ITEM 3. KEY INFORMATION

A. [Reserved.]

B. Capitalization and Indebtedness

Not applicable.

C. Reasons for the Offer and Use of Proceeds

Not applicable.

D. Risk Factors

You should carefully consider the risks described below, together with all of the other information in this annual report on Form 20-F. The risks described below are not the only risks facing us. Additional risks and uncertainties not currently known to us or that we currently deem to be immaterial may also materially and adversely affect our business operations. If any of these risks actually occurs, our business and financial condition could suffer and the price of our ADSs could decline.

Risks Related to Our Financial Condition and Capital Requirements

Some of our business segments are in development stages and have incurred losses due to required investments since the start of their operations. We anticipate that these segments will continue to incur significant investments in sales and marketing channels as well as in products development until we are able to commercialize products globally.

From June 2011 until June 2016, the Company was a “shell corporation” and did not have any business activity, excluding administrative management. On June 15, 2016, we closed a merger transaction, or the Merger Transaction, with Safe-T Data, whereby we acquired 100% of the share capital of Safe-T Data and added its operations into our company. Since the date of the Merger Transaction, we have devoted substantial financial resources to develop and commercialize our products and to extend our business by acquisitions. We have financed our operations primarily through the issuance of equity securities. The amount of our future net losses will depend, in part, on on-going development of our products, the rate of our future expenditures and our ability to obtain funding through the issuance of our securities, strategic collaborations or grants. We expect to continue to incur significant losses due to ongoing investments in sales and marketing channels as well as in product development until we are able to successfully commercialize our products globally. We anticipate that our expenses will increase substantially if and as we:

Our ability to generate future revenue from product sales depends heavily on our success in many areas, including but not limited to:

Given our lack of positive cash flow, we expect that we may need to raise additional capital before we can expect to become profitable from sales of our products. This additional financing may not be available on acceptable terms, or at all. Failure to obtain the necessary capital when needed may force us to delay, limit or terminate our product development efforts or other operations.

According to our management’s estimates, based on our current cash on hand and further based on our budget, we believe that we have sufficient resources to continue our activities until December 31, 2022. Since we might be unable to generate sufficient revenue or cash flow to fund our operations for the foreseeable future, we may need to seek additional equity or debt financing to provide the capital required to maintain or expand our operations. We expect we will also need additional funding for developing products and services and other related activities, increasing our sales and marketing capabilities, and promoting brand identity, as well as for working capital requirements and other operating and general corporate purposes.

There can be no assurance that we will be able to raise sufficient additional capital on acceptable terms, or at all. If such financing is not available on satisfactory terms, or is not available at all, we may be required to delay, scale back or eliminate the development of business opportunities, research or development programs and our operations and financial condition may be materially adversely affected. If we raise additional funds through collaborations and licensing arrangements, we may be required to relinquish some rights to our technologies or candidate products, or to grant licenses on terms that are not favorable to us.

The report of our independent registered public accounting firm contains an explanatory paragraph regarding substantial doubt about our ability to continue as a going concern, which could prevent us from obtaining new financing on reasonable terms or at all.

The report of our independent registered public accounting firm on our audited consolidated financial statements as expected for the period ended December 31, 2021, contains an explanatory paragraph regarding substantial doubt about our ability to continue as a going concern. Our consolidated financial statements do not include any adjustments that might result from the outcome of the uncertainty regarding our ability to continue as a going concern. This going concern opinion could materially limit our ability to raise additional funds through the issuance of equity or debt securities or otherwise. Further reports on our consolidated financial statements may include an explanatory paragraph with respect to our ability to continue as a going concern. Until we can generate significant recurring revenues, we expect to satisfy our future cash needs through debt or equity financing. We cannot be certain that additional funding will be available to us on acceptable terms, if at all. If funds are not available, we may be required to delay, reduce the scope of, or eliminate research or development plans for, or commercialization efforts with respect to our products. This may raise substantial doubts about our ability to continue as a going concern.

Risks Related to Our Business and Industry

The cybersecurity and privacy markets are rapidly evolving within the increasingly challenging landscape. If the industry does not continue to develop as we anticipate, our sales will not grow as quickly as expected and our share price could decline.

We operate in a rapidly evolving industry focused on securing organizations’ and consumers’ IT systems and sensitive business and private data. Our solution focuses on protecting our customers sensitive data, in terms of how users access or collect data and use it. While theft, leakage, and ransomware have gained media attention in recent years, IT security spending within enterprises is often concentrated on endpoint and web security products designed to stop threats from penetrating corporate networks. Organizations that use these security products may allocate all or most of their IT security budgets to these products and may not adopt our solution in addition to such products. Further, a security solution such as ours for organizations, which is focused on disrupting cyber-attacks by insiders and external perpetrators that have penetrated an organization’s perimeter, is a relatively new technology that has been developed to respond to advanced threats and more rigorous compliance standards and audit requirements. However, advanced cyber attackers are skilled at adapting to new technologies and developing new methods of gaining access to organizations’ sensitive business data. Changes in the nature of advanced cyber threats could result in a shift in IT budgets away from solutions such as ours. In addition, any changes in compliance standards or audit requirements that deemphasize the types of controls, storage, monitoring and analysis that our solution provides would adversely impact demand for our offerings. On the consumers side, we experience intense competition from well established companies as well as smaller new players, and need to constantly adapt our solutions to the new technologies and growing and constantly changing challenges. It is therefore difficult to predict how large the markets will be for our solutions. If solutions such as ours are not viewed by organizations as necessary, or if business or consumer customers do not recognize the benefit of our solution as a critical layer of an effective security strategy, then our revenues may not grow as quickly as expected, or may decline, and our share price could suffer.

We are engaged in on-going development of our current and future products. Our research and development efforts may not produce successful products or enhancements to our solution that result in significant revenue or other benefits in the near future, if at all.

We expect to continue to dedicate significant financial and other resources to our research and development efforts in order to continuously evolve the development of our products and maintain our competitive position. As a result, our business is significantly dependent on our ability to successfully complete the development of our next generation products. Investing in research and development personnel, developing new products and enhancing existing products is expensive and time consuming, and there is no assurance that such activities will result in successful development of our products, significant new marketable products or enhancements to our products, design improvements, cost savings, revenues or other expected benefits. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected.

If we fail to effectively manage our growth, our business and operations will be negatively affected, and as we invest in the growth of our business, we expect our operating and net profit margins to decline in the near-term.

We have experienced a more rapid growth in the last three years and intend to continue to grow our business. Our annual operating expenses may continue to increase as we invest in sales, marketing, research and development. Our growth to date has placed significant demands on our management, sales, operational and financial infrastructure, and our growth will continue to place significant demands on these resources. We may not be able to successfully implement these improvements in a timely or efficient manner, and our failure to do so may materially impact our projected growth rate. We may also not be able to effectively manage the expansion of our operations, which may result in weaknesses in our infrastructure, operational mistakes, loss of business opportunities, failure to deliver and timely deliver our products to customers, loss of employees and reduced productivity among remaining employees. Our expected growth could require significant capital expenditures and may divert financial resources from other projects, such as the development of current and additional new products. If our management is unable to effectively manage our growth, our expenses may increase more than expected, our ability to generate and/or grow revenue could be reduced, and we may not be able to implement our business strategy.

As we invest in the growth of our business, we expect that these investments will result in increased costs and may impact our short and mid-term operating and net profit margins. A failure to meet market expectations regarding our profitability and our position as a growth company have had and could continue to have an adverse effect on the price of our Ordinary Shares and ADSs.

Our quarterly and annual results of operations may fluctuate for a variety of reasons.

Our operating results and financial condition may fluctuate from quarter to quarter and year to year and are likely to continue to vary due to a number of factors, many of which will not be within our control. If our operating results do not meet the guidance that we provide to the market or the expectations of securities analysts or investors, the market price of our Ordinary Shares and the ADSs will likely decline. Fluctuations in our operating results and financial condition may be due to a number of factors:

Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. These fluctuations could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, the market price of our Ordinary Shares and the ADSs could fall substantially, and we could face costly lawsuits, including securities class action suits.

Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solution or the failure of our solution to meet customers’ expectations.

Organizations and consumers are facing increasingly sophisticated and targeted cyber threats, including the growing threat of cyber terrorism throughout the world. If we fail to identify and respond to new and increasingly complex methods of attack and update our products to detect or prevent such threats, our business and reputation will suffer. In particular, we may suffer significant adverse publicity and reputational harm if a significant breach occurs generally or if any breach occurs at a high-profile customer. Moreover, if our solutions are adopted by an increasing number of enterprises and consumers, it is possible that attackers will begin to focus on finding ways to defeat our solutions. An actual or perceived security breach or theft of our customers’ sensitive business or personal data, regardless of whether the breach or theft is attributable to the failure of our products, could adversely affect the market’s perception of the efficacy of our solutions and current or potential customers may look to our competitors for alternatives to our solutions. The failure of our products may also subject us to lawsuits and financial losses stemming from indemnification demands of our partners and other third parties, as well as the expenditure of significant financial resources to analyze, correct or eliminate any vulnerabilities. Any claim brought against us, regardless of its merit, could result in material expense, diversion of management time and attention, and damage to our reputation, and could cause us to fail to retain or attract customers. Costs or payments made in connection with warranty and product liability claims and product recalls or other claims could materially affect our financial condition and results of operations. It could also cause us to suffer reputational harm, lose existing customers or deter them from purchasing additional products and services and prevent new customers from purchasing our solutions.

False detection of threats, while typical in our industry, may reduce perception of the reliability of our products and may therefore adversely impact market acceptance of our products. If our solutions restrict legitimate privileged access by authorized personnel to IT systems and applications by falsely identifying those users as an attack or otherwise unauthorized, or fail to provide privacy and security web browsing to consumers, our customers’ businesses could be harmed. There can be no assurance that, despite testing by us, errors will not be found in existing and new versions of our products, resulting in loss of or delay in market acceptance. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem.

If we are unable to acquire new customers, our future revenues and operating results will be harmed.

Our success depends on our ability to acquire new customers. The number of customers that we add in a given period impacts both our short-term and long-term revenues. If we are unable to attract a sufficient number of new customers, we may be unable to generate revenue growth at desired rates. The markets we operate in are competitive and many of our competitors have substantial financial, personnel, and other resources that they utilize to develop products and attract customers. As a result, it may be difficult for us to add new customers to our customer base. Competition in the marketplace may also lead us to win fewer new customers or result in us providing discounts and other commercial incentives. Additional factors that impact our ability to acquire new customers include the perceived need for cyber security, the size of our prospective customers’ infrastructure budgets, the utility and efficacy of our existing and new offerings, whether proven or perceived, our ability to reach a significant portion of the consumer market, and general economic conditions. These factors may have a meaningful negative impact on future revenues and operating results. With respect to our enterprise privacy business, while many companies understand the problem of doing competitive analysis, data collection, and other privacy-related use cases, widespread awareness of the need for privacy solutions is still lacking. Proxy networks are well understood, and virtual private networks are commonly popular, but privacy solutions are still in the early adoption phase among companies and individuals that stand to benefit from them. This restraint accounts for not all enterprise privacy vendors having the marketing budgets to promote themselves.

If we lose a significant customer, or face material reduction in sales to a significant customer, our operating margins, our profitability, our sales and our results of operations could be affected. 

Some of our sale segments are dependent on several major customers, and the loss of one or more of them and inability to substitute other similar customers for the lost ones can have an adverse effect on our business, financial situation or performance. There can be no assurance that our major customers will continue to do business with us or that all significant customers will continue to purchase our products in the same quantities that they have in the past. The loss of any one of our significant customers or a material reduction in sales to a significant customer could have a material adverse effect on our sales and results of operations. 

