As filed with the Securities and Exchange Commission on March 26, 2019

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

WASHINGTON, DC 20549

FORM 20-F

☐ REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934

OR

☒ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended December 31, 20182022

OR

☐ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

OR

☐ SHELL COMPANY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

Commission File No.: 001-8610001-38610

SAFE-T GROUPALARUM TECHNOLOGIES LTD.

(Exact name of registrant as specified in its charter)

Translation of registrant’s name into English: Not applicable

State of Israel

(Jurisdiction of incorporation or organization)

30 Haarba’a Street
Tel Aviv
6473926 Israel

(Address of principal executive offices)

Shachar Daniel

Chief Executive Officer

+972-9-8666110
Shachar.daniel@alarum.io
30 Haarba’a Street
Tel Aviv
6473926 Israel

Shachar.daniel@safe-t.com

8 Abba Eban Ave.

Herzliya

4672526, Israel

(Name, Telephone, E-mail and/or Facsimile number and Address of Company Contact Person)

Securities registered or to be registered pursuant to Section 12(b) of the Act:

Securities registered or to be registered pursuant to Section 12(g) of the Act: None

Securities for which there is a reporting obligation pursuant to Section 15(d) of the Act: None

Indicate the number of outstanding shares of each of the issuer’s classes of capital or common stock as of the close of the period covered by the annual report.

81,355,69332,628,044 Ordinary Shares, no par value, as of December 31, 2018.2022.

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.

Yes ☐ No ☒

If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Exchange Act of 1934.

Yes ☐ No ☒

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Exchange Act during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.

Yes ☒ No ☐

Indicate by check mark whether the registrant has submitted every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T during the preceding 12 months.months (or for such shorter period that the registrant was required to submit such files).

Yes ☒ No ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or an emerging growth company. See definition of “large accelerated filer,” “accelerated filer,” and emerging growth company” in Rule 12b-2 of the Exchange Act.

If an emerging growth company that prepares its financial statements in accordance with U.S. GAAP, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards † provided pursuant to Section 13(a) of the Exchange Act. ☐

†The term “new or revised financial accounting standard” refers to any update issued by the Financial Accounting Standards Board to its Accounting Standards Codification after April 5, 2012.

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.  ☐

If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements. ☐

Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b). ☐

Indicate by check mark which basis of accounting the registrant has used to prepare the financial statements included in this filing.

U.S. GAAP ☐

International Financial Reporting Standards as issued by the International Accounting Standards Board☒

Other ☐

If “Other” has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow.

☐ Item 17 ☐ Item 18

If this is an annual report, indicate by check mark whether the registrant is a shell company.

Yes ☐ No ☒

TABLE OF CONTENTS

INTRODUCTION

INTRODUCTION

We developare a global internet access provider for consumers and market softwareenterprises. We operate in two main distinct segments, providing solutions that address multiple aspectsaccording to specific needs. The segments include enterprise internet access solutions and consumer internet access solutions and services.

Our enterprise internet access segment offers a global web data collection cloud service, based on our proprietary proxy traffic optimization and routing technology, and built on partnership agreements with tens of Internet Service Providers, or ISPs.

Our service allows organizations to collect vast amounts of web and internet data by simultaneously connecting to the internet from different IP addresses while maintaining full anonymity and privacy. Our customers can choose from various types of Internet Protocol addresses, or IPs, from our IP pool which contains millions of IPs, including ISP IPs, data protection information securitycenter IPs and cybersecurity markets. Our patented solutions secureresidential service provider IPs.

With our customers’web data services and networkscollection service, organizations can collect accurate, transparent web data from internal and external threats, such as unauthorizedpublic online sources. The solution also allows access to undiscovered data servicesfrom non-traditional data sources and networks,allows customers to gain additional data-driven information that provides valuable insights with respect to predictive capabilities or behaviors, thereby assisting ongoing business management operation and decision making. An added benefit to our customer is the fact that utilizing our network completely hides enterprises from the internet by modifying IP addresses, thus ensuring high levels of privacy for their online presence.

Our internet access solutions for consumers provide security against ransomware, viruses, phishing, and other online threats as well as data-related threats that include data exfiltration, leakage, malware, ransomwarea powerful, secured and fraud. We believe that our innovative productsencrypted connection, masking consumers’ online activity and keeping them safe from hackers. The solutions are the first solution that controls, in one integrated package, the entire data access lifecycle, allowing our customers to avoid the integration complexities of multiple products. In addition,designed for advanced and basic users, ensuring complete protection for all personal and digital information.

On November 8, 2022, we believe that our products create strong perimeter security aseffected a result of our patented Reverse-Access technology. In April 2018, we received the 2018 Fortress Cyber Security Award for Compliance and Authentication & Identity and were finalistschange in the 2018 Cyber Defense Magazine Infosec Awards. Reverse-Access is an innovative and unique technology providing for “reverse movement” of communication, and is designed to reduce the need to store sensitive data in the demilitarized zone (unfirewalled), or DMZ, and to open ports in the organizations’ firewall, thus enabling secure access to networks and services.

Our flagship product called Software Defined Access is a patented multi-layered solution that integrates our upgraded and comprehensive Software Defined Perimeter, or SDP, solution. We believe that our SDP solution is superior to other available products in the market, as it controls the entire application access lifecycle by combining SDP, a new architecture and technology that allows secure access to published applications, and our secure data exchange software that securely controls the usage and exchange of data among multiple users, devices, and location. The SDP architecture essentially hides published services and applications from unauthorized parties. According to Markets and Markets Research Private Ltd., the combined markets for secure data access and secure data exchange have been reported to have generated revenues in excess of $4 billion in 2017.

We were incorporated under the lawsratio of the State of Israel in December 1989. From June 2011 until June 2016, we were a “shell corporation” and did not have any business activity, excluding administrative management. On June 15, 2016, we closed a merger transaction, or the Merger Transaction, with Safe-T Data A.R Ltd., or the Subsidiary, whereby we acquired 100% of the share capital of the Subsidiary. Since the date of the Merger Transaction, we have devoted substantially all of our financial resourcesADSs to develop and commercialize our products. Our Ordinary Shares, or Ordinary Shares, are listed on the Tel Aviv Stock Exchange, or TASE, under the symbol “SAFE.” On August 17, 2018, our American Depositary Shares, or ADSs, each representing 40 of our Ordinary Shares commenced trading onfrom the Nasdaq Capital Market underprevious ADS ratio of one (1) ADS to one (1) Ordinary Share, to a new ADS ratio of one (1) ADS to ten (10) Ordinary Shares. All descriptions of our ADSs herein, including ADS amounts and per ADS amounts, are presented after giving effect to the symbol “SFET.”ratio change.

Unless otherwise indicated, all references to the “Company,” “we,” “our” and “Safe-T”“Alarum” refer to Safe-T GroupAlarum Technologies Ltd. and its wholly owned Israeli subsidiaries NetNut Ltd., or NetNut, NetNut’s wholly owned subsidiary - NetNut Networks Inc., a Delaware corporation, or NetNut Networks, Safe-T Data A.R Ltd., an Israeli corporation, and itsor Safe-T Data, CyberKick Ltd., or CyberKick, CyberKick’s wholly owned subsidiary, Safe-T USAsubsidiaries - iShield Inc., a Delaware corporation, RoboVPN Inc., a Delaware corporation, RoboVPN Technologies Ltd., a Cyprus corporation, and Spell Me Ltd., a Seychelles corporation.

References to “U.S. dollars” and “$” are to currency of the United States of America, and references to “NIS” are to New Israeli Shekels. References to “Ordinary Shares” are to our Ordinary Shares, no par value per share.share that have been trading on the Tel Aviv Stock Exchange, or TASE, under the symbol “ALAR”. References to ADSs are to our American Depository Shares, representing our Ordinary Shares, that have been trading on the Nasdaq Capital Market, or Nasdaq, under the symbol “SFET” since August 17, 2018, and effective from January 25, 2023 under the symbol “ALAR” following the Company’s change of name. We report financial information under International Financial Reporting Standards, or IFRS, as issued by the International Accounting Standards Board, or IASB.

All descriptions of our share capital in this Annual Report assume the issuance of 141,754 ADSs (representing 5,670,160 Ordinary Shares) upon the exercise of series B exchange warrants currently outstanding as of March 25, 2019.

1

CAUTIONARY NOTE REGARDING FORWARD-LOOKING STATEMENTS

Certain information included or incorporated by reference in this annual report on Form 20-F may be deemed to be “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995 and other securities laws.laws and the Israeli securities law. Forward-looking statements are often characterized by the use of forward-looking terminology such as “may,” “will,” “expect,” “plans,” “anticipate,” “estimate,” “continue,” “believe,” “should,” “intend,” “project” or other similar words, but are not the only way these statements are identified.

These forward-looking statements may include, but are not limited to, statements relating to our objectives, plans and strategies, statements that contain projections of results of operations or of financial condition, expected capital needs and expenses, statements relating to the research, development, completion and use of our products, and all statements (other than statements of historical facts) that address activities, events or developments that we intend, expect, project, believe or anticipate will or may occur in the future.

Forward-looking statements are not guarantees of future performance and are subject to risks and uncertainties. We have based these forward-looking statements on assumptions and assessments made by our management in light of their experience and their perception of historical trends, current conditions, expected future developments and other factors they believe to be appropriate.

Important factors that could cause actual results, developments and business decisions to differ materially from those anticipated in these forward-looking statements include, among other things:

Readers are urged to carefully review and consider the various disclosures made throughout this annual report on Form 20-F which are designed to advise interested parties of the risks and factors that may affect our business, financial condition, results of operations and prospects.

You should not put undue reliance on any forward-looking statements. Any forward-looking statements in this annual report on Form 20-F are made as of the date hereof, and we undertake no obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

In addition, the section of this annual report on Form 20-F entitled “Item 4. Information on the Company” contains information obtained from independent industry sources and other sources that we have not independently verified.

Table of ContentsSummary Risk Factors 

The risk factors described below are a summary of the principal risk factors associated with an investment in us. These are not the only risks we face. You should carefully consider these risk factors, together with the risk factors set forth in Item 3D. of this Report and the other reports and documents filed by us with the SEC.  

PART I

ITEM 1. IDENTITY OF DIRECTORS, SENIOR MANAGEMENT AND ADVISERS

Not applicable.

ITEM 2. OFFER STATISTICS AND EXPECTED TIMETABLE

Not applicable.

ITEM 3. KEY INFORMATION

A. [Reserved.]

The selected consolidated financial dataB. Capitalization and Indebtedness

Not applicable.

C. Reasons for the fiscal years set forth in the table below have been derived from our consolidated financial statementsOffer and notes thereto. We derived the selected data under the captions “Consolidated StatementsUse of Profit or Loss” for the years ended December 31, 2018, 2017 and 2016, and “Consolidated Statements of Financial Position Data” as of December 31, 2018 and 2017 from the audited consolidated financial statements included elsewhere in this Annual Report. The selected financial data should be read in conjunction with our consolidated financial statements, and are qualified entirely by reference to such consolidated financial statements. Other financial and operating data contains unaudited information that is not derived from our consolidated financial statements. The information presented below under the caption “Other financial and operating data” contains unaudited information which is not derived from our consolidated financial statements.

Proceeds

Not applicable.

D. Risk Factors

Not applicable.

You should carefully consider the risks described below, together with all of the other information in this annual report on Form 20-F. The risks described below are not the only risks facing us. Additional risks and uncertainties not currently known to us or that we currently deem to be immaterial may also materially and adversely affect our business operations. If any of these risks actually occurs, our business and financial condition could suffer and the price of our ADSs could decline.

Risks Related to Our Financial Condition and Capital Requirements

We are a development-stage company and have a limited operating history on which to assess the prospects forSome of our business segments are in development stages and have incurred losses due to required investments since the datestart of inception of Safe-T Data A.R Ltd., andtheir operations. We anticipate that wethese segments will continue to incur significant lossesinvestments in sales and marketing channels as well as in products development until we are able to successfully commercialize our products globally.

From June 2011 until June 2016, we were a “shell corporation” and did not have any business activity, excluding administrative management. On June 15, 2016, we closed the Merger Transaction with the Subsidiary, whereby we acquired 100% of the share capital of the Subsidiary. Since the date of the Merger Transaction, weWe have devoted substantially all of oursubstantial financial resources to develop and commercialize our products.products and to extend our business by acquisitions. We have financed our operations primarily through the issuance of equity securities.securities, and recently also through credit facilities and bank loans. The amount of our future net losses will depend, in part, on on-going development of our products, the rate of our future expenditures and our ability to obtain funding through the issuance of our securities, strategic collaborations, credit facilities or grants.bank loans. We expect to continue to incur significant losses due to ongoing investments in sales and marketing channels as well as in product development until we are able to successfully commercialize our products globally. We anticipate that our expenses will increase substantially if and as we:

Our ability to generate future revenue from product sales depends heavily on our success in many areas, including but not limited to:

Given our limited revenue and lack of positive cash flow, we expect that we willmay need to raise substantial additional capital before we can expect to become profitable from sales of our products. This additional financing may not be available on acceptable terms, or at all. Failure to obtain thisthe necessary capital when needed may force us to delay, limit or terminate our product development efforts or other operations.

According to our management’s estimates, based on our current cash on hand and further based on our budget, we believe that we have sufficient resources to continue our activities until at least June 15, 2019.December 31, 2023. Since we might be unable to generate sufficient revenue or cash flow to fund our operations for the foreseeable future, we willmay need to seek additional equity or debt financing to provide the capital required to maintain or expand our operations. We expect we will also need additional funding for developing products and services and other related activities, increasing our sales and marketing capabilities, and promoting brand identity, as well as for working capital requirements and other operating and general corporate purposes.

There can be no assurance that we will be able to raise sufficient additional capital on acceptable terms, or at all. If such financing is not available on satisfactory terms, or is not available at all, we may be required to delay, scale back or eliminate the development of business opportunities, research or development programs and our operations and financial condition may be materially adversely affected. If we raise additional funds through collaborations and licensing arrangements, we may be required to relinquish some rights to our technologies or candidate products, or to grant licenses on terms that are not favorable to us.

Raising additional capital would cause dilution to holders of our equity securities, and may affect the rights of existing holders of equity securities.

We may seek additional capital through a combination of private and public equity offerings, debt financings and collaborations and strategic and licensing arrangements. To the extent that we raise additional capital through the issuance of equity or convertible debt securities, your ownership interest will be diluted, and the terms may include liquidation or other preferences that adversely affect your rights as a holder of the ADSs.

The report of our independent registered public accounting firm contains an explanatory paragraph regarding substantial doubt about our ability to continue as a going concern, which could prevent us from obtaining new financing on reasonable terms or at all.

The report of our independent registered public accounting firm on our audited consolidated financial statements as expected for the period ended December 31, 20182022, contains an explanatory paragraph regarding substantial doubt about our ability to continue as a going concern. Our consolidated financial statements do not include any adjustments that might result from the outcome of the uncertainty regarding our ability to continue as a going concern. This going concern opinion could materially limit our ability to raise additional funds through the issuance of equity or debt securities or otherwise. Further reports on our consolidated financial statements may include an explanatory paragraph with respect to our ability to continue as a going concern. Until we can generate significant recurring revenues, we expect to satisfy our future cash needs through debt or equity financing. We cannot be certain that additional funding will be available to us on acceptable terms, if at all. If funds are not available, we may be required to delay, reduce the scope of, or eliminate research or development plans for, or commercialization efforts with respect to our products. This may raise substantial doubts about our ability to continue as a going concern.

We maintain our cash at financial institutions, some in balances that exceed federally insured limits.

A small portion of our cash is held in accounts at U.S. banking institutions that we believe are of high quality. Cash held in non-interest-bearing and interest-bearing operating accounts may exceed the Federal Deposit Insurance Corporation, or FDIC, insurance limits. If such banking institutions were to fail, we could lose all or a portion of those amounts held in excess of such insurance limitations.

The FDIC took control of one such banking institution, Silicon Valley Bank, or SVB, on March 10, 2023. The FDIC also took control of Signature Bank on March 12, 2023. On March 13, 2023, the U.S. Federal Reserve announced that account holders would not bear the loss of SVB’s collapse. We have used an SVB account for customer payments and have been able to recover the cash deposits transferred through such an account. We did not hold any bank accounts at Signature Bank. On March 27, 2023, First Citizen Bank announced the assumption of responsibility for Silicon Valley Bank. Thus, we do not view the risk as material to our financial condition. However, as the FDIC continues to address the situation with SVB, Signature Bank and other similarly situated banking institutions, the risk of loss in excess of insurance limitations has generally increased. Any material loss that we may experience in the future could have an adverse effect on our ability to pay our operational expenses or make other payments and may require us to move our accounts to other banks, which could cause a temporary delay in making payments to our vendors and employees and cause other operational inconveniences.

Risks Related to Our Business and Industry

The IT security market isinternet access markets are rapidly evolving within the increasingly challenging cyber threat landscape. If the industry does not continue to develop as we anticipate, our sales will not grow as quickly as expected and our share price could decline.

We operate in a rapidly evolving industry focused on securing organizations’ IT systemsproviding organizations and sensitive business data.consumers with internet access solutions. Our solution focuses on protecting an organization’s sensitivesolutions provide protective cyber tools that identify, eliminate and help customers avoid security and data in terms of how internal/external users accessbreach threats. On the dataconsumers side, we experience intense competition from well established companies as well as smaller new players, and useneed to constantly adapt our solutions to the data. While theft, leakage, and ransomware have gained media attention in recent years, IT security spending within enterprises is often concentrated on endpoint and web security products designed to stop threats from penetrating corporate networks. Organizations that use these security products may allocate all or most of their IT security budgets to these products and may not adopt our solution in addition to such products. Further, a security solution such as ours, which is focused on disrupting cyber-attacks by insiders and external perpetrators that have penetrated an organization’s perimeter, is a relatively new technology that has been developed to respond to advanced threats and more rigorous compliance standards and audit requirements. However, advanced cyber attackers are skilled at adapting to new technologies and developing new methods of gaining access to organizations’ sensitive business data. Changes in the nature of advanced cyber threats could result in a shift in IT budgets away from solutions such as ours. In addition, any changes in compliance standards or audit requirements that deemphasize the types of controls, storage, monitoringgrowing and analysis that our solution provides would adversely impact demand for our offerings.constantly changing challenges. It is therefore difficult to predict how large the marketmarkets will be for our solution.solutions. If solutions such as ours are not viewed by organizations as necessary, or if business or consumer customers do not recognize the benefit of our solution as a critical layer of an effective security strategy, then our revenues may not grow as quickly as expected, or may decline, and our share price could suffer.

