and services. Revenue in certain reporting periods could be lower than anticipated
because product development problems could cause the loss of a competitive sale transaction, a delay in invoicing a client, customer,
licensee, or reseller or the renegotiation of terms to retain a sale transaction.
If
we do not accurately predict, prepare for, and respond promptly to rapidly evolving technological and market developments and successfully
manage product introductions and transitions to meet changing needs in the cybersecurity technology market, our competitive position,
financial results and prospects will be harmed.
The
cybersecurity technologies market has grown quickly and is expected to continue to evolve rapidly. Moreover, many of our potential licensees
and resellers and their customers operate in markets characterized by rapidly changing technologies and business plans, which require
them to add numerous network access points and adapt increasingly complex enterprise networks, incorporating a variety of hardware, software
applications, operating systems, and networking protocols. If we fail to accurately predict potential changing needs and emerging technological
trends in the cybersecurity technology industry, including in the areas of mobility, virtualization, and cloud computing, our business
could be harmed. If we experience unanticipated delays in the availability of new services, products, platform features, and subscriptions,
or fail to meet expectations for such availability, our competitive position, financial results, and business prospects will be harmed.
Additionally,
we must commit significant resources to developing new products and services before knowing whether our investments will result in services,
products, subscriptions, and features that the market will accept. The success of new platform features depends on several factors, including
appropriate new product definition, differentiation of new services, products, subscriptions, and platform features from those of our
competitors, and market acceptance of these products, services and platform features. Moreover, successful new product introduction and
transition depends on a number of factors including, our ability to manage the risks associated with new product production ramp-up issues,
the availability of application software for new products, and the risk that new products may have quality or other defects or deficiencies,
especially in the early stages of introduction. We cannot assure you that we will successfully identify opportunities for new products
and services, develop and bring new products and subscriptions to market in a timely manner, or achieve market acceptance of our products
and subscriptions, or that products, subscriptions, and technologies developed by others will not render our products, subscriptions,
or technologies obsolete or noncompetitive.
Actual,
possible or perceived defects or vulnerabilities in our products or services, the failure of our products or services to detect or prevent
a security breach or the misuse of our products could harm our reputation and divert resources.
Because
our products and services are complex, they may contain defects or errors that are not detected until after their commercial release
and deployment. Defects or vulnerabilities may impede or block network traffic, cause our products or services to be vulnerable to electronic
break-ins or cause them to fail to help secure networks. We are also susceptible to errors, defects, vulnerabilities or attacks that
may arise at, or be inserted into our products which are out of our control. Different users deploy and use cybersecurity products in
different ways, and certain deployments and usages may subject our products to adverse conditions that may negatively impact the effectiveness
and useful lifetime of our products. Our networks and products, including any cloud-based technology we utilize, could be targeted by
attacks specifically designed to disrupt our business and harm our reputation. Our products may not prevent all security threats. Because
the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched
against a target, we may be unable to anticipate these techniques. An actual, possible or perceived security breach or infection of the
network of one of the users of our products, regardless of whether the breach is attributable to the failure of our products or services
to prevent the security breach, could adversely affect the market’s perception of our security products and services and, in some
instances, subject us to potential liability that is not contractually limited. We may not be able to correct any security flaws or vulnerabilities
promptly, or at all. Our products may also be misused by potential end users or third parties who obtain access to our products. For
example, our products could be used to censor private access to certain information on the internet. Such use of our products for censorship
could result in negative press coverage and negatively affect our reputation, even if we take reasonable measures to prevent any improper
shipment of our products or if our products are being used improperly or provided by an unauthorized third party.
Any
actual, possible or perceived defects, errors or vulnerabilities in our products and services, or misuse of our products and services,
could result in:
|
● |
the expenditure of significant
financial and development resources in efforts to analyze, correct, eliminate or work around errors or defects or to address and
eliminate vulnerabilities; |
|
|
|
|
● |
the loss of potential clients,
customers, licensees, resellers, or distribution partners; |
|
|
|
|
● |
delayed or lost revenue; |
|
|
|
|
● |
delay or failure to attain
market acceptance; |
|
|
|
|
● |
negative publicity and
harm to our reputation; and |
|
|
|
|
● |
litigation, regulatory
inquiries or investigations that may be costly and harm our reputation and, in some instances, subject us to potential liability
that is not contractually limited. |
Risks
Related to Our Intellectual Property
Our
proprietary rights may be difficult to enforce, which could enable others to copy or use aspects of our products without compensating
us.
We
rely primarily on patent, trademark, copyright and trade secrets laws and confidentiality procedures and contractual provisions to protect
our technology. The claims eventually allowed on any patents issued in the future may not be sufficiently broad to protect our technology
or products. Any issued patents may be challenged, invalidated or circumvented, and any rights granted under these patents may not actually
provide adequate offensive scope, defensive protection or competitive advantages to us. Patent applications in the United States are
typically not published until at least 18 months after filing, or, in some cases, not at all, and publications of discoveries in industry-related
literature lag behind actual discoveries. We cannot be certain that we were the first to make the inventions claimed in our pending patent
applications, or that we were the first to file for patent protection. Additionally, the process of obtaining patent protection is expensive
and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely
manner. In addition, recent changes to the patent laws in the United States, including but not limited to “adversary proceedings,”
“first to file” and “post-grant review” provisions, may bring into question the validity of certain software
patents and may make it more difficult and costly to prosecute patent applications. As a result, we may not be able to obtain adequate
patent protection or effectively enforce our issued patents.
