IronNet 424B3 Prospectus supplement

Filed Pursuant to Rule 424(b)(3)
Registration No. 333-263456

PROSPECTUS

IronNet, Inc.

Up to 48,503,325 Shares of Common Stock

This prospectus relates to the offer and resale of up to 48,503,325 shares of our common stock, $0.0001 par value per share, by Tumim Stone Capital LLC (“Tumim” or the “Selling Stockholder”).

The shares of common stock being offered by Tumim have been and may be issued pursuant to the common stock purchase agreement dated February 11, 2022 that we entered into with Tumim (the “Purchase Agreement”). We are not selling any securities under this prospectus and will not receive any of the proceeds from the sale of our common stock by Tumim. However, we may receive up to $175.0 million (the “Total Commitment”) in aggregate gross proceeds from sales of our common stock to Tumim that we may make under the Purchase Agreement, from time to time after the date of this prospectus.

On February 11, 2022, we paid to Tumin 1% of the Total Commitment, or $1.75 million (the “Commitment Payment”), as consideration for its irrevocable commitment to purchase shares of our common stock under the Purchase Agreement. See the sections entitled “Tumim Stone Capital Committed Equity Financing” for a description of the transaction contemplated by the Purchase Agreement and “Selling Stockholder” for additional information regarding Tumim.

Tumim may sell the shares of our common stock included in this prospectus in a number of different ways and at varying prices. We provide more information about how Tumim may sell the shares in the section entitled “Plan of Distribution.” Tumim is an “underwriter” within the meaning of Section 2(a)(11) of the Securities Act of 1933, as amended (the “Securities Act”).

Tumim will pay all brokerage fees and commissions and similar expenses in connection with the offer and resale of the shares by Tumim pursuant to this prospectus. We will pay the expenses (except brokerage fees and commissions and similar expenses) incurred in registering under the Securities Act the offer and resale of the shares included in this prospectus by Tumim, including legal and accounting fees. See “Plan of Distribution.”

Our common stock is listed on the New York Stock exchange under the symbol “IRNT.” On March 16, 2022, the closing price of our common stock was $3.72.

We are an “emerging growth company” as defined under U.S. federal securities laws and, as such, have elected to comply with reduced public company reporting requirements. This prospectus complies with the requirements that apply to an issuer that is an emerging growth company.

Investing in our securities involves a high degree of risks. You should review carefully the risks and uncertainties described in the section titled “Risk Factors” beginning on page 8 of this prospectus, and under similar headings in any amendments or supplements to this prospectus.

Neither the Securities and Exchange Commission nor any state securities commission has approved or disapproved of these securities, or passed upon the accuracy or adequacy of this prospectus. Any representation to the contrary is a criminal offense.

Prospectus dated March 17, 2022

TABLE OF CONTENTS


	Page
Special Note Regarding Forward-Looking Statements		iii
Prospectus Summary		1
Risk Factors		8
Tumim Stone Capital Committed Equity Financing		47
Market and Industry Data		53
Use of Proceeds		54
Market Information for Securities and Dividend Policy		55
Management’s Discussion and Analysis of Financial Condition and Results of Operations		56
Business		79
Management		114
Executive Compensation		122
Certain Relationships and Related Party Transactions		140
Principal Stockholders		145
Selling Stockholder		147
Material U.S. Federal Income Tax Consequences		149
Description of Capital Stock		155
Plan of Distribution		162
Legal Matters		164
Experts		164
Where You Can Find More Information		165
Index to Financial Statements		F-i

You should rely only on the information contained in this prospectus, any supplement to this prospectus or in any free writing prospectus, filed with the SEC. Neither we nor the Selling Stockholder have authorized anyone to provide you with additional information or information different from that contained in this prospectus filed with the SEC. We take no responsibility for, and can provide no assurance as to the reliability of, any other information that others may give you. The Selling Stockholder is offering to sell, and seeking offers to buy, our securities only in jurisdictions where offers and sales are permitted. The information contained in this prospectus is accurate only as of the date of this prospectus, regardless of the time of delivery of this prospectus or any sale of our securities. Our business, financial condition, results of operations and prospects may have changed since that date.

For investors outside of the United States: Neither we nor the Selling Stockholder, have done anything that would permit this offering or possession or distribution of this prospectus in any jurisdiction where action for that purpose is required, other than in the United States. Persons outside the United States who come into possession of this prospectus must inform themselves about, and observe any restrictions relating to, the offering of our securities and the distribution of this prospectus outside the United States.

ABOUT THIS PROSPECTUS

This prospectus is part of a registration statement on Form S-1 that we filed with the Securities and Exchange Commission (the “SEC”) using the “shelf” registration process. Under this shelf registration process, the Selling Stockholder may, from time to time, sell the securities described in this prospectus. We will not receive any proceeds from the sale by the Selling Stockholder of the securities described in this prospectus.

Neither we nor the Selling Stockholder have authorized anyone to provide you with any information or to make any representations other than those contained in this prospectus or any applicable prospectus supplement or any free writing prospectuses prepared by or on behalf of us or to which we have referred you. Neither we nor the Selling Stockholder take responsibility for, and can provide no assurance as to the reliability of, any other information that others may give you. Neither we nor the Selling Stockholder will make an offer to sell these securities in any jurisdiction where the offer or sale is not permitted.

We may also provide a prospectus supplement or post-effective amendment to the registration statement to add information to, or update or change information contained in, this prospectus. You should read both this prospectus and any applicable prospectus supplement or post-effective amendment to the registration statement together with the additional information to which we refer you in the sections of this prospectus titled “Where You Can Find More Information.”

On August 26, 2021 (the “Business Combination Closing Date”), IronNet Cybersecurity, Inc., a Delaware Corporation (“Legacy IronNet”), LGL Systems Acquisition Corp., a Delaware corporation (“LGL”) and LGL Systems Merger Sub Inc., a Delaware corporation and wholly-owned subsidiary of LGL (“Merger Sub”), consummated the closing of the transactions contemplated by the Agreement and Plan of Reorganization and Merger, dated as of March 15, 2021, by and among LGL, Merger Sub and IronNet, as amended by Amendment No. 1 to Agreement and Plan of Reorganization and Merger, dated as of August 6, 2021 (the “Business Combination Agreement”). Pursuant to the terms of the Business Combination Agreement, a business combination of Legacy IronNet and LGL was effected by the merger of Merger Sub with and into Legacy IronNet, with Legacy IronNet surviving as a wholly-owned subsidiary of LGL (the “Business Combination”). Following the consummation of the Business Combination on the Business Combination Closing Date, LGL changed its name from LGL Systems Acquisition Corp. to IronNet, Inc.

Unless the context indicates otherwise, references in this prospectus to the “IronNet,” “we,” “us,” “our”, the “Company” and similar terms refer to IronNet, Inc. (f/k/a LGL Systems Acquisition Corp.) and its consolidated subsidiaries (including Legacy IronNet). References to “LGL” refer to the predecessor company prior to the consummation of the Business Combination.

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

This prospectus contains “forward-looking statements” that involve substantial risks and uncertainties. The forward-looking statements are contained principally in the sections titled “Prospectus Summary” “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” “Business” and elsewhere in this prospectus. In some cases, you can identify forward-looking statements by terms such as “anticipate,” “believe,” “continue,” “could,” “estimate,” “expect,” “intend,” “may,” “might,” “objective,” “ongoing,” “plan,” “potential,” “predict,” “project,” “should,” “will” and “would,” or the negative of these terms or other similar expressions intended to identify statements about the future. These statements speak only as of the date of this prospectus and involve known and unknown risks, uncertainties and other important factors that may cause our actual results, performance or achievements to be materially different from any future results, performance or achievements expressed or implied by the forward-looking statements. We have based these forward-looking statements largely on our current expectations and projections about future events and financial trends that we believe may affect our business, financial condition and results of operations. These forward-looking statements include, without limitation, statements about:

•

our ability to recognize the anticipated benefits of the Business Combination, which may be affected by, among other things, competition and the ability of the combined business to grow and manage growth profitably;

•

our future operating or financial results;

•

future acquisitions, business strategy and expected capital spending;

•

changes in our strategy, future operations, financial position, estimated revenues and losses, projected costs, prospects and plans;

•

the implementation, market acceptance and success of our business model and growth strategy;

•

our expectations and forecasts with respect to the size and growth of the cybersecurity industry and our products and services in particular;

•

the ability of our products and services to meet customers’ compliance and regulatory needs;

•

our ability to compete with others in the cybersecurity industry;

•

our ability to retain pricing power with our products;

•

our ability to grow our market share;

•

our ability to attract and retain qualified employees and management;

•

our ability to adapt to changes in consumer preferences, perception and spending habits and develop and expand our product offerings and gain market acceptance of our products, including in new geographies;

•

developments and projections relating to our competitors and industry;

•

our ability to develop and maintain our brand and reputation;

•

developments and projections relating to our competitors and industry;

•

the impact of health epidemics, including the COVID-19 pandemic, on our business and on the economy in general;

•

the impact of the COVID-19 pandemic on customer demands for our products;

•

our expectations regarding our ability to obtain and maintain intellectual property protection and not infringe on the rights of others;

iii

•

expectations regarding the time during which we will be an emerging growth company under the JOBS Act;

•

our future capital requirements and sources and uses of cash;

•

our ability to obtain funding for our operations and future growth; and

•

our business, expansion plans and opportunities.

The foregoing list of risks is not exhaustive. Other sections of this prospectus may include additional factors that could harm our business and financial performance. Moreover, we operate in an evolving environment. New risk factors and uncertainties may emerge from time to time, and it is not possible for management to predict all risk factors and uncertainties. As a result of these factors, we cannot assure you that the forward-looking statements in this prospectus will prove to be accurate. Except as required by applicable law, we do not plan to publicly update or revise any forward-looking statements contained herein, whether as a result of any new information, future events, changed circumstances or otherwise, except as required by law.

Because forward-looking statements are inherently subject to risks and uncertainties, some of which cannot be predicted or quantified and some of which are beyond our control, you should not rely on these forward-looking statements as predictions of future events. Although we believe that we have a reasonable basis for each forward-looking statement contained in this prospectus, the events and circumstances reflected in our forward-looking statements may not be achieved or occur and actual results could differ materially from those projected in the forward-looking statements. You should refer to the ‘‘Risk Factors’’ section of this prospectus for a discussion of important factors that may cause our actual results to differ materially from those expressed or implied by our forward-looking statements.

You should read this prospectus and the documents that we reference in this prospectus and have filed as exhibits to the registration statement, of which this prospectus is a part, completely and with the understanding that our actual future results may be materially different from what we expect. We qualify all of our forward-looking statements by these cautionary statements.

In addition, statements that “we believe” and similar statements reflect our beliefs and opinions on the relevant subject. These statements are based upon information available to us as of the date of this prospectus and while we believe such information forms a reasonable basis for such statements, such information may be limited or incomplete, and such statements should not be read to indicate that we have conducted an exhaustive inquiry into, or review of, all potentially available relevant information. These statements are inherently uncertain, and investors are cautioned not to unduly rely upon these statements.

PROSPECTUS SUMMARY

This summary highlights information contained elsewhere in this prospectus and does not contain all of the information that you should consider in making your investment decision. Before investing in our securities, you should carefully read this entire prospectus, including our consolidated financial statements and the related notes thereto and the information set forth in the sections titled “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations.”

Overview

We are a global cybersecurity company revolutionizing how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing a number of former National Security Agency cybersecurity operators with offensive and defensive cyber experience, we integrate deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing the world today.