We have not yet successfully completed theare engaged in on-going development of our current and future products. Our research and development efforts may not produce successful products or enhancements to our solution that result in significant revenue or other benefits in the near future, if at all.

We expect to continue to dedicate significant financial and other resources to our research and development efforts in order to successfully completecontinuously evolve the development of our products and maintain our competitive position. As a result, our business is significantly dependent on our ability to successfully complete the development of our currentnext generation products. Investing in research and development personnel, developing new products and enhancing existing products is expensive and time consuming, and there is no assurance that such activities will result in successful development of our products, significant new marketable products or enhancements to our products, design improvements, cost savings, revenues or other expected benefits. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected.

If we fail to effectively manage our growth, our business and operations will be negatively affected, and as we invest in the growth of our business, we expect our operating and net profit margins to decline in the near-term.

We have experienced significanta more rapid growth in a relatively short period of timethe last four years and intend to continue to aggressively grow our business. We expect that ourOur annual operating expenses willmay continue to increase as we invest in sales, marketing, research and development. Our growth to-dateto date has placed significant demands on our management, sales, and operational and financial infrastructure, and our growth will continue to place significant demands on these resources. We may not be able to successfully implement these improvements in a timely or efficient manner, and our failure to do so may materially impact our projected growth rate. We may also not be able to effectively manage the expansion of our operations, which may result in weaknesses in our infrastructure, operational mistakes, loss of business opportunities, failure to deliver and timely deliver our products to customers, loss of employees and reduced productivity among remaining employees. Our expected growth could require significant capital expenditures and may divert financial resources from other projects, such as the development of current and additional new products. If our management is unable to effectively manage our growth, our expenses may increase more than expected, our ability to generate and/or grow revenue could be reduced, and we may not be able to implement our business strategy.

As we invest in the growth of our business, we expect that these investments will result in increased costs and may impact our short and mid-term operating and net profit margins and our operating and net income have declined in recent periods compared to prior periods and we expect this trend to continue in the near-term, primarily as a result of the costs associated with expanding our direct and indirect sales forces, our increased rate of investment in research and development and our increased administrative costs in connection with becoming a public company. We expect that these invested costs will adversely impact our operating and net profit margins since it will take time and resources to train and integrate new sales force members and to comply with public company reporting and regulatory requirements. In addition, costs associated with adding new personnel to our sales force are expensed before their positive impact on our sales is recognized, and even then, a significant portion of any revenues that they generate from maintenance and professional services are deferred over the delivery period of those services.margins. A failure to meet market expectations regarding our revenuesprofitability and profitabilityour position as a growth company have had and could continue to have an adverse effect on the price of our share price.

Ordinary Shares and ADSs.

Our quarterly and annual results of operations may fluctuate for a variety of reasons, including our failure to close significant sales before the end of a particular quarter.reasons.

Even if we are successful in introducing our products to the market, theOur operating results and financial condition of our company may fluctuate from quarter to quarter and year to year and are likely to continue to vary due to a number of factors, many of which will not be within our control. If our operating results do not meet the guidance that we provide to the market place or the expectations of securities analysts or investors, the market price of our Ordinary Shares and the ADSs will likely decline. Fluctuations in our operating results and financial condition may be due to a number of factors:

Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. These fluctuations could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, the market price of our Ordinary Shares and the ADSs could fall substantially, and we could face costly lawsuits, including securities class action suits.

Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solution or the failure of our solution to meet customers’ expectations.

Organizations and consumers are facing increasingly sophisticated and targeted cyber threats, including the growing threat of cyber terrorism throughout the world. If we fail to identify and respond to new and increasingly complex methods of attack and update our products to detect or prevent such threats, our business and reputation will suffer. In particular, we may suffer significant adverse publicity and reputational harm if a significant breach occurs generally or if any breach occurs at a high-profile customer. Moreover, asif our solution issolutions are adopted by an increasing number of enterprises and governmental entities,consumers, it is possible that attackers will begin to focus on finding ways to defeat our solution.solutions. An actual or perceived security breach or theft of our customers’ sensitive business or personal data, regardless of whether the breach or theft is attributable to the failure of our products, could adversely affect the market’s perception of the efficacy of our solutionsolutions and current or potential customers may look to our competitors for alternatives to our solution.solutions. The failure of our products may also subject us to lawsuits and financial losses stemming from indemnification demands of our partners and other third parties, as well as the expenditure of significant financial resources to analyze, correct or eliminate any vulnerabilities. Any claim brought against us, regardless of its merit, could result in material expense, diversion of management time and attention, and damage to our reputation, and could cause us to fail to retain or attract customers. Costs or payments made in connection with warranty and product liability claims and product recalls or other claims could materially affect our financial condition and results of operations. It could also cause us to suffer reputational harm, lose existing customers or deter them from purchasing additional products and services and prevent new customers from purchasing our solution.

solutions.

False detection of threats, while typical in our industry, may reduce perception of the reliability of our products and may therefore adversely impact market acceptance of our products. If our solution restrictssolutions restrict legitimate privileged access by authorized personnel to IT systems and applications by falsely identifying those users as an attack or otherwise unauthorized, or fail to provide privacy and security web browsing to consumers, our customers’ businessbusinesses could be harmed. There can be no assurance that, despite testing by us, errors will not be found in existing and new versions of our products, resulting in loss of or delay in market acceptance. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem. In addition, the network of enterprise internet access solutions is built on a mix of IPs, which we source from various providers and technologies. A significant portion of our IP pool is sourced from third-party IP proxy providers and ISPs around the world from which we lease and then resell. We have separate agreements with each provider. If such a provider will choose to terminate the agreement, we will be at a risk of reducing the size of our IP pool, and might not be able to support the demands of our customer base.

If we are unable to acquire new customers, our future revenues and operating results will be harmed.

Our success depends on our ability to acquire new customers. The number of customers that we add in a given period impacts both our short-term and long-term revenues. If we are unable to attract a sufficient number of new customers, we may be unable to generate revenue growth at desired rates. The IT security market ismarkets we operate in are competitive and many of our competitors have substantial financial, personnel, and other resources that they utilize to develop products and attract customers. As a result, it may be difficult for us to add new customers to our customer base. Competition in the marketplace may also lead us to win fewer new customers or result in us providing discounts and other commercial incentives. Additional factors that impact our ability to acquire new customers include the perceived need for ITcyber security, the size of our prospective customers’ ITinfrastructure budgets, the utility and efficacy of our existing and new offerings, whether proven or perceived, our ability to reach a significant portion of the consumer market, and general economic conditions. These factors may have a meaningful negative impact on future revenues and operating results. With respect to our enterprise access business, while many companies understand the problem of doing competitive analysis, data collection, and other privacy-related use cases, widespread awareness of the need for access solutions is still lacking. Proxy networks are well understood, and virtual private networks are commonly popular, but access solutions are still in the early adoption phase among companies and individuals that stand to benefit from them. This restraint accounts for not all enterprise access vendors having the marketing budgets to promote themselves.

If we lose a significant customer, or face material reduction in sales to a significant customer, our operating margins, our profitability, our sales and our results of operations could be affected. 

One of our sale segments is dependent on a major customer, and its loss and inability to substitute other similar customers for the lost one can have an adverse effect on our business, financial situation or performance. For example, in 2022 this customer accounted for 37% of our total sales. There can be no assurance that our major customers will continue to do business with us or that all significant customers will continue to purchase our products in the same quantities that they have in the past. The loss of any one of our significant customers or a material reduction in sales to a significant customer could have a material adverse effect on our sales and results of operations. 

If we are unable to sell additional products and services to our existing customers, our future revenues and operating results will be harmed.

Our revenues are also generated from sales to existing customers. Our future success depends, in part, on our ability to obtain recurring licenses and servicessales to our existing customers. We devote significant efforts to developing, marketing and selling additional licenses and associated maintenance and supportproducts to existing customers and rely on these efforts for a portion of our revenues. These efforts require a significant investment in building and maintaining customer relationships, as well as significant research and development efforts in order to provide product upgrades and launch new products. The rate at which our existing customers purchase additional products and services depends on a number of factors, including, but not limited to, the perceived need for additional IT security,access services, the fit and efficacy of our solutions and the utility of our new offerings, whether proven or perceived, our customers’ IT budgets, general economic conditions, our customers’ overall satisfaction with the maintenance and professional services we provide and the continued growth and economic health of our customer base to require incremental users and servers to be covered. If our efforts to sell additional products and services to our customers are not successful, our future revenues and operating results will be harmed.

We face intense competition from IT securityaccess vendors, some of which are larger and better known than we are, and we may lack sufficient financial or other resources to maintain or improve our competitive position.

The IT security marketmarkets in which we operate isare characterized by intense competition, constant innovation and evolving security threats. We compete with companies that offer a broad array of IT securityinternet access products. Our current and potential future competitors include Luminate Securityproviders of access solutions, such as Bright Data Ltd. (formerly Luminati Networks Ltd.), or Bright Data, Oxylabs Networks Pvt. Ltd., Cyxtera Technologies, Inc., Akamai Technologies,BiScience Inc. and Zscaler, Inc.others in the software defined perimeterenterprise access segment, and application access market,Kape Technologies plc, McAfee Corp., Nord VPN, Norton LifeLock, Aura and also include providers of secure data vaults and secure data exchange such as CyberArk Software Ltd., Accellion, Inc. and Varonis Systems Inc.others in the consumer segment. Some of our competitors are large companies that have the technical and financial resources and broad customer bases needed to bring competitive solutions to the market and already have existing relationships as a trusted vendor for other products. Such companies may use these advantages to offer products and services that are perceived to be as effective as ours at a lower price or for free as part of a larger product package or solely in consideration for maintenance and services fees. They may also develop different products to compete with our current solutionsolutions and respond more quickly and effectively than we do to new or changing opportunities, technologies, standards or client requirements. Additionally, from time to time we may compete with smaller regional vendors that offer products with a more limited range of capabilities that purport to perform functions similar to our solution. Such companies may enjoy stronger sales and service capabilities in their particular regions.

With respect to the enterprise access and the consumer markets, we face the emergence of small competitors in this field due to high profitability margins, which can result in pressure on prices to decline. Furthermore, these margins can lead also to competition from bigger companies that can invest larger human, cash and technological resources into this industry. Such increased competition can lead to lower margins and, consequently, impact our revenues, profitability and business.

Our competitors may enjoy potential competitive advantages over us, such as:

Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. Current or potential competitors may be acquired by third parties with greater available resources. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of other opportunities more readily or develop and expand their product and service offerings more quickly than we do. Larger competitors with more diverse product offerings may reduce the price of products that compete with ours in order to promote the sale of other products or may bundle them with other products, which would lead to increased pricing pressure on our products and could cause the average sales prices for our products to decline.

In addition, other IT securitycybersecurity technologies exist or could be developed in the future by current or future competitors, and our business could be materially and adversely affected if such technologies are widely adopted.

We may not be able to successfully anticipate or adapt to changing technology or customer requirements on a timely basis, or at all. If we fail to keep up with technological changes or to convince our customers and potential customers of the value of our solution even in light of new technologies, our business, results of operations and financial condition could be materially and adversely affected.

If our internal network system is compromised by cyber attackers or other data thieves, or if our hosting and infrastructure fails, public perception of our products and services will be harmed.

We will not succeed unless the marketplace is confident that we provide effective IT securitycybersecurity protection. We provide privileged account security products, and as such we may be an attractive target for attacks by cyber attackers or other data thieves since a breach of our system could provide data information regarding not only us, but potentially regarding the customers that our solution protects. Further, we may be targeted by cyber terrorists because we are an Israeli company. If we experience an actual or perceived breach of our network or privileged account security inand our internal systems, it could adversely affect the market perception of our products and services. In addition, we may need to devote more resources to address security vulnerabilities in our solution, and the cost of addressing these vulnerabilities could reduce our operating margins. If we do not address security vulnerabilities or otherwise provide adequate security features in our products, certain customers, particularly government customers, may delay or stop purchasing our products. Further, a security breach could impair our ability to operate our business, including our ability to provide maintenance and support services to our customers. If this happens, our revenues could decline, and our business could suffer. With respect to the enterprise access services and consumers services, if we will experience short period hosting/infrastructure failures, or longer periods of disconnection blocking of our network of IPs to access certain websites, and do not offer our customers various immediate alternatives, some customers may choose to delay or stop purchasing our products.

In the ordinary course of our business, we rely on information technology systems, networks and services, including internet sites, data hosting and processing tools, hardware (including laptops and mobile devices), software, and technical platforms and applications, to process, store and transmit data and to help us manage our business and to collect and store the Company’s sensitive data, including intellectual property, personal information and proprietary business information. The secure maintenance and transmission of this information is critical to our operations and business strategy. We rely on commercially available systems, software, tools, and domestically available monitoring to provide security for processing, transmitting and storing this sensitive data. As part of our implemented efficiency and cost-saving measures, we are using cloud service providers. While benefits for using cloud computing services are well documented and are mostly related to resources sharing, on-demand self-services, rapid scalability, improved economies of scale and collaboration, there are risks that could outweigh the expected benefits, and require close attention and management. For example, there is no guarantee that the features we use will be provided for the same price in the future, there is a risk in relying on a cloud service for business-related tasks because no service can guarantee 100% uptime and there is always a risk of data leakage when a company’s data is held by a third-party vendor.

Information technology systems, including those managed or hosted by third parties, could be subject to sophisticated cyber-attacks (including phishing and ransomware attacks) and threats by external or internal parties’ intent on disrupting business processes or otherwise extracting or corrupting information. In recent years, ransomware attacks against organizations have become more frequent and while we continue to implement additional protective measures to reduce the risk of and detect cyber incidents, cyber-attacks are becoming more sophisticated and frequent and the techniques used in such attacks change rapidly. We may also face increased cybersecurity risks due to the number of our employees and our third-party providers’ who are (and may continue to be) working remotely, which creates additional opportunities for cybercriminals to launch attacks and exploit vulnerabilities in non-corporate IT environments. Unauthorized access to our systems could disrupt our business, and/or lead to theft, loss or misappropriation of critical assets or to outside parties having access to confidential information, including privileged data, personal data or strategic information. Such information could also be made public in a manner that harms our reputation and financial results and, particularly in the case of personal data, could lead to regulators imposing significant fines on us.

Also, our information technology networks and infrastructure may still be vulnerable to damage, disruptions, or shutdowns due power outages, computer viruses, telecommunication or utility failures, systems failures, natural disasters or other catastrophic events. Any such compromise could disrupt our operations, damage our reputation, and subject us to additional costs and liabilities, any of which could adversely affect our business.

If we do not effectively expand, train and retain our sales force, we may be unable to acquire new customers or sell additional products and services to existing customers, and our business will suffer.

We depend significantly on our sales force to attract new customers and expand sales to existing customers. In 2018 and 2017 we generated 53% and 62%, respectively, of our revenues from direct sales. As a result, our ability to grow our revenues depends in part on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. We expect to continue to expand our sales personnel significantly and face a number of challenges in achieving our hiring and integration goals. There is intense competition for individuals with sales training and experience. In addition, the training and integration of a large number of sales personnel in a short time requires the allocation of internal resources. We invest significant time and resources in training new sales force personnel to understand our solutions and growth strategy. Based on our past experience, it takes an average of approximately six to nine months before a new sales force member operates at target performance levels. However, we may be unable to achieve or maintain our target performance levels with large numbers of new sales personnel as quickly as we have done in the past. Our failure to hire a sufficient number of qualified sales force members and train them to operate at target performance levels may materially and adversely impact our projected growth rate.

We rely on original equipment manufacturer, or OEM, partners, channel partners, including systems integrators, distributors and value-added resellers, to generate a significant portion of our revenue. If we fail to maintain successful relationships with our OEM and channel partners, or if our channel partners fail to perform, our ability to market, sell and distribute our solution will be limited, and our business, financial position and results of operations will be harmed.

In addition to our direct sales force, we rely on our OEM and channel partners to sell and support our solution, currently in the United States, Europe, Asia Pacific, Africa and Israel region. We expect that sales through our partners will continue to account for a significant percentage of our revenue. In 2018 and 2017, we generated approximately 47% and 38%, respectively, of our revenues from sales to channel partners and we expect that channel partners will represent a substantial portion of our revenues for the foreseeable future. Most of our agreements with channel partners are non-exclusive, meaning our partners may offer customers IT security products from other companies, including products that compete with our solution. If our channel partners do not effectively market and sell our solution, or choose to use greater efforts to market and sell their own products and services or the products and services of our competitors, our ability to grow our business will be adversely affected. Our channel partners may cease or deemphasize the marketing of our solution with limited or no notice and with little or no penalty. Further, new channel partners require training and may take several months or more to achieve productivity. The loss of a substantial number of our channel partners, the inability to replace them or the failure to recruit additional OEM or channel partners could materially and adversely affect our results of operations. Our reliance on channel partners could also subject us to lawsuits or reputational harm if, for example, a channel partner misrepresents the functionality of our solution to customers or violates laws or our corporate policies. Our ability to grow revenues in the future will depend in part on our success in maintaining successful relationships with our OEM and channel partners and training our OEM and channel partners to independently sell and install our solution. If we are unable to maintain our relationship with OEM and channel partners or otherwise develop and expand our indirect sales channel, or if our OEM and/or channel partners fail to perform, our business, financial position and results of operations could be adversely affected.

If our products fail to help our customers achieve and maintain compliance with certain government regulations and industry standards, our business and results of operations could be materially and adversely affected.

We generate a substantial portionOn the enterprise access side of our revenues from our productsbusiness, we primarily engage directly with ISPs in order to gain access to their networks. The legality of scraping publicly available web data was reaffirmed by the Ninth Circuit Court of Appeals (hiQ vs LinkedIn) in late 2019, but the way in which some of the automated software programs are built is still questionable, and services because they enable our customerschanges in regulations may impact the means or ability to achieveprovide such solutions.