Despite
our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or obtain and use information
that we regard as proprietary. We generally enter into confidentiality or non-solicitation agreements with our employees, consultants,
and vendors, as the case may be, and generally limit access to and distribution of our proprietary information. However, we cannot guarantee
that the steps taken by us will prevent misappropriation of our technology. Policing unauthorized use of our technology or products is
difficult. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as the laws of
the United States, and many foreign countries do not enforce these laws as diligently as government agencies and private parties in the
United States. From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights,
to protect our trade secrets, to determine the validity and scope of the proprietary rights of others or to defend against claims of
infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect
our business, operating results and financial condition. If we are unable to protect our proprietary rights (including aspects of our
software and products protected other than by patent rights), we may find ourselves at a competitive disadvantage to others who need
not incur the additional expense, time and effort required to create the innovative products that would compete with our products.
If
our end users experience data losses, our brand, reputation and business could be harmed.
A
breach of our end users’ network security and systems, or other events that cause the loss or public disclosure of, or access by
third parties to, our end users’ files or data, could have serious negative consequences for our business, including reduced demand
for our services, an unwillingness of our clients and customers, and our licensees and resellers or their customers to use our products
or services, harm to our brand and reputation. The techniques used to obtain unauthorized access, disable or degrade service, or sabotage
systems change frequently, often are not recognized until launched against a target, and may originate from less regulated or remote
areas around the world. As a result, our end users may be unable to proactively prevent these techniques, implement adequate preventative
or remedial measures, or enforce the laws and regulations that govern such activities. If our end users experience any data loss, data
disruption, or any data corruption or inaccuracies, whether caused by security breaches or otherwise, our brand, reputation and business
could be harmed.
Our
insurance may not be available now or in the future on acceptable terms, or at all. In addition, our policy may not cover claims against
us for loss of data or other indirect or consequential damages. Defending a suit based on any data loss or system disruption, regardless
of its merit, could be costly and divert our management’s attention.
Claims
by others that we infringe their proprietary technology or other litigation matters could harm our business.
Patent
and other intellectual property disputes are common in the cybersecurity and technology industries. Third parties may in the future assert
claims of infringement of intellectual property rights against us. They may also assert such claims against our licensees, resellers,
end users or distribution partners whom we may have to indemnify against claims that our products infringe the intellectual property
rights of third parties. As the number of products and competitors in our market increases and overlaps in service and functionality
occur, infringement claims may increase. Any claim of infringement by a third party, even those without merit, could cause us to incur
substantial costs defending against the claim and could distract our management from our business. In addition, litigation may involve
patent holding companies, non-practicing entities or other adverse patent owners who have no relevant product revenue and against whom
our own patents may therefore provide little or no deterrence to such plaintiffs we will counter-claim for infringement and invalidation
of their patent(s).
Although
third parties may offer a license to their technology, the terms of any offered license may not be acceptable, and the failure to obtain
a license or the costs associated with any license could cause our business, financial condition and results of operations to be materially
and adversely affected. In addition, some licenses may be non-exclusive and, therefore, our competitors may have access to the same technology
licensed to us. Alternatively, we may be required to develop non-infringing technology, which could require significant time, effort
and expense, and may ultimately not be successful. Furthermore, a successful claimant could secure a judgment, or we may agree to a settlement
that prevents us from distributing certain products or performing certain services or that requires us to pay substantial damages (including
treble damages if we are found to have willfully infringed such claimant’s patents), royalties or other fees. Any of these events
could seriously harm our business, financial condition and results of operations.
We
may be subject to lawsuits claiming patent infringement. We may also be subject to other litigation in addition to patent infringement
claims, such as employment-related litigation and disputes, as well as general commercial litigation, and could become subject to other
forms of litigation and disputes, including stockholder litigation. If we are unsuccessful in defending any such claims, our operating
results and financial condition and results may be materially and adversely affected. For example, we may be required to pay substantial
damages and could be prevented from selling certain of our products. Litigation, with or without merit, could negatively impact our business,
reputation and sales in a material adverse fashion.
We
rely on the availability of third-party licenses and our inability to maintain those licenses could harm our business.
Many
of our products or products under development include software or other intellectual property licensed from third parties. It may be
necessary in the future to renew licenses relating to various aspects of these products or to seek new licenses for existing or new products.
Licensors may claim we owe them additional license fees for past and future use of their software and other intellectual property or
that we cannot utilize such software or intellectual property in our products going forward. There can be no assurance that the necessary
licenses would be available on acceptable terms, if at all.
The
inability to obtain certain licenses or other rights or to obtain such licenses or rights on favorable terms or for reasonable pricing,
or the need to engage in litigation regarding these matters, could result in delays in product releases until equivalent technology can
be identified, licensed or developed, if at all, and integrated into our products. Further such events may result in significant license
fees and have a material adverse effect on our business, operating results, and financial condition. Moreover, the inclusion in our products
of software or other intellectual property licensed from third parties on a non-exclusive basis or the inclusion in our products of opensource
software may limit our ability to differentiate our products from those of our competitors. Not differentiating our products from those
of our competitors may adversely affect our results of operations, including reducing our revenue and net income.
We
also rely on technologies licensed from third parties in order to operate functions of our business. If any of these third parties allege
that we have not properly paid for such licenses or that we have improperly used the technologies under such licenses, we may need to
pay additional fees or obtain new licenses, and such licenses may not be available on terms acceptable to us or at all or may be costly.
In any such case, or if we were required to redesign our internal operations to function with new technologies, our business, results
of operations and financial condition could be harmed.
Our
use of open-source software in our products could negatively affect our ability to sell our products and subject us to possible litigation.
Our
current products, and/or those under development, contain software modules licensed to or used by us from third-party authors under “open
source” licenses. Some open-source licenses contain requirements that we make available applicable source code for modifications
or derivative works we create based upon the type of open-source software we use. If we combine our proprietary software with open-source
software in a certain manner, we could be required to release the source code of our proprietary software to the public under certain
open-source licenses. This would allow our competitors to create similar products with lower development effort and time, and ultimately
could result in a loss of product sales for us.