We were founded by GEN Keith Alexander in 2014 to solve the major cybersecurity problem he witnessed and defined during his tenure as former head of the NSA and founding Commander of U.S. Cyber Command: You can’t defend against threats you can’t see. Our innovative approach provides the ability for groups of organizations—within an industry sector, supply chain, state or country, for example—to see, detect and defend against sophisticated cyber attacks earlier and faster than ever before.

We have defined a new market category called Collective Defense. As the first mover in this category, we have developed our Collective Defense platform, the first, and to our knowledge, the only solution that can identify anomalous (potentially suspicious or malicious) behaviors on computer networks and share this intelligence anonymously and in real time among Collective Defense community members. Collective Defense communities comprise groups of organizations that have common risks, such as a supply chain, a business ecosystem, or across an industry sector, a state, or a country. This cybersecurity model delivers timely, actionable, and contextual alerts and threat intelligence on attacks targeting enterprise networks, and functions as an early-warning detection system for all community members.

This new platform addresses a large and unwavering compound problem: limited threat visibility for increasingly borderless enterprises across sectors and at the national level, paired with ineffective threat knowledge sharing across companies and sectors and a “go it alone” approach to cybersecurity. These operational gaps, combined with market dynamics like the increased velocity of sophisticated cyber attacks and the deepening scarcity of qualified human capital, have set our mission to transform how cybersecurity is waged.

Background

We were originally known as LGL Systems Acquisition Corp. On August 26, 2021, Legacy IronNet, LGL and Merger Sub consummated the closing of the transactions contemplated by the Business Combination Agreement (the “Merger”). Pursuant to the terms of the Business Combination Agreement, a business combination of Legacy IronNet and LGL was effected by the merger of Merger Sub with and into Legacy IronNet, with Legacy IronNet surviving the Business Combination as a wholly-owned subsidiary of LGL. Following the consummation of the Business Combination on the Business Combination Closing Date, LGL changed its name from LGL Systems Acquisition Corp. to IronNet, Inc. While LGL was the legal acquirer in the Merger, Legacy IronNet was deemed to be the accounting acquirer in the Merger. As a result, the historical consolidated financial statements of Legacy IronNet became the historical consolidated financial statements of the combined company, upon the consummation of the Merger.

Implications of Being an Emerging Growth Company and Smaller Reporting Company

We are an “emerging growth company,” as defined in the Jumpstart Our Business Startups Act of 2012 (“JOBS Act”). As an emerging growth company, we are exempt from certain requirements related to executive compensation, including the requirements to hold a nonbinding advisory vote on executive compensation and to provide information relating to the ratio of total compensation of our President and Chief Executive Officer to the median of the annual total compensation of all of our employees, each as required by the Investor Protection and Securities Reform Act of 2010, which is part of the Dodd-Frank Act.

Section 102(b)(1) of the JOBS Act exempts emerging growth companies from being required to comply with new or revised financial accounting standards until private companies are required to comply with the new or revised financial accounting standards. The JOBS Act provides that a company can choose not to take advantage of the extended transition period and comply with the requirements that apply to non-emerging growth companies, and any such election to not take advantage of the extended transition period is irrevocable. During the extended transition period, it may be difficult or impossible to compare our financial results with the financial results of another public company that complies with public company effective dates for accounting standard updates because of the potential differences in accounting standards used.

We will remain an emerging growth company under the JOBS Act until the earliest of (1) January 31, 2025 (the last day of the fiscal year following the fifth anniversary of the consummation of the Initial Public Offering), (2) the last day of the fiscal year in which we have total annual gross revenue of at least $1.07 billion, (3) the last day of the fiscal year in which we are deemed to be a “large accelerated filer,” as defined in Rule 12b-2 under the Securities Exchange Act of 1934, as amended (“Exchange Act”), and (4) the date on which we have, during the previous three year period, issued more than $1.0 billion in nonconvertible debt.

We are also a “smaller reporting company” as defined by Rule 12b-2 of the Exchange Act. We may continue to be a smaller reporting company even after we are no longer an emerging growth company. We may take advantage of certain of the scaled disclosures available to smaller reporting companies and will be able to take advantage of these scaled disclosures for so long as the market value of our common stock held by non-affiliates is less than $250.0 million measured on the last business day of our second fiscal quarter, or our annual revenue is less than $100.0 million during the most recently completed fiscal year and the market value of our common stock held by non-affiliates is less than $700.0 million measured on the last business day of our second fiscal quarter. If we are a smaller reporting company at the point when we cease to be an emerging growth company, we may continue to rely on exemptions from certain disclosure requirements that are available to smaller reporting companies. Specifically, as a smaller reporting company we may choose to present only the two most recent fiscal years of audited financial statements in our Annual Report on Form 10-K and, similar to emerging growth companies, smaller reporting companies have reduced disclosure obligations regarding executive compensation.

Tumim Stone Capital Committed Equity Financing

On February 11, 2022, we entered into the Purchase Agreement with Tumim, pursuant to which Tumim has committed to purchase up to $175 million of common stock (the “Total Commitment”), at our direction from time to time after the date of this prospectus, subject to the satisfaction of the conditions in the Purchase Agreement. Also on February 11, 2022, we entered into a registration rights agreement with Tumim (the “Registration Rights Agreement”), pursuant to which we have filed with the SEC the registration statement that includes this prospectus to register for resale under the Securities Act, the shares of common stock that have been and may be issued to Tumim under the Purchase Agreement. Pursuant to the terms of the Purchase Agreement, at

the time we signed the Purchase Agreement and the Registration Rights Agreement, we paid a cash fee of $1,750,000, or 1% of the Total Commitment, to Tumim as consideration for its commitment to purchase shares of our common stock under the Purchase Agreement.

The sales of common stock by us to Tumim under the Purchase Agreement, if any, will be subject to certain limitations and may occur, from time to time at our sole discretion, over the approximately 36-month period commencing upon the initial satisfaction of all conditions to Tumim’s purchase obligations set forth in the Purchase Agreement (the “Commencement,” and the date on which the Commencement occurs, the “Commencement Date”), including that the registration statement that includes this prospectus covering the resale by Tumim of shares of common stock that have been and may be issued under the Purchase Agreement is declared effective by the SEC. From and after the Commencement Date, we will have the right, but not the obligation, from time to time at our sole discretion, to direct Tumim to purchase certain amounts of our common stock, subject to certain limitations in the Purchase Agreement, that we specify in purchase notices that we deliver to Tumim under the Purchase Agreement (each such purchase, a “Purchase”). Shares of common stock will be issued from the Company to Tumim at either a (i) 3% discount to the average daily volume weighted average price (the “VWAP”) of the common stock during the three consecutive trading days from the date that a purchase notice with respect to a particular purchase (a “VWAP Purchase Notice”) is delivered from the Company to Tumim (a “Forward VWAP Purchase”), or (ii) 5% discount to the lowest daily VWAP during the three consecutive trading days from the date that a VWAP Purchase Notice with respect to a particular purchase is delivered from the Company to Tumim (an “Alternative VWAP Purchase”). Each VWAP Purchase Notice from the Company to Tumim will specify whether the applicable purchase is a Forward VWAP Purchase or an Alternative VWAP Purchase, and will direct that Tumim purchase the applicable number of shares of common stock at the applicable purchase price. There is no upper limit on the price per share that Tumim could be obligated to pay for the common stock under the Purchase Agreement. The purchase price per share of common stock to be sold in a Purchase will be appropriately adjusted for any reorganization, recapitalization, non-cash dividend, stock split, reverse stock split or other similar transaction.

Tumim has no right to require us to sell any shares of common stock to Tumim, but Tumim is obligated to make purchases as directed by us, subject to the satisfaction of conditions set forth in the Purchase Agreement at Commencement and thereafter at each time that we may direct Tumim to purchase shares of our common stock under the Purchase Agreement. Actual sales of shares of common stock to Tumim will depend on a variety of factors to be determined by us from time to time, including, among others, market conditions, the trading price of our common stock and determinations by us as to the appropriate sources of funding for us and our operations.

Under applicable rules of The New York Stock Exchange (“NYSE”), in no event may we issue or sell to Tumim under the Purchase Agreement shares of our common stock in excess of 17,743,727 shares (the “Exchange Cap”), which is 19.99% of the shares of common stock outstanding immediately prior to the execution of the Purchase Agreement, unless (i) we obtain stockholder approval to issue shares of common stock in excess of the Exchange Cap or (ii) the average purchase price per share paid by Tumim for all shares of common stock, if any, that we elect to sell to Tumim under the Purchase Agreement equals or exceeds $3.608, which was the arithmetic average of the five NYSE official closing prices for the common stock during the five-trading day period immediately preceding the execution of the Purchase Agreement, as adjusted so that the Exchange Cap will not apply to issuances of common stock under the Purchase Agreement under applicable NYSE rules. In any event, the Purchase Agreement specifically provides that we may not issue or sell any shares of our common stock under the Purchase Agreement if such issuance or sale would breach any applicable NYSE rules.

The Purchase Agreement also prohibits us from directing Tumim to purchase any shares of our common stock if those shares, when aggregated with all other shares of our common stock then beneficially owned by Tumim (as calculated pursuant to Section 13(d) of the Exchange Act, and Rule 13d-3 thereunder), would result in Tumim beneficially owning more than 9.99% of the outstanding common stock (the “Beneficial Ownership Cap”).

The net proceeds under the Purchase Agreement to us will depend on the frequency and prices at which we sell shares of our stock to Tumim. We expect that any proceeds received by us from such sales to Tumim will be used for working capital and general corporate purposes.

There are no restrictions on future financings, rights of first refusal, participation rights, penalties or liquidated damages in the Purchase Agreement or Registration Rights Agreement. Tumim has agreed not to cause, or engage in any manner whatsoever, any direct or indirect short selling or to execute any stock pledge, forward sales contract, option, put, call, swap or similar hedging arrangement (including on a total return basis) of the common stock during the term of the Purchase Agreement.

The Purchase Agreement will automatically terminate upon the earliest of (i) the expiration of the 36-month period following the date of execution of the Purchase Agreement, (ii) Tumim’s purchase of the Total Commitment worth of common stock under the Purchase Agreement, or (iii) the occurrence of certain other events set forth in the Purchase Agreement. We have the right to terminate the Purchase Agreement at any time after Commencement, at no cost or penalty, upon one trading day’s prior written notice to Tumim. Neither we nor Tumim may assign or transfer its rights and obligations under the Purchase Agreement, and no provision of the Purchase Agreement or the Registration Rights Agreement may be modified or waived by the parties.

As consideration for Tumim’s commitment to purchase shares of our common stock upon the terms of and subject to satisfaction of the conditions set forth in the Purchase Agreement, upon execution of the Purchase Agreement, we paid a cash fee of $1,750,000, or 1% of the Total Commitment, to Tumim.

The Purchase Agreement and the Registration Rights Agreement contain customary representations, warranties, conditions and indemnification obligations of the parties. The representations, warranties and covenants contained in such agreements were made only for purposes of such agreements and as of specific dates, were solely for the benefit of the parties to such agreements and may be subject to limitations agreed upon by the contracting parties.