If we are unable to sell additional products and services to our existing customers, our future revenues and operating results will be harmed.

Our revenues are also generated from sales to existing customers. Our future success depends, in part, on our ability to obtain recurring sales, licenses and services to our existing customers. We devote significant efforts to developing, marketing and selling additional products, licenses and associated maintenance and support to existing customers and rely on these efforts for a portion of our revenues. These efforts require a significant investment in building and maintaining customer relationships, as well as significant research and development efforts in order to provide product upgrades and launch new products. The rate at which our existing customers purchase additional products and services depends on a number of factors, including, but not limited to, the perceived need for additional security or privacy services, the fit and efficacy of our solutions and the utility of our new offerings, whether proven or perceived, our customers’ budgets, general economic conditions, our customers’ overall satisfaction with the maintenance and professional services we provide and the continued growth and economic health of our customer base to require incremental users and servers to be covered. If our efforts to sell additional products and services to our customers are not successful, our future revenues and operating results will be harmed.

We face intense competition from cybersecurity and privacy vendors, some of which are larger and better known than we are, and we may lack sufficient financial or other resources to maintain or improve our competitive position.

The markets in which we operate are characterized by intense competition, constant innovation and evolving security threats. We compete with companies that offer a broad array of cybersecurity and privacy products. Our current and potential future competitors include Luminate Security (formerly known as Brocade), AppGate, Akamai Technologies, Inc. and Zscaler, Inc. in the software defined perimeter and application access market, and also include providers of privacy solutions, such as Bright Data Ltd. (formerly Luminati Networks Ltd.), or Bright Data, Oxylabs Networks Pvt. Ltd., BiScience Inc. and others in the enterprise privacy segment, and Kape Technologies plc, McAfee Corp., Nord VPN, Norton LifeLock, Aura and others in the consumer segment. Some of our competitors are large companies that have the technical and financial resources and broad customer bases needed to bring competitive solutions to the market and already have existing relationships as a trusted vendor for other products. Such companies may use these advantages to offer products and services that are perceived to be as effective as ours at a lower price or for free as part of a larger product package or solely in consideration for maintenance and services fees. They may also develop different products to compete with our current solutions and respond more quickly and effectively than we do to new or changing opportunities, technologies, standards or client requirements. Additionally, from time to time we may compete with smaller regional vendors that offer products with a more limited range of capabilities that purport to perform functions similar to our solution. Such companies may enjoy stronger sales and service capabilities in their particular regions. With respect to the enterprise privacy and the consumer markets, we face the emergence of small competitors in this field due to high profitability margins, which can result in pressure on prices to decline. Furthermore, these margins can lead also to competition from bigger companies that can invest larger human, cash and technological resources into this industry. Such increased competition can lead to lower margins and, consequently, impact our revenues, profitability and business.

Our competitors may enjoy potential competitive advantages over us, such as:

Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. Current or potential competitors may be acquired by third parties with greater available resources. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of other opportunities more readily or develop and expand their product and service offerings more quickly than we do. Larger competitors with more diverse product offerings may reduce the price of products that compete with ours in order to promote the sale of other products or may bundle them with other products, which would lead to increased pricing pressure on our products and could cause the average sales prices for our products to decline.

In addition, other cybersecurity technologies exist or could be developed in the future by current or future competitors, and our business could be materially and adversely affected if such technologies are widely adopted.

We may not be able to successfully anticipate or adapt to changing technology or customer requirements on a timely basis, or at all. If we fail to keep up with technological changes or to convince our customers and potential customers of the value of our solution even in light of new technologies, our business, results of operations and financial condition could be materially and adversely affected.

If our internal network system is compromised by cyber attackers or other data thieves, or if our hosting and infrastructure fails, public perception of our products and services will be harmed.

We will not succeed unless the marketplace is confident that we provide effective cybersecurity protection. As part of our offered solutions, we provide zero trust access products through a cybersecurity specialist reseller (see “Item 4. B. — Business Overview” for additional information), and as such we may be an attractive target for attacks by cyber attackers or other data thieves since a breach of our network could provide data information regarding not only us, but potentially regarding the customers who purchased our solutions. Further, we may be targeted by cyber terrorists because we are an Israeli company. If we experience an actual or perceived breach of our network and our internal systems, it could adversely affect the market perception of our products and services. In addition, we may need to devote more resources to address security vulnerabilities in our solution, and the cost of addressing these vulnerabilities could reduce our operating margins. If we do not address security vulnerabilities or otherwise provide adequate security features in our products, certain customers, particularly government customers, may delay or stop purchasing our products. Further, a security breach could impair our ability to operate our business, including our ability to provide maintenance and support services to our customers. If this happens, our revenues could decline, and our business could suffer. With respect to the enterprise privacy services and consumers services, if we will experience short period hosting/infrastructure failures, or longer periods of disconnection blocking of our network of Internet Protocol addresses, or IPs, to access certain websites, and do not offer our customers various immediate alternatives, some customers may choose to delay or stop purchasing our products.

In the ordinary course of our business, we rely on information technology systems, networks and services, including internet sites, data hosting and processing tools, hardware (including laptops and mobile devices), software, and technical platforms and applications, to process, store and transmit data and to help us manage our business and to collect and store the Company’s sensitive data, including intellectual property, personal information and proprietary business information. The secure maintenance and transmission of this information is critical to our operations and business strategy. We rely on commercially available systems, software, tools, and domestically available monitoring to provide security for processing, transmitting and storing this sensitive data. As part of our implemented efficiency and cost-saving measures, we are using cloud service providers. While benefits for using cloud computing services are well documented and are mostly related to resources sharing, on-demand self-services, rapid scalability, improved economies of scale and collaboration, there are risks that could outweigh the expected benefits, and require close attention and management. For example, there is no guarantee that the features we use will be provided for the same price in the future, there is a risk in relying on a cloud service for business-related tasks because no service can guarantee 100% uptime and there is always a risk of data leakage when a company’s data is held by a third-party vendor.

Information technology systems, including those managed or hosted by third parties, could be subject to sophisticated cyber-attacks (including phishing and ransomware attacks) and threats by external or internal parties’ intent on disrupting business processes or otherwise extracting or corrupting information. In recent years, ransomware attacks against organizations have become more frequent and while we continue to implement additional protective measures to reduce the risk of and detect cyber incidents, cyber-attacks are becoming more sophisticated and frequent, and the techniques used in such attacks change rapidly. Our vulnerability to such cyber-attacks could also be increased as a result of employees working remotely during the course of the COVID-19 pandemic. Unauthorized access to our systems could disrupt our business, and/or lead to theft, loss or misappropriation of critical assets or to outside parties having access to confidential information, including privileged data, personal data or strategic information. Such information could also be made public in a manner that harms our reputation and financial results and, particularly in the case of personal data, could lead to regulators imposing significant fines on us.

Also, our information technology networks and infrastructure may still be vulnerable to damage, disruptions, or shutdowns due power outages, computer viruses, telecommunication or utility failures, systems failures, natural disasters or other catastrophic events. Any such compromise could disrupt our operations, damage our reputation, and subject us to additional costs and liabilities, any of which could adversely affect our business.

If we do not effectively expand, train and retain our sales force, we may be unable to acquire new customers or sell additional products and services to existing customers, and our business will suffer.

We depend significantly on our sales force to attract new customers and expand sales to existing customers. In 2021 and 2020, we generated 98% and 92%, respectively, of our revenues from direct sales. As a result, our ability to grow our revenues depends in part on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. We expect to continue to expand our sales personnel and face a number of challenges in achieving our hiring and integration goals. There is intense competition for individuals with sales training and experience. In addition, the training and integration of a large number of sales personnel in a short time requires the allocation of internal resources. We invest significant time and resources in training new sales force personnel to understand our solutions and growth strategy. Based on our past experience, it takes an average of approximately six to nine months before a new sales force member operates at target performance levels. However, we may be unable to achieve or maintain our target performance levels with large numbers of new sales personnel as quickly as we have done in the past. Our failure to hire a sufficient number of qualified sales force members and train them to operate at target performance levels may materially and adversely impact our projected growth rate.

If our products fail to help our customers achieve and maintain compliance with certain government regulations and industry standards, our business and results of operations could be materially and adversely affected.

We generate a portion of our revenues from our products and services because they enable our customers to achieve and maintain compliance with certain government regulations and industry standards, and we expect that will continue for the foreseeable future. Examples of industry standards and government regulations include the European Union General Data Protection Regulation, or GDPR; the Payment Card Industry Data Security Standard, or PCI-DSS; the Health Insurance Portability and Accountability Act, or HIPAA; the Sarbanes-Oxley Act; the Gramm-Leach-Bliley Act, or GLBA; and the international banking regulations of the Basel Committee on Bank Supervision.

On the enterprise privacy side of our business, we primarily engage directly with ISPs in order to gain access to their networks. The legality of scraping publicly available web data was reaffirmed by the Ninth Circuit Court of Appeals (hiQ vs LinkedIn) in late 2019, but the way in which some of the automated software programs are built is still questionable, and changes in regulations may impact the means or ability to provide such solutions.

A similar trend can be seen in Europe, where the European Banking Authority has issued directives regarding the security of online payments, and other information security requirements were put in place under the Data Protection Directive. In addition, in July 2016, the European Parliament approved the new cyber directive – The Directive on Security of Network and Information Systems – that is designed to set binding principles for tackling cyber threats in EU countries. This development in cyber regulation in the European Union constitutes another layer of regulation in addition to the GDPR, which came into effect in May 2018. The directive makes it obligatory for EU countries to pass as laws certain cyber security requirements in connection with operators of essential services that rely heavily on cyber infrastructures, such as companies and organizations that provide essential services to the public and suppliers of energy, transport, water, banking, financial market infrastructures, healthcare and digital infrastructure. In the United Kingdom, the Digital Economy Act 2017, which achieved Royal Assent in April 2017, places the consumer at its heart and will be a vital piece of legislation in making sure the rights and interests of the individual are protected and strengthened in an increasingly digital society. Over the course of 2018, the European Union put into action significant legislative and regulatory measures that motivate companies to take steps that will enable them to be better prepared to face cyber threats. These regulatory and legislative measures also motivate organizations to take active measures to increase their information security.

These industry standards may change with little or no notice, including changes that could make them more or less onerous for businesses. In addition, governments may also adopt new laws or regulations, or make changes to existing laws or regulations, that could impact whether our solution enables our customers to maintain compliance with such laws or regulations. If we are unable to adapt our solution to changing government regulations and industry standards in a timely manner, or if our solution fails to expedite our customers’ compliance initiatives, our customers may lose confidence in our products and could switch to products offered by our competitors. In addition, if government regulations and industry standards related to the cybersecurity or privacy sectors are changed in a manner that makes them less onerous, our customers may view compliance as less critical to their businesses, and our customers may be less willing to purchase our products and services. In either case, our sales and financial results would suffer.

Our model for long-term growth depends upon the introduction of new products. If we are unable to develop new products or if these new products are not adopted by customers, our growth will be adversely affected.

Our business depends on the successful development and marketing of new products, including adding complementary offerings to our current products. For example, during 2021, we released our generally available version of iShield™, designed to protect consumers from cyber-attacks, such as ransomware, phishing, etc. Development and marketing of new products require significant up-front research, development and other costs, and the failure of new products we develop to gain market acceptance may result in a failure to achieve future sales and adversely affect our competitive position. There can be no assurance that any of our new or future products will achieve market acceptance or generate revenues at forecasted rates or that the margins generated from their sales will allow us to recoup the costs of our development efforts.