Although
we monitor our use of open-source software to avoid subjecting our products and subscriptions to conditions we do not intend, the terms
of many open-source licenses have not been interpreted by United States courts, and there is a risk that these licenses could be construed
in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our products. From time to time,
there have been claims against companies that distribute or use open-source software in their products, asserting that open-source software
infringes the claimants’ intellectual property rights. We could be subject to suits by parties claiming infringement of intellectual
property rights in what we believe to be licensed open-source software. If we are held to have breached the terms of an open source software
license, we could be required to seek licenses from third parties to continue offering our products on terms that are not economically
feasible, to reengineer our products, to discontinue the sale of our products if reengineering could not be accomplished on a timely
basis, or to make generally available, in source code form, our proprietary code, any of which could adversely affect our business, operating
results, financial condition and ability to differentiate our products and services.
In
addition to risks related to license requirements, usage of open-source software can lead to greater risks than use of third-party commercial
software, as open-source licensors generally do not provide warranties or assurance of title or controls on origin of the software. In
addition, many of the risks associated with usage of open-source software, such as the lack of warranties or assurances of title, cannot
be eliminated, and could, if not properly addressed, negatively affect our business. We have established processes to help alleviate
these risks, including a review process for screening requests from our development organizations for the use of open-source software,
but we cannot be sure that our processes for controlling our use of open-source software in our products will be effective.
Risks
Related to Our Common Stock
Historically,
the market price for our common stock has been volatile, and you may not be able to sell our stock at a favorable price, or at all.
You
should consider an investment in our common stock to be risky, and you should invest in our common stock and securities convertible into
our common stock only if you can withstand a complete loss and wide fluctuations in the market value of your investment. Some factors
that may cause the market price of our common stock to fluctuate, in addition to the other risks mentioned in this “Risk Factors”
section and elsewhere are:
|
● |
sale of our common stock
by our stockholders, executives, and directors; |
|
|
|
|
● |
volatility in price and
level of trading volumes of our shares of common stock; |
|
|
|
|
● |
our ability to obtain financings
to conduct and complete research and development activities and other business activities; |
|
|
|
|
● |
the timing and success
of introductions of new products and services by us or our competitors or any other change in the competitive dynamics of our industry,
including consolidation among competitors; |
|
|
|
|
● |
Our ability to attract
new customers, clients, licensees, and resellers; |
|
|
|
|
● |
changes in the development
status of our products and services; |
|
● |
changes in our capital
structure, future issuances of securities, sales of large blocks of common stock by our stockholders; |
|
|
|
|
● |
our cash position; |
|
|
|
|
● |
announcements and events
surrounding financing efforts, including debt and equity securities; |
|
|
|
|
● |
our inability to enter
into new markets or develop new products and services; |
|
|
|
|
● |
reputational issues; |
|
|
|
|
● |
announcements of acquisitions,
partnerships, collaborations, joint ventures, new products and services, capital commitments, or other events by us or our competitors; |
|
|
|
|
● |
changes in industry conditions
or perceptions; |
|
|
|
|
● |
our ability to attract
analyst to initiate research coverage and once obtained, having such analysts issue research reports, recommendations and any changes
in recommendations, price targets, and withdrawals of coverage; |
|
|
|
|
● |
departures and additions
of key personnel; |
|
|
|
|
● |
disputes and litigations
related to intellectual properties, proprietary rights, and contractual obligations; |
|
|
|
|
● |
changes in applicable laws,
rules, regulations, or accounting practices and other dynamics; and |
|
|
|
|
● |
other events or factors,
many of which may be out of our control. |
In
addition, if the market for stock of companies in our industry or industries related to our industry, or the stock market in general,
experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business,
financial condition and results of operations. If any of the foregoing occurs, it could cause our stock price to fall and may expose
us to lawsuits that, even if unsuccessful, could be costly to defend and a distraction to management.
Substantial
sales of our common stock, or the perception that such sales might occur, could depress the market price of our common stock.
We
cannot predict whether future issuances of our common stock, or resale of shares in the open market, will decrease the market price of
our common stock. The consequence of any such issuances or resale of our common stock on our market price may be increased as a result
of the fact that our common stock is thinly, or infrequently, traded. The exercise of any outstanding options, or the vesting of any
restricted stock, that we may grant to directors, executive officers and other employees in the future, or the issuance of common stock
in connection with acquisitions and other issuances of our common stock, may decrease the market price of our common stock.
Holders
of our common stock have a risk of potential dilution if we issue additional shares of common stock in the future.
The
exercise of outstanding options and warrants to purchase our common stock will dilute existing stockholders’ ownership
percentage. We currently have outstanding warrants to purchase 87,628,920 shares of our common stock, with a weighted average
exercise price of $0.56. On September 13, 2021, our stockholders approved an employee stock option plan authorized by our Board of
Directors under which we may issue options to purchase or grant up to an aggregate of 8,000,000 shares of common stock plus annual
increases on the first day of each calendar year beginning with the first January 1 following May 12, 2021 and ending with the last
January 1, 2031 up to five percent (5%) of the fully diluted shares outstanding. Annual increases are subject to the approval by the
Board of Directors. In the future, we may grant additional stock options, warrants, preferred stock or convertible securities. The
exercise or conversion of stock options, warrants, preferred stock, or convertible securities will dilute the ownership percentage
of our then existing stockholders. The dilutive effect of the exercise or conversion of these securities may adversely affect our
ability to obtain additional capital. The holders of these securities may be expected to exercise or convert their securities when
we are able to obtain additional equity capital on terms more favorable than these securities.
The
Second Tranche, should the Company achieve the Milestone prior to June 30, 2026, will increase outstanding shares of common stock by
59.9 million.
The
anti-dilutive rights of certain warrants could result in significant dilution to our existing stockholders and/or require us to issue
a substantially greater number of shares, which may adversely affect the market price of our common stock.