International regulatory bodies are increasingly focused on online privacy issues and maintain compliance with certain government regulations and industry standards, and we expect that will continue foruser data protection. In particular, the foreseeable future. Examples of industry standards and government regulations include the European Union General Data Protection Regulation, or GDPR; the Payment Card Industry Data Security Standard,GDPR, in the European Union, or PCI-DSS;EU, and the Health Insurance PortabilityUK intends to strengthen and Accountabilityunify data protection for all individuals within the EU. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. Additionally, the uncertainty created by these laws and regulations can be compounded when services hosted in one jurisdiction are directed at users in another jurisdiction. For instance, European data protection rules may apply to companies which are not established in the EU (this is the so-called extraterritorial scope of the GDPR). Similarly, there have been laws and regulations adopted throughout the United States and Israel that impose obligations in areas such as privacy, in particular protection of personal information and implementing adequate cybersecurity measures to protect such information. The most prominent to which we are exposed is the California Consumer Privacy Act of 2020, or the CCPA, which increases the privacy and security obligations companies have towards the consumer when handling personal data. The CCPA allows civil penalties for violations as well as private right of action for data breaches. In addition, the California Privacy Rights Act, or HIPAA; the Sarbanes-Oxley Act;CPRA, which became effective as of January 1, 2023, imposes additional obligations such as expanding the Gramm-Leach-Bliley Act, or GLBA;current data privacy compliance requirements under the CCPA. As an Israeli company we are also subject to the Israeli Privacy Protection Law 1981 and its regulations, as well as the international banking regulationsguidelines of the Basel Committee on Bank Supervision. Israeli Privacy Protection Authority.

These industry standards may change with little or no notice, including changes that could make them more or less onerous for businesses. Any inability to adequately address privacy and security concerns or comply with applicable privacy and data security laws, rules and regulations could have an adverse effect on our business prospects, results of operations and/or financial position. In addition, governments may also adopt new laws or regulations, or make changes to existing laws or regulations, that could impact whether our solution enables our customers to maintain compliance with such laws or regulations. If we are unable to adapt our solution to changing government regulations and industry standards in a timely manner, or if our solution fails to expedite our customers’ compliance initiatives, our customers may lose confidence in our products and could switch to products offered by our competitors. In addition, if government regulations and industry standards related to IT securitythe access sectors are changed in a manner that makes them less onerous, our customers may view compliance as less critical to their businesses, and our customers may be less willing to purchase our products and services. In either case, our sales and financial results would suffer.

Our model for long-term growth depends upon the introduction of new products. If we are unable to develop new products or if these new products are not adopted by customers, our growth will be adversely affected.

Our business depends on the successful development and marketing of new products, including adding complementary offerings to our current products. For example, in October 2017, we completed the development of the first version of our Software Defined Access solution, which is designed to reduce cyber-attacks by hiding mission-critical data at the perimeter, limiting access to authorized and intended entities, on premise or in the cloud. Development and marketing of new products requiresrequire significant up-front research, development and other costs, and the failure of new products we develop to gain market acceptance may result in a failure to achieve future sales and adversely affect our competitive position. There can be no assurance that any of our new or future products will achieve market acceptance or generate revenues at forecasted rates or that the margins generated from their sales will allow us to recoup the costs of our development efforts.

Failure by us or our partners to maintain sufficient levels of customer support could have a material adverse effect on our business, financial condition and results of operations.

Our customers depend in large part on customer support delivered through our partners or by us to resolve issues relating to the use of our solution. However, even with our support and that of our partners, our customers are ultimately responsible for effectively using our solution and ensuring that their IT staff is properly trained in the use of our products and complementary security products. The failure of our customers to correctly use our solution, or our failure to effectively assist customers in installing our solution and providing effective ongoing support, may result in an increase in the vulnerability of our customers’ IT systems and sensitive business data. Additionally, if our partners do not effectively provide support to the satisfaction of our customers, we may be required to provide support to such customers, which would require us to invest in additional personnel, which requires significant time and resources. We may not be able to keep up with demand, particularly if the sales of our solution exceed our internal forecasts. To the extent that we or our partners are unsuccessful in hiring, training and retaining adequate support resources, our ability and the ability of our partners to provide adequate and timely support to our customers will be negatively impacted, and our customers’ satisfaction with our products will be adversely affected. Accordingly, our failure to provide satisfactory maintenance and technical support services could have a material and adverse effect on our business and results of operations.

If we do not successfully anticipate market needs and enhance our existing products or develop new products that meet those needs on a timely basis, we may not be able to compete effectively and our ability to generate revenues will suffer.

Our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to adapt to increasingly complex IT infrastructures that incorporate a variety of hardware, software applications, operating systems and networking protocols. As our customers’ technologies and business plans grow more complex, we expect them to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our solutionsolutions effectively identifiesidentify and respondsrespond to these advanced and evolving attacks without disrupting the performance of our customers’ IT systems. As a result, we must continually modify and improve our products in response to changes in our customers’ IT and industrial control infrastructures.

We cannot guarantee that we will be able to anticipate future market needs and opportunities or be able to develop product enhancements or new products to meet such needs or opportunities in a timely manner, if at all. Even if we are able to anticipate, develop and commercially introduce enhancements and new products, there can be no assurance that enhancements or new products will achieve widespread market acceptance.

Our product enhancements or new products could fail to attain sufficient market acceptance for many reasons, including:

If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, it could cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition, and results of operations.

If our products do not effectively interoperate with our customers’ existing or future IT infrastructures, installations could be delayed or cancelled, which would harm our business.

Our products must effectively interoperate with our customers’ existing or future IT infrastructures, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors and contain multiple generations of products that have been added over time. If we find errors in the existing software or defects in the hardware used in our customers’ infrastructure or problematic network configurations or settings, we may have to modify our software so that our products will interoperate with our customers’ infrastructure and business processes. In addition, to stay competitive within certain markets, we may be required to make software modifications in future releases to comply with new statutory or regulatory requirements. These issues could result in longer sales cycles for our products and order cancellations, either of which would adversely affect our business, results of operations and financial condition.

Defects and bugs in products could give rise to product returns, cancellation of orders or product liability, warranty or other claims that could result in material expenses, diversion of management time and attention, and damage to our reputation.

Even if we are successful in introducing our products to the market, our products may contain undetected defects or errors that, despite testing, are not discovered until after a product has been used. Our software is complex and could have, or could be alleged to have, defects, bugs or other errors or failures. This could result in cancellation of orders, difficulties in maintaining business relations with customers that use our software, delayed market acceptance of those products, claims from distributors, end-users or others, increased end-user service and support costs and warranty claims, damage to our reputation and business and the ability to attract new customers, or significant costs to correct the defect or error. We may from time to time become subject to warranty or product liability claims that could lead to significant expenses as we need to compensate affected end-users for costs incurred related to product quality issues.

Any claim brought against us, regardless of its merit, could result in material expense, diversion of management time and attention, and damage to our reputation, and could cause us to fail to retain or attract customers.

We areOur business is subject to risks arising from the continuous effects of the COVID-19 pandemic - the risk that we may not be able to successfully execute our business or strategic plans, as well as the risk that we will not be able to anticipate, identify and respond quickly to changing market trends and customer preferences or changes in the consumer environment, including changing expectations of service, all of which could have a numbermaterial adverse effect on our business and results of risks associated with global sales and operations.

Business practicesOur business, operations and financial condition could be materially affected by the outbreak of epidemics or pandemics or other health crises. For example, the COVID-19 pandemic has caused governments of most countries to take actions to reduce the spread of the virus. Such actions have included imposing restrictions such as quarantines, school closures, restrictions on public gatherings, business closures and travel restrictions. These measures have caused material disruption to businesses globally resulting in general economic slowdown. Our operations and business have been impacted and may continue to be impacted by COVID-19 as we were forced to modify our day to day operation and adopt early and strict prevention measures to protect the global markets that we serve may differhealth of our employees (including employees’ travel, employees’ work locations and cancellation of physical participation in meetings, events, and conferences). Also, NetNut Networks’ business, experienced a significant slowdown due to ongoing disruption in supply chain resulting from those inCOVID-19 implications.

Employers (including us) are also required to prepare and increase as much as possible the capacity and arrangement for employees to work remotely. Although to date these restrictions have not impacted our operations, the effect on our business, from the spread of COVID-19 and the actions implemented by the governments of the State of Israel, the United States and elsewhere across the globe, may requireworsen over time and could have a material adverse impact on our business.

Market events and conditions, including disruptions in the financial markets and deteriorating global economic conditions, could increase the cost of capital or impede our access to capital. Economic and geopolitical events, as well as global outbreaks of contagious diseases, such as COVID 19, may create uncertainty in global financial and equity markets. Such disruptions could make it more difficult for us to include non-standardobtain capital and financing for our operations, or increase the cost of it, among other things. If we do not raise capital when we need it, or access it on reasonable terms, in customer contracts, such as extended payment or warranty terms. To the extent that we enter into customer contracts that include non-standard terms related to payment, warranties, or performance obligations, our results of operations may be adversely impacted.

Additionally, our global sales and operations are subject toit could have a number of risks, including the following:

These and other factors could harm our ability to generate future global revenues and, consequently, materially impactmaterial adverse effect on our business, results of operations, financial condition and the Company’s Ordinary Shares or ADSs price. If the negative economic conditions persist or worsen, it could lead to increased political and financial condition.uncertainty, which could result in regime or regulatory changes in the jurisdictions in which we operate. High levels of volatility and market turmoil could have an adverse effect on our business, results of operations, financial condition and the Company share price.

The extent to which COVID-19 or any other contagious disease impacts our results will depend on future developments, which are highly uncertain and cannot be predicted, including new information which may emerge concerning the severity of this or any other outbreak and the actions to contain those outbreaks or treat its impact, among others.

If we are unable to hire, retain and motivate qualified personnel, our business will suffer.

Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel. Our inability to attract or retain qualified personnel or delays in hiring required personnel, particularly in sales and software engineering, may seriously harm our business, financial condition and results of operations. Any of our employees may terminate their employment at any time. Competition for highly skilled personnel is frequently intense, especially in Israel, where we are headquartered. Moreover, certain of our competitors or other technology businesses may seek to hire our employees. There is no assurance that any equity or other incentives that we grant to our employees will be adequate to attract, retain and motivate employees in the future. If we fail to attract, retain and motivate highly qualified personnel, our business will suffer. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited or divulged proprietary or other confidential information.

We rely significantly on revenues from maintenance and support contracts, which we recognize ratably over the term of the associated contract and, to a lesser extent, from professional services contracts, which we recognize as services are delivered, and downturns in sales of these contracts are not immediately reflected in full in our quarterly operating results.

We generate revenue from sales of perpetual or subscribed licenses of our products, and related services. Also, we generate revenues from maintenance and support of our products. Maintenance and support renewals are usually 15% to 25% of the license price, depending mainly on the supporting hours and response times, and are important as they represent, like subscription renewals, steady and visible cash flow growth. Our renewal rate for subscriptions of maintenance and support contracts is approximately 85% over the last 2 years. Sales of maintenance and support and professional services may decline or fluctuate as a result of a number of factors, including the number of product licenses we sell, our customers’ level of satisfaction with our products and services, the prices of our products and services, the prices of products and services offered by our competitors or reductions in our customers’ spending levels. If our sales of maintenance and support and professional services contracts decline, our revenues or revenue growth may decline, and our business will suffer. We recognize revenues from maintenance and support services over the contract term. As a result, a meaningful portion of the revenues we report each quarter results from the recognition of deferred revenues from maintenance and support and professional services contracts entered into during previous quarters. Consequently, a decline in the number or size of such contracts in any one quarter will not be fully reflected in revenues in that quarter, but will negatively affect our revenues in future quarters. Accordingly, the effect of significant downturns in maintenance and support and professional services contracts would not be reflected in full in our results of operations until future periods.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations.

Our functional and reporting currency is the U.S. dollar and we generate a majority of our revenues in U.S. dollars. A material portion of our operating expenses is incurred outside the United States, mainly in NIS and are subject to fluctuations due to changes in foreign currency exchange rates, particularly changes in NIS. Our foreign currency-denominated expenses consist primarily of personnel, rent and other overhead costs. Since a significant portion of our expenses is incurred in NIS and is substantially greater than our revenues in NIS, any appreciation of the NIS relative to the U.S. dollar would adversely impact our net loss or net income, as relevant. During 2022, the NIS depreciated by more than 13% against the dollar but has appreciated in prior years. We are therefore exposed to foreign currency risk due to fluctuations in exchange rates. This may result in gains or losses with respect to movements in exchange rates which may be material and may also cause fluctuations in reported financial information that are not necessarily related to its operating results. We expect that the majority of our revenues will continue to be generated in U.S. dollars with the balance in NIS for the foreseeable future, and that a significant portion of our expenses will continue to be denominated in NIS and partially in U.S. dollar. To date, foreign currency transaction gains and losses and exchange rate fluctuations have not been material to our consolidated financial statements, and we have not engaged in any foreign currency hedging transactions. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations—“Item 11. Quantitative and Qualitative Disclosure About Market Risk—Foreign Currency Exchange Risk.”

A portion of our revenues is generated by sales to government entities, which are subject to a number of challenges and risks.

A portion of our revenues is generated by sales to federal, state and local governmental customers as well as security agencies, and we may in the future increase sales to government entities. Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive and time consuming, often requiring significant upfront time, special customizations and expense without any assurance that we will complete a sale. Government demand and payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products. Government entities are typically considered opinion makers. Dissatisfaction of such entities from our services and/or products might harm our market reputation or future sales.

We may acquire other businesses, which could require significant management attention, disrupt our business, dilute shareholder value, and adversely affect our results of operations.

As part of our business strategy and in order to remain competitive, we are evaluating acquiring or making investments in complementary companies, products or technologies on an on-going basis. We have completed two main acquisitions to date one acquisition of the Telepath technology from Cykick Labs Ltd., and have recently entered into a nonbinding letter of intent for– the acquisition of a fast-growing Israeli company in the business proxy network solution industry. However, our ability as an organization to acquireNetNut Ltd. and integrate other companies, products or technologies in a successful manner is yet unproven. WeCyberKick. Going forward, we may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewed negatively by our customers, analysts and investors. In addition, if we are unsuccessful at integrating such acquisitions or the technologies associated with such acquisitions, our revenues and results of operations could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition or the value of our Ordinary Shares. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our shareholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.

We incur additional increased costs as a result of the listing of our securities for trading on the Nasdaq, and our management is required to devote substantial time to new compliance initiatives as well as compliance with ongoing U.S. and Israeli requirements.

As a public company in the United States, we incur significant accounting, legal and other expenses as a result of the listing of our securities on the Nasdaq. These include costs associated with corporate governance requirements of the SEC and Nasdaq, as well as requirements under Section 404 and other provisions of the Sarbanes-Oxley Act. These rules and regulations increase our legal and financial compliance costs, introduce costs such as investor relations, stock exchange listing fees and shareholder reporting, and make some activities more time consuming and costly. Any future changes in the laws and regulations affecting public companies in the United States, including Section 404 and other provisions of the Sarbanes-Oxley Act, and the rules and regulations adopted by the SEC and Nasdaq, for so long as they apply to us, will result in increased costs to us as we respond to such changes. These laws, rules and regulations could make it more difficult or more costly for us to obtain certain types of insurance, including director and officer liability insurance, and we may be forced to accept reduced policy limits and coverage or incur substantially higher costs to obtain the same or similar coverage. The impact of these requirements could also make it more difficult for us to attract and retain qualified persons to serve on our board of directors, our board committees, if any, or as executive officers.

We have identified material weaknesses in our internal control over financial reporting, which cancould possibly result in a material misstatement of our annual financial statements not to bebeing prevented or detected on a timely basis. We may also fail to comply with the rules that apply to public companies, including Section 404 of the Sarbanes-Oxley Act. This may result in a further deficiency in our internal control over financial reporting, as well as sanctions or other penalties that would harm our business.

We have identified material weaknesses in our internal control over financial reporting as of December 31, 2018, 20172022, 2021 and 2016.2020. As defined in RegulationRule 12b-2 under the Securities Exchange Act of 1934, or the Exchange Act, a “material weakness” is a deficiency, or combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of our annual or interim financial statements will not be prevented, or detected on a timely basis. Specifically,

To address this issue, we determined thathave implemented a remediation plan. As part of such remediation plan, we do not have sufficient qualified staff to provide for effective control overrecruited additional personnel with a numberrequisite level of aspects of ourqualification and experience, including accounting and finance employees with the specific technical accounting and financial reporting experience necessary for a public company, including a corporate controller and a controller and implemented additional control activities related to the period-end financial reporting process, under IFRSsuch as described below.assigning clear roles and responsibilities for accounting and financial reporting staff, enhancing internal controls related to accounting and financial reporting and hiring a qualified consultant to assess compliance of the Company’s financial reporting processes, as well as the design and implementation of effective internal control over period end financial reporting and in order to create adequate segregation of duties.

We continueBased on the actions taken, we concluded that the material weakness related to evaluateinadequate segregation of duties previously identified were remediated as of December 31, 2022. However, as it relates to the impact ofCompany's other material weakness, ineffective controls over period end financial reporting, while we believe our remediation actions improved our internal control over financial reporting, we still require validation and disclosuretesting of the design and operating effectiveness of internal controls over a sustained period of financial reporting cycles, and procedures. Astherefore concluded that as of December 31, 2018, 2017 and 2016, the ineffectiveness of the Company’s2022, our internal control over financial reporting was due to the following material weaknesses: (i) inadequate segregation of duties consistent with control objectives; and (ii) ineffective controls over period end financial reporting.not effective.

We have taken action toward remediating this material weakness by hiring additional qualified personnel with IFRS accounting and reporting experience, and intend to provide enhanced training to existing financial and accounting employees on related IFRS issues. However, the implementation of these initiatives may not fully address any material weakness or other deficiencies that we may have in our internal control over financial reporting.

Furthermore, we are only in the early stages of determining formally whether our existing internal control over financial reporting systems are compliant with Section 404 and whether there are any other material weaknesses or significant deficiencies in our existing internal controls. These controls and other procedures are designed to ensure that information required to be disclosed by us in the reports that we file with the SEC is disclosed accurately and is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms.