We do not know what the purchase price for our common stock will be and therefore cannot be certain as to the number of shares we might issue to Tumim under the Purchase Agreement after the Commencement Date. As of March 7, 2022, there were 95,347,493 shares of our common stock outstanding, of which 54,154,678 shares were held by non-affiliates. Although the Purchase Agreement provides that we may sell up to $175 million of our common stock to Tumim, only 48,503,325 shares of our common stock are being registered for resale by the Selling Stockholder under this prospectus, which represents shares of common stock that may be issued to Tumim from and after the Commencement Date, if and when we elect to sell shares to Tumim under the Purchase Agreement. Depending on the market prices of our common stock at the time we elect to issue and sell shares to Tumim under the Purchase Agreement, we may need to register for resale under the Securities Act additional shares of our common stock in order to receive aggregate gross proceeds equal to the $175,000,000 Total Commitment available to us under the Purchase Agreement. If all of the 48,503,325 shares offered by Tumim for resale under this prospectus were issued and outstanding as of the date hereof (without taking into account the 19.99% Exchange Cap limitation), such shares would represent approximately 34% of the total number of shares of our common stock outstanding and approximately 47% of the total number of outstanding shares held by non-affiliates, in each case as of the date hereof. If we elect to issue and sell more than the 48,503,325 shares offered under this prospectus to Tumim, which we have the right, but not the obligation, to do, we must first register for resale under the Securities Act any such additional shares, which could cause additional substantial dilution to our stockholders. The number of shares ultimately offered for resale by Tumim is dependent upon the number of shares we may elect to sell to Tumim under the Purchase Agreement from and after the Commencement Date.

There are substantial risks to our stockholders as a result of the sale and issuance of common stock to Tumim under the Purchase Agreement. These risks include substantial dilution, significant declines in our stock price and our inability to draw sufficient funds when needed. See “Risk Factors.” Issuances of our common stock in this offering will not affect the rights or privileges of our existing stockholders, except that the economic and voting interests of each of our existing stockholders will be diluted as a result of any such issuance. Although the

number of shares of common stock that our existing stockholders own will not decrease, the shares owned by our existing stockholders will represent a smaller percentage of our total outstanding shares after any such issuance to Tumim.

Summary of Risk Factors

Below is a summary of material factors that make an investment in our securities speculative or risky. Importantly, this summary does not address all of the risks and uncertainties that we face. Additional discussion of the risks and uncertainties summarized in this risk factor summary, as well as other risks and uncertainties that we face, can be found under the section titled “Risk Factors” in this prospectus. The below summary is qualified in its entirety by that more complete discussion of such risks and uncertainties. You should consider carefully the risks and uncertainties described under the section titled “Risk Factors” as part of your evaluation of an investment in our securities:

•

We have experienced rapid growth in recent periods, and if the we do not manage our future growth, our business and results of operations will be adversely affected.

•

We have a history of losses and we may not be able to achieve or sustain profitability in the future.

•

If organizations do not adopt cloud-enabled, and/or SaaS-delivered cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and results of operations may be adversely affected.

•

Competition from existing or new companies could cause us to experience downward pressure on prices, fewer customer orders, reduced margins, the inability to take advantage of new business opportunities and loss of market share.

•

If our solutions fail or are perceived to fail to detect or prevent incidents or have or are perceived to have defects, errors, or vulnerabilities, our brand and reputation would be harmed, which would adversely affect the our business and results of operations.

•

We rely on third-party data centers and our own colocation data centers to host and operate our platform, and any disruption of or interference with its use of these facilities may negatively affect our ability to maintain the performance and reliability of our platform, which could cause our business to suffer.

•

Our future success will be substantially dependent on our ability to attract, retain, and motivate the members of our management team and other key employees throughout our organization, and the loss of one or more key employees or an inability to attract and retain highly skilled employees could harm our business.

•

If we are unable to maintain successful relationships with our distribution partners, or if our distribution partners fail to perform, our ability to market, sell and distribute our platform and solutions efficiently will be limited, and our business, financial position and results of operations will be harmed.

•

Our business depends, in part, on sales to government organizations, and significant changes in the contracting or fiscal policies of such government organizations could have an adverse effect on our business and results of operations.

•

The success of our business will depend in part on our ability to protect and enforce our intellectual property rights.

•

We subject to laws and regulations, including governmental export and import controls, sanctions, and anti-corruption laws, that could impair our ability to compete in our markets and subject us to liability if we are not in full compliance with applicable laws.

•

Our management has identified material weaknesses in our internal control over financial reporting and may identify additional material weaknesses in the future or otherwise fail to maintain an effective system of internal controls, which may result in material misstatements of our financial statements or cause us to fail to meet our periodic reporting obligations

Corporate Information

Our principal executive offices are located at 7900 Tysons One Place, Suite 400, McLean, Virginia, 22102, and our telephone number is (443) 300-6761. Our corporate website address is www.ironnet.com. Information contained on or accessible through our website is not a part of this prospectus, and the inclusion of our website address in this prospectus is an inactive textual reference only.

“IronNet” and our other registered and common law trade names, trademarks and service marks are property of IronNet, Inc. This prospectus contains additional trade names, trademarks and service marks of others, which are the property of their respective owners. Solely for convenience, trademarks and trade names referred to in this prospectus may appear without the ^® or ^™ symbols.

Disclosure Channels

Our investors and others should note that we intend to announce material financial and other information to our investors using our investor relations website (https://ir.ironnet.com), blog, SEC filings, press releases, public conference calls and webcasts. In addition to these channels, we will continue to use social media to communicate with our customers and the public about our products and services, our markets and other topics. Given the SEC guidance regarding the use of social media channels to announce material information to investors, we are notifying investors, the media and others interested in us that in the future we might choose to communicate material information via social media channels and it is possible that the information we post on social media could be deemed to be material information. Therefore, in light of the SEC’s guidance, we encourage investors, the media and others interested in us to review the information we post from time to time on social media channels.

The Offering

Issuance of common stock

Shares of common stock offered by the Selling Stockholder

Up to 48,503,325 shares (the “Purchase Shares”) we may sell to Tumim under the Purchase Agreement from time to time after the Commencement Date.

Shares of common stock outstanding

95,347,493 (as of March 7, 2022)

Shares of common stock outstanding after giving effect to the issuance of the shares registered hereunder

143,850,818 (based on the total shares outstanding as of March 7, 2022)

Use of proceeds

We will not receive any proceeds from the sale of shares of common stock included in this prospectus by the Selling Stockholder. We may receive up to $175 million aggregate gross proceeds under the Purchase Agreement from sales of common stock that we elect to make to Tumim pursuant to the Purchase Agreement, if any, from time to time in our sole discretion, from and after the Commencement Date.

Any proceeds that we receive from sales of our common stock to Tumim under the Purchase Agreement will be used for working capital and general corporate purposes. See “Use of Proceeds.”

Risk factors

See the section titled “Risk Factors” and the other information included in this prospectus for a discussion of factors you should consider carefully before deciding to invest in our common stock.

NYSE ticker symbols

“IRNT”

The number of shares of common stock to be outstanding is based on 95,347,493 shares of common stock outstanding as of March 7, 2022 and excludes:

•

4,462,905 shares of common stock issuable upon the settlement of restricted stock units (“RSUs”) granted under the 2021 Equity Incentive Plan (the “2021 Plan”);

•

13,971,064 shares of common stock available for future issuance under the 2021 Plan;

•

1,317,178 shares of common stock issuable upon the exercise of outstanding options granted under the 2014 Stock Incentive Plan (the “2014 Plan”);

•

9,920,389 shares underlying RSUs granted pursuant to the 2014 Plan;

•

3,588,763 shares available for future issuance under our 2021 Employee Stock Purchase Plan (the “ESPP”);

•

9,500 shares issuable upon the exercise of outstanding private warrants to purchase common stock (the “Private Warrants”), with an exercise price of $11.50 per share; and

•

8,606,473 shares issuable upon the exercise of outstanding public warrants to purchase common stock, (the “Public Warrants,” together with the Private Warrants the “Warrants”) with an exercise price of $11.50 per share.

RISK FACTORS

Investing in our common stock involves a high degree of risk. You should carefully consider the risks and uncertainties described below together with all of the other information contained in this prospectus, including our financial statements and related notes appearing at the end of this prospectus and in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” before deciding to invest in our common stock. If any of the events or developments described below were to occur, our business, prospects, operating results and financial condition could suffer materially, the trading price of our common stock could decline, and you could lose all or part of your investment. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties not presently known to us or that we currently believe to be immaterial may also adversely affect our business.

Risks Related to the Offering

It is not possible to predict the actual number of shares we will sell under the Purchase Agreement to the Selling Stockholder, or the actual gross proceeds resulting from those sales.

On February 11, 2022, we entered into the purchase agreement (the “Purchase Agreement”) with Tumim Stone Capital LLC (“Tumim or the “Selling Stockholder”), pursuant to which Tumim has committed to purchase up to $175 million in shares of our common stock (the “Total Commitment”), subject to certain limitations and conditions set forth in the Purchase Agreement. The shares of our common stock that may be issued under the Purchase Agreement may be sold by us to Tumim at our discretion from time to time over an approximately 36-month period commencing upon the initial satisfaction of all conditions to Tumim’s purchase obligations set forth in the Purchase Agreement (the “Commencement,” and the date on which the Commencement occurs, the “Commencement Date”).

We generally have the right to control the timing and amount of any sales of our shares of common stock to Tumim under the Purchase Agreement. Sales of our common stock, if any, to Tumim under the Purchase Agreement will depend upon market conditions and other factors to be determined by us. We may ultimately decide to sell to Tumim all, some or none of the shares of our common stock that may be available for us to sell to Tumim pursuant to the Purchase Agreement.

Because the purchase price per share to be paid by Tumim for the shares of common stock that we may elect to sell to Tumim under the Purchase Agreement, if any, will fluctuate based on the market prices of our common stock during the applicable period for each purchase made pursuant to the Purchase Agreement, if any, it is not possible for us to predict, as of the date of this prospectus and prior to any such sales, the number of shares of common stock that we will sell to Tumim under the Purchase Agreement, the purchase price per share that Tumim will pay for shares purchased from us under the Purchase Agreement, or the aggregate gross proceeds that we will receive from those purchases by Tumim under the Purchase Agreement, if any.

Moreover, although the Purchase Agreement provides that we may sell up to an aggregate of $175 million of our common stock to Tumim, only 48,503,325 shares of our common stock are being registered for resale by Tumim under the registration statement that includes this prospectus, consisting of shares of common stock that we may elect to sell to Tumim, in our sole discretion, from time to time from and after the Commencement Date under the Purchase Agreement. If after the Commencement Date we elect to sell to Tumim all of the 48,503,325 shares of common stock being registered for resale under this prospectus that are available for sale by us to Tumim in Purchases under the Purchase Agreement, depending on the market prices of our common stock during the applicable period for each Purchase made pursuant to the Purchase Agreement, the actual gross proceeds from the sale of all such shares may be substantially less than the $175 million Total Commitment available to us under the Purchase Agreement, which could materially adversely affect our liquidity.

If it becomes necessary for us to issue and sell to Tumim under the Purchase Agreement more than the 48,503,325 shares being registered for resale under the registration statement that includes this prospectus in

order to receive aggregate gross proceeds equal to the Total Commitment of $175 million under the Purchase Agreement, we must file with the Securities and Exchange Commission (the “SEC”) one or more additional registration statements to register under the Securities Act of 1933, as amended (the “Securities Act”) the resale by Tumim of any such additional shares of our common stock we wish to sell from time to time under the Purchase Agreement, which the SEC must declare effective and we will need to obtain stockholder approval to issue shares of common stock in excess of 17,743,727 shares (the “Exchange Cap”), which is 19.99% of the shares of common stock outstanding immediately prior to the execution of the Purchase Agreement, under the Purchase Agreement in accordance with applicable New York Stock Exchange (“NYSE”) rules, unless the average per share purchase price paid by Tumim for all shares of common stock sold under the Purchase Agreement equals or exceeds $3.608, in which case, under applicable NYSE rules, the Exchange Cap limitation will not apply to issuances and sales of common stock under the Purchase Agreement, in each case, before we may elect to sell any additional shares of our common stock to Tumim under the Purchase Agreement. Any issuance and sale by us under the Purchase Agreement of a substantial amount of shares of common stock in addition to the 48,503,325 shares of common stock being registered for resale by Tumim under this prospectus could cause additional substantial dilution to our stockholders. The number of shares of our common stock ultimately offered for sale by Tumim is dependent upon the number of shares of common stock, if any, we ultimately sell to Tumim under the Purchase Agreement.