The
warrants to purchase 55,549,615 shares of our common stock issued to investors in a private placement transaction that closed on April
16, 2021 contain anti-dilution rights such that if we issue, or are deemed to have issued, common stock or common stock equivalents at
a price less than the then exercise price of those warrants, the exercise price of those warrants will automatically be reduced to such
lower value, and the number of shares of common stock issuable upon exercise thereafter will be adjusted proportionately, so that the
aggregate exercise price payable upon exercise of such warrants is the same prior to and after such reduction in exercise price. As a
result, the effect of the anti-dilution right may cause significant dilution to our other stockholders. The warrants to purchase 8,332,439
shares of our common stock issuable upon exercise of warrants issued to the placement agent in the private placement include a weighted
average anti-dilution right in the event we issue any shares of common stock or equivalents with a value less than the then exercise
price. As a result, the effect of the anti-dilution right may cause significant dilution to our other stockholders. The triggering of
the anti-dilution rights in the warrants issued in the private placement may result in such securities being exercisable for a significant
number of additional shares of common stock and/or exercisable for a reduced exercise price. As a result, the number of shares issuable
could prove to be significantly greater than they are currently and could result in substantial dilution to our other stockholders. As
of September 30, 2022, no anti-dilution triggers have occurred.
Our
common shares are thinly traded, and in the future may continue to be thinly traded, and you may be unable to sell your shares at or
near ask prices or at all, if you need to sell your shares to raise money or otherwise desire to liquidate such shares.
We
cannot predict the extent to which an active public market for our common stock will develop or be sustained due to a number of factors,
including the fact that we are a small company that is relatively unknown to stock analysts, stock brokers, institutional investors and
others in the investment community that generate or influence sales volume, and that even if we came to the attention of such persons,
they tend to be risk-averse and would be reluctant to follow an unproven company such as ours or purchase or recommend the purchase of
our shares until such time as we become more seasoned and viable. As a consequence, there may be periods of several days or more when
trading activity in our shares is minimal or non-existent, as compared to a seasoned issuer that has a large and steady volume of trading
activity that will generally support continuous sales without an adverse effect on its share price. We cannot give you any assurance
that a broader or more active public trading market for our common stock will develop or be sustained, or that even current trading levels
will be sustained. You may be unable to sell your common stock at or above your purchase price, if at all, which may result in substantial
losses to you. As a consequence of this lack of liquidity, the trading of relatively small quantities of shares by our stockholders may
disproportionately influence the price of those shares in either direction. The price for our shares could, for example, decline precipitously
in the event that a large number of our common shares are sold on the market without commensurate demand, as compared to a seasoned issuer
that could better absorb those sales without adverse impact on its share price. As a consequence of this enhanced risk, more risk-averse
investors may, under the fear of losing all or most of their investment in the event of negative news or lack of progress, be more inclined
to sell their shares on the market more quickly and at greater discounts than would be the case with the stock of a seasoned issuer.
A
significant number of our shares have been registered for resale, and their sale or potential sale may depress the market price of our
common stock.
As
of September 30, 2022, we had 148,724,056 shares of common stock outstanding and total warrants issued for 87,628,920 shares of common
stock. If all 87,628,920 warrants are exercised in full for cash, then they would represent 37% of the total shares outstanding. The
Second Tranche, should the Company achieve the Milestone prior to June 30, 2026, will increase outstanding shares of common stock by
59.9 million. Sales of a significant number of shares of our common stock in the public market, or the potential or expectation of such
sales, could harm the market price of our common stock. As large numbers of our common stock are sold, it would increase the supply of
our common stock, which would thereby cause a decrease in its price.
In
addition, the shares of our common stock that have been registered for resale and/or are issuable upon exercise of the warrants issued
in the private placement may represent an overhang that may also adversely affect the market price of our common stock. Overhang occurs
when there is a greater supply of a company’s stock in the market than there is demand for that stock. When this happens, the price
of a company’s stock will decrease, and any additional shares that stockholders attempt to sell in the market will only further
decrease the share price. The exercise price of our outstanding warrants may be less than the trading price of our common stock or may
create an artificial ceiling on the price of our common stock. In the event of such overhang, the holders of those warrants will have
an incentive to sell their common stock as quickly as possible. If the share volume of our common stock cannot absorb the new shares
issuable upon exercise of those warrants or made available for sale pursuant to the registration statement, then the value of our common
stock will likely decrease.
Future
sales and issuances of our securities could result in additional dilution of the percentage ownership of our stockholders and could cause
our share price to fall.
We
expect that we will need significant additional capital in the future to continue our planned operations, including research and development,
increased marketing, hiring new personnel, commercializing our products, and continuing activities as an operating public company. To
the extent that we raise additional capital by issuing equity securities, our existing stockholders may experience substantial dilution.
We may sell common stock, convertible securities or other equity securities in one or more transactions, at prices and in a manner that
we determine from time to time, in our discretion. If we sell common stock, convertible securities or other equity securities in more
than one transaction, investors may be materially diluted by subsequent sales. Such sales may also result in material dilution to our
existing stockholders, and new investors could gain rights superior to our existing stockholders.
Our
common stock is subject to restrictions on sales by broker-dealers and penny stock rules, which may be detrimental to investors.
Our
common stock is subject to Rules 15g-1 through 15g-9 under the Exchange Act, which impose certain sales practice requirements on broker-dealers
who sell our common stock to persons other than established customers and “accredited investors” (as defined in Rule 501(a)
of the Securities Act). For transactions covered by this rule, a broker-dealer must make a special suitability determination for the
purchaser and receive the purchaser’s written consent to the transaction prior to the sale. This rule adversely affects the ability
of broker-dealers to sell our common stock and holders of our common stock to sell their shares of our common stock.
Additionally,
our common stock is subject to SEC regulations applicable to “penny stocks.” Penny stocks include any non-Nasdaq equity security
that has a market price of less than $5.00 per share, subject to certain exceptions. The regulations require that, prior to any non-exempt
buy/sell transaction in a penny stock, a disclosure schedule proscribed by the SEC relating to the penny stock market must be delivered
by a broker-dealer to the purchaser of such penny stock. This disclosure must include the amount of commissions payable and the current
price quotations for our common stock. The regulations also require that monthly statements be sent to holders of a penny stock that
disclose recent price information for the penny stock and information regarding the limited market for penny stocks. These requirements
adversely affect the market liquidity of our common stock.