Even if we develop effective internal control over financial reporting, these controls may become inadequate because of changes in conditions or the degree of compliance with these policies or procedures may deteriorate, and material weaknesses and deficiencies may be discovered in them. We are working with our legal, independent accounting and financial advisors to identify those areas in which changes should be made to our financial and management control systems to manage our growth and our obligations as a public company. These areas include corporate governance, corporate control, disclosure controls and procedures and financial reporting. We have made, and will continue to make, changes in these and other areas. In any event, the process of determining whether our existing internal controls are compliant with Section 404 and sufficiently effective will require the investment of substantial time and resources, including by our chief financial officer and other members of our senior management. As a result, this process may divert internal resources and take a significant amount of time and effort to complete, even more so after we are no longer an “Emerging Growth Company.” In addition, we cannot predict the outcome of this process and whether we will need to implement remedial actions in order to implement effective controls over financial reporting. The determination of whether or not our internal controls are sufficient and any remedial actions required could result in us incurring additional costs that we did not anticipate, including the hiring of outside consultants. We may also fail to complete our evaluation, testing and any required remediation needed to comply with Section 404 in a timely fashion.

Irrespective of compliance with Section 404, any additional failure of our internal controls could have a material adverse effect on our stated results of operations and harm our reputation. As a result, we may experience higher than anticipated operating expenses, as well as higher independent auditor fees during and after the implementation of these changes. If we are unable to implement any of the required changes to our internal control over financial reporting effectively or efficiently or are required to do so earlier than anticipated, it could adversely affect our operations, financial reporting or results of operations and could result in an adverse opinion on internal controls from our independent auditors.

Furthermore, ifPursuant to Section 404(a) of the Sarbanes-Oxley Act, beginning with our annual report for the fiscal year ending December 31, 2023, we are required to furnish an attestation report by our auditor regarding the effectiveness of our internal control over financial reporting. This may lead to further material weaknesses based on the procedures performed by our auditor in testing our internal control over financial reporting. Additionally, as part of management assessments of the effectiveness of our internal control over financial reporting required by Section 404(a), our management could continue to conclude that our internal control over financial reporting is not effective due to our failure to cure any identified material weakness or otherwise, which would require us to employ remedial actions to implement effective controls. If we are unable to certifycomply with the requirements of Section 404, as applicable, in a timely manner or to assert that our internal control over financial reporting is effective, andor if our independent registered public accounting firm is unable to express an opinion or issues an adverse opinion in compliance withits attestation as to the effectiveness of our internal control over financial reporting required by Section 404, weas applicable, investors may be subject to sanctions or investigations by regulatory authorities, such as the SEC or stock exchanges, and we could lose investor confidence in the accuracy and completeness of our financial reports which could hurt our business,and the trading price of our Ordinary Shares and our ability to access the capital markets.ordinary shares could be negatively affected.

We are subject to governmental export and import controls that could subject us to liability in the event of non-compliance or impair our ability to compete in international markets.

We are also subject to U.S. and Israeli export control and economic sanctions laws, which prohibit the delivery and sale of certain products to embargoed or sanctioned countries, governments and persons. Our products could be exported to these sanctioned targets by our channel partners despite the contractual undertakings they have given us and any such export could have negative consequences, including government investigations, penalties and reputational harm. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could require export licenses or result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations.operations or cessation of export or sale of our products in sanctioned countries or to sanctioned persons. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

In addition, in the future weWe may be subject to defense-related export controls.geopolitical risks resulting from Russia’s ongoing invasion of Ukraine.

Geopolitical risks and associated military action may result in, among other things, global security issues that may adversely affect international business and economic conditions, and economic sanctions which may impact the global economy. For example, currentlythe outbreak of hostilities between Russia and Ukraine in February 2022 led to global sanctions that have impacted the international economy and given rise to potential global security issues that may adversely affect international business and economic conditions. Additional geopolitical and macroeconomic consequences of this invasion and associated sanctions cannot be predicted, and future geopolitical events, including further hostilities in Ukraine or elsewhere, could negatively impact global financial markets our solution is not subject to supervision under the Israeli Defense Export Control Law, 5767-2007, but ifbusiness as it was used for purposes that are classified as defense-related or if it falls under “dual-use goods and technology” as referred to below, we could become subject to such regulation. In particular, under the Israeli Defense Export Control Law, 5767-2007, an Israeli company may not conduct “defense marketing activity” without a defense marketing license from the Israeli Ministry of Defense, or the MOD, and may be subject to a requirement to obtain a specific license from the MOD for any export of defense related products and/or knowhow. The definition of defense marketing activity is broad and includes any marketing of “defense equipment,” “defense knowhow” or “defense services” outside of Israel, which includes “dual-use goods and technology,” (material and equipment intended in principle for civilian use and that can also be used for defensive purposes, such as our cybersecurity solutions) that is specified in the list of Goods and Dual-Use Technology annexed to the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies, if intended for defense use only, or is specified under Israeli legislation. “Dual-use goods and technology” will be subject to control by the Ministry of Economy if intended for civilian use only. In December 2013, regulations under the Wassenaar Arrangement included for the first time a chapter on cyber-related matters. We believe that our products do not fall under this chapter; however, in the future we may become subject to this regulation or similar regulations, which would limit our salesability to provide our services in those and marketing activitiesin neighboring countries and could therefore have an adverse effect oncause the price of our results of operations. Similar issues could arise under the U.S. defense/military export controls under the Arms Export Control Act and the International Traffic in Arms Regulations.ordinary shares to decline.

Our use of third-party software and other intellectual property may expose us to risks.

Some of our products and services include software or other intellectual property licensed from third parties, and we otherwise use software and other intellectual property licensed from third parties in our business. This exposes us to risks over which we may have little or no control. For example, a licensor may have difficulties keeping up with technological changes or may stop supporting the software or other intellectual property that it licenses to us. There can be no assurance that the licenses we use will be available on acceptable terms, if at all. In addition, a third party may assert that we or our customers are in breach of the terms of a license, which could, among other things, give such third party the right to terminate a license or seek damages from us, or both. Our inability to obtain or maintain certain licenses or other rights or to obtain or maintain such licenses or rights on favorable terms, or the need to engage in litigation regarding these matters, could result in delays in releases of new products, and could otherwise disrupt our business, until equivalent technology can be identified, licensed or developed.

Our use of open sourceopen-source software could negatively affect our ability to sell our software and subject us to possible litigation.

We use open sourceopen-source software and expect to continue to use open sourceopen-source software in the future. Some open sourceopen-source software licenses require users who distribute or make available as a service open sourceopen-source software as part of their own software product to publicly disclose all or part of the source code of the users’ software product or to make available any derivative works of the open sourceopen-source code on unfavorable terms or at no cost. We may face ownership claims of third parties over, or seeking to enforce the license terms applicable to, such open sourceopen-source software, including by demanding the release of the open sourceopen-source software, derivative works or our proprietary source code that was developed using such software. These claims could also result in litigation, require us to purchase a costly license or require us to devote additional research and development resources to change our software, any of which would have a negative effect on our business and results of operations. In addition, if the license terms for the open sourceopen-source code change, we may be forced to re-engineer our software or incur additional costs.

Under applicable employment laws, we may not be able to enforce covenants not to compete and therefore may be unable to prevent our competitors from benefiting from the expertise of some of our former employees.

We generally enter into non-disclosure and non-competition agreements with our employees. These agreements prohibit our employees from competing directly with us or working for our competitors or customers for a limited period after they cease working for us. We may be unable to enforce these agreements under the laws of the jurisdictions in which our employees work, and it may be difficult for us to restrict our competitors from benefiting from the expertise that our former employees or consultants developed while working for us. For example, Israeli courts have required employers seeking to enforce non-compete undertakings of a former employee to demonstrate that the competitive activities of the former employee will harm one of a limited number of material interests of the employer that have been recognized by the courts, such as the secrecy of a company’s confidential commercial information or the protection of its intellectual property. If we cannot demonstrate that such interests will be harmed, we may be unable to prevent our competitors from benefiting from the expertise of our former employees or consultants and our ability to remain competitive may be diminished.

Risks Related to Our Intellectual Property

If we are unable to obtain and maintain effective patent rights for our products, we may not be able to compete effectively in our markets. If we are unable to protect the confidentiality of our trade secrets or know-how, such proprietary information may be used by others to compete against us.

We have two patents relating to the secure dataOur reverse access product, grantedtechnology is patent protected in theseveral jurisdictions: United States, and one patent related to the secure data access product that is granted in Israel, Europe (including Austria, Switzerland, Germany, Spain, France, Great BritainUnited Kingdom and Italy. In addition, on January 29, 2019, our Chinese application for Reverse Access Method for Securing Front-End Applications was grantedItaly), Israel, China and issued. We have filed a petition to revive a patent application underlying the Telepath technology, which we obtained as part of the technology purchased from Cykick Labs Ltd. The petition was granted in November 2018 and we will continue to pursue the examination of the application. Hong-Kong.

There is no guarantee that thepending or future patent registration applications that we have submitted will result in patent registrations.grants. Failure to completefile patent registrationapplications or obtain patent grants may allow other entities to manufacture our products and compete with them. We also have several trademarks registered in the United States, Israel, the European Union and China.

Further, there is no assurance that all potentially relevant prior art relating to our patent applications has been found, which can invalidate a patent or prevent a patent from issuing from a pending patent application. Even if patents do successfully issue, and even if such patents cover our products, third parties may challenge their validity, enforceability, or scope, which may result in such patents being narrowed, found unenforceable or invalidated. Furthermore, even if they are unchallenged, our patent applications and any future patents may not adequately protect our intellectual property, provide exclusivity for our new products, or prevent others from designing around our claims. Any of these outcomes could impair our ability to prevent competition from third parties, which may have an adverse impact on our business.

If we cannot obtain and maintain effective patent rights for our products, we may not be able to compete effectively, and our business and results of operations wouldmay be harmed.

If our trademarks and trade names are not adequately protected, we may not be able to build name recognition in our markets of interest and our business may be affected.

We have filed for trademark registration of certain marks relating to our branding. If our unregistered trademarks and trade names are not adequately protected, we may not be able to build name recognition in our markets of interest and our business may be affected. Our trademarks or trade names may be challenged, infringed, circumvented or declared generic or determined to be infringing on other marks. Competitors may adopt trade names or trademarks similar to ours, thereby impeding our ability to build brand identity and possibly leading to market confusion. In addition, there could be potential trade name or trademark infringement claims brought by owners of other registered trademarks or trademarks that incorporate variations of our trademarks or trade names. In the long term, if we are unable to successfully register trademarks and trade names and establish name recognition based on such trademarks and trade names, then we may not be able to compete effectively and our business may be affected. Our efforts to enforce or protect our proprietary rights related to trademarks, trade secrets, domain names, copyrights or other intellectual property may be ineffective and could result in substantial costs and diversion of resources and could impact our financial condition or results of operations.

If we are unable to maintain effective proprietary rights for our products, we may not be able to compete effectively in our markets.

Historically, we have relied on trade secret protection and confidentiality agreements to protect proprietary know-how that is not patentable or that we elect not to patent,patent; processes that are not easily known, knowable or easily ascertainable, and for which patent infringement is difficult to monitor and enforceenforce; and any other elements of our product candidate discovery and development processes that involve proprietary know-how, information or technology that is not covered by patents. However, trade secrets can be difficult to protect. We seek to protect our proprietary technology and processes, in part, by entering into confidentiality agreements with our employees, consultants, advisors, and contractors. We also seek to preserve the integrity and confidentiality of our data, trade secrets and intellectual property by maintaining physical security of our premises and physical and electronic security of our IT systems. Agreements or security measures may be breached, and we may not have adequate remedies for any breach. In addition, our trade secrets and intellectual property may otherwise become known or be independently discovered by competitors.

We cannot provide any assurances that our trade secrets and other confidential proprietary information will not be disclosed in violation of our confidentiality agreements or that competitors will not otherwise gain access to our trade secrets or independently develop substantially equivalent information and techniques. Also, misappropriation or unauthorized and unavoidable disclosure of our trade secrets and intellectual property could impair our competitive position and may have a material adverse effect on our business. Additionally, if the steps taken to maintain our trade secrets and intellectual propertyother confidential information are deemed inadequate, we may have insufficient recourse against third parties for misappropriating any trade secret.

Intellectual property rights of third parties could adversely affect our ability to commercialize our products, and we might be required to litigate or obtain licenses from third parties in order to develop or market our product candidates. Such litigation or licenses could be costly or not available on commercially reasonable terms.

It is inherently difficult to conclusively assess our freedom to operate without infringing on third party rights. Our competitive position may be adversely affected if existing patents or patents resulting from patent applications issued to third parties or other third-party intellectual property rights are held to cover our products or elements thereof, or uses relevant to our development plans. In such cases, we may not be in a position to develop or commercialize products or our product candidates unless we successfully pursue litigation to nullify or invalidate the third-party intellectual property right concerned, or enter into a license agreement with the intellectual property right holder, if available on commercially reasonable terms. There may also be pending patent applications that if they result in issued patents, could be alleged to be infringed by our new products. If such an infringement claim should be brought and be successful, we may be required to pay substantial damages, be forced to abandon our new products, or seek a license from any patent holders. No assurances can be given that a license will be available on commercially reasonable terms, if at all.

It is also possible that we have failed to identify relevant third-party patents or applications. For example, U.S. patent applications filed before November 29, 2000 and certain U.S. patent applications filed after that date that will not be filed outside the United States, remain confidential until patents issue. Patent applications in the United States and elsewhere are published approximately 18 months after the earliest filing for which priority is claimed, with such earliest filing date being commonly referred to as the priority date. Therefore, patent applications covering our new products or technology could have been filed by others without our knowledge. Additionally, pending patent applications which have been published can, subject to certain limitations, be later amended in a manner that could cover our technologies, our new products, or the use of our new products. Third party intellectual property right holders may also actively bring infringement claims against us. We cannot guarantee that we will be able to successfully settle or otherwise resolve such infringement claims. If we are unable to successfully settle future claims on terms acceptable to us, we may be required to engage in or continue costly, unpredictable and time-consuming litigation and may be prevented from or experience substantial delays in pursuing the development of and/or marketing our new products. If we fail in any such dispute, in addition to being forced to pay damages, we may be temporarily or permanently prohibited from commercializing our new products that are held to be infringing. We might, if possible, also be forced to redesign our new products so that we no longer infringe the third-party intellectual property rights. Any of these events, even if we were ultimately to prevail, could require us to divert substantial financial and management resources that we would otherwise be able to devote to our business.

Third-party claims of intellectual property infringement may prevent or delay our development and commercialization efforts.

Our commercial success depends in part on our avoiding infringement of the patents and proprietary rights of third parties. Numerous U.S. and foreign issued patents and pending patent applications, which are owned by third parties, exist in the fields in which we are developing our products. As our industries expand and more patents are issued, the risk increases that our products may be subject to claims of infringement of the patent rights of third parties.

Third parties may assert that we are employing their proprietary technology without authorization. There may be third-party patents or patent applications with claims to designssystems, apparatuses or methods related to the use of our products. There may be currently pending patent applications that may later result in issued patents that our products may infringe. In addition, third parties may obtain patents in the future and claim that the use of our technologies infringes upon these patents.

If any third-party patents were held by a court of competent jurisdiction to cover aspects of our formulations, processes for designs, or methods of use, the holders of any such patents may be able to block our ability to develop and commercialize the applicable product candidate unless we obtain a license or until such patent expires or is finally determined to be invalid or unenforceable. In either case, such a license may not be available on commercially reasonable terms or at all.

Parties making claims against us may obtain injunctive or other equitable relief, which could effectively block our ability to further develop and commercialize one or more of our products. Defense of these claims, regardless of their merit, would involve substantial litigation expense and would be a substantial diversion of employee resources from our business. In the event of a successful claim of infringement against us, we may have to pay substantial damages, including treble damages and attorneys’ fees for willful infringement, pay royalties, redesign our infringing products or obtain one or more licenses from third parties, which may be impossible or require substantial time and monetary expenditure.

For example, on June 11, 2020, Bright Data filed an action alleging infringement by NetNut Ltd. of U.S. Patent Nos. 10,484,511 and 10,637,968, as well as claims of alleged trade secret misappropriation. The action was filed in the United States District Court for the Eastern District of Texas, Marshal Division. On June 18, 2021, Bright Data filed an action alleging infringement by NetNut of U.S. Patent Nos. 10,257,319 and 10,484,510. The action was also filed in the United States District Court for the Eastern District of Texas, Marshall Division. Bright Data amended its complaint on October 11, 2021, to additionally assert infringement of U.S. Patents Nos. 10,491,713, 11,050,852 and 11,044,346, as well as a claim for alleged false advertising. All cases filed by Bright Data were dismissed pursuant to respective settlement agreements between the parties. Although these cases were dismissed, we may become subject to similar actions in the future with other parties.

Patent policy and rule changes could increase the uncertainties and costs surrounding the prosecution of our patent applications and the enforcement or defense of any issued patents.

Changes in either the patent laws or interpretation of the patent laws in the United States and other countries may diminish the value of any patents that may issue from our patent applications or narrow the scope of our patent protection. Publications of discoveries in the scientific literature often lag behind the actual discoveries, and patent applications in the United States and other jurisdictions are typically not published until 18 months after filing, or in some cases not at all. We therefore cannot be certain that we were the first to file the inventioninventions claimed in our owned patentpatents or pending applications, or that we were the first to file for patent protection of such inventions. Assuming all other requirements for patentability are met, in the United States prior to March 15, 2013, the first patent applicant to makeinvent the claimed invention without undue delay in filing, is entitled to the patent, while for the most part outside the United States, the first inventor to file a patent application is entitled to the patent. After March 15, 2013, under the Leahy-Smith America Invents Act, or the Leahy-Smith Act, enacted on September 16, 2011, the United States has moved to a first to filefirst-inventor-to-file system. The Leahy-Smith Act also includes a number of significant changes that affect the wayUnited States patent applications will be prosecutedsystem is frequently changing, however, as are other international patent systems, and thus we may also affect patent litigation. In general, the Leahy-Smith Act and its implementation could increase theexperience uncertainties and costs surrounding the prosecution of our patent applications and the enforcement or defense of any issued patents, all of which could have a material adverse effect on our business and financial condition.