The sale and issuance of our common stock to the Selling Stockholder will cause dilution to our existing stockholders, and the sale of the shares of common stock acquired by the Selling Stockholder, or the perception that such sales may occur, could cause the price of our common stock to fall.

The purchase price for the shares that we may sell to the Selling Stockholder under the Purchase Agreement will fluctuate based on the price of our common stock. Depending on market liquidity at the time, sales of such shares may cause the trading price of our common stock to fall.

If and when we do sell shares to the Selling Stockholder, after the Selling Stockholder has acquired the shares, the Selling Stockholder may resell all, some, or none of those shares at any time or from time to time in its discretion. Therefore, sales to the Selling Stockholder by us could result in substantial dilution to the interests of other holders of our common stock. Additionally, the sale of a substantial number of shares of our common stock to the Selling Stockholder, or the anticipation of such sales, could make it more difficult for us to sell equity or equity-related securities in the future at a time and at a price that we might otherwise wish to effect sales.

Investors who buy shares at different times will likely pay different prices.

Pursuant to the Purchase Agreement, we will have discretion, subject to market demand, to vary the timing, prices, and numbers of shares sold to Tumim. If and when we do elect to sell shares of our common stock to Tumim pursuant to the Purchase Agreement, after Tumim has acquired such shares, Tumim may resell all, some or none of such shares at any time or from time to time in its discretion and at different prices. As a result, investors who purchase shares from Tumim in this offering at different times will likely pay different prices for those shares, and so may experience different levels of dilution and in some cases substantial dilution and different outcomes in their investment results. Investors may experience a decline in the value of the shares they purchase from Tumim in this offering as a result of future sales made by us to Tumim at prices lower than the prices such investors paid for their shares in this offering.

Our management team will have broad discretion over the use of the net proceeds from our sale of shares of common stock to the Selling Stockholder, if any, and you may not agree with how we use the proceeds and the proceeds may not be invested successfully.

Our management team will have broad discretion as to the use of the net proceeds from our sale of shares of common stock to the Selling Stockholder, if any, and we could use such proceeds for purposes other than those contemplated at the time of commencement of this offering. Accordingly, you will be relying on the judgment of

our management team with regard to the use of those net proceeds, and you will not have the opportunity, as part of your investment decision, to assess whether the proceeds are being used appropriately. It is possible that, pending their use, we may invest those net proceeds in a way that does not yield a favorable, or any, return for us. The failure of our management team to use such funds effectively could have a material adverse effect on our business, financial condition, operating results and cash flows.

Risks Related to Our Business and Industry

We have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected.

We have experienced rapid revenue growth in recent periods we expect to continue to invest broadly across our organization to support our growth. For example, our headcount grew from 246 full-time employees as of January 31, 2021 to 316 full-time employees as of January 31, 2022. Although we have experienced rapid growth historically, we may not be able sustain our current growth rates, nor can we assure you that our investments to support our growth will be successful. The growth and expansion of our business will require us to invest significant financial and operational resources and the continuous dedication of our management team. We have encountered and will continue to encounter, risks and difficulties frequently experienced by rapidly growing companies in evolving industries, including market acceptance of our products, adding new customers, intense competition, and our ability to manage our costs and operating expenses. Our future success will depend in part on our ability to manage our growth effectively, which will require us to, among other things:

•

effectively attract, integrate and retain a large number of new employees, particularly members of our sales and marketing, data science, and research and development teams;

•

further improve our platform and products, including our cloud modules and security capabilities, analytics, collective defense capabilities, and visualizations, and IT infrastructure, including expanding and optimizing our data centers, collection, and analytic capabilities, to support our business needs;

•

enhance our information and communication systems to ensure that our employees and offices around the world are well coordinated and can effectively communicate with each other and our growing base of customers and partners; and

•

improve our financial, management, and compliance systems and controls.

If we fail to achieve these objectives effectively, our ability to manage our expected growth, ensure uninterrupted operation of our platform and key business systems, and comply with the rules and regulations applicable to our business could be impaired. Additionally, the quality of our platform and services could suffer and we may not be able to adequately address competitive challenges. Any of the foregoing could adversely affect our business, results of operations, and financial condition.

We have a history of losses and may not be able to achieve or sustain profitability in the future.

We have incurred net losses in all periods since our inception. We experienced net losses of $55.4 million and $47.9 million for fiscal 2021 and fiscal 2020, respectively, and $(225.8) million and $(43.2) million for the nine months ended October 31, 2021 and 2020, respectively. As of October 31, 2021, we had an accumulated deficit of $(400.8) million. While we have experienced significant growth in revenue in recent periods, we cannot predict when or whether we will reach or maintain profitability. We also expect our operating expenses to increase over our historical expenses in the future as we continue to invest for future growth, which will negatively affect our results of operations if our total revenue does not increase. We cannot assure you that these investments will result in substantial increases in our total revenue or improvements in our results of operations. In addition to the anticipated costs to grow our business, we also expect to incur significant additional legal, accounting, and other expenses as a newly public operating company. Any failure to increase our revenue as we invest in our business or to manage our costs could prevent us from achieving or maintaining profitability or positive cash flow.

Our limited operating history makes it difficult to evaluate our current business and our future prospects and may increase the risk of your investment.

Legacy IronNet was founded in 2014 and we launched our first cybersecurity network detection and response product in 2016 (IronDefense) and our first collective defense product in 2018 (IronDome). Our limited operating history makes it difficult to evaluate our current business, our future prospects, and other trends, including our ability to plan for and model future growth. We have encountered, and we will continue to encounter, risks, uncertainties, and difficulties frequently experienced by rapidly growing companies in evolving industries, including our ability to achieve broad market acceptance of cloud- enabled, and/or software as a service (“SaaS”) delivered cybersecurity solutions and our platform, attract additional customers, grow partnerships, compete effectively, build and maintain effective compliance programs, and manage increasing expenses as we continue to invest in our business. If we do not address these risks, uncertainties and difficulties successfully, our business, and results of operations will be harmed. Further, we have limited historical financial data and operate in a rapidly evolving market. As a result, any predictions about our future revenue and expenses may not be as accurate as they would be if we had a longer operating history or operated in a more predictable market.

The COVID-19 pandemic could adversely affect our business, operating results and future revenue.

In March 2020, the World Health Organization declared COVID-19 a global pandemic. This contagious disease outbreak has spread across the globe and has and may continue to impact worldwide economic activity and financial markets. In light of the uncertain and rapidly evolving situation relating to the spread of COVID-19, and variants thereof, we have taken precautionary measures intended to mitigate the spread of the virus and minimize the risk to our employees, customers, partners, and the communities in which we operate. These measures have included transitioning our employee population to work remotely from home, imposing travel restrictions for our employees, shifting customer, partner and investor events to virtual-only formats, and limiting capacity at any of our offices which have reopened or may reopen during the pandemic’s duration. These precautionary measures, many of which we have now made largely permanent and sustainable, and associated economic issues, both in the United States and across the globe, could negatively affect our CS efforts, significantly delay and lengthen our sales cycles, impact our sales and marketing efforts, reduce employee efficiency and productivity, slow our international expansion efforts, increase cybersecurity risks, and create operational or other challenges, any of which could harm our business and results of operations. Moreover, due to our subscription-based business model, the effect of the COVID-19 pandemic may not be fully reflected in our results of operations until future periods, if at all.

In addition, the COVID-19 pandemic, and variants thereof, may disrupt the operations of our prospective clients, customers, and partners for an indefinite period of time. Some of our customers have been negatively impacted by the COVID-19 pandemic, which could result in delays in accounts receivable collection, or result in decreased technology spending, including spending on cybersecurity, which could negatively affect our revenues. Some of our prospective clients have also been negatively impacted by the COVID-19 pandemic, which could result in delays in sales or lengthen purchasing decisions.

More generally, the COVID-19 pandemic, including the emergence of variant strains of COVID-19, has adversely affected economies and financial markets globally, and continued uncertainty could lead to a prolonged economic downturn, which could result in a larger customer turnover than is currently anticipated, reduced demand for our products and services, and increased length of sales cycles, in which case our revenues could be significantly impacted. The impact of the COVID-19 pandemic may also exacerbate other risks discussed in this “Risk Factors” section and elsewhere in this prospectus. It is not possible at this time to estimate the impact that the COVID-19 pandemic could have on our business, as the impact will depend on future developments, which are highly uncertain and cannot be predicted.

If organizations do not adopt cloud-enabled, and/or SaaS-delivered cybersecurity solutions that may be based on new and untested security concepts, our ability to grow its business and results of operations may be adversely affected.

Our future success depends on the growth in the market for cloud-enabled and/or SaaS-delivered cybersecurity solutions. The use of SaaS solutions to manage and automate security and IT operations is rapidly evolving. As such, it is difficult to predict its potential growth, customer adoption and retention rates, customer demand for our solutions, or the success of existing or future competitive products. Any expansion in our market depends on a number of factors, including the cost, performance and perceived value associated with its solutions and those of its competitors. If our solutions do not achieve widespread adoption or there is a reduction in demand for our solutions due to a lack of customer acceptance, technological challenges, competing products, privacy or other liability concerns, decreases in corporate spending, weakening economic conditions, or otherwise, it could adversely affect our business, results of operations and financial results, resulting from such things as early terminations, reduced customer retention rates, or decreased sales. We do not know whether the trend in adoption of cloud- enabled and/or SaaS-delivered cybersecurity solutions that we have experienced in the past will continue in the future. Furthermore, if we or other SaaS security providers experience security incidents, loss, or disclosure of customer data, disruptions in delivery, or other problems, the market for SaaS solutions as a whole, including our security solutions, could be negatively affected.

In addition to reliance on a cloud-enabled and/or SaaS-delivered model, our cybersecurity utilize a novel and relatively new approach to collective defense that relies on customers sharing sensitive customer information with us. Some of that raw customer information may contain personal or confidential information, or data perceived to be personal or confidential information. From that customer information, we generate analytics that allow us to deliver threat knowledge and network intelligence at machine speed across a wide variety of industries. Because this new approach requires the sharing of sensitive customer information, concerns may exist that sharing of the customer information may violate, or be perceived as potentially violating, privacy laws or providing a competitive advantage to another entity. As a result, some current or prospective customers may decide not to procure our products or share any customer information. Such lack of acceptance could have negative effects on us, including reduced or lost revenues or inadequate information being available for our analysis, thus making our products less effective. In addition, uncertainties about the regulatory environment concerning personal information and the potential liability raised by sharing such information could further inhibit the broad-scale adoption of our solutions.

Historically, information sharing related to cybersecurity has been a very well accepted concept from a theoretical perspective but very difficult to implement in practice. Companies are generally reluctant to share their sensitive cyber information with other entities, despite knowing the advantages of doing so. Although raw customer information will not be shared with other parties, it does undergo filtering, concatenation, and other transformations within our solutions with the goal of removing any sensitive or personal information. Misperceptions may exist, however, about what information gets shared, with whom that information is shared, and the jurisdictions (including foreign countries) of the companies with which the information gets shared. Further, concerns of existing or potential customers may exist related to the ability to completely remove any indicia of the source company, general market rejection of information sharing, or specific market skepticism of our approach to collective defense, which may further add to a lack of customer acceptance.