Because
our common stock is quoted on the OTCQB instead of a national exchange, our investors may have difficulty selling their stock or may
experience negative volatility on the market price of our common stock.
Our
common stock is quoted on the OTCQB Market, operated by the OTC Markets Group. The OTCQB is often highly illiquid, in part because it
does not have a national quotation system by which potential investors can follow the market price of shares, except through information
received and generated by a limited number of broker-dealers that make markets in particular stocks. There is a greater chance of volatility
for securities that trade on the OTCQB, as compared to a national exchange or quotation system. This volatility may be caused by a variety
of factors, including the lack of readily available price quotations, the absence of consistent administrative supervision of bid and
ask quotations, lower trading volume, and market conditions. Investors in our common stock may experience high fluctuations in the market
price and volume of the trading market for our securities. These fluctuations, when they occur, have a negative effect on the market
price for our securities. Accordingly, our stockholders may not be able to realize a fair price for their shares when they determine
to sell them or may have to hold them for a substantial period of time until the liquidity of the market for our common stock improves.
Risks
Related to Regulations and Our Compliance with Such Regulations
We
previously identified material weaknesses in our disclosure controls and procedures and internal control over financial reporting. If
not remediated, our failure to establish and maintain effective disclosure controls and procedures and internal control over financial
reporting could result in material misstatements in our financial statements and a failure to meet our reporting and financial obligations,
each of which could have a material adverse effect on our financial condition and the trading price of our common stock.
Maintaining
effective internal control over financial reporting and effective disclosure controls and procedures are necessary for us to produce
reliable financial statements. Our disclosure controls and procedures and internal controls over financial reporting are currently ineffective
and have in the past been subject to material weaknesses. A material weakness is a deficiency, or a combination of deficiencies, in internal
control over financial reporting, such that there is a reasonable possibility that a material misstatement of a company’s annual
or interim financial statements will not be prevented or detected on a timely basis. A control deficiency exists when the design or operation
of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect
misstatements on a timely basis.
We
cannot assure you that additional material weaknesses will not arise in the future. The development of new material weaknesses in our
internal control over financial reporting, could result in material misstatements in our financial statements and cause us to fail to
meet our reporting and financial obligations, which in turn could have a material adverse effect on our financial condition and the trading
price of our common stock, and/or result in litigation against us or our management.
We
are subject to changing laws and regulations.
U.S.
government agencies continue to implement extensive requirements on our industry. These regulations have both positive and negative impacts,
with much remaining uncertainty as to how various provisions will ultimately affect our customers, clients, licensees, resellers, end
users and our business. As to prospective legislation and regulation concerning collection, transmission, storage and use of personal
data, we cannot determine what effect additional state or federal governmental legislation, regulations, or administrative orders would
have on our business in the future. New legislation or regulation may require the reformulation of our business to meet new standards,
require us to cease operations, impose stricter qualification and/or registration standards, impose additional record keeping, or require
expanded consumer protection measures (such as heightened notification procedures and data subject access rights).
Our
failure to comply with laws and regulations applicable to our business could subject us to fines and penalties and could also cause us
to lose potential customers, clients, licensees, resellers and/or for licensees and resellers to lose potential customers in the public
sector or negatively impact our ability to contract with the public sector.
Our
business is subject to regulation by various federal, state, regional, local and foreign governmental agencies, including agencies responsible
for monitoring and enforcing employment and labor laws, workplace safety, product safety, product labeling, environmental laws, consumer
protection laws, anti-bribery laws, data privacy laws, import and export controls, federal securities laws and tax laws and regulations.
In certain jurisdictions, these regulatory requirements may be more stringent than in the United States. Noncompliance with applicable
regulations or requirements could subject us to investigations, sanctions, enforcement actions, disgorgement of profits, fines, damages
and civil and criminal penalties or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil
or criminal litigation, our business, operating results and financial condition could be adversely affected. In addition, responding
to any legal action will likely result in a significant diversion of our management’s attention and resources and an increase in
professional fees and expenses. Enforcement actions and sanctions could harm our business, operating results and financial condition.
Additionally,
we may be subject to other laws and regulations throughout the world governing data handling, protection and privacy. For example, in
June of 2018, California passed the California Consumer Privacy Act, or the “CCPA,” which provides new data privacy rights
for consumers and new operational requirements for companies, became effective in 2021, and in March 2022 Virginia passed a consumer
data protection law, the “VCDPA,” which includes similar rights as set forth in the CCPA. Fines for noncompliance may be
up to $7,500 per violation. Additionally, many other states have passed differing privacy and data protection laws in recent years. Significantly,
several bills are being worked on in the Senate and the House dealing with these issues, and while it is uncertain that any of them will
reach the floor of either chamber, if they do so they will likely impose substantial additional burdens on companies. The costs of compliance
with, and other burdens imposed by, the CCPA, the VCDPA and other state or foreign laws, may limit the use and adoption of our products
and services and would have an adverse impact on our business. These laws and regulations impose added costs on our business, and failure
to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to claims for
damages from our channel partners, penalties, termination of contracts, loss of exclusive rights in our intellectual property and temporary
suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability
to do business with the public sector could have an adverse effect on our business and operating results.
Governmental
restrictions on the sale of our products and services in non-U.S. markets could negatively affect our business, financial condition and
financial results.
Exports
of software products and services using cybersecurity technology such as ours are generally restricted by the U.S. government. In addition,
some countries impose restrictions on the use of cybersecurity products and services such as ours. The cost of compliance with U.S. and
other export laws, or our failure to obtain governmental approvals to offer our products and services in non-U.S. markets, could affect
our ability to sell our products and services and could impair our international expansion. We face a variety of other legal and compliance
risks. If we or our distributors fail to comply with applicable law and regulations, we may become subject to penalties, fines or restrictions
that could materially adversely affect our business, financial condition and financial results.