We may be involved in lawsuits to protect or enforce our intellectual property, which could be expensive, time consuming, and unsuccessful.

Competitors may infringe our intellectual property. If we were to initiate legal proceedings against a third party to enforce a patent covering one of our new products, the defendant could counterclaim that the patent covering our product candidate is invalid and/or unenforceable. In patent litigation in the United States, defendant counterclaims alleging invalidity and/or unenforceability are commonplace. Grounds for a validity challenge could be an alleged failure to meet any of several statutory requirements, including lack of novelty, obviousness or non-enablement.non-enablement, among others. Grounds for an unenforceability assertion could be an allegation that someone connected with prosecution of the patent withheld relevant information from the U.S. Patent and Trademark Office, or the USPTO, or made a misleading statement, during prosecution. Under the Leahy-Smith Act, theThe validity of U.S. patents may also be challenged in post-grant proceedings before the USPTO. The outcome following legal assertions of invalidity and unenforceability is unpredictable.

On June 19,In 2014, the U.S. Supreme Court decided Alice Corp. v. CLS Bank International in which the Court addressed the question of whether patents related to software are patent eligible subject matter. The Supreme Court did not rule that patents related to software were per se invalid or that software-related inventions were unpatentable. The Supreme Court outlined a test that the courts and the USPTO must apply in determining whether software-related inventions qualify as patent eligible subject matter. TheAlicedecision and decision and other decisions following that decision have resulted in many software patents having been found invalid as not claiming patent eligible subject matter. Our U.S. patent and recently allowedpatents, like all U.S. patent application were examined after theAlicedecision andpatents, are presumed valid, but that does not mean that our issued patents cannot be challenged.challenged on grounds of patent eligibility, or other grounds.

Derivation proceedings initiated by third parties or brought by us may be necessary to determine the priority of inventions and/or their scope with respect to our patentpatents or patent applications or those of our licensors. An unfavorable outcome could require us to cease using the related technology or to attempt to license rights to it from the prevailing party. Our business could be harmed if the prevailing party does not offer us a license on commercially reasonable terms. Our defense of litigation or interference proceedings may fail and, even if successful, may result in substantial costs and distract our management and other employees. In addition, the uncertainties associated with litigation could have a material adverse effect on our ability to raise the funds necessary to effectively market our products, continue our research programs, license necessary technology from third parties, or enter into development partnerships that would help us bring our new products to market.

Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation. There could also be public announcements of the results of hearings, motions, or other interim proceedings or developments. If securities analysts or investors perceive these results to be negative, it could have a material adverse effect on the price of our Ordinary Shares.

We may be subject to claims challenging the inventorship of our intellectual property.

We may be subject to claims that former employees, collaborators or other third parties have an interest in, or right to compensation, with respect to our current patent and patent applications, future patents or other intellectual property as an inventor or co-inventor. For example, we may have inventorship disputes arise from conflicting obligations of consultants or others who are involved in developing our products. Litigation may be necessary to defend against these and other claims challenging inventorship or claiming the right to compensation. If we fail in defending any such claims, in addition to paying monetary damages, we may lose valuable intellectual property rights, such as exclusive ownership of, or right to use, valuable intellectual property. Such an outcome could have a material adverse effect on our business. Even if we are successful in defending against such claims, litigation could result in substantial costs and be a distraction to management and other employees.

In addition, under the Israeli Patent Law, 5727-1967, or the Patent Law, inventions conceived by an employee in the course and as a result of or arising from his or her employment with a company are regarded as “service inventions,” which belong to the employer, absent a specific agreement between the employee and employer giving the employee service invention rights. The Patent Law also provides that if there is no such agreement between an employer and an employee, the Israeli Compensation and Royalties Committee, or the Committee, a body constituted under the Patent Law, shall determine whether the employee is entitled to remuneration for his inventions. Recent case law clarifies that the right to receive consideration for “service inventions” can be waived by the employee and that in certain circumstances, such waiver does not necessarily have to be explicit. The Committee will examine, on a case-by-case basis, the general contractual framework between the parties, using interpretation rules of the general Israeli contract laws. Further, the Committee has not yet determined one specific formula for calculating this remuneration (but rather uses the criteria specified in the Patent Law). Although we generally enter into assignment-of-invention agreements with our employees pursuant to which such individuals assign to us all rights to any inventions created in the scope of their employment or engagement with us, we may face claims demanding remuneration in consideration for assigned inventions. As a consequenceBecause of such claims, we could be required to pay additional remuneration or royalties to our current and former employees, or be forced to litigate such claims, which could negatively affect our business.

We may not be able to protect our intellectual property rights.

Filing, prosecuting, and defending patents on products, as well as monitoring their infringement in all countries throughout the world, would be prohibitively expensive, and our intellectual property rights in some countries can be less extensive than those in the United States. In addition, the laws of some foreign countries do not protect intellectual property rights to the same extent as federal and state laws in the United States.

Competitors may use our technologies in jurisdictions where we have not obtained patent protection to develop their own products and may also export otherwise infringing products to territories where we have patent protection, but enforcement is not as strong as that in the United States. These products may compete with our products. Future patents or other intellectual property rights may not be effective or sufficient to prevent them from competing.

Many companies have encountered significant problems in protecting and defending intellectual property rights in foreign jurisdictions. The legal systems of certain countries, particularly certain developing countries, do not favor the enforcement of patents, trade secrets, and other intellectual property protection, which could make it difficult for us to stop the marketing of competing products in violation of our proprietary rights generally. Proceedings to enforce our patent rights in foreign jurisdictions, whether or not successful, could result in substantial costs and divert our efforts and attention from other aspects of our business, could put our future patents at risk of being invalidated or interpreted narrowly and our patent applications at risk of not issuing and could provoke third parties to assert claims against us. We may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be commercially meaningful. Accordingly, our efforts to monitor and enforce our intellectual property rights around the world may be inadequate to obtain a significant commercial advantage from the intellectual property that we develop or license.

Because of the expense of litigation, we may be unable to enforce our intellectual property rights, unless we obtain the agreement of a third party to provide funding in support of our litigation. We cannot assure that we will be able to obtain third party funding, and the failure to obtain such funding may impair our ability to monetize our intellectual property portfolio. Since we do not have funds to pursue litigation to enforce our intellectual property rights, we are dependent upon the valuation which potential funding sources give to our intellectual property. In determining whether to provide funding for intellectual property litigation, the funding sources need to make an evaluation of the strength of our patents, the likelihood of success, the nature of the potential defendants and a determination as to whether there is a sufficient potential recovery to justify a significant investment in intellectual property litigation. Typically, such funding sources receive a percentage of the recovery after litigation expenses and seek to generate a sufficient return on investment to justify the investment. Unless that funding source believes that it will generate a sufficient return on investment, it will not fund litigation. We cannot assure that we will be able to negotiate funding agreements with third party funding sources on terms reasonably acceptable to us, if at all. Because of our financial condition, we may only be able to obtain funding on terms which are less favorable to us than we would otherwise be able to obtain. Furthermore, even if we enter into funding agreements, there is no assurance that we will generate revenue from the funded litigation. Although the funding source makes its evaluation as to the likelihood of success, patent litigation is very uncertain, and we cannot assure that, just because we obtain litigation funding, we will be successful or that any recovery we may obtain will be significant. In addition, recent reportsdefending our intellectual property rights may depend upon our ability to retain the qualified legal counsel to prosecute patent infringement litigation. It may be difficult to find the preferred choice for legal counsel to handle our cases because many of these firms may have a conflict of interest that prevents their representation of us or because they are not willing to represent us on a contingent or partial contingent fee basis. It is difficult to predict the outcome of patent enforcement litigation at a trial level as it is often difficult for juries and trial judges to understand complex, patented technologies, and, as a result, there is a higher rate of successful hacking attacks aroundappeals in patent enforcement litigation than more standard business litigation. Regardless of whether we prevail in the world have ledtrial court, appeals are expensive and time consuming, resulting in increased costs and delayed revenue, and attorneys may be less likely to represent us in an appeal on a realization that a company’s intellectual property can be copied or destroyed. Our business could be adversely harmedcontingency basis especially if we are subjectseeking to appeal an adverse decision. Although we may diligently pursue enforcement litigation, we cannot predict the decisions made by juries and trial courts. In connection with patent enforcement actions, it is possible that a defendant may file counterclaims against us, or a court may rule that we have violated statutory authority, regulatory authority, federal rules, local court rules, or governing standards relating to the substantive or procedural aspects of such an attack onenforcement actions. In such event, a court may issue monetary sanctions against us or our systems.operating subsidiaries or award attorney’s fees and/or expenses to the counterclaiming defendant, which could be material, and if we or our operating subsidiaries are required to pay such monetary sanctions, attorneys’ fees and/or expenses, such payment could materially harm our operating results, our financial position and our ability to continue in business.

Risks Related to the Ownership of Our ADSs or Ordinary Shares

SalesWe cannot guarantee that we will continue to comply with the Nasdaq minimum bid requirement. If we fail to comply with the Nasdaq minimum bid requirement, our ADSs could be delisted from Nasdaq, and as a result we and our shareholders could incur material adverse consequences, including a negative impact on our liquidity, our shareholders’ ability to sell shares and our ability to raise capital.

Our ADSs are currently listed on Nasdaq. On January 12, 2022, we were advised that we no longer comply with the Minimum Bid Requirement. Pursuant to Nasdaq Listing Rule 5810(c)(3)(A), we were granted a 180-calendar day compliance period, or until July 11, 2022, to regain compliance with the Minimum Bid Requirement. To regain compliance, the closing bid price of our ADSs had to meet or exceed $1.00 per share for at least 10 consecutive business days during the 180-calendar day compliance period. On July 11, 2022, we were afforded a second 180-calendar day compliance period. To qualify for this additional time, we were required to meet the continued listing requirement for market value of publicly held shares and all other initial listing standards for Nasdaq with the exception of the Minimum Bid Requirement, and needed to provide written notice of our intention to cure the deficiency during the second compliance period.

On October 24, 2022, we announced our plans to change the ratio of the ADSs to our Ordinary Shares, from the ADS Ratio of one ADS to one Ordinary Share, to a new ADS ratio of one ADS to ten Ordinary Shares. The ADS ratio change became effective on November 8, 2022. On November 3, 2022, we reported the receipt of a formal notification from the Nasdaq that we have regained compliance with the Minimum Bid Requirement. The Nasdaq staff made this determination of compliance after the closing bid price of the ADSs was at $1.00 per share or greater for the prior 10 consecutive business days. Accordingly, Nasdaq considers the prior bid price deficiency matter now closed.

We cannot guarantee that we will continue to comply with the Minimum Bid Requirement. If we fail to demonstrate compliance with the Minimum Bid Requirement and satisfy Nasdaq’s conditions for continued listing, our Ordinary Shares could be delisted. Delisting from the Nasdaq could have an adverse effect on our business and on the trading of our Ordinary Shares. If a delisting of our Ordinary Shares were to occur, such shares may trade in the over-the-counter market such as on the OTC Bulletin Board or on the “pink sheets.” The over-the-counter market is generally considered to be a less efficient market, and this could diminish investors’ interest in our Ordinary Shares as well as significantly impact the price and liquidity of our Ordinary Shares. Any such delisting may also severely complicate trading of our Ordinary Shares by our shareholders or prevent them from re-selling their Ordinary Shares at/or above the price they paid.

Issuance of a significant amount of additional Ordinary Shares on exercise or conversion of outstanding warrants and/or substantial future sales of our Ordinary Shares may depress our share price.

As of March 24, 2023, we had approximately 32.9 million Ordinary Shares issued and outstanding and approximately 16.1 million of additional Ordinary Shares which are issuable upon exercise of outstanding warrants and employee options. The issuance of a significant amount of additional Ordinary Shares on account of these outstanding securities will dilute our current shareholders’ holdings and may depress our share price. If these or other shareholders sell substantial amounts of our Ordinary Shares and/or ADSs, including shares issuable upon the exercise or conversion of outstanding warrants or employee options, or if the perception exists that our shareholders may sell a substantial number of our ADSs or Ordinary Shares inand/or ADSs, we cannot foresee the publicimpact of any potential sales on the market by our existing shareholders could cause our share price to fall.

Sales of a substantial number of our ADSs orthese additional Ordinary Shares, in the public market, or the perceptionbut it is possible that these sales might occur, could depress the market price of our ADSs or Ordinary Shares would be adversely affected. Any substantial sales of our shares in the public market might also make it more difficult for us to sell equity or equity related securities in the future at a time and on terms we deem appropriate. Even if a substantial number of sales do not occur, the mere existence of this “market overhang” could impair our ability to raise capital through the sale of additional equity securities. We are unable to predict the effect that sales may have a negative impact on the prevailingmarket for, and the market price of, our ADSs or Ordinary Shares.

YouHolders of ADSs may not receive the same distributions or dividends as those we make to the holders of our Ordinary Shares, and, in some limited circumstances, youholders of ADSs may not receive dividends or other distributions on our Ordinary Shares and you may not receive any value for them, if it is illegal or impractical to make them available to you.holders of ADSs. 

The depositary for the ADSs has agreed to pay to youADS holders the cash dividends or other distributions it or the custodian receives on Ordinary Shares or other deposited securities underlying the ADSs, after deducting its fees and expenses. YouAlthough, we do not currently anticipate paying any dividends, if we do, the ADS holders will receive these distributions in proportion to the number of Ordinary Shares your ADSs represent. However, the depositary is not responsible if it decides that it is unlawful or impractical to make a distribution available to any holders of ADSs. For example, it would be unlawful to make a distribution to a holder of ADSs if it consists of securities that require registration under the Securities Act of 1933, as amended, or the Securities Act, but that are not properly registered or distributed under an applicable exemption from registration. In addition, conversion into U.S. dollars from foreign currency that was part of a dividend made in respect of deposited Ordinary Shares may require the approval or license of, or a filing with, any government or agency thereof, which may be unobtainable. In these cases, the depositary may determine not to distribute such property and hold it as “deposited securities” or may seek to effect a substitute dividend or distribution, including net cash proceeds from the sale of the dividends that the depositary deems an equitable and practicable substitute. We have no obligation to register under U.S. securities laws any ADSs, Ordinary Shares, rights or other securities received through such distributions. We also have no obligation to take any other action to permit the distribution of ADSs, Ordinary Shares, rights, or anything else to holders of ADSs. In addition, the depositary may withhold from such dividends or distributions its fees and an amount on account of taxes or other governmental charges to the extent the depositary believes it is required to make such withholding. This means that you may not receive the same distributions or dividends as those we make to the holders of our Ordinary Shares, and, in some limited circumstances, you may not receive any value for such distributions or dividends if it is illegal or impractical for us to make them available to you. These restrictions may cause a material decline in the value of the ADSs.

Our warrants are speculative in nature.

Our warrants do not confer any rights of ownership of Ordinary Shares or ADSs on their holders, such as voting rights or the right to receive dividends, but only represent the right to acquire ADSs at a fixed price and for a limited period. Specifically, commencing on the date of issuance, holders of the warrants may exercise their right to acquire ADSs and pay an exercise price per ADS ranging between $6.75 and $2,870, subject to adjustment upon certain events, prior to five years from the date of issuance, after which date any unexercised warrants will expire and have no further value.

Holders of our warrants will have no rights as shareholders until such holders exercise their warrants and acquire our ADSs.

Until holders of the warrants acquire our ADSs upon exercise of the warrants, they will have no rights with respect to our ADSs or Ordinary Shares underlying such warrants. Upon exercise of the warrants the holders thereof will be entitled to exercise the rights of a holder of ADSs only as to matters for which the record date occurs after the exercise date.

We have never paid cash dividends on our share capital, and we do not anticipate paying any cash dividends in the foreseeable future. 

We have never declared or paid cash dividends, and we do not anticipate paying cash dividends in the foreseeable future. In addition, Israeli law limits our ability to declare and pay dividends, and may subject our dividends to Israeli withholding taxes, and our payment of dividends (out of tax-exempt income) may subject us to certain Israeli taxes, to which we would not otherwise be subject.

Holders of ADSs may not have the same voting rights as the holders of our Ordinary Shares and may not receive voting materials in time to be able to exercise the right to vote.

Holders of the ADSs may not be able to exercise voting rights attaching to the Ordinary Shares underlying the ADSs on an individual basis. Instead, holders of the ADSs appoint the depositary or its nominee as their representative to exercise the voting rights attaching to the Ordinary Shares in the form of ADSs. Holders of ADSs may not receive voting materials in time to instruct the depositary to vote, and it is possible that they, or persons who hold their ADSs through brokers, dealers or other third parties, will not have the opportunity to exercise a right to vote. Furthermore, the depositary will not be liable for any failure to carry out any instructions to vote, for the manner in which any vote is cast or for the effect of any such vote. As a result, you may not be able to exercise voting rights and may lack recourse if your ADSs are not voted as requested. 

Holders of ADSs must act through the depositary to exercise their rights as shareholders of our company. 

Holders of our ADSs do not have the same rights of our shareholders and may only exercise the voting rights with respect to the underlying Ordinary Shares in accordance with the provisions of the deposit agreement for the ADSs. Under Israeli law and our articles of association, the minimum notice period required to convene a shareholders meeting is generally no less than 35 calendar days, but in some instances, 21 or 2114 calendar days, depending on the proposals on the agenda for the shareholders meeting. When a shareholder meeting is convened, holders of our ADSs may not receive sufficient notice of a shareholders’ meeting to permit them to withdraw their Ordinary Shares to allow them to cast their vote with respect to any specific matter. In addition, the depositary and its agents may not be able to send voting instructions to holders of our ADSs or carry out their voting instructions in a timely manner. We will make all reasonable efforts to cause the depositary to extend voting rights to holders of our ADSs in a timely manner, but we cannot assure holders that they will receive the voting materials in time to ensure that they can instruct the depositary to vote their Ordinary Shares underlying the ADSs. Furthermore, the depositary and its agents will not be responsible for any failure to carry out any instructions to vote, for the manner in which any vote is cast or for the effect of any such vote. As a result, holders of our ADSs may not be able to exercise their right to vote and they may lack recourse if their ADSs are not voted as they requested. In addition, in the capacity as a holder of ADSs, they will not be able to call a shareholders’ meeting.