In addition to the potential concerns related to sharing sensitive information in a system consisting of commercial or potentially competitive entities, additional concerns can arise when governments become involved as participants in the collective defense ecosystem. From a commercial perspective, companies frequently view information sharing with governments as risky, based on perceptions that the governments might use such shared information to take action against the companies or to otherwise utilize it in a way that will expose such companies to liability. Such perceptions could lead commercial entities to stop sharing, not procure our services in the first place, or terminate their relationship with us altogether. Similarly, governments (as customers) may be unable to properly process such data or utilize it in a meaningful way, or share useful information back into our

solutions. Any of these concerns could lead to reduced sales or contribute to a lack of customer acceptance. In addition, the mere involvement of one or more government entities may harm our reputation with certain companies.

If we are unable to attract new customers, our future results of operations could be harmed.

To expand our customer base, we will need to convince potential customers to allocate a portion of their discretionary budgets to purchase our platform and solutions. Our sales efforts have often involved educating our prospective customers about the uses and benefits of our platform and solutions. Enterprises and governments that use legacy security products, such as signature-based or malware-focused products, firewalls, intrusion prevention systems and endpoint technologies, may be hesitant to purchase our platform and solutions if they believe that legacy security products are more cost effective, provide substantially the same functionality as our platform and solutions or provide a level of cybersecurity that is sufficient to meet their needs.

We may have difficulty convincing prospective customers of the value of adopting our solutions. Even if we are successful in convincing prospective customers that a cloud-enabled platform like ours is critical to protect against cyberattacks, they may not decide to purchase our platform and solutions for a variety of reasons, some of which are out of our control. For example, any future deterioration in general economic conditions, including a downturn due to the outbreak of diseases such as COVID-19, may cause our current and prospective customers to cut their overall security and IT operations spending, and such cuts may fall disproportionately on cloud-based security solutions. Economic weakness, customer financial difficulties, and constrained spending on security and IT operations may result in decreased revenue and adversely affect our results of operations and financial condition. Additionally, if the incidence of cyberattacks were to decline, or enterprises or governments perceive that the general level or relative risk of cyberattacks has declined, our ability to attract new customers and expand sales of our solutions to existing customers could be adversely affected. If organizations do not continue to adopt our platform and solutions, our sales will not grow as quickly as anticipated, or at all, and our business, results of operations, and financial condition would be harmed.

If our customers do not renew their subscriptions for our products, our future results of operations could be harmed.

In order for us to maintain or improve our results of operations, it is important that our customers renew their subscriptions for our platform and solutions when existing contract terms expire, and that we expands our commercial relationships with our existing customers by selling additional subscriptions. Our customers have no obligation to renew their subscriptions after the expiration of their contractual subscription period, which is generally one year, and in the normal course of business, some customers have elected not to renew. In addition, our customers may renew for shorter contract subscription lengths or cease using certain solutions. Our customer retention and expansion may decline or fluctuate as a result of a number of factors, including its customers’ satisfaction with our services, our pricing, customer security and networking issues and requirements, our customers’ spending levels, mergers and acquisitions involving our customers, industry developments, competition and general economic conditions. If our efforts to maintain and expand our relationships with our existing customers are not successful, our business, results of operations, and financial condition may materially suffer.

As a first mover in collective defense for the commercial sector, we may face significant liability if we are unable to effectively anonymize and safeguard our clients’ data.

We are the first major commercial vendor to offer an end-to-end means to take full advantage of the collective defense concept that relies on customers sharing sensitive customer information with us. While raw customer information is not shared with other parties and shared data undergoes filtering and other transformations within our solution, with the goal of removing any sensitive or personal information, it is possible that customer information could be accessed by third parties (including competitors of our clients), through a failure of our

procedures to effectively anonymize the shared data or as a result of hackers gaining access to the raw data collected by us. To the extent we are not able to effectively anonymize and protect our customers’ data, we may be subject to liability, which could adversely affect our business, results of operations and financial condition. In addition, given the novelty of our approach, it is possible that other risks could surface of which we are currently unaware.

The market for cybersecurity solutions is intensely competitive, fragmented, and characterized by rapid changes in technology, customer requirements, industry standards, increasingly sophisticated attackers, and by frequent introductions of new or improved products to combat security threats. We expect to continue to face intense competition from our current competitors, as well as from new entrants into the market. If we are unable to anticipate or react to these challenges, our competitive position could weaken, and we could experience a decline in revenue or reduced revenue growth, and loss of market share that would adversely affect our business, financial condition and results of operations. The ability to compete effectively will depend upon numerous factors, many of which are beyond our control, including, but not limited to:

•

product capabilities, including performance and reliability, of our platform, including our services and features particularly in the areas of analytics and collective defense, compared to those of our competitors;

•

our ability, and the ability of our competitors, to improve existing products, services and features, or to develop new ones to address evolving customer needs;

•

our ability to attract, retain and motivate talented employees;

•

our ability to establish, capitalize on, maintain, and grow relationships with distribution and technology partners;

•

the strength of our sales and marketing efforts; and

•

acquisitions or consolidation within our industry, which may result in more formidable competitors.

Our competitors include the following companies by general category:

•

First generation Network Detection and Response (NDR) vendors such as DarkTrace or Vectra Networks, who offer point products based on Bayesian analysis, outlier analysis, and heuristic detection-based detection;

•

Network security vendors, such as Cisco and Palo Alto Networks, Inc., who are supplementing their core network security additional behavioral-based detection with behavioral-based detection, threat intelligence and security operations solutions; and

•

Legacy network infrastructure and performance monitoring companies such as ExtraHop and Arista Networks, who are adding security use cases to their infrastructure products.

Many of these competitors have greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a significantly larger base of customers than we do. They may be able to devote greater resources to the development, promotion, and sale of services than we can, and they may offer lower pricing than we do. Further, they may have greater resources for research and development of new technologies, the provision of customer support, and the pursuit of acquisitions, or they may have other financial, technical or other resource advantages. Our larger competitors have substantially broader and more diverse product and services offerings as well as routes to market, which may allow them to leverage their relationships based on other products, or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products.

Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering or acquisitions by competitors or continuing market consolidation. Some of our current or potential competitors have made or could make acquisitions of businesses or establish cooperative relationships that may allow them to offer more directly competitive and comprehensive solutions than were previously offered and adapt more quickly to new technologies and customer needs. These competitive pressures in the market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, increased net losses and loss of market share. Further, many competitors that specialize in providing protection from particular types of security threats may be able to deliver these more targeted security products to the market quicker than we can or may be able to convince organizations that these more limited products meet their needs.

Even if there is significant demand for cloud-based security solutions like ours or if our competitors include functionality that is, or is perceived to be, equivalent to or better than ours in legacy products that are already generally accepted as necessary components of an organization’s cybersecurity architecture, we may have difficulty increasing the market penetration of our platform. Furthermore, even if the functionality offered by other security and IT operations providers is different and more limited than the functionality of our platform, organizations may elect to accept such limited functionality in lieu of adding products from additional vendors like us. If we are unable to compete successfully, our business, financial condition, and results of operations would be adversely affected.

Competitive pricing pressure may reduce gross profits and adversely affect our financial results.

If we are unable to maintain our pricing due to competitive pressures or other factors, our margins may be reduced and our gross profits, business, results of operations and financial condition may be adversely affected. The subscription prices for our platform, solutions, and professional services may decline for a variety of reasons, including competitive pricing pressures, discounts, anticipation of the introduction of new solutions by competitors, or promotional programs offered by us or our competitors. Competition continues to increase in the market segments in which we operate, and we expect competition to further increase in the future. Larger competitors with more diverse product and service offerings may reduce the price of products or subscriptions that compete with ours or may bundle them with other products and subscriptions in an effort to leverage their existing market share to make it harder for newer companies, like us, to effectively compete.

Real or perceived defects, errors, or vulnerabilities in our platform and solutions, the failure of our platform to detect or prevent incidents, including advanced and newly developed attacks, misconfiguration of our solutions, actions or inactions by employees or contractors that create vulnerabilities in our platform or solutions, or the failure of customers to take action on attacks identified by our platform could harm our reputation and adversely affect our business, financial position, and results of operations. Because our cloud-enabled security platform is complex, it may contain defects or errors that are not detected until after deployment. We cannot assure you that our products will detect all cyberattacks, especially in light of the rapidly changing security threat landscape that its solution seeks to address. Due to a variety of both internal and external factors, including, without limitation, defects or misconfigurations of its solutions, our solutions could become vulnerable to security incidents (both from intentional attacks and accidental causes) that cause them to fail to secure networks and detect and block attacks. In addition, because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, there is a risk that an advanced attack could emerge that our cloud-enabled security platform is unable to detect or prevent until after some of our customers are affected. For example, certain computer hackers may be supported or directly employed by so-called nation-states, which are generally defined as sovereign territories with individuals who share a common history and set of ideals. In the context of cybersecurity, certain aggressive nation-states with a history of

disregarding generally acceptable computer network norms may employ particularly sophisticated and experienced actors who focus on being persistent, unpredictable, and innovative, with the ability to tap into significant nation-state budgets. This allows such nation-state attackers to develop expansive attack playbooks and access to cutting-edge technology to facilitate their attacks, including new, or so-called zero-day, attacks. Such nation-state attackers could successfully attack us or our customers, which could significantly harm our reputation. Additionally, our platform may falsely indicate a cyberattack or threat that does not actually exist, which may lessen customers’ trust in our solutions.

Moreover, as our cloud-enabled security platform is adopted by an increasing number of enterprises and governments, it is possible that the individuals and organizations behind advanced cyberattacks will begin to focus on finding ways to defeat its security platform. If this happens, our systems and subscription customers could be specifically targeted by attackers and could result in vulnerabilities in its platform or undermine the market acceptance of our platform and could adversely affect our reputation as a provider of security solutions. Because we host customer data on its cloud and other platforms, which in some cases may contain personally identifiable information (“PII”) or potentially confidential information, a security compromise, or an accidental or intentional misconfiguration or malfunction of our platform could result in PII and other customer data being accessible to attackers or to other customers. Further, if a high-profile security breach occurs with respect to another next-generation or cloud-enabled security system, our customers and potential customers may lose trust in such solutions generally, and cloud-enabled security solutions in particular.

Organizations are increasingly subject to a wide variety of attacks on their networks, systems, and endpoints. No security solution, including our platform, can address all possible security threats or block all methods of penetrating a network or otherwise perpetrating a security incident. There could be situations where our solutions detect attacks against a customer but the customer does not address the vulnerability, which could cause customers and the public to erroneously believe that our solutions were not effective. Real or perceived security breaches of our customers’ networks could cause disruption or damage to their networks or other negative consequences and could result in negative publicity to us, damage to our reputation, and other customer relations issues, and may adversely affect our revenue and results of operations.

As a cybersecurity provider, we may be a target of cyberattacks. If our internal networks, systems or data are or are perceived to have been compromised, our reputation may be damaged and our financial results may be negatively affected.

As a provider of security solutions, our platform may be specifically targeted by bad actors for attacks intended to circumvent our security capabilities or to exploit our platform as an entry point into customers’ endpoints, networks, or systems. In particular, because we have been involved in the identification of organized cybercriminals and nation-state actors, we may be the subject of intense efforts by sophisticated cyber adversaries who seek to compromise our systems or leverage our access. We are also susceptible to inadvertent compromises of our systems and data, including those arising from process, coding, or human errors. A successful attack or other incident that compromises us or our customers’ data or results in an interruption of service could have a significant negative effect on our operations, reputation, financial resources, and the value of our intellectual property. We cannot assure you that any of our efforts to manage this risk will be effective in protecting us from such attacks.