Risks
Related to Our Contractual Agreements
The
accounting treatment of the recently issued warrants could have a material adverse impact on our financial statements and reduce our
net income.
The
warrants we issued in the 2021 private placement described in Part II, Item 8, Financial Statements, Note 8, contain various provisions
including, but not limited to, various price reset and anti-dilution provisions. We cannot predict the financial impact of the issuance
of the warrants on our financial statements, specifically our balance sheet. We also cannot predict the financial impact of the various
provisions included in the warrant agreements.
Our
stockholders are subject to significant dilution upon the occurrence of certain events which could result in a decrease in our stock
price.
As
of the date of this report, we had approximately 87,628,920 shares of our common stock reserved or designated for future issuance upon
the exercise of outstanding warrants. Further, we may from time to time make an offer to our warrant holders to exchange their outstanding
warrants for shares of our common stock, a fewer number of warrants with more favorable terms, or a combination thereof, subject to applicable
rules and requirements.
The
warrants issued in the recent private placement contain provisions that, subject to certain exceptions, reset the exercise price of such
warrants if at any time while such warrants are outstanding we sell or issue (or are deemed to sell or issue) shares of our common stock
or rights, warrants, options or other securities or debt convertible, exercisable or exchangeable for shares of our common stock at a
price below the then current exercise price per share for such warrants ($0.36 per share for the warrants issued to investors and $0.18
per share for the warrants issued to the placement agent). Any future resets to the exercise price of those warrants will have a further
dilutive effect on our existing stockholders and could result in a decrease in our stock price. As of September 30, 2022 no resets of
warrant exercise prices has occurred.
The
Second Tranche, should the Company achieve the Milestone prior to June 30, 2026, will increase outstanding shares of common stock by
59.9 million.
The
purchase agreement related to our 2021 private placement includes customary covenants that we must comply with, or we may suffer potential
monetary and other penalties.
The
securities purchase agreement we entered into in connection with the recent private placement contains certain customary covenants. If
we do not comply with these covenants, we will be in breach of our obligations under the securities purchase agreement, which may lead
to exercise by the investors of the remedies available to them under the securities purchase agreement, which may cause a material impact
upon our financial condition.
General
Risk Factors
Our
charter allows us to issue “blank check” preferred stock, and establish its terms, conditions, rights, powers and preferences
without stockholder approval.
Pursuant
to our certificate of incorporation, our Board of Directors has the authority to issue up to 10 million shares of “blank check”
preferred stock and to determine the price, rights, preferences, privileges and restrictions, including voting rights, of those shares
without any additional vote or action by our stockholders. Because our Board of Directors is able to designate the terms, conditions,
rights, powers and preferences of the preferred stock without the vote of a majority of our stockholders, our stockholders will have
no control over what designations and preferences our preferred stock will have. The issuance of shares of preferred stock or the rights
associated therewith, could cause substantial dilution to our existing stockholders. Additionally, the dilutive effect of any preferred
stock that we may issue may be exacerbated given the fact that such preferred stock may have voting rights, liquidation and/or other
rights or preferences that could provide the preferred stockholders with substantial voting control over us and/or give those holders
the power to prevent or cause a change in our control. As a result, the issuance of shares of preferred stock may cause the value of
our common stock to decrease.
On
July 1, 2022, 100 shares of Series A Preferred Stock were issued to five (5) individuals with a Board Designation Right in the Series
A Preferred Stock Designation that entitles the holders of a majority of the Series A Preferred Stock (i) present and voting at a meeting
at which a quorum of the Series A Preferred Stock is present, or (ii) executing a written Series A Preferred Stock Consent in Lieu of
a Meeting, to elect for (4) members of our Board of Directors, and if the number of directors on our Board of Directors is increased
above a total of six (6), then the holders of the series A Preferred Stock shall be entitled to elect a majority of the members of our
Board of Directors.
We
will continue to incur increased costs as a result of being a reporting company and, given our limited capital resources, such additional
costs may have an adverse impact on our profitability.
We
are a reporting company to the Securities and Exchange Commission, or SEC. The rules and regulations under the Exchange Act require reporting
companies to provide periodic reports with interactive data files, which require that we engage legal, accounting and auditing professionals,
and eXtensible Business Reporting Language (XBRL) and EDGAR (Electronic Data Gathering, Analysis, and Retrieval) service providers. The
engagement of such services can be costly, and we may continue to incur additional financial losses, which may adversely affect our ability
to continue as a going concern. In addition, the Sarbanes Oxley Act of 2002, as well as a variety of new related and unrelated rules
implemented by the SEC, have required changes in corporate governance practices and generally increased the disclosure requirements of
public companies. For example, as a result of being a reporting company, we are required to file periodic and current reports and other
information with the SEC, and we are adopting and revising policies regarding disclosure controls and procedures, internal control over
financial reporting.
The
additional costs we continue to incur in connection with being a reporting company (expected to be approximately seven to eight hundred
thousand dollars per year) will continue to further stretch our limited capital resources. Due to our limited resources, we have to allocate
resources away from other productive uses in order to continue to comply with our obligations as an SEC reporting company. Further, there
is no guarantee that we will have sufficient resources to continue to meet our reporting and filing obligations with the SEC as they
come due.
If
securities or industry analysts do not initiate research coverage on us and if initiated fail to publish research or reports, or publish
unfavorable research or reports, about our business, our stock price and trading volume may decline.