If we do not successfully anticipate market needs and enhance our existing products or develop new products that meet those needs on a timely basis, we may not be able to compete effectively and our ability to generate revenues will suffer.

Our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to adapt to increasingly complex IT infrastructures that incorporate a variety of hardware, software applications, operating systems and networking protocols. As our customers’ technologies and business plans grow more complex, we expect them to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our solutions effectively identify and respond to these advanced and evolving attacks without disrupting the performance of our customers’ IT systems. As a result, we must continually modify and improve our products in response to changes in our customers’ IT and industrial control infrastructures.

We cannot guarantee that we will be able to anticipate future market needs and opportunities or be able to develop product enhancements or new products to meet such needs or opportunities in a timely manner, if at all. Even if we are able to anticipate, develop and commercially introduce enhancements and new products, there can be no assurance that enhancements or new products will achieve widespread market acceptance.

Our product enhancements or new products could fail to attain sufficient market acceptance for many reasons, including:

If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, it could cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition, and results of operations.

If our products do not effectively interoperate with our enterprise-customers’ existing or future IT infrastructures, installations could be delayed or cancelled, which would harm our business.

Our products must effectively interoperate with our enterprise-customers’ existing or future IT infrastructures, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors and contain multiple generations of products that have been added over time. If we find errors in the existing software or defects in the hardware used in our enterprise-customers’ infrastructure or problematic network configurations or settings, we may have to modify our software so that our products will interoperate with our enterprise-customers’ infrastructure and business or personal processes. In addition, to stay competitive within certain markets, we may be required to make software modifications in future releases to comply with new statutory or regulatory requirements. These issues could result in longer sales cycles for our products and order cancellations, either of which would adversely affect our business, results of operations and financial condition.

Defects and bugs in products could give rise to product returns, cancellation of orders or product liability, warranty or other claims that could result in material expenses, diversion of management time and attention, and damage to our reputation.

Even if we are successful in introducing our products to the market, our products may contain undetected defects or errors that, despite testing, are not discovered until after a product has been used. Our software is complex and could have, or could be alleged to have, defects, bugs or other errors or failures. This could result in cancellation of orders, difficulties in maintaining business relations with customers that use our software, delayed market acceptance of those products, claims from distributors, end-users or others, increased end-user service and support costs and warranty claims, damage to our reputation and business and the ability to attract new customers, or significant costs to correct the defect or error. We may from time to time become subject to warranty or product liability claims that could lead to significant expenses as we need to compensate affected end-users for costs incurred related to product quality issues.

Any claim brought against us, regardless of its merit, could result in material expense, diversion of management time and attention, and damage to our reputation, and could cause us to fail to retain or attract customers.

Our business is subject to risks arising from the continuous effects of the COVID-19 pandemic - the risk that we may not be able to successfully execute our business or strategic plans, as well as the risk that we will not be able to anticipate, identify and respond quickly to changing market trends and customer preferences or changes in the consumer environment, including changing expectations of service, all of which could have a material adverse effect on our business and results of operations. 

Our business, operations and financial condition could be materially affected by the outbreak of epidemics or pandemics or other health crises. For example, the COVID-19 pandemic has caused governments of most countries to take actions to reduce the spread of the virus. Such actions have included imposing restrictions such as quarantines, school closures, restrictions on public gatherings, business closures and travel restrictions. These measures have caused material disruption to businesses globally resulting in general economic slowdown. Our operations and business have been impacted and may continue to be impacted by COVID-19. as we were forced to modify our day to day operation and adopt early and strict prevention measures to protect the health of our employees (including employees’ travel, employees’ work locations and cancellation of physical participation in meetings, events, and conferences), which led to a slowdown in sales in some verticals of our enterprise privacy segment, such as the travel vertical, due to a significant decline in global travel and the footwear online market, which was a large part of NetNut Networks’ proxy business, which also experienced a significant slowdown due to ongoing disruption in supply chain resulting from COVID-19 implications. We also have experienced an increase in the sales cycles of new products in the cybersecurity segment.

Employers (including us) are also required to prepare and increase as much as possible the capacity and arrangement for employees to work remotely. Although to date these restrictions have not impacted our operations, the effect on our business, from the spread of COVID-19 and the actions implemented by the governments of the State of Israel, the United States and elsewhere across the globe, may worsen over time and could have a material adverse impact on our business.

Market events and conditions, including disruptions in the financial markets and deteriorating global economic conditions, could increase the cost of capital or impede our access to capital. Economic and geopolitical events, as well as global outbreaks of contagious diseases, such as COVID 19, may create uncertainty in global financial and equity markets. Such disruptions could make it more difficult for us to obtain capital and financing for our operations, or increase the cost of it, among other things. If we do not raise capital when we need it, or access it on reasonable terms, it could have a material adverse effect on our business, results of operations, financial condition and the Company’s Ordinary Shares or ADSs price. If the negative economic conditions persist or worsen, it could lead to increased political and financial uncertainty, which could result in regime or regulatory changes in the jurisdictions in which we operate. High levels of volatility and market turmoil could have an adverse effect on our business, results of operations, financial condition and the Company share price.

The extent to which COVID-19 or any other contagious disease impacts our results will depend on future developments, which are highly uncertain and cannot be predicted, including new information which may emerge concerning the severity of this or any other outbreak and the actions to contain those outbreaks or treat its impact, among others.

If we are unable to hire, retain and motivate qualified personnel, our business will suffer.

Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel. Our inability to attract or retain qualified personnel or delays in hiring required personnel, particularly in sales and software engineering, may seriously harm our business, financial condition and results of operations. Any of our employees may terminate their employment at any time. Competition for highly skilled personnel is frequently intense, especially in Israel, where we are headquartered. Moreover, certain of our competitors or other technology businesses may seek to hire our employees. There is no assurance that any equity or other incentives that we grant to our employees will be adequate to attract, retain and motivate employees in the future. If we fail to attract, retain and motivate highly qualified personnel, our business will suffer. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited or divulged proprietary or other confidential information.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations.

Our functional and reporting currency is the U.S. dollar and we generate a majority of our revenues in U.S. dollars. A material portion of our operating expenses is incurred outside the United States, mainly in NIS and are subject to fluctuations due to changes in foreign currency exchange rates, particularly changes in NIS. Our foreign currency-denominated expenses consist primarily of personnel, rent and other overhead costs. Since a significant portion of our expenses is incurred in NIS and is substantially greater than our revenues in NIS, any appreciation of the NIS relative to the U.S. dollar would adversely impact our net loss or net income, as relevant. During 2021, the NIS appreciated by more than 3% against the dollar. We are therefore exposed to foreign currency risk due to fluctuations in exchange rates. This may result in gains or losses with respect to movements in exchange rates which may be material and may also cause fluctuations in reported financial information that are not necessarily related to its operating results. We expect that the majority of our revenues will continue to be generated in U.S. dollars with the balance in NIS for the foreseeable future, and that a significant portion of our expenses will continue to be denominated in NIS and partially in U.S. dollar. To date, foreign currency transaction gains and losses and exchange rate fluctuations have not been material to our consolidated financial statements, and we have not engaged in any foreign currency hedging transactions. See “Item 11. Quantitative and Qualitative Disclosure About Market Risk—Foreign Currency Exchange Risk.”

A portion of our revenues is generated by sales to government entities, which are subject to a number of challenges and risks.

A portion of our revenues is generated by sales to federal, state and local governmental customers as well as security agencies, and we may in the future increase sales to government entities. Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive and time consuming, often requiring significant upfront time, special customizations and expense without any assurance that we will complete a sale. Government demand and payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products. Government entities are typically considered opinion makers. Dissatisfaction of such entities from our services and/or products might harm our market reputation or future sales.

We may acquire other businesses, which could require significant management attention, disrupt our business, dilute shareholder value, and adversely affect our results of operations.

As part of our business strategy and in order to remain competitive, we are evaluating acquiring or making investments in complementary companies, products or technologies on an on-going basis. We have completed four acquisitions to date – our Telepath technology purchased from Cykick Labs Ltd., as well as NetNut Ltd., NetNut

Networks LLC and CyberKick. Going forward, we may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewed negatively by our customers, analysts and investors. In addition, if we are unsuccessful at integrating such acquisitions or the technologies associated with such acquisitions, our revenues and results of operations could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition or the value of our Ordinary Shares. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our shareholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.

We have identified material weaknesses in our internal control over financial reporting, which can possibly result in a material misstatement of our annual financial statements not to be prevented or detected on a timely basis. We may also fail to comply with the rules that apply to public companies, including Section 404 of the Sarbanes-Oxley Act. This may result in a further deficiency in our internal control over financial reporting, as well as sanctions or other penalties that would harm our business.

We have identified material weaknesses in our internal control over financial reporting as of December 31, 2021, 2020 and 2019. As defined in Rule 12b-2 under the Securities Exchange Act of 1934, or the Exchange Act, a “material weakness” is a deficiency, or combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of our annual or interim financial statements will not be prevented, or detected on a timely basis.

To address this issue, we have implemented measures to remediate identified material weaknesses. Those remediation measures are ongoing and include working with an increased number of accounting and finance employees with a requisite level of experience and the implementation of additional control activities related to the period-end financial reporting process, such as assigning clear roles and responsibilities for accounting and financial reporting staff, enhancing internal controls related to accounting and financial reporting and hiring a qualified consultant to assess compliance of the Company’s financial reporting processes, as well as the design and implementation of effective internal control over period end financial reporting and in order to create adequate segregation of duties. While we believe that these efforts will improve our internal control over financial reporting, the implementation of our remediation is ongoing and will require validation and testing of the design and operating effectiveness of internal controls over a sustained period of financial reporting cycles

Although we believe there has been some progress in remediating these weaknesses, the implementation of these initiatives may not fully address any material weakness or other deficiencies that we may have in our internal control over financial reporting.

Even if we develop effective internal control over financial reporting, these controls may become inadequate because of changes in conditions or the degree of compliance with these policies or procedures may deteriorate, and material weaknesses and deficiencies may be discovered in them. The determination of whether our internal controls are sufficient, and any remedial actions required could result in us incurring additional costs that we did not anticipate, including the hiring of outside consultants. We may also fail to complete our evaluation, testing and any required remediation needed to comply with Section 404 in a timely fashion.

Irrespective of compliance with Section 404, any additional failure of our internal controls could have a material adverse effect on our stated results of operations and harm our reputation. As a result, we may experience higher than anticipated operating expenses, as well as higher independent auditor fees during and after the implementation of these changes. If we are unable to implement any of the required changes to our internal control over financial reporting effectively or efficiently or are required to do so earlier than anticipated, it could adversely affect our operations, financial reporting or results of operations and could result in an adverse opinion on internal controls from our independent auditors.

Furthermore, if we are unable to certify that our internal control over financial reporting is effective and in compliance with Section 404, we may be subject to sanctions or investigations by regulatory authorities, such as the SEC or stock exchanges, and we could lose investor confidence in the accuracy and completeness of our financial reports, which could hurt our business, the price of our Ordinary Shares and our ability to access the capital markets.

We are subject to governmental export and import controls that could subject us to liability in the event of non-compliance or impair our ability to compete in international markets.