It is virtually impossible to entirely eliminate the risk of such compromises, interruptions in service, or other security incidents affecting our internal systems or data. Organizations are subject to a wide variety of attacks on their networks, systems and endpoints, and techniques used to sabotage or to obtain unauthorized access to networks in which data is stored or through which data is transmitted change frequently. Furthermore, employee error or malicious activity could compromise its systems. As a result, we may be unable to anticipate these techniques or implement adequate measures to prevent an intrusion into our networks, which could result in unauthorized access to customer data, intellectual property including access to its source code, and information about vulnerabilities in our product, which in turn could reduce the effectiveness of our solutions, or lead to

cyberattacks or other intrusions of our customers’ networks. If any of these events were to occur, they could damage our relationships with our customers and could have a negative effect on our ability to attract and retain new customers. We have expended, and we anticipate we will continue to expend significant amounts and resources in an effort to prevent security breaches and other security incidents impacting our systems and data. Since our business is focused on providing reliable security services to our customers, an actual or perceived security incident affecting our internal systems or data or data of its customers would be especially detrimental to our reputation and customer confidence in our solutions.

In addition, while we maintain, and we will continue to maintain, insurance policies that may cover certain liabilities in connection with a cybersecurity incident, we cannot be certain that the insurance coverage will be adequate for liabilities actually incurred, that insurance will continue to be available to us on commercially reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims that exceed available insurance coverage, or the occurrence of changes in insurance policies, including premium increases or the imposition of large deductible or coinsurance requirements, could have a material adverse effect on our business, including its financial condition, results of operations and reputation.

We rely on third-party data centers and our own colocation data centers to host and operate our platform, and any disruption of or interference with our use of these facilities may negatively affect our ability to maintain the performance and reliability of our platform, which could cause our business to suffer.

Our customers depend on the continuous availability of our platform. We currently host our platform and serves our customers using a mix of third-party data centers, primarily Amazon Web Services (“AWS”) and Microsoft Azure, and, primarily for our own use, in our own data centers, hosted in colocation facilities. Consequently, we may be subject to service disruptions as well as failures to provide adequate support for reasons that are outside of our direct control. We may experience interruptions, delays and outages in service and availability from time to time due to a variety of factors, including infrastructure changes, human or software errors, website hosting disruptions and capacity constraints. Also, customers may be subject to the same risk factors as some of them host our solutions in their own data centers.

The following factors, many of which are beyond our control, can affect the delivery, availability, and the performance of our platform:

•

the development and maintenance of the infrastructure of the internet;

•

the performance and availability of third-party providers of cloud infrastructure services with the necessary speed, data capacity, and security for providing reliable internet access and services;

•

decisions by the owners and operators of the data centers where our cloud infrastructure is deployed to terminate our contracts, discontinue services, shut down operations or facilities, increase prices, change service levels, limit bandwidth, declare bankruptcy or prioritize the traffic of other parties;

•

physical or electronic break-ins, acts of war or terrorism, human error or interference (including by disgruntled employees, former employees or contractors) and other catastrophic events;

•

cyberattacks, including denial of service attacks, targeted at us, our data centers, or the infrastructure of the internet;

•

failure by us to maintain and update our cloud infrastructure to meet our data capacity requirements;

•

errors, defects, or performance problems in our software, including third-party or open-source software incorporated in our software;

•

improper deployment or configuration of our solutions;

•

the failure of its redundancy systems, in the event of a service disruption at one of our data centers, to provide failover to other data centers in our data center network;

•

the failure of our disaster recovery and business continuity arrangements; and

•

effects of third-party software updates with hidden malware, similar to the supply chain attack that occurred via SolarWinds.

The adverse effects of any service interruptions on our reputation, results of operations, and financial condition may be disproportionately heightened due to the nature of our business and the fact that our customers have a low tolerance for interruptions of any duration. Interruptions or failures in our service delivery could result in a cyberattack or other security threat to one of our customers during such periods of interruption or failure. Additionally, interruptions or failures in our service could cause customers to terminate their subscriptions, adversely affect renewal rates, and harm our ability to attract new customers. Our business would also be harmed if our customers believe that a cloud-enabled and/or SaaS- delivered cybersecurity solution is unreliable. We may experience service interruptions and other performance problems due to a variety of factors. The occurrence of any of these factors, or if it is unable to rapidly and cost-effectively fix such errors or other problems that may be identified, could damage its reputation, negatively affect our relationship with our customers or otherwise harm our business, results of operations and financial condition.

If we do not effectively expand and train our direct sales force, we may be unable to add new customers or increase sales to existing customers, and our business will be adversely affected.

We depend on our direct sales force to obtain new customers and increase sales with existing customers. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel, particularly in international markets. We have expanded our sales organization significantly in recent periods and expect to continue to add additional sales capabilities in the near term. There is significant competition for sales personnel with the skills and technical knowledge that we require. New hires require significant training and may take significant time before they achieve full productivity, and this delay is accentuated by our long sales cycles. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plans to do business. In addition, a large percentage of our salesforce is new to our business and selling our solutions, and therefore this team may be less effective than our more seasoned sales personnel. Furthermore, hiring sales personnel in new countries, or expanding our existing presence, requires upfront and ongoing expenditures that we may not recover if the sales personnel fail to achieve full productivity. We cannot predict whether, or to what extent, our sales will increase as we expand our sales force or how long it will take for sales personnel to become productive. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new customers or increasing sales to our existing customer base, our business and results of operations will be adversely affected.

Because we recognize revenue from subscriptions to our platform and other forms of providing customers with access to our software over the term of the subscription or contract, downturns or upturns in new business will not be immediately reflected in our results of operations.

We generally recognize revenue from customers ratably over the terms of their subscription or contract term, which average over three years in length, though may be as short as one year or less. As a result, a substantial portion of the revenue that we report in each period is attributable to the recognition of deferred revenue relating to agreements that we entered into during previous periods. Consequently, any increase or decline in new sales or renewals in any one period will not be immediately reflected in our revenue for that period. Any such change, however, would affect our revenue in future periods. Accordingly, the effect of downturns or upturns in new sales and potential changes in our rate of renewals may not be fully reflected in our results of operations until future periods.

A limited number of customers represent a substantial portion of our revenue. If we fail to retain these customers, our revenue could decline significantly.

We derive a substantial portion of our revenue from a limited number of customers. For the years ended January 31, 2021 and 2020, six customers accounted for 46% or $13,381 with one of those customers accounting for 10% and four customers accounted for 48% or $11,187 with all four being over 10% of the Company’s revenue, respectively. As of October 31, 2021 and January 31, 2021, three and three customers represented 60% and 85%, respectively, of our total accounts receivable balance. Significant customers are those which represent at least 10% of our total revenue at each respective period ending date. The following table presents customers that represented 10% or more of our total annual revenue:


	Year Ended January 31,
	2021			2020
Customer A		10	%			*
Customer B			*		14	%
Customer C			*		10	%
Customer D			*		10	%
Customer E			*		14	%

*	Less than 10%

For the nine months ended October 31, 2021, two significant customers accounted for 22% of our revenues. The following table presents customers that represented 10% or more of our total revenue for the nine months ended October 31, 2021 and 2020. The below Customer table was denoted in line with our quarterly report on Form 10-Q for the quarterly period ended October 31, 2021:


	Nine Months Ended October 31,
	2021			2020
Customer A		11	%			*
Customer B		11	%			*
Customer C			*		10	%

		22	%		10	%

*	Less than 10%

As a result, our revenue could fluctuate materially and could be materially and disproportionately impacted by purchasing decisions of these customers or any other significant future customer. Any of our significant customers may decide to purchase less than they have in the past, may alter their purchasing patterns at any time with limited notice, or may decide not to continue to license our products at all, any of which could cause our revenue to decline and adversely affect our financial condition and results of operations. If we do not further diversify our customer base, we will continue to be susceptible to risks associated with customer concentration.

Our results of operations may fluctuate significantly, which could make our future results difficult to predict and could cause our results of operations to fall below expectations.

Our results of operations have varied significantly from period to period, and we expect that our results of operations will continue to vary as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:

•

the impact of the COVID-19 pandemic, including the emergence of variant strains of COVID-19, on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and employees;

•

our ability to attract new and retain existing customers;

•

the budgeting cycles, seasonal buying patterns, and purchasing practices of customers;

•

the timing and length of our sales cycles;

•

changes in customer or distribution partner requirements or market needs;

•

changes in the growth rate of our market;

•

the timing and success of new product and service introductions by us or our competitors or any other competitive developments, including consolidation among our customers or competitors;

•

the level of awareness of cybersecurity threats, particularly advanced cyberattacks, and the market adoption of our platform;

•

our ability to successfully expand our business domestically and internationally;

•

decisions by organizations to purchase security solutions from larger, more established security vendors or from their primary IT equipment vendors;

•

changes in our pricing policies or those of our competitors;

•

any disruption in our relationship with distribution partners;

•

insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our solutions;

•

significant security breaches of, technical difficulties with or interruptions to, the use of our platform;

•

extraordinary expenses such as litigation or other dispute-related settlement payments or outcomes;

•

rising inflation and our ability to control costs, including our operating expenses;

•

general economic conditions, both in domestic and foreign markets;

•

future accounting pronouncements or changes in our accounting policies or practices;

•

negative media coverage or publicity;

•

political events;

•

the amount and timing of operating costs and capital expenditures related to the expansion of our business; and

•

increases or decreases in expenses caused by fluctuations in foreign currency exchange rates.

In addition, we experience seasonal fluctuations in our financial results as we can receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in the fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers. Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other results from period to period. As a result of this variability, our historical results of operations should not be relied upon as an indication of future performance. Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, our stock price could fall substantially, and we could face costly lawsuits, including securities class action suits.

Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense.

Our revenue recognition is difficult to predict because of the length and unpredictability of the sales cycle for our platform, particularly with respect to large organizations and government entities. Customers often view the subscription to our platform as a significant strategic decision and, as a result, frequently require considerable time to evaluate, test, and qualify our platform and solutions prior to entering into or expanding a relationship with us. Large enterprises and government entities in particular often undertake a significant evaluation process that further lengthens our sales cycle.

Our direct sales team develops relationships with our customers, and works with our distribution partners on account penetration, account coordination, sales and overall market development. We spend substantial time and resources on our sales efforts without any assurance that our efforts will produce a sale. Security solution purchases are frequently subject to budget constraints, multiple approvals, and unanticipated administrative, processing, and other delays. As a result, it is difficult to predict whether and when a sale will be completed. The failure of our efforts to secure sales after investing resources in a lengthy sales process could adversely affect our business and results of operations.

We rely heavily on the services of our senior management team, and if we are not successful in attracting or retaining senior management personnel, we may not be able to successfully implement our business strategy.

Our future success will be substantially dependent on our ability to attract, retain, and motivate the members of its management team. In particular, we will be highly dependent on the services of GEN Keith B. Alexander (Ret.) and William Welch, our co-chief executive officers, who will be critical to our future vision and strategic direction. We will also rely on our leadership team in the areas of operations, security, analytics, engineering, product management, research and development, marketing, sales, partnerships, mergers and acquisitions, support, and general and administrative functions. GEN Alexander is important to our future growth as he provides access to key decisionmakers within government agencies and the private sector, and his leadership role would be difficult to replace. Although we expect that we will enter into new employment agreements with some of our key personnel, our employees, including our executive officers, will be employed on an “at-will” basis, which means they may terminate their employment with us at any time. If one or more of our key employees resigns or otherwise ceases to provide us with their service, our business could be harmed.

If we are unable to attract and retain qualified personnel, our business could be harmed.