The
trading market for our common stock will rely in part on the research and reports that industry or financial analysts publish about us,
our business, our markets and our competitors. We do not currently have any securities or industry analysts that have initiated research
coverage on our business. If and when any securities or industry analysts initiate research coverage on our business, we will not control
these analysts. If securities analysts do not cover our common stock, the lack of research or other coverage may adversely affect the
market price and decrease the trading volume of our common stock. Furthermore, if one or more of the analysts who do cover us downgrade
our stock, or if those analysts issue other unfavorable commentary about us or our business, our stock price would likely decline. If
one or more of these analysts cease coverage of us or fails to regularly publish reports on us, we could lose visibility in the market,
and interest in our stock could decrease, which in turn could cause our stock price or trading volume to decline and may also impair
our ability to expand our business and attract new clients and customers to purchase our cybersecurity products and services.
Market
and economic conditions may negatively impact our business, financial condition and share price.
Concerns
over increasing inflation, increasing energy costs, geopolitical issues, unstable global credit markets and financial conditions, and
volatile oil prices have in the past led to periods of significant economic instability, diminished liquidity and credit availability,
declines in consumer confidence and discretionary spending, diminished expectations for the global economy and expectations of slower
global economic growth going forward, increased unemployment rates, and increased credit defaults. Our general business strategy may
be adversely affected by any such economic downturns, volatile business environments and continued unstable or unpredictable economic
and market conditions. If these conditions continue to deteriorate, or do not improve once they occur, it may make any necessary debt
or equity financing needed by us more difficult to complete, more costly, if possible, at all, and more dilutive. Failure to secure any
necessary financing in a timely manner and on favorable terms could have a material adverse effect on our growth strategy, financial
performance, and share price, and could require us to delay or abandon development or commercialization plans.
Failure
to adequately manage our planned aggressive growth strategy may harm our business or increase our risk of failure.
For
the foreseeable future, we intend to pursue an aggressive growth strategy for the expansion of our operations through increased product
development and marketing. Our ability to rapidly expand our operations will depend upon many factors, including our ability to work
in a regulated environment, market value-added products effectively to mid-market and emerging companies and organizations, establish
and maintain strategic relationships with suppliers, acquire companies or establish joint ventures to add new features, services or products
to our offerings, and obtain adequate capital resources on acceptable terms. Any restrictions on our ability to expand may have a materially
adverse effect on our business, results of operations, and financial condition. Accordingly, we may be unable to achieve our targets
for sales growth, and our operations may not be successful or achieve anticipated operating results.
Additionally,
our growth may place a significant strain on our managerial, administrative, operational, and financial resources. Our future success
will depend, in part, upon the ability of our management to manage growth effectively. This will require us to, among other things:
|
● |
implement additional management
information systems; |
|
|
|
|
● |
further develop our operating,
administrative, legal, financial, and accounting systems and controls; |
|
|
|
|
● |
hire additional personnel; |
|
● |
develop additional levels
of management within our company; |
|
|
|
|
● |
locate additional office
space; and |
|
|
|
|
● |
maintain close coordination
among our engineering, operations, legal, finance, sales and marketing, and client service and support organizations. |
As
a result, we may lack the resources to deploy our services on a timely and cost-effective basis. Failure to accomplish any of these requirements
could impair our ability to deliver our products and services in a timely fashion or attract and retain new licensees and resellers.
If
we do not successfully implement any acquisition strategies, our operating results and prospects could be harmed.
We
face intense competition within our industry for acquisitions of businesses, technologies and assets. In the future, such competition
may become more intense. As such, even if we are able to identify an acquisition target that we would like to acquire, we may not be
able to complete the acquisition on commercially reasonable terms, or at all, because of such competition. Furthermore, if we enter into
negotiations that are not ultimately consummated, those negotiations would result in diversion of management time and significant out-of-pocket
costs. Even if we are able to complete such acquisitions, we may additionally expend significant amounts of cash or incur substantial
debt to finance them, which indebtedness could result in restrictions on our business and use of available cash. In addition, we may
finance or otherwise complete acquisitions by issuing equity or convertible debt securities, which could result in dilution of our existing
stockholders. If we fail to evaluate and execute acquisitions successfully, we may not be able to realize their benefits. If we are unable
to successfully address any of these risks, our business, financial condition, and operating results could be harmed.
If
we make any acquisitions, they may disrupt or have a negative impact on our business.
If
we make acquisitions in the future, funding permitting, which may not be available on favorable terms, if at all, we could have difficulty
integrating the acquired company’s assets, personnel and operations with our own. We do not anticipate that any further acquisitions
or mergers we may enter into in the future would result in a change of control of the Company. In addition, the key personnel of the
acquired business may not be willing to work for us. We cannot predict the effect any expansion may have on our core business. Regardless
of whether we are successful in making an acquisition, the negotiations could disrupt our ongoing business, distract our management and
employees and increase our expenses. In addition to the risks described above, acquisitions are accompanied by a number of inherent risks,
including, without limitation, the following:
|
● |
the difficulty of integrating
acquired products, services or operations; |
|
|
|
|
● |
the potential disruption
of the ongoing businesses and distraction of our management and the management of any acquired companies; |
|
|
|
|
● |
difficulties in maintaining
uniform standards, controls, procedures and policies; |
|
|
|
|
● |
the potential impairment
of relationships with employees, licensees, resellers, clients, and customers as a result of any integration of new management personnel; |
|
|
|
|
● |
the potential inability
or failure to achieve additional sales and enhance our client, customer, licensee, and reseller base through cross-marketing of the
products to new and existing clients, customers, licensees and resellers; |
|
|
|
|
● |
the effect of any government
regulations which we are unfamiliar with that relate to the business acquired; |
|
|
|
|
● |
potential unknown liabilities
associated with acquired businesses or product lines, or the need to spend significant amounts to retool, reposition or modify the
marketing and sales of acquired products or operations, or the defense of any litigation, whether or not successful, resulting from
actions of the acquired company prior to our acquisition; and |
|
|
|
|
● |
potential expenses under
the labor, environmental and other laws of various jurisdictions. |
Our
business could be severely impaired if and to the extent that we are unable to succeed in addressing any of these risks or other problems
encountered in connection with an acquisition, many of which cannot be presently identified. These risks and problems could disrupt our
ongoing business, distract our management and employees, increase our expenses and adversely affect our results of operations, including
reducing our revenue and net income.