We are subject to U.S. and Israeli export control and economic sanctions laws, which prohibit the delivery and sale of certain products to embargoed or sanctioned countries, governments and persons. Our products could be exported to these sanctioned targets by our channel partners despite the contractual undertakings they have given us and any such export could have negative consequences, including government investigations, penalties and reputational harm. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could require export licenses or result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations or cessation of export or sale of our products in sanctioned countries or to sanctioned persons. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

In addition, in the future we may be subject to defense-related export controls. For example, currently our solution is not subject to supervision under the Israeli Defense Export Control Law, 5767-2007, but if it was used for purposes that are classified as defense-related or if it falls under “dual-use goods and technology” as referred to below, we could become subject to such regulation. In particular, under the Israeli Defense Export Control Law, 5767-2007, an Israeli company may not conduct “defense marketing activity” without a defense marketing license from the Israeli Ministry of Defense, or the MOD, and may be subject to a requirement to obtain a specific license from the MOD for any export of defense related products and/or knowhow. The definition of defense marketing activity is broad and includes any marketing of “defense equipment,” “defense knowhow” or “defense services” outside of Israel, which includes “dual-use goods and technology,” (material and equipment intended in principle for civilian use and that can also be used for defensive purposes, such as our cybersecurity solutions) that is specified in the list of Goods and Dual-Use Technology annexed to the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies, if intended for defense use only, or is specified under Israeli legislation. “Dual-use goods and technology” will be subject to control by the Ministry of Economy if intended for civilian use only. In December 2013, regulations under the Wassenaar Arrangement included for the first time a chapter on cyber-related matters. We believe that our products do not fall under this chapter; however, in the future we may become subject to this regulation or similar regulations, which would limit our sales and marketing activities and could therefore have an adverse effect on our results of operations. Similar issues could arise under the U.S. defense/military export controls under the Arms Export Control Act and the International Traffic in Arms Regulations.

Our use of third-party software and other intellectual property may expose us to risks.

Some of our products and services include software or other intellectual property licensed from third parties, and we otherwise use software and other intellectual property licensed from third parties in our business. This exposes us to risks over which we may have little or no control. For example, a licensor may have difficulties keeping up with technological changes or may stop supporting the software or other intellectual property that it licenses to us. There can be no assurance that the licenses we use will be available on acceptable terms, if at all. In addition, a third party may assert that we or our customers are in breach of the terms of a license, which could, among other things, give such third party the right to terminate a license or seek damages from us, or both. Our inability to obtain or maintain certain licenses or other rights or to obtain or maintain such licenses or rights on favorable terms, or the need to engage in litigation regarding these matters, could result in delays in releases of new products, and could otherwise disrupt our business, until equivalent technology can be identified, licensed or developed.

Our use of open-source software could negatively affect our ability to sell our software and subject us to possible litigation.

We use open-source software and expect to continue to use open-source software in the future. Some open-source software licenses require users who distribute or make available as a service open-source software as part of their own software product to publicly disclose all or part of the source code of the users’ software product or to make available any derivative works of the open-source code on unfavorable terms or at no cost. We may face ownership claims of third parties over, or seeking to enforce the license terms applicable to, such open-source software, including by demanding the release of the open-source software, derivative works or our proprietary source code that was developed using such software. These claims could also result in litigation, require us to purchase a costly license or require us to devote additional research and development resources to change our software, any of which would have a negative effect on our business and results of operations. In addition, if the license terms for the open-source code change, we may be forced to re-engineer our software or incur additional costs.

Under applicable employment laws, we may not be able to enforce covenants not to compete and therefore may be unable to prevent our competitors from benefiting from the expertise of some of our former employees.

We generally enter into non-disclosure and non-competition agreements with our employees. These agreements prohibit our employees from competing directly with us or working for our competitors or customers for a limited period after they cease working for us. We may be unable to enforce these agreements under the laws of the jurisdictions in which our employees work, and it may be difficult for us to restrict our competitors from benefiting from the expertise that our former employees or consultants developed while working for us. For example, Israeli courts have required employers seeking to enforce non-compete undertakings of a former employee to demonstrate that the competitive activities of the former employee will harm one of a limited number of material interests of the employer that have been recognized by the courts, such as the secrecy of a company’s confidential commercial information or the protection of its intellectual property. If we cannot demonstrate that such interests will be harmed, we may be unable to prevent our competitors from benefiting from the expertise of our former employees or consultants and our ability to remain competitive may be diminished.

Risks Related to Our Intellectual Property

If we are unable to obtain and maintain effective patent rights for our products, we may not be able to compete effectively in our markets. If we are unable to protect the confidentiality of our trade secrets or know-how, such proprietary information may be used by others to compete against us.

Our reverse access technology is patent protected in several jurisdictions: United States, Europe (including Austria, Switzerland, Germany, Spain, France, United Kingdom and Italy), Israel, China and Hong-Kong.

There is no guarantee that pending or future patent applications will result in patent grants. Failure to file patent applications or obtain patent grants may allow other entities to manufacture our products and compete with them.

Further, there is no assurance that all potentially relevant prior art relating to our patent applications has been found, which can invalidate a patent or prevent a patent from issuing from a pending patent application. Even if patents do successfully issue, and even if such patents cover our products, third parties may challenge their validity, enforceability, or scope, which may result in such patents being narrowed, found unenforceable or invalidated. Furthermore, even if they are unchallenged, our patent applications and any future patents may not adequately protect our intellectual property, provide exclusivity for our new products, or prevent others from designing around our claims. Any of these outcomes could impair our ability to prevent competition from third parties, which may have an adverse impact on our business.

If we cannot obtain and maintain effective patent rights for our products, we may not be able to compete effectively, and our business and results of operations may be harmed.

If our trademarks and trade names are not adequately protected, we may not be able to build name recognition in our markets of interest and our business may be affected.

We have filed for trademark registration of certain marks relating to our branding. If our unregistered trademarks and trade names are not adequately protected, we may not be able to build name recognition in our markets of interest and our business may be affected. Our trademarks or trade names may be challenged, infringed, circumvented or declared generic or determined to be infringing on other marks. Competitors may adopt trade names or trademarks similar to ours, thereby impeding our ability to build brand identity and possibly leading to market confusion. In addition, there could be potential trade name or trademark infringement claims brought by owners of other registered trademarks or trademarks that incorporate variations of our trademarks or trade names. In the long term, if we are unable to successfully register trademarks and trade names and establish name recognition based on such trademarks and trade names, then we may not be able to compete effectively and our business may be affected. Our efforts to enforce or protect our proprietary rights related to trademarks, trade secrets, domain names, copyrights or other intellectual property may be ineffective and could result in substantial costs and diversion of resources and could impact our financial condition or results of operations.

If we are unable to maintain effective proprietary rights for our products, we may not be able to compete effectively in our markets.

Historically, we have relied on trade secret protection and confidentiality agreements to protect proprietary know-how that is not patentable or that we elect not to patent; processes that are not easily known, knowable or easily ascertainable, and for which patent infringement is difficult to monitor and enforce; and any other elements of our product candidate discovery and development processes that involve proprietary know-how, information or technology that is not covered by patents. However, trade secrets can be difficult to protect. We seek to protect our proprietary technology and processes, in part, by entering into confidentiality agreements with our employees, consultants, advisors, and contractors. We also seek to preserve the integrity and confidentiality of our data, trade secrets and intellectual property by maintaining physical security of our premises and physical and electronic security of our IT systems. Agreements or security measures may be breached, and we may not have adequate remedies for any breach. In addition, our trade secrets and intellectual property may otherwise become known or be independently discovered by competitors.

We cannot provide any assurances that our trade secrets and other confidential proprietary information will not be disclosed in violation of our confidentiality agreements or that competitors will not otherwise gain access to our trade secrets or independently develop substantially equivalent information and techniques. Also, misappropriation or unauthorized and unavoidable disclosure of our trade secrets and intellectual property could impair our competitive position and may have a material adverse effect on our business. Additionally, if the steps taken to maintain our trade secrets and other confidential information are deemed inadequate, we may have insufficient recourse against third parties for misappropriating any trade secret.

Intellectual property rights of third parties could adversely affect our ability to commercialize our products, and we might be required to litigate or obtain licenses from third parties in order to develop or market our product candidates. Such litigation or licenses could be costly or not available on commercially reasonable terms.

It is inherently difficult to conclusively assess our freedom to operate without infringing on third party rights. Our competitive position may be adversely affected if existing patents or patents resulting from patent applications issued to third parties or other third-party intellectual property rights are held to cover our products or elements thereof, or uses relevant to our development plans. In such cases, we may not be in a position to develop or commercialize products or our product candidates unless we successfully pursue litigation to nullify or invalidate the third-party intellectual property right concerned, or enter into a license agreement with the intellectual property right holder, if available on commercially reasonable terms. There may also be pending patent applications that if they result in issued patents, could be alleged to be infringed by our new products. If such an infringement claim should be brought and be successful, we may be required to pay substantial damages, be forced to abandon our new products, or seek a license from any patent holders. No assurances can be given that a license will be available on commercially reasonable terms, if at all.

It is also possible that we have failed to identify relevant third-party patents or applications. For example, U.S. patent applications filed before November 29, 2000 and certain U.S. patent applications filed after that date that will not be filed outside the United States, remain confidential until patents issue. Patent applications in the United States and elsewhere are published approximately 18 months after the earliest filing for which priority is claimed, with such earliest filing date being commonly referred to as the priority date. Therefore, patent applications covering our new products or technology could have been filed by others without our knowledge. Additionally, pending patent applications which have been published can, subject to certain limitations, be later amended in a manner that could cover our technologies, our new products, or the use of our new products. Third party intellectual property right holders may also actively bring infringement claims against us. We cannot guarantee that we will be able to successfully settle or otherwise resolve such infringement claims. If we are unable to successfully settle future claims on terms acceptable to us, we may be required to engage in or continue costly, unpredictable and time-consuming litigation and may be prevented from or experience substantial delays in pursuing the development of and/or marketing our new products. If we fail in any such dispute, in addition to being forced to pay damages, we may be temporarily or permanently prohibited from commercializing our new products that are held to be infringing. We might, if possible, also be forced to redesign our new products so that we no longer infringe the third-party intellectual property rights. Any of these events, even if we were ultimately to prevail, could require us to divert substantial financial and management resources that we would otherwise be able to devote to our business.

Third-party claims of intellectual property infringement may prevent or delay our development and commercialization efforts.

Our commercial success depends in part on our avoiding infringement of the patents and proprietary rights of third parties. Numerous U.S. and foreign issued patents and pending patent applications, which are owned by third parties, exist in the fields in which we are developing our products. As our industries expand and more patents are issued, the risk increases that our products may be subject to claims of infringement of the patent rights of third parties.

Third parties may assert that we are employing their proprietary technology without authorization. There may be third-party patents or patent applications with claims to systems, apparatuses or methods related to the use of our products. There may be currently pending patent applications that may later result in issued patents that our products may infringe. In addition, third parties may obtain patents in the future and claim that the use of our technologies infringes upon these patents.

If any third-party patents were held by a court of competent jurisdiction to cover aspects of our formulations, processes for designs, or methods of use, the holders of any such patents may be able to block our ability to develop and commercialize the applicable product candidate unless we obtain a license or until such patent expires or is finally determined to be invalid or unenforceable. In either case, such a license may not be available on commercially reasonable terms or at all.

Parties making claims against us may obtain injunctive or other equitable relief, which could effectively block our ability to further develop and commercialize one or more of our products. Defense of these claims, regardless of their merit, would involve substantial litigation expense and would be a substantial diversion of employee resources from our business. In the event of a successful claim of infringement against us, we may have to pay substantial damages, including treble damages and attorneys’ fees for willful infringement, pay royalties, redesign our infringing products or obtain one or more licenses from third parties, which may be impossible or require substantial time and monetary expenditure.