The Jumpstart Our Business Startups Act of 2012, or the JOBS Act, will allowallows us to postpone the date by which we must comply with some of the laws and regulations intended to protect investors and to reduce the amount of information we provide in our reports filed with the SEC, which could undermine investor confidence in our company and adversely affect the market price of our ADSs or Ordinary Shares.

For so long as we remain an “emerging growth company” as defined in the Jumpstart Our Business StartupsJOBS Act, of 2012, orwhich at the JOBS Act,latest will be until December 31, 2023, we intend to take advantage of certain exemptions from various requirements that are applicable to public companies that are not “emerging growth companies” including:

We intend to take advantage of these exemptions until we are no longer an “emerging growth company.” We will remain an emerging growth company until the earlier of (1) the last day of the fiscal year (a) following the fifth anniversary of the date of our first sale of common equity securities pursuant to an effective registration statement under the Securities Act, which is December 31, 2023, (b) in which we have total annual gross revenue of at least $1.07$1.235 billion, or (c) in which we are deemed to be a large accelerated filer, which means the market value of our Ordinary Shares that is held by non-affiliates exceeds $700 million as of the prior June 30, and (2) the date on which we have issued more than $1.0 billion in non-convertible debt during the prior three-year period.

We cannot predict if investors will find our ADSs or Ordinary Shares less attractive because we may rely on these exemptions. If some investors find our ADSs or Ordinary Shares less attractive as a result, there may be a less active trading market for our ADSs or Ordinary Shares, and our market prices may be more volatile and may decline.

As a “foreign private issuer” we are permitted and intend, to follow certain home country corporate governance practices instead of otherwise applicable SEC and Nasdaq requirements, which may result in less protection than is accorded to investors under rules applicable to domestic U.S. issuers.

Our status as a foreign private issuer also exempts us from compliance with certain SEC laws and regulations and certain regulations of the Nasdaq Stock Market, including the proxy rules, the short-swing profits recapture rules, and certain governance requirements such as independent director oversight of the nomination of directors and executive compensation. In addition, we will not be required under the Exchange, Act of 1934, as amended, or the Exchange Act, to file current reports and consolidated financial statements with the SEC as frequently or as promptly as U.S. domestic companies whose securities are registered under the Exchange Act and we will generally be exempt from filing quarterly reports with the SEC. Also, although a recent amendment to the Israeli Companies Law 5759-1999, or the Israeli Companies Law, will requirerequires us to disclose the annual compensation of our five most highly compensated senior officers on an individual basis, (rather than on an aggregate basis, as was permitted under the Companies Law for Israeli public companies listed overseas, such as in the United States, prior to such amendment), this disclosure willis not be as extensive as that required of a U.S. domestic issuer. For example, it currently appears as if the disclosure required under Israeli law would be limited to compensation paid in the immediately preceding year without any requirement to disclose option exercises and vested stock options, pension benefits or potential payments upon termination or a change of control. Furthermore, as a foreign private issuer, we are also not subject to the requirements of Regulation FD (Fair Disclosure) promulgated under the Exchange Act.

These exemptions and leniencies will reduce the frequency and scope of information and protections to which you are entitled as an investor. 

We may be a “passive foreign investment company”, or PFIC, for U.S. federal income tax purposes in the current taxable year or may become one in any subsequent taxable year. There generally would be negative tax consequences for U.S. taxpayers that are holders of our ADSs or Ordinary Shares if we are or were to become a PFIC.

Based on the projected composition of our income and valuation of our assets, we do not expect to be a PFIC for 2018,2022, and we do not expect to become a PFIC in the future, although there can be no assurance in this regard. The determination of whether we are a PFIC is made on an annual basis and will depend on the composition of our income and assets from time to time. We will be treated as a PFIC for U.S. federal income tax purposes in any taxable year in which either (1) at least 75% of our gross income is “passive income” or (2) on average at least 50% of our assets by value produce passive income or are held for the production ofto produce passive income. Passive income for this purpose generally includes, among other things, certain dividends, interest, royalties, rents and gains from commodities and securities transactions and from the sale or exchange of property that gives rise to passive income. Passive income also includes amounts derived by reason of the temporary investment of funds, including those raised in a public offering. In determining whether a non-U.S. corporation is a PFIC, a proportionate share of the income and assets of each corporation in which it owns, directly or indirectly, at least a 25% interest (by value) is taken into account.considered. The tests for determining PFIC status are applied annually, and it is difficult to make accurate projections of future income and assets which are relevant to this determination. In addition, our PFIC status may depend in part on the market value of our ADSs or Ordinary Shares. Accordingly, there can be no assurance that we currently are not or will not become a PFIC in the future. If we are a PFIC in any taxable year during which a U.S. taxpayer holds our ADSs or Ordinary Shares, such U.S. taxpayer would be subject to certain adverse U.S. federal income tax rules. In particular, if the U.S. taxpayer did not make an election to treat us as a “qualified electing fund,” or QEF, or make a “mark-to-market” election, then “excess distributions” to the U.S. taxpayer, and any gain realized on the sale or other disposition of our ADSs or Ordinary Shares by the U.S. taxpayer: (1) would be allocated ratably over the U.S. taxpayer’s holding period for the ADSs or Ordinary Shares; (2) the amount allocated to the current taxable year and any period prior to the first day of the first taxable year in which we were a PFIC would be taxed as ordinary income; and (3) the amount allocated to each of the other taxable years would be subject to tax at the highest rate of tax in effect for the applicable class of taxpayer for that year, and an interest charge for the deemed deferral benefit would be imposed with respect to the resulting tax attributable to each such other taxable year. In addition, if the U.S. Internal Revenue Service, or the IRS, determines that we are a PFIC for a year with respect to which we have determined that we were not a PFIC, it may be too late for a U.S. taxpayer to make a timely QEF or mark-to-market election. U.S. taxpayers that have held our ADSs or Ordinary Shares during a period when we were a PFIC will be subject to the foregoing rules, even if we cease to be a PFIC in subsequent years, subject to exceptions for U.S. taxpayer who made a timely QEF or mark-to-market election. A U.S. taxpayer can make a QEF election by completing the relevant portions of and filing IRS Form 8621 in accordance with the instructions thereto. We do not intend to notify U.S. taxpayers that hold our ADSs or Ordinary Shares if we believe we will be treated as a PFIC for any taxable year in order to enable U.S. taxpayers to consider whether to make a QEF election. In addition, we do not intend to furnish such U.S. taxpayers annually with information needed in order to complete IRS Form 8621 and to make and maintain a valid QEF election for any year in which we or any of our subsidiaries are a PFIC. U.S. taxpayers that hold our ADSs or Ordinary Shares are strongly urged to consult their tax advisors about the PFIC rules, including tax return filing requirements and the eligibility, manner, and consequences to them of making a QEF or mark-to-market election with respect to our ADSs or Ordinary Shares in the event thatif we are a PFIC. See “Item 10.E. Taxation — Taxation—U.S. Federal Income Tax Considerations — Considerations—Passive Foreign Investment Companies” for additional information.

We may be subject to securities litigation, which is expensive and could divert management attention.

If securities or industry analysts do not publish or cease publishing research or reports about us, our business or our market, or if they adversely change their recommendations or publish negative reports regarding our business or our shares, our share price and trading volume could decline.

The trading market for our ADSs or Ordinary Shares will be influenced by the research and reports that industry or securities analysts may publish about us, our business, our market or our competitors. We do not have any control over these analysts and we cannot provide any assurance that analysts will cover us or provide favorable coverage. If any of the analysts who may cover us adversely change their recommendation regarding our shares, or provide more favorable relative recommendations about our competitors, our share price would likely decline. If any analyst who may cover us were to cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which in turn could cause our share price or trading volume to decline. 

ADSs holders may not be entitled to a jury trial with respect to claims arising under the deposit agreement, which could augurresult in less favorable results to the plaintiff(s) in any such action. 

The deposit agreement governing the ADSs representing our Ordinary Shares provides that holders and beneficial owners of ADSs irrevocably waive the right to a trial by jury in any legal proceeding arising out of or relating to the deposit agreement or the ADSs, including claims under federal securities laws, against us or the depositary to the fullest extent permitted by applicable law. If this jury trial waiver provision is prohibited by applicable law, an action could nevertheless proceed under the terms of the deposit agreement with a jury trial. To our knowledge, the enforceability of a jury trial waiver under the federal securities laws has not been finally adjudicated by a federal court. However, we believe that a jury trial waiver provision is generally enforceable under the laws of the State of New York, which govern the deposit agreement, by a court of the State of New York or a federal court, which have non-exclusive jurisdiction over matters arising under the deposit agreement, applying such law. In determining whether to enforce a jury trial waiver provision, New York courts and federal courts will consider whether the visibility of the jury trial waiver provision within the agreement is sufficiently prominent such that a party has knowingly waived any right to trial by jury. We believe that this is the case with respect to the deposit agreement and the ADSs. In addition, New York courts will not enforce a jury trial waiver provision in order to bar a viable setoff or counterclaim sounding in fraud or one which is based upon a creditor’s negligence in failing to liquidate collateral upon a guarantor’s demand, or in the case of an intentional tort claim (as opposed to a contract dispute), none of which we believe are applicable in the case of the deposit agreement or the ADSs. No condition, stipulation or provision of the deposit agreement or ADSs serves as a waiver by any holder or beneficial owner of ADSs or by us or the depositary of compliance with any provision of the federal securities laws. If you or any other holder or beneficial owner of ADSs brings a claim against us or the depositary in connection with matters arising under the deposit agreement or the ADSs, you or such other holder or beneficial owner may not be entitled to a jury trial with respect to such claims, which may have the effect of limiting and discouraging lawsuits against us and / or the depositary. If a lawsuit is brought against us and / or the depositary under the deposit agreement, it may be heard only by a judge or justice of the applicable trial court, which would be conducted according to different civil procedures and may augurresult in different results than a trial by jury would have had, including results that could be less favorable to the plaintiff(s) in any such action, depending on, among other things, the nature of the claims, the judge or justice hearing such claims, and the venue of the hearing.

Risks Related to Israeli Law and Our Operations in Israel

Provisions of Israeli law and our articles of association may delay, prevent or otherwise impede a merger with, or an acquisition of, our company, which could prevent a change of control, even when the terms of such a transaction are favorable to us and our shareholders.

As a company incorporated under the law of the State of Israel, we are subject to Israeli law. Israeli corporate law regulates mergers, requires tender offers for acquisitions of shares above specified thresholds, requires special approvals for transactions involving directors, officers or significant shareholders and regulates other matters that may be relevant to such types of transactions. For example, a merger may not be consummated unless at least 50 days have passed from the date on which a merger proposal is filed by each merging company with the Israel Registrar of Companies and at least 30 days have passed from the date on which the shareholders of both merging companies have approved the merger. In addition, a majority of each class of securities of the target company must approve a merger. Moreover, a tender offer for all of a company’s issued and outstanding shares can only be completed if the acquirer receives positive responses from the holders of at least 95% of the issued share capital and a majority of the offerees that do not have a personal interest in the tender offer approves the tender offer, unless, following consummation of the tender offer, the acquirer would hold at least 98% of the company’s outstanding shares. Under the Israeli law, a potential bidder for the company’s shares, who would as a result of a purchase of shares hold either 25% of the voting rights in the company when no other party holds 25% or more, or 45% of the voting rights in the company where no other shareholders holds 45% of the voting rights, would be required to make a special purchase offer as set out in the provisions of the Israeli law. The Israeli law requires a special purchase offer to be submitted to shareholders for a pre-approval vote. A majority vote is required to accept the offer. An offeror who is regarded as a ‘controlling shareholder’ under Israeli law, as well as those who control the offeror, those who have a personal interest in the acceptance of the special purchase offer, or those who holds 25% of the voting rights in the company, or those on behalf of those or the offeror, including their relatives or corporations under their control, cannot vote on the resolution and the procedure includes a secondary vote of the non-voting shareholders and the shareholders who rejected the offer at pre-approval level. A special purchase offer may not be accepted unless shares that carry 5% of the voting rights in the target company are acquired. Furthermore, the shareholders may, at any time within six months following the completion of the tender offer, claim that the consideration for the acquisition of the shares does not reflect their fair market value, and petition an Israeli court to alter the consideration for the acquisition accordingly, other than those who indicated their acceptance of the tender offer in case the acquirer stipulated in its tender offer that a shareholder that accepts the offer may not seek such appraisal rights, and the acquirer or the company published all required information with respect to the tender offer prior to the tender offer’s response date. In addition, our articles of association provide for a staggered board of directors, which mechanism may delay, defer or prevent a change of control of the Company. See “Description“Item 10.B Memorandum and Articles of Share Capital—Association — Provisions Restricting Change in Control of Our Company—Acquisitions under Israeli Law”Company” for additional information.

Israeli tax considerations also may make potential transactions unappealing to us or to our shareholders whose country of residence does not have a tax treaty with Israel exempting such shareholders from Israeli tax. For example, Israeli tax law does not recognize tax-free share exchanges to the same extent as U.S. tax law. With respect to mergers, Israeli tax law allows for tax deferral in certain circumstances but makes the deferral contingent on the fulfillment of a number of conditions, including, in some cases, a holding period of two years from the date of the transaction during which sales and dispositions of shares of the participating companies may be subject to certain restrictions and additional terms. Moreover, with respect to certain share swap transactions, the tax deferral is limited in time, and when such time expires, the tax becomes payable even if no disposition of the shares has occurred. See “Taxation—“Item 10.E. Taxation—Israeli Tax Considerations and Government Programs” for additional information. 

YourThe rights and responsibilities asof a holder of our securities will be governed by Israeli law, which differs in some material respects from the rights and responsibilities of shareholders of U.S. companies.

The rights and responsibilities of the holders of our Ordinary Shares (and therefore indirectly, the ADSs and the warrants) are governed by our articles of association and by Israeli law. These rights and responsibilities differ in some material respects from the rights and responsibilities of shareholders in typical U.S.-based corporations. In particular, a shareholder of an Israeli company has certain duties to act in good faith in a customary manner in exercising its rights and performing its obligations towards the company and other shareholders and to refrain from abusing its power in the company including, among other things, in voting at the general meeting of shareholders on certain matters, such as an amendment to the company’s articles of association, an increase of the company’s authorized share capital, a merger of the company, and approval of related party transactions that require shareholder approval. A shareholder also has a general duty to refrain from discriminating against other shareholders. In addition, a controlling shareholder or a shareholder who knows that it possesses the power to determine the outcome of a shareholder vote or to appoint or prevent the appointment of an officer of the company has a duty to act in fairness towards the company with regard to such vote or appointment. However, Israeli law does not define the substance of this duty of fairness. There is limited case law available to assist us in understanding the nature of this duty or the implications of these provisions. These provisions may be interpreted to impose additional obligations on holders of our Ordinary Shares that are not typically imposed on shareholders of U.S. corporations. See “Management—“Item 6.C. Board Practices—Duties of Shareholders” for additional information.

It may be difficult to enforce a judgment of a U.S. court against us and our officers and directors and the Israeli experts named in this annual report in Israel or the United States, to assert U.S. securities laws claims in Israel or to serve process on our officers and directors and these experts.

We were incorporated in Israel and our corporate headquarters are located in Israel. The vast majority of our executive officers and directors and the Israeli experts named in this annual report on Form 20-F are located in Israel. All of our assets and most of the assets of these persons are located in Israel. Therefore, a judgment obtained against us, or any of these persons, including a judgment based on the civil liability provisions of the U.S. federal securities laws, may not be collectible in the United States and may not necessarily be enforced by an Israeli court. It also may be difficult to affect service of process on these persons in the United States or to assert U.S. securities law claims in original actions instituted in Israel. Additionally, it may be difficult for an investor, or any other person or entity, to initiate an action with respect to U.S. securities laws in Israel. Israeli courts may refuse to hear a claim based on an alleged violation of U.S. securities laws reasoning that Israel is not the most appropriate forum in which to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable to the claim. If U.S. law is found to be applicable, the content of applicable U.S. law must be proven as a fact by expert witnesses, which can be a time consuming and costly process. Certain matters of procedure will also be governed by Israeli law. There is little binding case law in Israel that addresses the matters described above. As a result of the difficulty associated with enforcing a judgment against us in Israel, you may not be able to collect any damages awarded by either a U.S. or foreign court. See “Enforceability of Civil Liabilities” for additional information on your ability to enforce a civil claim against us and our executive officers or directors named in this annual report.

Our headquarters and other significant operations are located in Israel, and, therefore, our results may be adversely affected by political, economic and military instability in Israel.

Our executive offices, corporate headquarters and principal research and development facilities are located in Israel. In addition, the vast majorityall of our key employees, officers and directors are residents of Israel. Accordingly, political, economic and military conditions in Israel and the surrounding region may directly affect our business. Since the establishment of the State of Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring Arab countries, the Hamas militant group (an Islamist militia and political group that controls the Gaza strip) and the Hezbollah.Hezbollah (an Islamist militia and political group based in Lebanon). Any hostilities involving Israel or the interruption or curtailment of trade between Israel and its trading partners could adversely affect business conditions in Israel in general and our business in particular, and adversely affect our product development, our operations and results of operations. Ongoing and revived hostilities or other Israeli political or economic factors, such as, an interruption of operations at the Tel Aviv airport, could prevent or delay our regular operation, product development and delivery of products. If continued or resumed, these hostilities may negatively affect business conditions in Israel in general and our business in particular. In the event that hostilities disrupt the ongoing operation of our facilities and our operations may be materially adversely affected. 

In addition, since 2010 political uprisings and conflicts in various countries in the Middle East, including Egypt and Syria, are affecting the political stability of those countries. It is not clear how this instability will develop and how it will affect the political and security situation in the Middle East. This instability has raised concerns regarding security in the region and the potential for armed conflict. In Syria, a country bordering Israel, a civil war is taking place. In addition, it is widely believed that Iran, which has previously threatened to attack Israel, has been stepping up its efforts to achieve nuclear capability. Iran is also believed to have a strong influence among extremist groups in the region, such as Hamas in Gaza and Hezbollah in Lebanon. Additionally, the Islamic State of Iraq and Levant, or ISIL, a violent jihadist group, is involved in hostilities in Iraq and Syria. The tension between Israel and Iran and/or these groups may escalate in the future and turn violent, which could affect the Israeli economy in general and us in particular. Any potential future conflict could also include missile strikes against parts of Israel, including our offices and facilities. Such instability may lead to deterioration in the political and trade relationships that exist between the State of Israel and certain other countries.