We
may apply working capital and future funding to uses that ultimately do not improve our operating results or increase the market price
of our securities.
In
general, we have complete discretion over the use of our working capital and any new investment capital we may obtain in the future that
has no dedicated use of proceeds. Because of the number and variety of factors that could determine our use of funds, our ultimate expenditure
of funds (and their uses) may vary substantially from our current intended operating plan for such funds.
We
intend to use existing working capital and future funding to support the development of our products and services, the expansion of our
marketing, or the support of operations to educate the end users of the software we sell. We will also use capital for market and network
expansion, acquisitions, and general working capital purposes. However, we do not have more specific plans for the use and expenditure
of our capital. Our management has broad discretion to use any or all of our available capital reserves. Our capital could be applied
in ways that do not improve our operating results or otherwise increase the market value of a stockholder’s shares.
Our
websites may encounter technical problems and service interruptions.
Our
websites may in the future experience slower response times or interruptions as a result of increased traffic or other reasons. These
delays and interruptions resulting from failure to maintain Internet service connections to our site could frustrate visitors and reduce
our future web site traffic, which could have a material adverse effect on our business including a reduction in our sales and net income.
The
sale of shares of our common stock by our directors and officers may adversely affect the market price for our common stock.
Sales
of significant amounts of shares of common stock by our officers and directors, or the prospect of such sales, could adversely affect
the market price of our common stock. Our management’s stock ownership may discourage a potential acquirer from making a tender
offer or otherwise attempting to obtain control of us, which in turn could reduce our stock price or prevent our stockholders from realizing
a premium over our stock’s market price.
Stockholders
may be diluted significantly through our efforts to obtain financing and satisfy obligations through the issuance of additional shares
of our common stock.
Whenever
possible, our Board of Directors will attempt to use non-cash consideration to satisfy obligations. In many instances, we believe that
the non-cash consideration will consist of restricted shares of our common stock, or when shares are issued to our officers, directors
and applicable consultants as compensation. Our Board of Directors has authority, without action or vote of the stockholders, to issue
all or part of the authorized but unissued shares of our common stock. In addition, we may attempt to raise capital by selling shares
of our common stock, possibly at a discount to market. These actions will result in dilution of the ownership interests of existing stockholders,
which may further dilute our common stock book value, and that dilution may be material. Such issuances may also serve to enhance existing
management’s ability to maintain control of us because the shares may be issued to parties or entities committed to supporting
existing management.
If
we do not effectively manage our growth, our business resources and systems may become strained, and we may be unable to increase revenue
growth.
We
plan to grow aggressively and, if successful, our future growth may provide challenges to our organization, requiring us to expand our
personnel and our operations. Future growth may strain our infrastructure, operations and other managerial and operating resources. If
our business resources become strained, our earnings may be adversely affected, and we may be unable to increase revenue growth. Further,
we may undertake contractual commitments that exceed our labor resources, which could also adversely affect our earnings and our ability
to increase revenue growth.
Our
growth depends in part on the success of our strategic relationships with third parties.
In
order to grow our business, we anticipate that we will need to continue to depend on our relationships with third parties, including
our technology providers. Identifying such third parties, and negotiating and documenting relationships with them, requires significant
time and resources. Our competitors may be effective in providing incentives to third parties to favor their products or services, over
utilization of our products and services. In addition, acquisitions of our business partners by our competitors could result in a decrease
in the number of our current and potential clients, customers, licensees, resellers, and end users. If we are unsuccessful in establishing
or maintaining our relationships with third parties, our ability to compete in the marketplace or to grow our revenue could be impaired
and our results of operations may suffer. Even if we are successful, we cannot assure you that these relationships will result in increased
use of our products or increased revenue.
Claims,
litigation, government investigations, and other proceedings may adversely affect our business and results of operations.
As
a company offering a wide range of products and services, we are regularly subject to actual and threatened claims, litigation, reviews,
investigations, and other proceedings, including proceedings relating to goods and services offered by us and by third parties, and other
matters. Any of these types of proceedings, including currently pending proceedings as discussed herein, may have an adverse effect on
us because of legal costs, disruption of our operations, diversion of management resources, negative publicity, and other factors. The
outcomes of these matters are inherently unpredictable and subject to significant uncertainties. Determining legal reserves and possible
losses from such matters involves judgment and may not reflect the full range of uncertainties and unpredictable outcomes. Until the
final resolution of such matters, we may be exposed to losses in excess of the amount recorded, and such amounts could be material. Should
any of our estimates and assumptions change or prove to have been incorrect, it could have a material effect on our business, consolidated
financial position, results of operations, or cash flows. In addition, it is possible that a resolution of one or more such proceedings,
including as a result of a settlement, could require us to make substantial future payments, prevent us from offering certain products
or services, require us to change our business practices in a manner materially adverse to our business, requiring development of non-infringing
or otherwise altered products or technologies, damaging our reputation, or otherwise having a material adverse effect on our operations.
We
have never paid or declared any dividends on our common stock.
We
have never paid or declared any dividends on our common stock or preferred stock; however, prior to December 29, 2021 we operated as
a limited liability company (“LLC”) and made distributions of profits to our members. There were equity distributions to
LLC members of $210,000 in 2021 and $461,000 in 2022.
We
do not anticipate paying, in the near future, dividends or distributions on our common stock. Any future dividends on our common stock
will be declared at the discretion of our Board of Directors and will depend on, among other things, our earnings, our financial requirements
for future operations and growth, and other facts as we may then deem appropriate. Since we do not anticipate paying cash dividends on
our common stock, return on your investment, if any, will depend solely on an increase, if any, in the market value of our common stock.
For
all of the foregoing reasons and others set forth herein, an investment in our securities involves a high degree of risk.