On June 11, 2020, Bright Data filed an action alleging infringement by NetNut Ltd. of U.S. Patent Nos. 10,484,511 and 10,637,968, as well as claims of alleged trade secret misappropriation. The action was filed in the United States District Court for the Eastern District of Texas, Marshal Division. Pursuant to a confidential settlement agreement, the case was dismissed without prejudice on December 10, 2021, with no monetary payment from NetNut to Bright Data and with no effect on NetNut’s ongoing services for customers. On June 18, 2021, Bright Data filed an action alleging infringement by NetNut of U.S. Patent Nos. 10,257,319 and 10,484,510. The action was also filed in the United States District Court for the Eastern District of Texas, Marshall Division. Bright Data amended its complaint on October 11, 2021, to additionally assert infringement of U.S. Patents Nos. 10,491,713, 11,050,852 and 11,044,346, as well as a claim for alleged false advertising. NetNut disagrees with each of Bright Data’s claims and is defending itself in the litigation, including through challenging the validity and alleged infringement of the patents asserted in this action. Each of NetNut’s validity challenges to date reached a preliminary decision on the merits, and the U.S. Patent and Trademark Office (“PTO”) has at least preliminarily agreed with NetNut’s positions that Bright Data’s patents are likely unpatentable. Of course, the ongoing litigation may potentially result in costs or liability that we will absorb, as well as restrictions and/or cessation of NetNut’s operations and services in the United States. There can be no assurance that we will prevail in any legal proceedings instituted by Bright Data or others, or that such proceedings will not have a material adverse effect on our business, financial condition or results of operations.

Patent policy and rule changes could increase the uncertainties and costs surrounding the prosecution of our patent applications and the enforcement or defense of any issued patents.

Changes in either the patent laws or interpretation of the patent laws in the United States and other countries may diminish the value of any patents that may issue from our patent applications or narrow the scope of our patent protection. Publications of discoveries in the scientific literature often lag the actual discoveries, and patent applications in the United States and other jurisdictions are typically not published until 18 months after filing, or in some cases not at all. We therefore cannot be certain that we were the first to file the inventions claimed in our patents or pending applications, or that we were the first to file for patent protection of such inventions. Assuming all other requirements for patentability are met, in the United States prior to 2013, the first patent applicant to invent the claimed invention without undue delay in filing, is entitled to the patent, while for the most part outside the United States, the first inventor to file a patent application is entitled to the patent. After 2013, the United States has moved to a first-inventor-to-file system. The United States patent system is frequently changing, however, as are other international patent systems, and thus we may experience uncertainties and costs surrounding the prosecution of our patent applications and the enforcement or defense of any issued patents, all of which could have a material adverse effect on our business and financial condition.

We may be involved in lawsuits to protect or enforce our intellectual property, which could be expensive, time consuming, and unsuccessful.

Competitors may infringe our intellectual property. If we were to initiate legal proceedings against a third party to enforce a patent covering one of our products, the defendant could counterclaim that the patent covering our product candidate is invalid and/or unenforceable. In patent litigation in the United States, defendant counterclaims alleging invalidity and/or unenforceability are commonplace. Grounds for a validity challenge could be an alleged failure to meet any of several statutory requirements, including lack of novelty, obviousness or non-enablement, among others. Grounds for an unenforceability assertion could be an allegation that someone connected with prosecution of the patent withheld relevant information from the U.S. Patent and Trademark Office, or the USPTO, or made a misleading statement, during prosecution. The validity of U.S. patents may also be challenged in post-grant proceedings before the USPTO. The outcome following legal assertions of invalidity and unenforceability is unpredictable.

In 2014, the U.S. Supreme Court addressed the question of whether patents related to software are patent eligible subject matter. The Supreme Court did not rule that patents related to software were per se invalid or that software-related inventions were unpatentable. The Supreme Court outlined a test that the courts and the USPTO must apply in determining whether software-related inventions qualify as patent eligible subject matter. The decision and other decisions following that decision have resulted in many software patents having been found invalid as not claiming patent eligible subject matter. Our U.S. patents, like all U.S. patents, are presumed valid, but that does not mean that our issued patents cannot be challenged on grounds of patent eligibility, or other grounds.

Derivation proceedings initiated by third parties or brought by us may be necessary to determine the priority of inventions and/or their scope with respect to our patents or patent applications or those of our licensors. An unfavorable outcome could require us to cease using the related technology or to attempt to license rights to it from the prevailing party. Our business could be harmed if the prevailing party does not offer us a license on commercially reasonable terms. Our defense of litigation or interference proceedings may fail and, even if successful, may result in substantial costs and distract our management and other employees. In addition, the uncertainties associated with litigation could have a material adverse effect on our ability to raise the funds necessary to effectively market our products, continue our research programs, license necessary technology from third parties, or enter into development partnerships that would help us bring our new products to market.

Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation. There could also be public announcements of the results of hearings, motions, or other interim proceedings or developments. If securities analysts or investors perceive these results to be negative, it could have a material adverse effect on the price of our Ordinary Shares.

On March 15, 2022, our wholly owned subsidiary, NetNut, filed a complaint alleging infringement by Bright Data of U.S. Patent No. 10,110,606, to which NetNut holds an exclusive license from our wholly owned subsidiary, Safe-T Data, including all rights to seek and recover for any infringement thereof. NetNut alleges that Bright Data’s operation of a worldwide network for residential proxies infringes on NetNut’s patent covering a “reverse access” mechanism. The action was filed in the United States District Court, Eastern District of Texas, Marshal Division. There can be no assurance that NetNut will prevail the legal proceedings, or that such proceedings will not have a material adverse effect on our business, financial condition or results of operations.

We may be subject to claims challenging the inventorship of our intellectual property.

We may be subject to claims that former employees, collaborators or other third parties have an interest in, or right to compensation, with respect to our current patent and patent applications, future patents or other intellectual property as an inventor or co-inventor. For example, we may have inventorship disputes arise from conflicting obligations of consultants or others who are involved in developing our products. Litigation may be necessary to defend against these and other claims challenging inventorship or claiming the right to compensation. If we fail in defending any such claims, in addition to paying monetary damages, we may lose valuable intellectual property rights, such as exclusive ownership of, or right to use, valuable intellectual property. Such an outcome could have a material adverse effect on our business. Even if we are successful in defending against such claims, litigation could result in substantial costs and be a distraction to management and other employees.

In addition, under the Israeli Patent Law, 5727-1967, or the Patent Law, inventions conceived by an employee in the course and as a result of or arising from his or her employment with a company are regarded as “service inventions,” which belong to the employer, absent a specific agreement between the employee and employer giving the employee service invention rights. The Patent Law also provides that if there is no such agreement between an employer and an employee, the Israeli Compensation and Royalties Committee, or the Committee, a body constituted under the Patent Law, shall determine whether the employee is entitled to remuneration for his inventions. Recent case law clarifies that the right to receive consideration for “service inventions” can be waived by the employee and that in certain circumstances, such waiver does not necessarily have to be explicit. The Committee will examine, on a case-by-case basis, the general contractual framework between the parties, using interpretation rules of the general Israeli contract laws. Further, the Committee has not yet determined one specific formula for calculating this remuneration (but rather uses the criteria specified in the Patent Law). Although we generally enter into assignment-of-invention agreements with our employees pursuant to which such individuals assign to us all rights to any inventions created in the scope of their employment or engagement with us, we may face claims demanding remuneration in consideration for assigned inventions. Because of such claims, we could be required to pay additional remuneration or royalties to our current and former employees, or be forced to litigate such claims, which could negatively affect our business.

We may not be able to protect our intellectual property rights.

Filing, prosecuting, and defending patents on products, as well as monitoring their infringement in all countries throughout the world, would be prohibitively expensive, and our intellectual property rights in some countries can be less extensive than those in the United States. In addition, the laws of some foreign countries do not protect intellectual property rights to the same extent as federal and state laws in the United States.

Competitors may use our technologies in jurisdictions where we have not obtained patent protection to develop their own products and may also export otherwise infringing products to territories where we have patent protection, but enforcement is not as strong as that in the United States. These products may compete with our products. Future patents or other intellectual property rights may not be effective or sufficient to prevent them from competing.

Many companies have encountered significant problems in protecting and defending intellectual property rights in foreign jurisdictions. The legal systems of certain countries, particularly certain developing countries, do not favor the enforcement of patents, trade secrets, and other intellectual property protection, which could make it difficult for us to stop the marketing of competing products in violation of our proprietary rights generally. Proceedings to enforce our patent rights in foreign jurisdictions, whether successful, could result in substantial costs and divert our efforts and attention from other aspects of our business, could put our future patents at risk of being invalidated or interpreted narrowly and our patent applications at risk of not issuing and could provoke third parties to assert claims against us. We may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be commercially meaningful. Accordingly, our efforts to monitor and enforce our intellectual property rights around the world may be inadequate to obtain a significant commercial advantage from the intellectual property that we develop or license.

Because of the expense of litigation, we may be unable to enforce our intellectual property rights, unless we obtain the agreement of a third party to provide funding in support of our litigation. We cannot assure that we will be able to obtain third party funding, and the failure to obtain such funding may impair our ability to monetize our intellectual property portfolio. Since we do not have funds to pursue litigation to enforce our intellectual property rights, we are dependent upon the valuation which potential funding sources give to our intellectual property. In determining whether to provide funding for intellectual property litigation, the funding sources need to make an evaluation of the strength of our patents, the likelihood of success, the nature of the potential defendants and a determination as to whether there is a sufficient potential recovery to justify a significant investment in intellectual property litigation. Typically, such funding sources receive a percentage of the recovery after litigation expenses and seek to generate a sufficient return on investment to justify the investment. Unless that funding source believes that it will generate a sufficient return on investment, it will not fund litigation. We cannot assure that we will be able to negotiate funding agreements with third party funding sources on terms reasonably acceptable to us, if at all. Because of our financial condition, we may only be able to obtain funding on terms which are less favorable to us than we would otherwise be able to obtain. Furthermore, even if we enter into funding agreements, there is no assurance that we will generate revenue from the funded litigation. Although the funding source makes its evaluation as to the likelihood of success, patent litigation is very uncertain, and we cannot assure that, just because we obtain litigation funding, we will be successful or that any recovery we may obtain will be significant. In addition, defending our intellectual property rights may depend upon our ability to retain the qualified legal counsel to prosecute patent infringement litigation. It may be difficult to find the preferred choice for legal counsel to handle our cases because many of these firms may have a conflict of interest that prevents their representation of us or because they are not willing to represent us on a contingent or partial contingent fee basis. It is difficult to predict the outcome of patent enforcement litigation at a trial level as it is often difficult for juries and trial judges to understand complex, patented technologies, and, as a result, there is a higher rate of successful appeals in patent enforcement litigation than more standard business litigation. Regardless of whether we prevail in the trial court, appeals are expensive and time consuming, resulting in increased costs and delayed revenue, and attorneys may be less likely to represent us in an appeal on a contingency basis especially if we are seeking to appeal an adverse decision. Although we may diligently pursue enforcement litigation, we cannot predict the decisions made by juries and trial courts. In connection with patent enforcement actions, it is possible that a defendant may file counterclaims against us, or a court may rule that we have violated statutory authority, regulatory authority, federal rules, local court rules, or governing standards relating to the substantive or procedural aspects of such enforcement actions. In such event, a court may issue monetary sanctions against us or our operating subsidiaries or award attorney’s fees and/or expenses to the counterclaiming defendant, which could be material, and if we or our operating subsidiaries are required to pay such monetary sanctions, attorneys’ fees and/or expenses, such payment could materially harm our operating results, our financial position and our ability to continue in business.

Risks Related to the Ownership of Our ADSs or Ordinary Shares

If we are unable to comply with the Nasdaq minimum bid requirement, our ADSs could be delisted from Nasdaq, and as a result we and our shareholders could incur material adverse consequences, including a negative impact on our liquidity, our shareholders’ ability to sell shares and our ability to raise capital.