Any armed conflicts, terrorist activities or political instability in the region could adversely affect business conditions, could harm our results of operations and could make it more difficult for us to raise capital. Parties with whom we do business may sometimes decline to travel to Israel during periods of heightened unrest or tension, forcing us to make alternative arrangements when necessary, in order to meet our business partners face to face. Several countries, principally in the Middle East, still restrict doing business with Israel and Israeli companies, and additional countries may impose restrictions on doing business with Israel and Israeli companies if hostilities in Israel or political instability in the region continues or increases. Similarly, Israeli companies are limited in conducting business with entities from several countries. For instance, the Israeli legislature passed a law forbiddingforbids any investments in entities that transact business with Iran. In addition, the political and security situation in Israel may result in parties with whom we have agreements involving performance in Israel claiming that they are not obligated to perform their commitments under those agreements pursuant to force majeure provisions in such agreements.

Our employees and consultants in Israel, including members of our senior management, may be obligated to perform one month, and in some cases longer periods, of military reserve duty until they reach the age of 40 (or older, for citizens who hold certain positions in the Israeli armed forces reserves) and, in the event of a military conflict or emergency circumstances, may be called to immediate and unlimited active duty. In the event of severe unrest or other conflict, individuals could be required to serve in the military for extended periods of time. In response to increases in terrorist activity, there have been periods of significant call-ups of military reservists. It is possible that there will be similar large-scale military reserve duty call-ups in the future. Our operations could be disrupted by the absence of a significant number of our officers, directors, employees and consultants related to military service. Such disruption could materially adversely affect our business and operations. Additionally, the absence of a significant number of the employees of our Israeli suppliers and contractors related to military service or the absence for extended periods of one or more of their key employees for military service may disrupt their operations.

Our insurance does not cover losses that may occur as a result of an event associated with the security situation in the Middle East or for any resulting disruption in our operations. Although the Israeli government has in the past covered the reinstatement value of direct damages that were caused by terrorist attacks or acts of war, we cannot assure you that this government coverage will be maintained or, if maintained, will be sufficient to compensate us fully for damages incurred and the government may cease providing such coverage or the coverage might not suffice to cover potential damages. Any losses or damages incurred by us could have a material adverse effect on our business. Any armed conflicts or political instability in the region would likely negatively affect business conditions generally and could harm our results of operations and product development.

Further, in the past, the State of Israel and Israeli companies have been subjected to economic boycotts. Several countries still restrict business with the State of Israel and with Israeli companies. These restrictive laws and policies may have an adverse impact on our operating results, financial conditions or the expansion of our business. Similarly, Israeli corporations are limited in conducting business with entities from several countries.

Certain of our research and development activities and programs were supported byFinally, the Israeli Governmental grants, some of which were sold or are in the process of selling. The terms of such grants may require us, in the future,government is currently pursuing extensive changes to pay royalties and to satisfy specific conditions if andIsrael’s judicial system. In response to the extent we receive future royalties or in order to complete the saleforegoing developments, individuals, organizations and institutions, both within and outside of such grant based technologies and programs. We may be required to pay penalties in addition to payment of the royalties.

Our research and development efforts with respect to some of our past activities, including development of Secure Cloud Storage Access, were financed in part through royalty-bearing grants from the Israel, Innovation Authority, or the IIA, formerly known as Israel’s Office of the Chief Scientist of the Ministry of Economy. As of March 24, 2019, we have received the aggregate amount of approximately $0.146 million from the IIA for the development of our abovementioned technologies. With respect to such grant we are committed to pay royalties from all our income. Furthermore, pursuant to the technology purchase agreement between Safe-T Data and Cykick Labs Ltd., approved by the IIA in July 2018, we are committed to pay royalties on grants received from the IIA in connection with the technology purchased under this agreement in the amount of approximately $0.4 million from our income generated from products incorporating such technology. Additionally, in July 2018, we received a notice from the IIA regarding an obligation at the approximate amount of $0.5 million, made by an incubator center, which Cykick Labs Ltd. was a part of. According to the IIA, in order to receive the IIA’s approval to export the technology purchased from Cykick Labs Ltd., we would be required to obtain a commitment from the incubator center, taking the obligation upon themselves. If we do not obtain such commitment, we would be required to take this obligation upon our self, otherwise, the IIA will not approve any future export of the technology purchased from Cykick Labs Ltd. We have recently sent a letter to the IIA, rejecting its claims. We cannot be surevoiced concerns that the IIA will acceptproposed changes may negatively impact the business environment in Israel including due to reluctance of foreign investors to invest or conduct business in Israel, as well as to increased currency fluctuations, downgrades in credit rating, increased interest rates, increased volatility in securities markets, and other changes in macroeconomic conditions. Such proposed changes may also adversely affect the labor market in Israel or lead to political instability or civil unrest. To the extent that any of these negative developments do occur, they may have an adverse effect on our arguments, which, if not accepted, may result in the expenditurebusiness, our results of financial resources or may impairoperations and our ability to transferraise additional funds, if deemed necessary by our management and board of directors.

General Risk Factors

Raising additional capital would cause dilution to holders of our equity securities, and may affect the rights of existing holders of equity securities.

We may seek additional capital through a combination of private and public equity offerings, debt financings and collaborations and strategic and licensing arrangements. To the extent that we raise additional capital through the issuance of equity or sell our technology outsideconvertible debt securities, your ownership interest will be diluted, and the terms may include liquidation or other preferences that adversely affect your rights as a holder of Israel.the ADSs.

We are committedsubject to pay royaltiesa number of risks associated with respect to aforesaid grants until 100% ofglobal sales and operations.

Business practices in the U.S. dollar-linked grant plus annual London Interbank Offered Rate, or LIBOR, interest is repaid. Nonetheless, the amount of royaltiesglobal markets that we serve may be required to pay, may be higher in certain circumstances, such as when the manufacturing activity / know how is transferred outside of Israel.

We are required to comply with the requirements of the Israeli Encouragement of Research, Development and Technological Innovationdiffer from those in the Industry Law, 5744-1984, as amended, and related regulations, or the Innovation Law, with respect to these past grants. The abovementioned restrictions and requirements for payments may impair our ability to sell our technology outside of Israel or to outsource manufacturing or otherwise transfer our know-how outside IsraelUnited States and may require us to obtaininclude non-standard terms in customer contracts, such as extended payment or warranty terms. To the approvalextent that we enter into customer contracts that include non-standard terms related to payment, warranties, or performance obligations, our results of operations may be adversely impacted.

Additionally, our global sales and operations are subject to a number of risks, including the following:

These and other factors could harm our ability to generate future global revenues and, consequently, materially impact our business, results of operations and financial condition.

Weakened global economic conditions may affect our industry, business and results of operations.

Our overall performance depends on worldwide economic conditions. These conditions affect the rate of information technology spending and could adversely affect our customers’ ability or willingness to purchase our secure access solutions, delay prospective customers’ purchasing decisions, reduce the value or duration of their subscription contracts, or affect renewal rates, all of which could adversely affect our operating results. In addition, in a weakened economy, companies that have competing products may reduce prices which could also reduce our average selling prices and harm our operating results.

The price of the IIAADSs may be volatile.

 The market price of the ADSs has fluctuated in the past. Consequently, the current market price of the ADSs may not be indicative of future market prices, and we may be unable to sustain or increase the value of your investment in the ADSs. During the first quarter of 2023 and up to March 24, 2023, the market price of our ADSs has fluctuated from a low of $1.53 per ADS to a high of $2.88 per ADS, and our ADS price continues to fluctuate, as does the daily volume of trading of our ADSs. The market price of our ADSs and volume of trading may continue to fluctuate significantly in response to numerous factors, some of which are beyond our control, such as:

Further, the stock market in general, and the market for certain actionstechnology companies in particular, has recently experienced extreme price and transactionsvolume fluctuations. The volatility of our ADSs is further exacerbated due to its low trading volume, which has only recently increased. Continued market fluctuations could result in extreme volatility in the price of our ADSs which could cause a decline in the value of our ADSs and pay additional royaltiesthe loss of some or other payments to the IIA. all of your investment.

We may not receive such approvals. Although we do not believebe subject to securities litigation, which is expensive and could divert management attention.

In the past, companies that these requirements will materially restrict ushave experienced volatility in any way, the IIAmarket price of their stock have been subject to securities class action litigation. We may impose certain conditions on any arrangement underbe the target of this type of litigation in the future. Litigation of this type could result in substantial costs and diversion of management’s attention and resources, which it permitscould seriously hurt our business. Any adverse determination in litigation could also subject us to transfer or assign technology or development out of Israel. If we failsignificant liabilities. We may also not be able to maintain and effectively comply with the Innovation Law, weMinimum Bid Requirement.

If securities or industry analysts do not publish or cease publishing research or reports about us, our business, or our market, or if they adversely change their recommendations or publish negative reports regarding our business or our shares, the share price and trading volume of our Ordinary Shares and ADSs could decline.

The trading market for our ADSs or Ordinary Shares will be influenced by the research and reports that industry or securities analysts may be required to refund certain grants previously received and/publish about us, our business, our market, or to pay interest and penaltiesour competitors. We do not have any control over these analysts, and we cannot provide any assurance that analysts will cover us or provide favorable coverage. If any of the analysts who may become subjectcover us adversely change their recommendation regarding our ADSs or Ordinary Shares, or provide more favorable relative recommendations about our competitors, our share price would likely decline. If any analyst who may cover us were to criminal charges. Nonecease coverage of our current projects are supported by the IIA, yet if eligible,company or fail to regularly publish reports on us, we may apply for such supportcould lose visibility in the future. The IIA may establish new guidelines regardingfinancial markets, which in turn could cause the Innovation Law, which may affectshare price or trading volume of our existing and/ADSs or future IIA programs and incentives for which we may be eligible. We cannot predict what changes, if any, the IIA may make.Ordinary Shares to decline.

ITEM 4. INFORMATION ON THE COMPANY

A. History and Development of the Company

Our legal and commercial name is Safe-T GroupAlarum Technologies Ltd. We were incorporated as a legal entity in the State of Israel in December 1989, and are therefore subject to the Israeli Companies Law. From June 2011 until June 2016, we were a “shell corporation” and did not have any active business activity,operations, excluding administrative management. On June 15, 2016, we closedcompleted a merger transaction, or the Merger Transaction, with Safe-T Data A.R Ltd., or the Subsidiary,Safe-T Data, whereby we acquired 100% of the share capital of the Subsidiary.Safe-T Data. Since the date of the Merger Transaction, we have devoted substantially all of our financial resources to develop and commercialize our products.products and to extend our business organically as well as by acquisitions. Our Ordinary Shares have been trading on the Tel Aviv Stock Exchange, or TASE, since January 2000. As of July 7, 2016, and following the change of our name in the course of the Merger Transaction, our symbol on the TASE has beenwas “SAFE.”. On June 27, 2017, our ADSs representing our Ordinary Shares have been approved for trading on the OTCQB Venture Market and we commenced trading also on the OTCQB under the symbol “SFTTY”. On August 17, 2018, following the pricing of our underwritten public offering, we began trade in the United States on the Nasdaq Capital Market and TASE under the symbol “SFET.“SFET” since August 17, 2018. On January 8, 2023, we changed our name to Alarum Technologies Ltd., and effective from January 25, 2023, our ADSs, representing our Ordinary Shares, are traded on the Nasdaq Capital Market, and our Ordinary Shares are traded on TASE under the symbol “ALAR.”

Our principal executive offices are located at 8 Abba Eban Avenue, Herzliya, 467252630 Haarba’a St, Tel Aviv, 6473926 Israel. Our telephone number in Israel is +972-9-8666110.

Our website address is http://www.safe-t.com.www.alarum.io. The information contained on our website or available through our website is not incorporated by reference into and should not be considered a part of this annual report on Form 20-F, and the reference to our website in this annual report on Form 20-F is an inactive textual reference only. Safe-T USANetNut Networks Inc. is our agent in the United States, and its address is 51 John F. Kennedy Parkway, First Floor West at Regus, Short Hills, NJ 07078. The SEC also maintains an Internet website that contains reports, proxy and information statements, and other information regarding issuers that file electronically with the SEC. Our filings with the SEC will also available to the public through the SEC’s website at www.sec.gov.4607 Library Rd Ste 220 #1067 Bethel Park, PA 15102.

We are an emerging growth company, as defined in Section 2(a) of the Securities Act, as implemented under the JOBS Act. As such, we are eligible to, and intend to, take advantage of certain exemptions from various reporting requirements applicable to other public companies that are not emerging growth companies including but not limited to not being required to comply with the auditor attestation requirements of the SEC rules under Section 404 of the Sarbanes-Oxley Act. We could remain an emerging growth company until the earlier of (1) the last day of the fiscal year (a) following the fifth anniversary of the date of our first sale of common equity securities pursuant to an effective registration statement under the Securities Act, (b) in which we have total annual gross revenue of at least $1.07$1.235 billion, or (c) in which we are deemed to be a large accelerated filer, which means the market value of our Ordinary Shares that is held by non-affiliates exceeds $700 million as of the prior June 30th, and (2) the date on which we have issued more than $1.0 billion in non-convertible debt during the prior three-year period.

We are a foreign private issuer as defined by the rules under the Securities Act and the Exchange Act. Our status as a foreign private issuer also exempts us from compliance with certain laws and regulations of the SEC and certain regulations of the Nasdaq Stock Market, including the proxy rules, the short-swing profits recapture rules, and certain governance requirements such as independent director oversight of the nomination of directors and executive compensation. In addition, we will not be required to file annual, quarterly and current reports and consolidated financial statements with the SEC as frequently or as promptly as U.S. domestic companies registered under the Exchange Act.

Our capital expenditures for 2018, 20172022, 2021 and 20162020 amounted to $369,000, $168,000$49,000, $73,000 and $52,000,$41,000, respectively. These expenditures were primarily for purchases of fixed assets investment in restricted bank deposits and development expenditures capitalized as intangible assets. Our purchases of fixed assets primarily include leasehold improvements, computers, and equipment used for the development of our products, and we financed these expenditures primarily from cash on hand.

We develop and market software solutions that address multiple aspects of the data protection information security and cybersecurity markets. Our patented solutions secure our customers’ data, services and networks from internal and external threats, such as unauthorized access to data, services and networks, as well as data-related threats that include data exfiltration, leakage, malware, ransomware and fraud. We believe that our innovative products are the first solution that controls, in one integrated package, the entire data access lifecycle, allowing our customers to avoid the integration complexities of multiple products. In addition, we believe that our products create strong perimeter security as a result of our patented Reverse-Access technology. In April 2018, we received the 2018 Fortress Cyber Security Award for Compliance and Authentication & Identity and were finalists in the 2018 Cyber Defence Magazine Infosec Awards. Reverse-Access is an innovative and unique technology, providing for “reverse movement” of communication, and is designed to reduce the need to store sensitive data in the DMZ, and to open ports in the organizations’ firewall, thus enabling secure access to networks and services.

We have a broad customer base spanning several industries including finance, healthcare, government agencies, commercial companies and educational institutions. Currently, most of our end-customers are located in Israel, including large Israeli regional banks with branches across the country and globally (accounting for approximately 2.0% of our 2018 gross revenue), large Israeli healthcare organizations and the Israeli Ministry of Health (accounting for approximately 4.8% of our 2018 gross revenue), leading Israeli insurance companies (accounting for approximately 4.4% of our 2018 gross revenue), and the Israeli Police Force (accounting for approximately 1.9% of our 2018 gross revenue). Our initial engagements with our customers either follow (i) a license sale model, or (ii) a lease subscription model between one to three years, which are renewable upon expiration, at our customers’ discretion. Our headquarters are located in Israel with customers and sales operations in Israel, North America, Europe, Asia-Pacific and Africa.

Vast amountsB. Business Overview

We are a global SaaS provider for enterprises and consumers. Our company consists of data, including sensitive personal and commercial information, are stored electronically and are typically connected to external networks, including thetwo internet and in cloud storage. This information architecture has enabled threats that all organizations face, including:access segments:

In addition to the above-mentioned two segments, we are engaged with TerraZone Ltd., an information security provider, as an exclusive reseller of our legacy enterprise cyber security products.

Our Enterprise Internet Access arm offers a global web data collection cloud service, based on a secured hybrid proxy network and comprising both exit points based on our proprietary reflection technology, and hundreds of servers through partnership agreements with tens of ISPs around the world.

Our web data collection solution allows organizations to collect vast amounts of web and internet data by simultaneously connecting to the Internet from different IP addresses, while maintaining full anonymity and privacy. Our customers can choose from various types of IPs from our IP pool which contains millions of IPs, including ISP IPs, data center IPs, and residential service provider IPs.

With our web data collection service, organizations can collect accurate, transparent web data from public online sources. The solution also allows access to undiscovered data from non-traditional data sources and allows customers to gain additional data-driven information that provides valuable insights with respect to predictive capabilities or behaviors, thereby assisting ongoing business management operation and decision making. An added benefit to our customer is the fact that utilizing our network completely hides enterprises from the internet by modifying IP addresses, thus ensuring high levels of privacy for their online presence.

Our web data collection service enables access to the Internet through millions of end points globally, thus ensuring multiple business use cases, including large-scale data collection and analysis, cyber security, price comparison, ad verification, Search Engine Optimization (SEO) validations, web data extraction, collection of data for financial analysis, and more.

Our Consumer Internet Access offers privacy and cybersecurity solutions to consumers. These solutions are designed to protect consumers against attacks, such as phishing, ransomware, identity theft, and more. These solutions are designed for basic and advanced use cases, ensuring complete protection of personal and digital information, and are installed on the consumers’ computers or mobile phones and through various browser and mobile application stores.

We offer the following solutions:

Enterprise Internet Access Service:

Consumer Internet Access Solutions and services:

In this segment, our engagements include monthly or annually renewable contracts, upon the customer’s discretion, where we offer multiple plans.

Enterprise Internet Access Background

Today, data is the core and essence of all companies, and decisions are made based on data analysis rather than gut feelings. As markets become more and more competitive, so does the need for large amounts of data to be analyzed in real time in order to make business decisions. To achieve this, companies of all sectors started collecting data from the internet websites - this can be consumer and customer related data, product prices, advertising data, financial data, internet behavior data, or other information.