There is significant competition for personnel with the skills and technical knowledge that we will require across our technology, cyber, sales, professional services and administrative support functions. Competition for these personnel in the Washington, D.C. metro area, where our corporate headquarters is located, and in other locations where we maintain offices or otherwise operate, is competitive, especially for experienced sales professionals, engineers and data scientists experienced in designing and developing cybersecurity software. Although our current remote work environment facilitates our ability to attract talent across a wider geographic base, we have from time to time experienced, and we expect to continue to experience, difficulty in hiring and retaining employees with appropriate qualifications. Many of the companies with which we compete for experienced personnel have greater resources than us. Our competitors also may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. We may also be subject to allegations that employees we hire have been improperly solicited, or that they have divulged proprietary or other confidential information or that their former employers own such employees’ inventions or other work product, or that they have been hired in violation of non-compete provisions or non-solicitation provisions.

In addition, job candidates and existing employees often consider the value of the equity awards they receive in connection with their employment. Volatility or lack of performance in our stock price may also affect our ability to attract and retain key employees. Some of our employees will become vested in a substantial amount of equity awards, which may give them a material amount of personal wealth. This may make it more difficult for us to retain and motivate these employees, and this wealth could affect their decision about whether or not they continue to work for us. Any failure to successfully attract, integrate or retain qualified personnel to fulfill our current or future needs could adversely affect our business, results of operations and financial condition.

If we are not able to maintain and enhance our brand and our reputation as a provider of high-efficacy cybersecurity solutions, our business and results of operations may be adversely affected.

We believe that maintaining and enhancing our brand and our reputation as a provider of high-efficacy cybersecurity solutions is critical to our relationship with our existing customers and distribution partners and our

ability to attract new customers and partners. The successful promotion of our brand will depend on a number of factors, including our investment in marketing efforts, our ability to continue to develop additional features for our platform, our ability to successfully differentiate our platform from competitive cloud-enabled or legacy security solutions and, ultimately, our ability to detect and remediate cyberattacks. Although we believe it is important for our growth, these brand promotion activities may not be successful or yield increased revenue.

In addition, independent industry or financial analysts and research firms often test our solutions and provide reviews of our platform, along with the products of our competitors, and perception of our platform in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products, our brand may be adversely affected. Our solutions may fail to detect or prevent threats in any particular test for a number of reasons that may or may not be related to the efficacy of our solutions in real world environments. To the extent potential customers, industry analysts, or testing firms believe that the occurrence of a failure to detect or prevent any particular threat is a flaw or indicates that our solutions or services do not provide significant value, we may lose customers, and our reputation, financial condition, and business would be harmed. Additionally, the performance of our distribution partners may affect its brand and reputation if customers do not have a positive experience with these partners. In addition, we have in the past worked, and we will continue to work, with high profile customers as well as assist in analyzing and remediating high profile cyberattacks. This work with such customers and cyberattacks may expose us to negative publicity and media coverage. Negative publicity, including about the efficacy and reliability of our platform, its products offerings, our professional services and the customers we work with, even if inaccurate, could adversely affect our reputation and brand.

In addition to its direct sales force, we rely on certain key distribution partners to sell and support our platform. An increasing amount of our sales flow through our distribution partners, and we expect our reliance on such partners to continue to grow for the foreseeable future. Additionally, we have entered into, and we intend to continue to enter into, partnerships with third parties to support our future growth plans. The loss of a substantial number of distribution partners, or the failure to recruit additional partners, could adversely affect our results of operations. Our ability to achieve revenue growth in the future will depend in part on its success in maintaining successful relationships with our distribution partners and in training them to independently sell and deploy our platform. If we fail to effectively manage our existing sales channels, or if our distribution partners are unsuccessful in fulfilling the orders for our solutions, or if we are unable to recruit and retain a sufficient number of high quality distribution partners who are motivated to sell our products, our ability to sell our products and results of operations will be harmed.

Our future growth depends, in part, on increasing sales to government organizations. Demand from government organizations is often unpredictable, subject to budgetary uncertainty and typically involves long sales cycles. We have made significant investments to address the government sector, but we cannot assure you that these investments will be successful, or that we will be able to maintain or grow our revenue from the government sector. Although we anticipate that they may increase in the future, sales to U.S. federal, state and local governmental agencies have not accounted for, and may never account for, a significant portion of our revenue. U.S. federal, state and local government sales are subject to a number of challenges and risks that may adversely impact our business. Sales to such government entities include the following risks:

•

selling to governmental agencies can be highly competitive, expensive and time-consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;

•

government certification requirements applicable to our products may change and, in doing so, restrict our ability to sell into the U.S. federal government sector until it has attained the required certifications.

•

government demand and payment for our platform may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our platform;

•

governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our platform, which would adversely impact our revenue and results of operations, or institute fines or civil or criminal liability if the audit were to uncover improper or illegal activities;

•

interactions with the U.S. federal government may be limited by post-employment ethics restrictions on members of our management;

•

foreign governments may have concerns with purchasing security products from a company that employs former NSA employees and officials, which may negatively impact sales; and

•

governments may require certain products to be manufactured, hosted, or accessed solely in their country or in other relatively high-cost manufacturing locations, and we may not manufacture all products in locations that meet these requirements, affecting its ability to sell these products to governmental agencies.

We have achieved Federal Risk and Authorization Management Program (“FedRAMP”) “FedRAMP- ready” status, but such status is only available for a certain period of time before which it must be utilized. If not utilized, we would likely have to go through certain parts of the FedRAMP process again in order to sell its products to government agencies. Moreover, even if we were to achieve FedRAMP-certified status, such certification is costly to maintain, and if we were to lose such a certification in the future it would restrict its ability to sell to government customers. It is also possible that additional guidelines and/or certifications, such as the Cybersecurity Maturity Model Certification (“CMMC”), will be required to expand participation in the government sectors.

The occurrence of any of the foregoing could cause governments and governmental agencies to delay or refrain from purchasing our solutions in the future or otherwise have an adverse effect on our business and results of operations.

We may not scale and adapt our existing technology in a timely and cost-effective manner to meet our customers’ performance and other requirements.

Our future growth will be dependent upon our ability to continue to meet the needs of new customers and the expanding needs of our existing customers as their use of our solutions grows. As our customers gain more experience with our solutions, the number of events, the amount of data transferred, processed, and stored by it, the number of locations where its platform and services are being accessed, have in the past, and may in the future, expand rapidly. In order to meet the performance and other requirements of our customers, we intend to continue to make significant investments to increase capacity and to develop and implement new technologies in our service and cloud infrastructure operations. These technologies, which include databases, applications, and server optimizations, network and hosting strategies, and automation, are often advanced, complex, new, and untested. We may not be successful in developing or implementing these technologies. In addition, it takes a significant amount of time to plan, develop, and test improvements to our technologies and infrastructure, and we may not be able to accurately forecast demand or predict the results it will realize from such improvements. To the extent that we do not effectively scale our operations to meet the needs of our growing customer base and to maintain performance as our customers expand their use of our solutions, we may not be able to grow as quickly as anticipated, customers may reduce or cancel use of our solutions and we may be unable to compete as effectively and its business and results of operations may be harmed.

Additionally, we have made, and we will continue to make, substantial investments to support growth at our data centers partners and improve the profitability of our cloud platform. If our cloud-based server costs were to increase or pricing pressure causes price movements out of proportion with changes in unit operating costs, its business, results of operations and financial condition may be adversely affected. Although we expect that we could receive similar services from other third parties, if any of our arrangements with third-party providers are terminated, we could experience interruptions on its platform and in its ability to make its solutions available to customers, as well as delays and additional expenses in arranging alternative cloud infrastructure services. Ongoing improvements to cloud infrastructure may be more expensive than anticipated and may not yield the expected savings in operating costs or the expected performance benefits. In addition, we may be required to re-invest any cost savings achieved from our prior cloud infrastructure improvements in future infrastructure projects to maintain the levels of service required by its customers. We may not be able to maintain or achieve cost savings from its investments, which could harm our financial results.

The market opportunity estimates and growth forecasts included in this prospectus could prove to be inaccurate, and any real or perceived inaccuracies may harm our reputation and negatively affect its business.

This prospectus includes our estimates of the addressable market for our cloud-based SaaS-delivered cybersecurity solution. Market opportunity estimates and growth forecasts, whether obtained from third-party sources or developed internally, are subject to significant uncertainty and are based on assumptions and estimates that may not prove to be accurate. The estimates and forecasts in this prospectus relating to the size and expected growth of our target markets may prove to be inaccurate. In particular, the estimates regarding our current and projected market opportunity are difficult to predict. In addition, our estimates of the addressable market for cloud-based SaaS-delivered cybersecurity solutions reflect the opportunity available from all participants and potential participants in the market, and we cannot predict with precision its ability to address this demand or the extent of market adoption of our solutions. The addressable market we estimates may not materialize for many years, if ever, and even if the markets in which we compete meet the size estimates and growth forecasted in this registration statement, our business could fail to grow at similar rates, if at all. Accordingly, the forecasts of market growth included in this registration statement should not be taken as indicative of our future growth.

The success of our business will depend in part on our ability to protect and enforce its intellectual property rights.

We believe that our intellectual property will be an essential asset of our business, and its success and ability to compete will depend in part upon protection of intellectual property rights. We have relied, and we will continue to rely, on a combination of patent, copyright, trademark, and trade secret laws, as well as confidentiality procedures and contractual provisions, to establish and protect its intellectual property rights in the United States and abroad, all of which provide only limited protection. The efforts we have taken to protect our intellectual property may not be sufficient or effective, and our trademarks, copyrights and patents may be held invalid or unenforceable. Moreover, we cannot assure you that any patents will be issued with respect to our currently pending patent applications, including in a manner that will give us adequate defensive protection or competitive advantages, or that any patents issued to us will not be challenged, invalidated or circumvented. We have filed for patents in the United States and in certain non-U.S. jurisdictions, but such protections may not be available in all countries in which we will operate or in which we will seek to enforce intellectual property rights, or the intellectual property rights may be difficult to enforce in practice. For example, many foreign countries have compulsory licensing laws under which a patent owner must grant licenses to third parties under certain circumstances. In addition, many countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. Moreover, we may need to expend additional resources to defend its intellectual property rights in these countries, and our inability to do so could impair our business or adversely affect our plans for international expansion. Our currently issued patents and any patents that may be issued in the future with respect to pending or future patent applications may not provide sufficiently broad protection or they may not prove to be enforceable in actions against alleged infringers.

We may not be effective in policing unauthorized use of our intellectual property, and even if we do detect violations, litigation may be necessary to enforce our intellectual property rights. Protecting against the unauthorized use of intellectual property rights, technology and other proprietary rights is expensive and difficult, particularly outside of the United States. Any enforcement efforts undertaken, including litigation, could be time-consuming and expensive and could divert management’s attention, which could harm our business and results of operations. Further, attempts to enforce rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us, or challenge our intellectual property rights which could result in a holding that invalidates or narrows the scope of our intellectual property rights, in whole or in part. The inability to adequately protect and enforce our intellectual property and other proprietary rights could seriously harm our business, results of operations and financial condition. Even if we are able to secure our intellectual property rights, we cannot assure you that such rights will provide us with competitive advantages or distinguish our services from those of our competitors or that our competitors will not independently develop similar technology, duplicate any of our technology, or design around our patents.

Claims by others that we infringe their proprietary technology or other intellectual property rights could result in significant costs and substantially harm our business, financial condition, results of operations and prospects.

Claims by others that we infringe or misappropriates their proprietary technology or other intellectual property rights could harm our business. Companies in the cybersecurity industry could hold patents and also protect their copyright, trade secret and other intellectual property rights, entering into litigation based on allegations of patent infringement or other violations of intellectual property rights. As we will face increasing competition as we grow, the possibility of intellectual property rights claims against us could also grow. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that such personnel have divulged proprietary or other confidential information of competitors to us. From time to time, third parties may assert claims of infringement or misappropriation of intellectual property rights against us. Although there have been no such claims made against the company to date, there can be no assurance that such claims may not be made in the future.