Our ADSs are currently listed on Nasdaq. Our listing on the Nasdaq Capital Market is conditioned upon our continued compliance with requirement to maintain a minimum bid price of $1.00 per share, pursuant to Nasdaq Listing Rule 5550(a)(2), or the Minimum Bid Requirement.

On January 12, 2022, we were advised that we no longer comply with the Minimum Bid Requirement. Pursuant to Nasdaq Listing Rule 5810(c)(3)(A), we have been granted a 180-calendar day compliance period, or until July 11, 2022, to regain compliance with the Minimum Bid Requirement. To regain compliance, the closing bid price of our ADSs must meet or exceed $1.00 per share for at least 10 consecutive business days during the 180-calendar day compliance period.

If we are not in compliance by July 11, 2022, we may be afforded a second 180-calendar day compliance period. To qualify for this additional time, we will be required to meet the continued listing requirement for market value of publicly held shares and all other initial listing standards for Nasdaq with the exception of the Minimum Bid Requirement, and will need to provide written notice of our intention to cure the deficiency during the second compliance period. If we do not regain compliance within the allotted compliance period(s), including any extensions that may be granted by Nasdaq, Nasdaq will provide notice that our ADSs will be subject to delisting.

We intend to monitor the closing bid price of our ADSs between now and July 11, 2022, and intend to consider available options to cure the deficiency and regain compliance with the Minimum Bid Requirement within the compliance period. Our ADSs will continue to be listed and trade on Nasdaq during this period, unaffected by the receipt of the written notice from Nasdaq.

We are diligently working to evidence compliance with the Minimum Bid Requirement; however, there can be no assurance that we will be able to do demonstrate compliance and satisfy Nasdaq’s conditions for continued listing. If we fail to demonstrate compliance with the Minimum Bid Requirement and satisfy Nasdaq’s conditions for continued listing, our Ordinary Shares could be delisted. Delisting from the Nasdaq could have an adverse effect on our business and on the trading of our Ordinary Shares. If a delisting of our Ordinary Shares were to occur, such shares may trade in the over-the-counter market such as on the OTC Bulletin Board or on the “pink sheets.” The over-the-counter market is generally considered to be a less efficient market, and this could diminish investors’ interest in our Ordinary Shares as well as significantly impact the price and liquidity of our Ordinary Shares. Any such delisting may also severely complicate trading of our Ordinary Shares by our shareholders, or prevent them from re-selling their Ordinary Shares at/or above the price they paid.

Issuance of a significant amount of additional Ordinary Shares on exercise or conversion of outstanding warrants and/or substantial future sales of our Ordinary Shares may depress our share price.

As of March 25, 2022, we had approximately 30.4 million Ordinary Shares issued and outstanding and approximately 8.3 million of additional Ordinary Shares which are issuable upon exercise of outstanding warrants and employee options. The issuance of a significant amount of additional Ordinary Shares on account of these outstanding securities will dilute our current shareholders’ holdings and may depress our share price. If these or other shareholders sell substantial amounts of our Ordinary Shares and/or ADSs, including shares issuable upon the exercise or conversion of outstanding warrants or employee options, or if the perception exists that our shareholders may sell a substantial number of our Ordinary Shares and/or ADSs, we cannot foresee the impact of any potential sales on the market price of these additional Ordinary Shares, but it is possible that the market price of our Ordinary Shares would be adversely affected. Any substantial sales of our shares in the public market might also make it more difficult for us to sell equity or equity related securities in the future at a time and on terms we deem appropriate. Even if a substantial number of sales do not occur, the mere existence of this “market overhang” could have a negative impact on the market for, and the market price of, our Ordinary Shares.

Holders of ADSs may not receive the same distributions or dividends as those we make to the holders of our Ordinary Shares, and, in some limited circumstances, holders of ADSs may not receive dividends or other distributions on our Ordinary Shares and may not receive any value for them, if it is illegal or impractical to make them available to holders of ADSs. 

The depositary for the ADSs has agreed to pay to ADS holders the cash dividends or other distributions it or the custodian receives on Ordinary Shares or other deposited securities underlying the ADSs, after deducting its fees and expenses. Although, we do not currently anticipate paying any dividends, if we do, the ADS holders will receive these distributions in proportion to the number of Ordinary Shares your ADSs represent. However, the depositary is not responsible if it decides that it is unlawful or impractical to make a distribution available to any holders of ADSs. For example, it would be unlawful to make a distribution to a holder of ADSs if it consists of securities that require registration under the Securities Act of 1933, as amended, or the Securities Act, but that are not properly registered or distributed under an applicable exemption from registration. In addition, conversion into U.S. dollars from foreign currency that was part of a dividend made in respect of deposited Ordinary Shares may require the approval or license of, or a filing with, any government or agency thereof, which may be unobtainable. In these cases, the depositary may determine not to distribute such property and hold it as “deposited securities” or may seek to effect a substitute dividend or distribution, including net cash proceeds from the sale of the dividends that the depositary deems an equitable and practicable substitute. We have no obligation to register under U.S. securities laws any ADSs, Ordinary Shares, rights or other securities received through such distributions. We also have no obligation to take any other action to permit the distribution of ADSs, Ordinary Shares, rights, or anything else to holders of ADSs. In addition, the depositary may withhold from such dividends or distributions its fees and an amount on account of taxes or other governmental charges to the extent the depositary believes it is required to make such withholding. This means that you may not receive the same distributions or dividends as those we make to the holders of our Ordinary Shares, and, in some limited circumstances, you may not receive any value for such distributions or dividends if it is illegal or impractical for us to make them available to you. These restrictions may cause a material decline in the value of the ADSs.

Our warrants are speculative in nature.

Our warrants do not confer any rights of ownership of Ordinary Shares or ADSs on their holders, such as voting rights or the right to receive dividends, but only represent the right to acquire ADSs at a fixed price and for a limited period. Specifically, commencing on the date of issuance, holders of the warrants may exercise their right to acquire ADSs and pay an exercise price per ADS ranging between $1.20 and $287, subject to adjustment upon certain events, prior to five years from the date of issuance, after which date any unexercised warrants will expire and have no further value.

Holders of our warrants will have no rights as shareholders until such holders exercise their warrants and acquire our ADSs.

Until holders of the warrants acquire our ADSs upon exercise of the warrants, they will have no rights with respect to our ADSs or Ordinary Shares underlying such warrants. Upon exercise of the warrants the holders thereof will be entitled to exercise the rights of a holder of ADSs only as to matters for which the record date occurs after the exercise date.

We do not anticipate paying any cash dividends in the foreseeable future. 

We have never declared or paid cash dividends, and we do not anticipate paying cash dividends in the foreseeable future. In addition, Israeli law limits our ability to declare and pay dividends, and may subject our dividends to Israeli withholding taxes, and our payment of dividends (out of tax-exempt income) may subject us to certain Israeli taxes, to which we would not otherwise be subject.

Holders of ADSs may not have the same voting rights as the holders of our Ordinary Shares and may not receive voting materials in time to be able to exercise the right to vote.

Holders of the ADSs may not be able to exercise voting rights attaching to the Ordinary Shares underlying the ADSs on an individual basis. Instead, holders of the ADSs appoint the depositary or its nominee as their representative to exercise the voting rights attaching to the Ordinary Shares in the form of ADSs. Holders of ADSs may not receive voting materials in time to instruct the depositary to vote, and it is possible that they, or persons who hold their ADSs through brokers, dealers or other third parties, will not have the opportunity to exercise a right to vote. Furthermore, the depositary will not be liable for any failure to carry out any instructions to vote, for the manner in which any vote is cast or for the effect of any such vote. As a result, you may not be able to exercise voting rights and may lack recourse if your ADSs are not voted as requested. 

Holders of ADSs must act through the depositary to exercise their rights as shareholders of our company. 

Holders of our ADSs do not have the same rights of our shareholders and may only exercise the voting rights with respect to the underlying Ordinary Shares in accordance with the provisions of the deposit agreement for the ADSs. Under Israeli law and our articles of association, the minimum notice period required to convene a shareholders meeting is generally no less than 35 calendar days, but in some instances, 21 or 14 calendar days, depending on the proposals on the agenda for the shareholders meeting. When a shareholder meeting is convened, holders of our ADSs may not receive sufficient notice of a shareholders’ meeting to permit them to withdraw their Ordinary Shares to allow them to cast their vote with respect to any specific matter. In addition, the depositary and its agents may not be able to send voting instructions to holders of our ADSs or carry out their voting instructions in a timely manner. We will make all reasonable efforts to cause the depositary to extend voting rights to holders of our ADSs in a timely manner, but we cannot assure holders that they will receive the voting materials in time to ensure that they can instruct the depositary to vote their Ordinary Shares underlying the ADSs. Furthermore, the depositary and its agents will not be responsible for any failure to carry out any instructions to vote, for the manner in which any vote is cast or for the effect of any such vote. As a result, holders of our ADSs may not be able to exercise their right to vote and they may lack recourse if their ADSs are not voted as they requested. In addition, in the capacity as a holder of ADSs, they will not be able to call a shareholders’ meeting.

The Jumpstart Our Business Startups Act of 2012, or the JOBS Act, allows us to postpone the date by which we must comply with some of the laws and regulations intended to protect investors and to reduce the amount of information we provide in our reports filed with the SEC, which could undermine investor confidence in our company and adversely affect the market price of our ADSs or Ordinary Shares.

For so long as we remain an “emerging growth company” as defined in the JOBS Act, which at the latest will be until December 31, 2023, we intend to take advantage of certain exemptions from various requirements that are applicable to public companies that are not “emerging growth companies” including:

We intend to take advantage of these exemptions until we are no longer an “emerging growth company.” We will remain an emerging growth company until the earlier of (1) the last day of the fiscal year (a) following the fifth anniversary of the date of our first sale of common equity securities pursuant to an effective registration statement under the Securities Act, which is December 31, 2023, (b) in which we have total annual gross revenue of at least $1.07 billion, or (c) in which we are deemed to be a large accelerated filer, which means the market value of our Ordinary Shares that is held by non-affiliates exceeds $700 million as of the prior June 30, and (2) the date on which we have issued more than $1.0 billion in non-convertible debt during the prior three-year period.

We cannot predict if investors will find our ADSs or Ordinary Shares less attractive because we may rely on these exemptions. If some investors find our ADSs or Ordinary Shares less attractive as a result, there may be a less active trading market for our ADSs or Ordinary Shares, and our market prices may be more volatile and may decline. 

As a “foreign private issuer” we are permitted to follow certain home country corporate governance practices instead of otherwise applicable SEC and Nasdaq requirements, which may result in less protection than is accorded to investors under rules applicable to domestic U.S. issuers.

Our status as a foreign private issuer also exempts us from compliance with certain SEC laws and regulations and certain regulations of the Nasdaq Stock Market, including the proxy rules, the short-swing profits recapture rules, and certain governance requirements such as independent director oversight of the nomination of directors and executive compensation. In addition, we will not be required under the Exchange, to file current reports and consolidated financial statements with the SEC as frequently or as promptly as U.S. domestic companies whose securities are registered under the Exchange Act and we will generally be exempt from filing quarterly reports with the SEC. Also, although the Israeli Companies Law 5759-1999, or the Israeli Companies Law, requires us to disclose the annual compensation of our five most highly compensated senior officers on an individual basis, this disclosure is not as extensive as that required of a U.S. domestic issuer. For example, the disclosure required under Israeli law would be limited to compensation paid in the immediately preceding year without any requirement to disclose option exercises and vested stock options, pension benefits or potential payments upon termination or a change of control. Furthermore, as a foreign private issuer, we are also not subject to the requirements of Regulation FD (Fair Disclosure) promulgated under the Exchange Act.