The challenge is that it has become common for internet websites to change their displayed information based on user IP address, location and demographic attributes. For example, flight prices to the United States may differ for a person browsing an American airline from New York rather than from London. In addition, to conduct competitor analysis, price comparisons and data extraction, companies need to access websites as a “simulated user” to capture the real and accurate information.

From these needs, the market of web data collection services has emerged, allowing businesses to gather data over the Internet using different types of IP addresses (ISP, residential, data center) from various locations around the world. Web data collection services support a wide variety of use cases and provide several significant benefits to their business users. For example, cyber and web intelligence companies can collect data anonymously and infinitely from any public online source, advertising or ad networks can view their advertisers’ landing pages anonymously to ensure they do not contain malware or improper advertising, online retailers can gather comparative pricing information from competitors, and businesses may utilize these IP addresses to test their websites from different cities in the world.

A proxy server provides a gateway between users and the internet. It is a server, referred to as an “intermediary” because it goes between end-users and the web pages they visit online. When a computer connects to the internet, it uses an IP address. This is similar to a home street address, telling incoming data where to go and marking outgoing data with a return address for other devices to authenticate. A proxy server is essentially a computer on the internet that has an IP address of its own and instead of getting data directly from a website, a customer’s request first passes through the proxy server, before going to and receiving a response from the target website, and places an extra IP address from a rotating pool of addresses between a customer and any website they visit on the public internet. Proxy servers provide varying levels of functionality, security, and primarily privacy, depending on the use case, needs, or user policy. Proxy servers have many purposes, such as anonymizing identities, filtering information, getting around filters, and improving information retrieval performance.

From the target website’s perspective, no information about the original machine is sent. Only the proxy device’s IP address gets transmitted. As many websites place limits on the amount of information sent to any one IP address, gathering additional, openly available data from any one website, often involves using proxy servers to make it appear as if the requests come from different users, thus requiring the need for a rotating pool of IP addresses to be used by proxy servers.

The rotating pool of IP addresses can be derived from proxy software installed on residential users’ computers and mobile devices, while data centers use dedicated proxy servers. Based on the IP address it receives, a target website can distinguish whether a request comes from a residence, mobile device or data center and display different information accordingly based on location and demographic attributes. Companies tailoring information based on such attributes led to competitors needing proxy services to simulate being actual customers. Proxy servers are intermediaries between devices requesting information from other servers.

Rotating proxy servers tend to be used by companies to simulate actual customers in different locations and to collect data, also known as web scraping. Ever since the commercialization of the web, companies have developed increasingly better ways to target consumers via advertising and marketing to the point of adjusting pricing based on a location or even per customer basis. As companies put more of their product information online, this customer targeting made it very difficult for competitors and customers to monitor and/or compare pricing and product availability that can vary so much because of targeting. Websites today recognize customers to show different advertising, content and pricing based on location and other identifiable information. Companies further evolved to prevent competitors from accessing their data via blocking their company’s entire range of IP addresses. This prevents companies from comparing pricing, security companies from conducing audits for or detecting malware on malicious sites, and even website owners themselves from verifying their advertising is safe and being delivered properly from their ad vendors.

In the age of information technology, data is arguably the world’s most precious resource and the way we use and consume data has evolved considerably. The publicly available web data is one of the main driving forces behind digital transformation and helps corporations and brands to develop, improve and build business strategies faster. The web data collection market offersincludes a variety of information security products that provide specific protectionvendors in addition to NetNut, including Bright Data (formerly Luminati Networks Ltd., which was acquired in August 2017 by EMK Capital for $160 million according to their sources), Similarweb Ltd., Oxylabs Networks Pvt. Ltd., BiScience Inc., SmartProxy, and others. According to a certain market or aspect of information security. Our solution, however, offers various security capabilities to organizations designed to ensure full security of intra-organizationalFrost and inter-organizational data access, usage and exchanges. Further, our unique open extensible and customizable architecture integrates with over 30 third party security and enterprise applications and solutions for end-to-end security coverage across business processes. 

Our flagship product called Software Defined Access is a patented multi-layered solution that integrates our upgraded and comprehensive SDP solution. We believe that it is superior to other available productsSullivan report from July 2019, the estimated revenue in the Service Obtainable Market, or SOM, was forecasted to grow from 2018 to 2025 at a compound annual growth rate of 16.8%, reaching revenues of $259.7 million by 2025.

Consumer Internet Access Background

The global data privacy software market as it controlsis expected to grow to reach $25.85 billion by 2029.

During the entireCOVID-19 pandemic, various business and organizations experienced temporary to longer-term shutdowns, increasing the need for remote access and work-from-home practices. Working outside the corporate infrastructures prompted major data breaches and cyber incidents during that time and had brought forth a great increase in the demand for access solutions. The increasing adoption of remote working has created immense challenges for organizations to protect and manage remote workers identities and devices and has prompted a whole new security perimeter.

According to a 2022 report by Digital Information World:

- more than 52% of people think the realm of online privacy doesn’t exist.

- 46% of respondents were concerned that their personal information will be misused by cyber criminals.

The growing public awareness of the value of personal data and application access lifecycle by combining SDP, a new architecturedemand for data privacy and technology that allows secure accesstransparency create significant opportunities for businesses to published applications, anddifferentiate themselves.

Our Solutions/Services

Following our secureacquisition of NetNut in June 2019, as further detailed below, we launched our web data exchange controls data usage and exchange between any source to any destination and our innovative user behavioral analysis technology which allows detecting anomalies in users access and using data via our solutions.collection service. The SDP architecture essentially hides published services and applications from unauthorized parties. According to Markets and Markets Research Private Ltd.,service is based on partnership agreements with tens of ISPs around the combined markets for secure data access and secure data exchange have been reported to have generated revenues in excess of $4 billion in 2017. Recently, Safe-T was included in Gartner’s “Fact or Fiction: Are Software-Defined Perimeters Really the Next-Generation VPNs” report on software-defined perimeters and recognized by Gartner as one of seven SDP vendors. In this report, Safe-T was the only Israeli company, listed as a Representative Vendor.

In addition to offering an integrated solution, we intend to also offer the components of our solution as stand-alone products, as a white label via OEM partners, as well as bundled with our channel partners’ complementary products. An example of a bundled product is the solution we created with the identity provider SecureAuth (See “White Label and Bundled Solutions” below),world, as well as our secure applicationproprietary software deployed at data centers and devices which enable our customers to access solution.the internet through millions of end points globally, and collect valuable data for their needs. The service’s performance and scalability are enhanced by our proprietary proxy traffic optimization and routing technology.

Customers in the web data collection market use the proxy service for various needs and for a wide variety of use cases, as mentioned above. To address all these use cases, different types of web data collection services are needed. For some of the use cases, the web data collection service needs to be fast and stable, and allow customers to use the same IP address for long time periods, while for others, the most important factor of a web data collection service is its ability to provide a different IP address for each request in order to be able to get a full picture of the collected data. For these reasons, providers in the web data collection market are required to provide a wide selection and web data collection services types. We have invested heavily in the last year in expanding our offering in order to become a leading provider in this market.

The uniqueness of our web data collection service is based on the fact that unlike our competitors that provide predominantly host-based solutions, which require installation of software on third-party uncontrolled end user devices, we support not only running software on end user devices, but also routing the customer’s traffic through residential routers of our ISP partners.

Our solutions’ main advantages over competitors include:

Following the acquisition of CyberKick in July 2021, as further detailed below, we launched our consumer online access solutions.

We provide SaaS security and privacy tools, designed to reduce users’ vulnerability to threats while making them more resilient in their online activity, to prevent and defend against a wide spectrum of cyber threats as well as to provide users with control of their accounts and management of access to sensitive data. The business is divided into two main activities:

Development and distribution of privacy and cyber security SaaS products

The privacy solution in an online privacy protection product that allows its users to take charge of their online privacy with a powerful, secured, and encrypted connection.

The iShield™ product is a protective cybersecurity product for consumers, that identifies, eliminates, and helps avoid security and data threats that occur unbeknownst while browsing online. The solution provides powerful protection from online cyber-attacks like phishing, malware, ransomware, identity theft, data scams and viruses, all on the internet gateway access level. iShield™ is based on four layers:

Distribution of security and privacy products of third-party developers in various digital properties

We also generate revenues from the distribution of security and privacy products of third-party developers.

Strategy

Our main goal is to become one of the leading vendors in the fields of cybersecure and information security, including increased penetrationprivate internet access both enterprises and consumers. We operate in Israel, North, Central and South America, Europe, Southeast Asia, the Middle East and Africa, and we are taking steps to expand our activities by entering into the U.S. market. Penetration into the U.S. market is expectedengagements with new business partners in those markets. We intend to be achieved through a combination of direct sales bycontinue investing resources in research and development in order to improve our local sales team with the support ofexisting products, and develop new and cutting-edge products and technologies to maintain our corporate marketing and U.S. field marketing teams, as well as indirect sales via resellers, distributors, and channel and OEM partners, such as SourceCode Technology Holdings, Inc. and SecureAuth Corporation. Further to our efforts to penetrate the U.S. market, we received FIPS 140-2 certification. FIPS 140-2 certification is a federal U.S. government security standard used to approve cryptographic modules for secure communication and encryption, and mandatory for any vendor sellinginnovative position in the federal sector. FIPS 140-2 certification enables us to penetrate the U.S. federal market and fully maximize our expansion potential in the United States. We began operations in Israel, and have since expended sales and marketing of our products around the world. We have distributors and resellers in Israel, the United States, United Kingdom, Switzerland, Canada, Germany, Spain, Serbia, Ghana, Kenya, Nigeria, Turkey, Indonesia and the Philippines.

market.

Our integrated solution is designatedWe also intend to achieve the following:continue to:

While we invest in further developing and marketing of our current solutions, we maintain a strict control over our expenditures and budgets in order to reduce operating costs, streamline operations and improve our efficiency. We intend to continue our burn rate reduction, so we are better poised to achieve profitability.

Competition

The markets in which we operate are characterized by intense competition, constant innovation and evolving security threats. Our current and potential future competitors in the web data collection service segment include providers such as Similarweb, Bright Data, Oxylabs Networks Pvt. Ltd., BI Science Ltd. and others; and in the consumer internet access, we compete with providers such as Kape Technologies, Nord VPN, McAfee, Norton LifeLock, Aura and others.

Since we compete with well-established companies, which have an existing customer base, we invest significant efforts to obtain technological advantages in combination with the ability to offer more cost-effective solutions than the ones offered by our competitors, aiming to attract customers of established companies that operate in our industry.

We are constantly working to improve our competitive standing by using the following measures:

Competitive Strengths

We believe that our strengths include the following:

Enterprise Internet Access

Our Software Defined Access solution consolidates into one integrated solution the functionality of both SDP – which is used to control access to data and applications – and secure data exchange and usage – which is used to control and secure internal and external data exchanges and use. Our Software Defined Access solution, which is available both on-premises and via the cloud, is designed to provide zero-trust access, by ensuring only trusted parties can access and use data and services. It surpasses current access, authentication and encryption strategies by unifying and streamlining all systems while consolidating data exchange and connectivity.

Our solution is deployed within an organization’s internal information systems, fully supporting file access, exchange and usage, and at the same time protecting an organization’s sensitive data. These features of our solution enable us to market it to organizations that are unable to use cloud-based data access and/or exchange services for various reasons, such as regulatory requirements (for example, energy companies, banks, insurance companies, investment firms and health organizations).

Based on product comparisons that we have conducted, we believe that our Software Defined Access solution, which includes our patented Reverse-Access technology, is currently the most broader data access and exchange solution available within the information security and cybersecurity markets. The benefit of utilizing our patented technology, allows installing our solution in the intra-organizational network without opening any ports in the firewall, thus reducing dramatically the risk of security breaches by “hiding” an organization’s applications from unauthorized parties.

Industry Background

General

In view of the public’s extensive use of the internet and its various applications, many businesses opt to use the internet as a business platform. Information systems’ computing and communication capabilities, as well as their global inter-connected distribution, expose entities to various threats from hostile persons, competing businesses or governments. The relatively new field of information security is designed to protect such information from various threats from inside and outside an organization, including protecting the security of an organization’s hardware and software systems, as well as the security of the information stored on them or transmitted electronically.

One of the principal elements of the field of information security and of our activities is the protection of data and applications from unauthorized access to information by, among others, sharing management and monitoring an organization’s information in a secure manner. According to a report by Verizon Communications Inc. from April 2018, 73% of breaches were conducted by outsiders. This statistic indicates that the authentication and access solutions currently utilized by enterprises are inadequate. Current solutions first provide access and then authenticate, which means that the attacker has gained access to the service or is on the network before he is authenticated. In addition, many current solutions do not control data usage, creating a higher risk of attack. Our Software Defined Access solution authenticates users before providing access, and also controls what an authenticated user may do with the data. This prevents un-authenticated users from accessing internal services, and ensures authenticated users do not misuse data or services.

The exponential increase in high-risk data, the shift to cloud-based storage and distributed data centers connected by the internet contributes to increasing information security risks. The proliferation of legacy data exchange solutions, and the lack of integration with security solutions, exacerbates the existing potential for cyberattacks because enterprise applications and data are often “visible” outside the enterprise.

Another driver of information security solutions stems from increasingly complex regulatory requirements. In recent years, regulatory bodies in major markets around the world have introduced various requirements to maintain information security mechanisms. Such requirements apply to various entities, mainly in the field of banking, insurance, credit card processing, medical institutions, energy, and government agencies. Other regulatory changes are designed to make it obligatory for entities to provide online services and make services more digitally accessible. Our solutions help our customers meet these regulatory compliance requirements.

Additional Market Trends

Cloud Storage Services.Cloud storage services such as Dropbox, Box, Google Drive, Microsoft OneDrive and similar services are increasingly used for private and business purposes. The use of those services bypasses an organization’s information security policy and systems, since data, which enters an organization through cloud storage services, is not checked by the enterprise’s antivirus software, and data which is uploaded to the cloud by users bypasses an organizational data loss prevention system. Without additional protective software, an organization cannot control the information uploaded to the cloud and shared by users in breach of an organization’s policy, nor can it monitor and control this information. Furthermore, the transfer of the information to the cloud and its storage in the cloud is not always carried out in a secure and encrypted manner. Organizations are therefore required to provide a secure organizational solution that is compatible with an organization’s information security policy and systems and that allows employees to use cloud-based information storage services and to share information in a more convenient way.

Mobile Devices. In recent years there has been an increase in the use of mobile devices, which allow users within an organization to use business information accessed through mobile devices and store information in the cloud through those mobile devices. These trends increase the need to find secure connectivity solutions, both for an organization’s systems and for the cloud storage services.

Other Market Trends.Generally, in view of the increase in the number of internet users in the last decade, many organizations invest heavily in the launch of new digital services, the expansion of their network infrastructures and their existing business infrastructures and the upgrading of their information security systems.

Current Practices and Solutions

In recent years, an increasing number of public online services offered by organizations have experienced hacking and information theft. This trend is the result of old network architectures, which do not provide adequate information security solutions for accessing the organization’s data. The built-in weakness of these architectures is that the more services an organization wants to make publicly available, the more its networks are exposed.

Even though electronic mail is still the main tool for organizational information sharing, its limitations have increasingly led many organizations to use file sharing systems that enable their users to gain access to shared sets of files from various platforms and devices, including desktops, laptops, mobile devices and tablets. The use of data exchange solutions is becoming increasingly popular as a result of an increasing need of users to share information with employees, business partners, consultants and clients in ways that are not supported by electronic mail. Since the majority of data exchange solutions tools currently used are low cost cloud-based solutions, they pose serious risk to organizations’ information security. The increasing use of mobile platforms, cloud-based computing and social networks increases the vulnerability of various organizations.

Companies operating in this area of activity normally provide various types of information security products, each of which offers a solution in respect of a certain market or a certain aspect of information security. The organizational networks of most organizations are currently composed of layers of internal (secured) networks and external networks. In general, the following products are deployed between the internal and external networks:

Consumer Internet Access

The structure of networks as described above has proven to be ineffective in preventing cyberattacks and information theft in the current digital space. We believe that no company currently operating in our segment within the information security market has solutions that offer organizations comprehensive protection from breaching or damaging their information systems in various ways.

Our Solution

We offer a unique solution that is designed to address both expected and unexpected scenarios arising from the existing architecture of communications networks. We believe that our solutions are unique since they are designated to provide multiple aspects of information security in the SDP and data exchange solutions sub-markets. These solutions offer our customers a comprehensive solution covering both intra-organizational and inter-organizational data exchanges. We believe that no other company which currently operates in the information security market offers a product that covers both the SDP and data exchange solutions sub-markets.

Products

Our Software Defined Access solution is based on a unique and ground-breaking technology — Secure Reverse-Access, or SRA, which aims to enable secure access to communication networks and services by, among other things, protecting online business services from attacks, protecting the firewall from attacks, protecting the internal organizational networks from internal attacks and protecting the whole organization from external attacks.

We believe that our technology is more unique than current data security and protection strategies due to its capabilities of unifying and streamlining all systems while consolidating data access, exchange and connectivity. Our solution is based on both our proprietary secure data access and secure data exchange products, as well as on a technology called Telepath that we recently acquired from Cykick Labs Ltd. (an Israeli cyber security company). The Telepath technology is a technology aimed to recognize hostile attacks on web-based services through the identification of the users’ anomalous behavior. We intend to use the Telepath technology in order to strengthen the protection we already provide to our customers from such hostile attacks.

The combined solution has the following capabilities that aim to reduce cyber-attacks on organizations:

Our Unique IP

Our Core Technology

Our Integrated Data Security Platform, or IDSP, is our core technology, andunique IP serves as the foundation for our solutions, providing it all the technology components required to create a true adaptive datasecure access and exchange solution. Our underlying technology is designated to enable customers to benefit from advanced security architecture, policies and workflows, strong data encryption, high availability, roles management, reporting, and detailed audit trails.

Our IDSPIP is comprised of sixthe following modules:

Reverse Access

Secure Reverse-Access

Secure Reverse-AccessReverse access is our unique dual server patented technology, which designatedis designed to remove the need to open any ports within a firewall, while allowing secure application access between networks (through the firewall).