These exemptions and leniencies will reduce the frequency and scope of information and protections to which you are entitled as an investor. 

We may be a “passive foreign investment company”, or PFIC, for U.S. federal income tax purposes in the current taxable year or may become one in any subsequent taxable year. There generally would be negative tax consequences for U.S. taxpayers that are holders of our ADSs or Ordinary Shares if we are or were to become a PFIC.

Based on the projected composition of our income and valuation of our assets, we do not expect to be a PFIC for 2021, and we do not expect to become a PFIC in the future, although there can be no assurance in this regard. The determination of whether we are a PFIC is made on an annual basis and will depend on the composition of our income and assets from time to time. We will be treated as a PFIC for U.S. federal income tax purposes in any taxable year in which either (1) at least 75% of our gross income is “passive income” or (2) on average at least 50% of our assets by value produce passive income or are held to produce passive income. Passive income for this purpose generally includes, among other things, certain dividends, interest, royalties, rents and gains from commodities and securities transactions and from the sale or exchange of property that gives rise to passive income. Passive income also includes amounts derived by reason of the temporary investment of funds, including those raised in a public offering. In determining whether a non-U.S. corporation is a PFIC, a proportionate share of the income and assets of each corporation in which it owns, directly or indirectly, at least a 25% interest (by value) is considered. The tests for determining PFIC status are applied annually, and it is difficult to make accurate projections of future income and assets which are relevant to this determination. In addition, our PFIC status may depend in part on the market value of our ADSs or Ordinary Shares. Accordingly, there can be no assurance that we currently are not or will not become a PFIC in the future. If we are a PFIC in any taxable year during which a U.S. taxpayer holds our ADSs or Ordinary Shares, such U.S. taxpayer would be subject to certain adverse U.S. federal income tax rules. In particular, if the U.S. taxpayer did not make an election to treat us as a “qualified electing fund,” or QEF, or make a “mark-to-market” election, then “excess distributions” to the U.S. taxpayer, and any gain realized on the sale or other disposition of our ADSs or Ordinary Shares by the U.S. taxpayer: (1) would be allocated ratably over the U.S. taxpayer’s holding period for the ADSs or Ordinary Shares; (2) the amount allocated to the current taxable year and any period prior to the first day of the first taxable year in which we were a PFIC would be taxed as ordinary income; and (3) the amount allocated to each of the other taxable years would be subject to tax at the highest rate of tax in effect for the applicable class of taxpayer for that year, and an interest charge for the deemed deferral benefit would be imposed with respect to the resulting tax attributable to each such other taxable year. In addition, if the U.S. Internal Revenue Service, or the IRS, determines that we are a PFIC for a year with respect to which we have determined that we were not a PFIC, it may be too late for a U.S. taxpayer to make a timely QEF or mark-to-market election. U.S. taxpayers that have held our ADSs or Ordinary Shares during a period when we were a PFIC will be subject to the foregoing rules, even if we cease to be a PFIC in subsequent years, subject to exceptions for U.S. taxpayer who made a timely QEF or mark-to-market election. A U.S. taxpayer can make a QEF election by completing the relevant portions of and filing IRS Form 8621 in accordance with the instructions thereto. We do not intend to notify U.S. taxpayers that hold our ADSs or Ordinary Shares if we believe we will be treated as a PFIC for any taxable year to enable U.S. taxpayers to consider whether to make a QEF election. In addition, we do not intend to furnish such U.S. taxpayers annually with information needed to complete IRS Form 8621 and to make and maintain a valid QEF election for any year in which we or any of our subsidiaries are a PFIC. U.S. taxpayers that hold our ADSs or Ordinary Shares are strongly urged to consult their tax advisors about the PFIC rules, including tax return filing requirements and the eligibility, manner, and consequences to them of making a QEF or mark-to-market election with respect to our ADSs or Ordinary Shares if we are a PFIC. See “Item 10.E. Taxation—U.S. Federal Income Tax Considerations—Passive Foreign Investment Companies” for additional information.

ADSs holders may not be entitled to a jury trial with respect to claims arising under the deposit agreement, which could result in less favorable results to the plaintiff(s) in any such action. 

The deposit agreement governing the ADSs representing our Ordinary Shares provides that holders and beneficial owners of ADSs irrevocably waive the right to a trial by jury in any legal proceeding arising out of or relating to the deposit agreement or the ADSs, including claims under federal securities laws, against us or the depositary to the fullest extent permitted by applicable law. If this jury trial waiver provision is prohibited by applicable law, an action could nevertheless proceed under the terms of the deposit agreement with a jury trial. To our knowledge, the enforceability of a jury trial waiver under the federal securities laws has not been finally adjudicated by a federal court. However, we believe that a jury trial waiver provision is generally enforceable under the laws of the State of New York, which govern the deposit agreement, by a court of the State of New York or a federal court, which have non-exclusive jurisdiction over matters arising under the deposit agreement, applying such law. In determining whether to enforce a jury trial waiver provision, New York courts and federal courts will consider whether the visibility of the jury trial waiver provision within the agreement is sufficiently prominent such that a party has knowingly waived any right to trial by jury. We believe that this is the case with respect to the deposit agreement and the ADSs. In addition, New York courts will not enforce a jury trial waiver provision in order to bar a viable setoff or counterclaim sounding in fraud or one which is based upon a creditor’s negligence in failing to liquidate collateral upon a guarantor’s demand, or in the case of an intentional tort claim (as opposed to a contract dispute), none of which we believe are applicable in the case of the deposit agreement or the ADSs. No condition, stipulation or provision of the deposit agreement or ADSs serves as a waiver by any holder or beneficial owner of ADSs or by us or the depositary of compliance with any provision of the federal securities laws. If you or any other holder or beneficial owner of ADSs brings a claim against us or the depositary in connection with matters arising under the deposit agreement or the ADSs, you or such other holder or beneficial owner may not be entitled to a jury trial with respect to such claims, which may have the effect of limiting and discouraging lawsuits against us and / or the depositary. If a lawsuit is brought against us and / or the depositary under the deposit agreement, it may be heard only by a judge or justice of the applicable trial court, which would be conducted according to different civil procedures and may result in different results than a trial by jury would have had, including results that could be less favorable to the plaintiff(s) in any such action, depending on, among other things, the nature of the claims, the judge or justice hearing such claims, and the venue of the hearing.

Risks Related to Israeli Law and Our Operations in Israel

Provisions of Israeli law and our articles of association may delay, prevent or otherwise impede a merger with, or an acquisition of, our company, which could prevent a change of control, even when the terms of such a transaction are favorable to us and our shareholders.

As a company incorporated under the law of the State of Israel, we are subject to Israeli law. Israeli corporate law regulates mergers, requires tender offers for acquisitions of shares above specified thresholds, requires special approvals for transactions involving directors, officers or significant shareholders and regulates other matters that may be relevant to such types of transactions. For example, a merger may not be consummated unless at least 50 days have passed from the date on which a merger proposal is filed by each merging company with the Israel Registrar of Companies and at least 30 days have passed from the date on which the shareholders of both merging companies have approved the merger. In addition, a majority of each class of securities of the target company must approve a merger. Moreover, a tender offer for all of a company’s issued and outstanding shares can only be completed if the acquirer receives positive responses from the holders of at least 95% of the issued share capital and a majority of the offerees that do not have a personal interest in the tender offer approves the tender offer, unless, following consummation of the tender offer, the acquirer would hold at least 98% of the company’s outstanding shares. Under the Israeli law, a potential bidder for the company’s shares, who would as a result of a purchase of shares hold either 25% of the voting rights in the company when no other party holds 25% or more, or 45% of the voting rights in the company where no other shareholders holds 45% of the voting rights, would be required to make a special purchase offer as set out in the provisions of the Israeli law. The Israeli law requires a special purchase offer to be submitted to shareholders for a pre-approval vote. A majority vote is required to accept the offer. An offeror who is regarded as a ‘controlling shareholder’ under Israeli law cannot vote on the resolution and the procedure includes a secondary vote of the non-voting shareholders and the shareholders who rejected the offer at pre-approval level. A special purchase offer may not be accepted unless shares that carry 5% of the voting rights in the target company are acquired. Furthermore, the shareholders may, at any time within six months following the completion of the tender offer, claim that the consideration for the acquisition of the shares does not reflect their fair market value, and petition an Israeli court to alter the consideration for the acquisition accordingly, other than those who indicated their acceptance of the tender offer in case the acquirer stipulated in its tender offer that a shareholder that accepts the offer may not seek such appraisal rights, and the acquirer or the company published all required information with respect to the tender offer prior to the tender offer’s response date. In addition, our articles of association provide for a staggered board of directors, which mechanism may delay, defer or prevent a change of control of the Company. See “Item 10.B Memorandum and Articles of Association — Provisions Restricting Change in Control of Our Company” for additional information.

Israeli tax considerations also may make potential transactions unappealing to us or to our shareholders whose country of residence does not have a tax treaty with Israel exempting such shareholders from Israeli tax. For example, Israeli tax law does not recognize tax-free share exchanges to the same extent as U.S. tax law. With respect to mergers, Israeli tax law allows for tax deferral in certain circumstances but makes the deferral contingent on the fulfillment of a number of conditions, including, in some cases, a holding period of two years from the date of the transaction during which sales and dispositions of shares of the participating companies may be subject to certain restrictions and additional terms. Moreover, with respect to certain share swap transactions, the tax deferral is limited in time, and when such time expires, the tax becomes payable even if no disposition of the shares has occurred. See “Item 10.E. Taxation—Israeli Tax Considerations and Government Programs” for additional information. 

The rights and responsibilities of a holder of our securities will be governed by Israeli law, which differs in some material respects from the rights and responsibilities of shareholders of U.S. companies.

The rights and responsibilities of the holders of our Ordinary Shares (and therefore indirectly, the ADSs and the warrants) are governed by our articles of association and by Israeli law. These rights and responsibilities differ in some material respects from the rights and responsibilities of shareholders in typical U.S.-based corporations. In particular, a shareholder of an Israeli company has certain duties to act in good faith in a customary manner in exercising its rights and performing its obligations towards the company and other shareholders and to refrain from abusing its power in the company including, among other things, in voting at the general meeting of shareholders on certain matters, such as an amendment to the company’s articles of association, an increase of the company’s authorized share capital, a merger of the company, and approval of related party transactions that require shareholder approval. A shareholder also has a general duty to refrain from discriminating against other shareholders. In addition, a controlling shareholder or a shareholder who knows that it possesses the power to determine the outcome of a shareholder vote or to appoint or prevent the appointment of an officer of the company has a duty to act in fairness towards the company with regard to such vote or appointment. However, Israeli law does not define the substance of this duty of fairness. There is limited case law available to assist us in understanding the nature of this duty or the implications of these provisions. These provisions may be interpreted to impose additional obligations on holders of our Ordinary Shares that are not typically imposed on shareholders of U.S. corporations. See “Item 6.C. Board Practices—Duties of Shareholders” for additional information.

It may be difficult to enforce a judgment of a U.S. court against us and our officers and directors and the Israeli experts named in this annual report in Israel or the United States, to assert U.S. securities laws claims in Israel or to serve process on our officers and directors and these experts.

We were incorporated in Israel and our corporate headquarters are located in Israel. The vast majority of our executive officers and directors and the Israeli experts named in this annual report on Form 20-F are located in Israel. All of our assets and most of the assets of these persons are located in Israel. Therefore, a judgment obtained against us, or any of these persons, including a judgment based on the civil liability provisions of the U.S. federal securities laws, may not be collectible in the United States and may not necessarily be enforced by an Israeli court. It also may be difficult to affect service of process on these persons in the United States or to assert U.S. securities law claims in original actions instituted in Israel. Additionally, it may be difficult for an investor, or any other person or entity, to initiate an action with respect to U.S. securities laws in Israel. Israeli courts may refuse to hear a claim based on an alleged violation of U.S. securities laws reasoning that Israel is not the most appropriate forum in which to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable to the claim. If U.S. law is found to be applicable, the content of applicable U.S. law must be proven as a fact by expert witnesses, which can be a time consuming and costly process. Certain matters of procedure will also be governed by Israeli law. There is little binding case law in Israel that addresses the matters described above. As a result of the difficulty associated with enforcing a judgment against us in Israel, you may not be able to collect any damages awarded by either a U.S. or foreign court.

Our headquarters and other significant operations are located in Israel, and, therefore, our results may be adversely affected by political, economic and military instability in Israel.

Our executive offices, corporate headquarters and research and development facilities are located in Israel. In addition, all of our key employees, officers and directors are residents of Israel. Accordingly, political, economic and military conditions in Israel and the surrounding region may directly affect our business. Since the establishment of the State of Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring Arab countries, the Hamas militant group (an Islamist militia and political group that controls the Gaza strip) and the Hezbollah (an Islamist militia and political group based in Lebanon). Any hostilities involving Israel or the interruption or curtailment of trade between Israel and its trading partners could adversely affect business conditions in Israel in general and our business in particular, and adversely affect our product development, our operations and results of operations. Ongoing and revived hostilities or other Israeli political or economic factors, such as, an interruption of operations at the Tel Aviv airport, could prevent or delay our regular operation, product development and delivery of products.

Any armed conflicts, terrorist activities or political instability in the region could adversely affect business conditions, could harm our results of operations and could make it more difficult for us to raise capital. Parties with whom we do business may sometimes decline to travel to Israel during periods of heightened unrest or tension, forcing us to make alternative arrangements when necessary, in order to meet our business partners face to face. Several countries, principally in the Middle East, still restrict doing business with Israel and Israeli companies, and additional countries may impose restrictions on doing business with Israel and Israeli companies if hostilities in Israel or political instability in the region continues or increases. Similarly, Israeli companies are limited in conducting business with entities from several countries. For instance, in 2008 the Israeli legislature passed a law forbidding any investments in entities that transact business with Iran. In addition, the political and security situation in Israel may result in parties with whom we have agreements involving performance in Israel claiming that they are not obligated to perform their commitments under those agreements pursuant to force majeure provisions in such agreements.

Our employees and consultants in Israel, including members of our senior management, may be obligated to perform one month, and in some cases longer periods, of military reserve duty until they reach the age of 40 (or older, for citizens who hold certain positions in the Israeli armed forces reserves) and, in the event of a military conflict or emergency circumstances, may be called to immediate and unlimited active duty. In the event of severe unrest or other conflict, individuals could be required to serve in the military for extended periods of time. In response to increases in terrorist activity, there have been periods of significant call-ups of military reservists. It is possible that there will be similar large-scale military reserve duty call-ups in the future. Our operations could be disrupted by the absence of a significant number of our officers, directors, employees and consultants related to military service. Such disruption could materially adversely affect our business and operations. Additionally, the absence of a significant number of the employees of our Israeli suppliers and contractors related to military service or the absence for extended periods of one or more of their key employees for military service may disrupt their operations.

Our insurance does not cover losses that may occur as a result of an event associated with the security situation in the Middle East or for any resulting disruption in our operations. Although the Israeli government has in the past covered the reinstatement value of direct damages that were caused by terrorist attacks or acts of war, we cannot assure you that this government coverage will be maintained or, if maintained, will be sufficient to compensate us fully for damages incurred and the government may cease providing such coverage or the coverage might not suffice to cover potential damages. Any losses or damages incurred by us could have a material adverse effect on our business. Any armed conflicts or political instability in the region would likely negatively affect business conditions generally and could harm our results of operations and product development.

Further, in the past, the State of Israel and Israeli companies have been subjected to economic boycotts. Several countries still restrict business with the State of Israel and with Israeli companies. These restrictive laws and policies may have an adverse impact on our operating results, financial conditions or the expansion of our business. Similarly, Israeli corporations are limited in conducting business with entities from several countries.

Some of our research and development activities and programs were supported by Israeli Governmental grants, some of which were sold or are in the process of selling. The terms of such grants may require us, in the future, to pay royalties and to satisfy specific conditions if and to the extent we receive future royalties or in order to complete the sale of such grant-based technologies and programs. We may be required to pay penalties in addition to payment of the royalties.

Our research and development efforts with respect to some of our past activities, including development of Secure Cloud Storage Access, were financed in part through royalty-bearing grants from the Israel Innovation Authority, or the IIA. On March 2020, we have completed the payment of royalties derived from the aggregate amount of $146,000 we received from the IIA for the development of our abovementioned technologies. Nevertheless, we are still bound by certain aspects of the Israeli Industrial Research and Development Law, or the Research and Development Law. Furthermore, pursuant to the technology purchase agreement between Safe-T Data and Cykick Labs Ltd., approved by the IIA in July 2018, and although we decided not to use the acquired technology, we are still legally committed to pay royalties from future sales on grants received from the IIA in connection with the technology purchased under this agreement in the amount of approximately $0.4 million from our income generated from products incorporating such technology. Additionally, in July 2018, we received a notice from the IIA regarding an obligation at the approximate amount of $0.5 million, made by an incubator center, which Cykick Labs Ltd. was a part of. According to the IIA, in order to receive the IIA’s approval to export the technology purchased from Cykick Labs Ltd., we would be required to obtain a commitment from the incubator center, taking the obligation upon themselves. If we do not obtain such commitment, we would be required to take this obligation upon our self, otherwise, the IIA will not approve any future export of the technology purchased from Cykick Labs Ltd. We have sent a letter to the IIA, rejecting its claims. As of the date of this annual report on Form 20-F, the IIA has not responded to our letter. We cannot be sure that the IIA will accept our arguments, which, if not accepted, may result in the expenditure of financial resources or may impair our ability to transfer or sell our technology outside of Israel.

We are committed to pay royalties with respect to aforesaid grants until 100% of the U.S. dollar-linked grant plus annual London Interbank Offered Rate, or LIBOR, interest is repaid. Nonetheless, the amount of royalties that we may be required to pay, may be higher in certain circumstances, such as when the manufacturing activity / know how is transferred outside of Israel. The United Kingdom’s Financial Conduct Authority, which regulates the LIBOR, announced in July 2017 that it will no longer persuade or require banks to submit rates for LIBOR after 2021. In September 2021, the Bank of Israel, which determines annual interest rates, published a directive which stated that annual interest at a variable rate linked to the LIBOR rate for loans in U.S. dollars will be replaced by the Secured Overnight Financing Rate, or the SOFR, in June 2023. While it is not currently possible to determine precisely whether, or to what extent, the replacement of LIBOR with SOFR would affect us, the implementation of SOFR may increase our financial liabilities to the IIA. Management continues to monitor the status and discussions regarding SOFR. We are not yet able to reasonably estimate the expected impact. 

We are required to comply with the requirements of the Israeli Encouragement of Research, Development and Technological Innovation in the Industry Law, 5744-1984, as amended, and related regulations, or the Innovation Law, with respect to these past grants. The abovementioned restrictions and requirements for payments may impair our ability to sell our technology outside of Israel or to outsource manufacturing or otherwise transfer our know-how outside Israel and may require us to obtain the approval of the IIA for certain actions and transactions and pay additional royalties or other payments to the IIA. We may not receive such approvals. Although we do not believe that these requirements will materially restrict us in any way, the IIA may impose certain conditions on any arrangement under which it permits us to transfer or assign technology or development out of Israel. If we fail to comply with the Innovation Law, we may be required to refund certain grants previously received and/or to pay interest and penalties and we may become subject to criminal charges. None of our current projects are supported by the IIA, yet if eligible, we may apply for such support in the future. The IIA may establish new guidelines regarding the Innovation Law, which may affect our existing and/or future IIA programs and incentives for which we may be eligible. We cannot predict what changes, if any, the IIA may make.

General Risk Factors

Raising additional capital would cause dilution to holders of our equity securities, and may affect the rights of existing holders of equity securities.

We may seek additional capital through a combination of private and public equity offerings, debt financings and collaborations and strategic and licensing arrangements. To the extent that we raise additional capital through the issuance of equity or convertible debt securities, your ownership interest will be diluted, and the terms may include liquidation or other preferences that adversely affect your rights as a holder of the ADSs.

We are subject to a number of risks associated with global sales and operations.

Business practices in the global markets that we serve may differ from those in the United States and may require us to include non-standard terms in customer contracts, such as extended payment or warranty terms. To the extent that we enter into customer contracts that include non-standard terms related to payment, warranties, or performance obligations, our results of operations may be adversely impacted.

Additionally, our global sales and operations are subject to a number of risks, including the following:

These and other factors could harm our ability to generate future global revenues and, consequently, materially impact our business, results of operations and financial condition.

Weakened global economic conditions may affect our industry, business and results of operations.

Our overall performance depends on worldwide economic conditions. These conditions affect the rate of information technology spending and could adversely affect our customers’ ability or willingness to purchase our secure access solutions, delay prospective customers’ purchasing decisions, reduce the value or duration of their subscription contracts, or affect renewal rates, all of which could adversely affect our operating results. In addition, in a weakened economy, companies that have competing products may reduce prices which could also reduce our average selling prices and harm our operating results.

The price of the ADSs may be volatile.

The market price of the ADSs has fluctuated in the past. Consequently, the current market price of the ADSs may not be indicative of future market prices, and we may be unable to sustain or increase the value of your investment in the ADSs. During the first quarter of 2022 and up to March 23, 2022, the market price of our ADSs has fluctuated from a low of $0.56 per ADS to a high of $1.23 per ADS, and our ADS price continues to fluctuate, as does the daily volume of trading of our ADSs. The market price of our ADSs and volume of trading may continue to fluctuate significantly in response to numerous factors, some of which are beyond our control, such as:

Further, the stock market in general, and the market for technology companies in particular, has recently experienced extreme price and volume fluctuations. The volatility of our ADSs is further exacerbated due to its low trading volume, which has only recently increased. Continued market fluctuations could result in extreme volatility in the price of our ADSs which could cause a decline in the value of our ADSs and the loss of some or all of your investment.

We may be subject to securities litigation, which is expensive and could divert management attention.

In the past, companies that have experienced volatility in the market price of their stock have been subject to securities class action litigation. We may be the target of this type of litigation in the future. Litigation of this type could result in substantial costs and diversion of management’s attention and resources, which could seriously hurt our business. Any adverse determination in litigation could also subject us to significant liabilities.

If securities or industry analysts do not publish or cease publishing research or reports about us, our business, or our market, or if they adversely change their recommendations or publish negative reports regarding our business or our shares, the share price and trading volume of our Ordinary Shares and ADSs could decline.

The trading market for our ADSs or Ordinary Shares will be influenced by the research and reports that industry or securities analysts may publish about us, our business, our market, or our competitors. We do not have any control over these analysts, and we cannot provide any assurance that analysts will cover us or provide favorable coverage. If any of the analysts who may cover us adversely change their recommendation regarding our ADSs or Ordinary Shares, or provide more favorable relative recommendations about our competitors, our share price would likely decline. If any analyst who may cover us were to cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which in turn could cause the share price or trading volume of our ADSs or Ordinary Shares to decline.