Third parties may in the future also assert claims against our customers or distribution partners, whom its standard license and other agreements may obligate us to indemnify against claims that our solutions infringe the intellectual property rights of third parties. As the number of products and competitors in the cybersecurity market increases and overlaps occur, claims of infringement, misappropriation, and other violations of intellectual property rights may increase. While we intend to increase the size of our patent portfolio, many of our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, future litigation may involve non-practicing entities, companies, or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. Any claim of intellectual property infringement by a third party, even a claim without merit, could cause us to incur substantial costs defending against such claim, could distract its management from our business and could require us to cease use of such intellectual property.

Additionally, our insurance may not cover intellectual property rights infringement claims that may be made. In the event that we fail to successfully defend ourselves against an infringement claim, a successful claimant could secure a judgment or otherwise require payment of legal fees, settlement payments, ongoing royalties, or other costs or damages; or we may agree to a settlement that prevents us from offering certain services or features; or we may be required to obtain a license, which may not be available on reasonable terms, or at all, to use the relevant technology. If we are prevented from using certain technology or intellectual property, we may be required to develop alternative, non-infringing technology, which could require significant time, during which we could be unable to continue to offer our affected services or features, effort and expense, and may ultimately not be successful.

Although third parties may offer a license to their technology or other intellectual property, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, financial condition and results of operations to be adversely affected. In addition, some licenses may be nonexclusive, and therefore its competitors may have access to the same technology licensed to it. If a third party does not offer us a license to its technology or other intellectual property on reasonable terms, or at all, we could be enjoined from continued use of such intellectual property. As a result, we may be required to develop alternative, non-infringing technology, which could require significant time, during which we could be unable to continue to offer our affected products, subscriptions or services, effort, and expense and may ultimately not be successful. Furthermore, a successful claimant could secure a judgment or we may agree to a settlement that prevents us from distributing certain products, providing certain subscriptions or performing certain services or that requires us to pay substantial damages, royalties or other fees. Any of these events could harm our business, financial condition and results of operations.

We license technology from third parties, and our inability to maintain those licenses could harm its business.

We currently incorporate, and will in the future incorporate, technology that we license from third parties, including software, into our solutions. We cannot be certain that our licensors do not or will not infringe on the intellectual property rights of third parties or that our licensors have or will have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our platform. Some of our agreements with our licensors may be terminated by them for convenience, or otherwise provide for a limited term. If we are unable to continue to license technology because of intellectual property infringement claims brought by third parties against our licensors or against us, or if we are unable to continue the license agreements or enter into new licenses on commercially reasonable terms, our ability to develop and sell solutions and services containing that technology would be limited, and our business could be harmed. Additionally, if we are unable to license technology from third parties, we may be forced to acquire or develop alternative technology, which we may be unable to do in a commercially feasible manner or at all, and may require us to use alternative technology of lower quality or performance standards. This could limit or delay our ability to offer new or competitive solutions and increase our costs. As a result, its margins, market share, and results of operations could be significantly harmed.

If we are not able to satisfy data protection, security, privacy, and other government- and industry-specific requirements or regulations, our business, results of operations, and financial condition could be harmed.

Personal privacy, data protection, information security, telecommunications regulations, and other laws, regulations, and industry standards (including proposed new proposed versions) applicable to specific categories of information are significant issues in the United States, Europe, and in other key jurisdictions where we offer our solutions, including in South and East Asia and the Middle East. The data that we collect, analyze and store is subject to a variety of laws and regulations, including regulation by various government agencies. The U.S. federal government, and various state and foreign governments, have adopted or proposed limitations on the collection, distribution, use, and storage of certain categories of information, such as PII of individuals, health information, and other sector-specific types of data, including but not limited to regulations promulgated by Federal Trade Commission and under the provisions of the Electronic Communication Privacy Act, Computer Fraud and Abuse Act, the Health Insurance Portability and Accountability Act, and the Gramm-Leach-Bliley Act. Laws and regulations outside the United States, and particularly in Europe, often are more restrictive than those in the United States. Such laws and regulations may require companies to implement privacy and security policies, permit customers to access, correct, and delete personal information stored or maintained by such companies, inform individuals of security breaches that affect their personal information, and, in some cases, obtain individuals’ consent to use PII for certain purposes. In addition, some foreign governments require that any information of certain categories, such as financial or PII collected in a country not be transferred outside of that country without consent. We also may find it necessary or desirable to join industry or other self-regulatory bodies or other information security or data protection-related organizations that require compliance with their rules pertaining to information security and data protection. We also may be bound by additional, more stringent

contractual obligations relating to our collection, use and disclosure of personal, financial and other data.We cannot yet determine the impact of future laws, regulations, standards, or perception of their requirements may have on its business. For example, the European Commission adopted the European General Data Protection Regulation (“GDPR”), that applies to the processing of certain personal data of data subjects in the European Economic Area (“EEA”). As compared to previously data protection law in the European Union, the GDPR imposes additional obligations and risk upon our business and increases substantially the penalties to which we could be subject in the event of any non-compliance. Administrative fines for certain violations under the GDPR can amount up to 20 million Euros or four percent of worldwide annual revenue for the prior fiscal year, whichever is higher. We have incurred substantial expense in complying with the obligations imposed by the GDPR, and we may be required to do so in the future, potentially making significant changes in its business operations, which may adversely affect our revenue and our business overall. Additionally, we are unable to predict how obligations under the GDPR will be applied to us or our customers. Despite our efforts to attempt to comply with the GDPR, a regulator may determine that a customer has not done so and subject it to fines and public censure, which could harm our business.

Among other requirements, the GDPR regulates transfers of personal data subject to the GDPR to third countries that have not been found to provide adequate protection to such personal data, including the United States. We have undertaken certain efforts to conform transfers of personal data from the EEA to the United States and other jurisdictions based on its understanding of current regulatory obligations and the guidance of data protection authorities. Despite this, we may be unsuccessful in establishing or maintaining conforming means of transferring such data from the EEA, in particular as a result of continued legal and legislative activity within the European Union. For example, in July 2020 the European Court of Justice (“ECJ”) invalidated the EU-U.S. Privacy Shield in a decision known as Schrems II. The ECJ decision also raised questions about the continued validity of one of the primary alternatives to the EU-U.S. Privacy Shield, namely the European Commission’s Standard Contractual Clauses, and EU regulators have issued additional guidance regarding considerations and requirements that we and other companies must consider and undertake when using the Standard Contractual Clauses. Although the EU has presented a new set of contractual clauses, at present, there are few, if any, viable alternatives to the EU-U.S. Privacy Shield and the Standard Contractual Clauses. The ECJ’s decision and other regulatory guidance or developments otherwise may impose additional obligations with respect to the transfer of personal data from the EU and Switzerland to the United States, each of which could restrict its activities in those jurisdictions, limit its ability to provide products and services in those jurisdictions, or increase its costs and obligations and impose limitations upon its ability to efficiently transfer personal data from the EU and Switzerland to the United States.

Further, the exit of the United Kingdom (UK) from the EU, often referred to as Brexit, has created uncertainty with regard to data protection regulation in the UK. Specifically, the UK exited the EU on January 1, 2020, subject to a transition period that ended December 31, 2020. While the Data Protection Act of 2018, that “implements” and complements the GDPR achieved Royal Assent on May 23, 2018 and is now effective in the United Kingdom, it is still unclear whether transfer of data from the EEA to the United Kingdom will remain lawful in the long term under GDPR. With the expiration of the transition period, companies will have to comply with the GDPR and the GDPR as incorporated into United Kingdom national law, which has the ability to separately fine up to the greater of £17.5 million or 4% of global turnover. On June 28, 2021, the European Commission announced a decision of “adequacy” concluding that the UK ensures an equivalent level of data protection to the GDPR, which provides some relief regarding the legality of continued personal data flows from the EEA to the UK. Some uncertainty remains, however, as this adequacy determination must be renewed after four years and may be modified or revoked in the interim. We cannot fully predict how the Data Protection Act, the UK GDPR, and other UK data protection laws or regulations may develop in the medium to longer term nor the effects of divergent laws and guidance regarding how data transfers to and from the UK will be regulated.

The implementation of the GDPR has led other jurisdictions to either amend, or propose legislation to amend their existing data privacy and cybersecurity laws to resemble all or a portion of the requirements of the GDPR. For example, on June 28, 2018, California adopted the California Consumer Privacy Act of 2018, or CCPA,

which went into effect on January 1, 2020, with enforcement commencing on July 1, 2020. The CCPA has been characterized as the first “GDPR-like” privacy statute to be enacted in the United States because it contains a number of provisions similar to certain provisions of the GDPR. In addition, the California Privacy Rights Act of 2020, or the CPRA was passed by California voters in November 2020. The CPRA amends the CCPA by creating additional privacy rights for California consumers and additional obligations on businesses, which could subject us to additional compliance costs as well as potential fines, individual claims and commercial liabilities. The majority of the CPRA provisions will take effect on January 1, 2023. The CCPA and CPRA could mark the beginning of a trend toward more stringent privacy legislation in the United States, as other states or the federal government may follow California’s lead and increase protections for U.S. residents. For example, on March 2, 2021, the Virginia Consumer Data Protection Act, which will take effect on January 1, 2023, was signed into law and on June 8, 2021, Colorado enacted the Colorado Privacy Act (the “CPA”), which also takes effect on July 1, 2023.

Evolving and changing definitions of personal data and personal information within the European Union, the United States, and elsewhere, especially relating to classification of IP addresses, machine identification, location data and other information, may limit or inhibit our ability to operate or expand our business, including limiting partnerships that may involve the sharing of data. Further, we may be affected by evolving notions of data sovereignty, or the concept that data collected in a particular jurisdiction must be either physically maintained in that jurisdiction or maintained in compliance with all local law, including under all conditions or controls mandated by the jurisdiction in which it was collected. In light of current regulatory trends, such data sovereignty requirements may increase causing us to expend additional resources and increase our applicable budgets to remain compliant or cease doing business in such jurisdiction.

Even the perception of privacy or security concerns, whether or not valid, may harm our reputation, inhibit adoption of our products by current and future customers, or adversely impact our ability to attract and retain workforce talent. In addition, changes in laws or regulations that adversely affect the use of the internet, including laws impacting net neutrality, could impact our business. We expect that existing laws, regulations and standards may be interpreted in new manners in the future. Future laws, regulations, standards, and other obligations, and changes in the interpretation of existing laws, regulations, standards and other obligations could require us to modify our solutions, restrict our business operations, increase our costs and impair our ability to maintain and grow our customer base and increase our revenue.

Beyond broader data processing regulations affecting our business, the cybersecurity industry may face direct regulation. In 2018, Singapore introduced what is believed to be the world’s first cybersecurity licensing requirement, mandating that providers of specific types of incident response services receive a government license before providing such services. License requirements such as these may impose upon us significant organizational costs and high barriers of entry into new markets.

Although we have worked and will continue to work to comply with applicable laws and regulations, certain applicable industry standards and our contractual obligations and other legal obligations, along with laws, regulations, standards and obligations are evolving and may be modified, interpreted and applied in an inconsistent manner from one jurisdiction to another, and may conflict with one another. In addition, they may conflict with other requirements or legal obligations that apply to our business or the security features and services that our customers expect from our solutions. As such, we cannot assure ongoing compliance with all such laws, regulations, standards and obligations. Any failure or perceived failure by us or our employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties to comply with applicable laws and regulations, or applicable industry standards that we represent compliance with or that may be asserted to apply to us, or to comply with employee, customer, partner, and other data privacy and data security requirements pursuant to contract and our stated notices or policies, could result in enforcement actions, including fines, imprisonment of company officials and public censure, claims for damages by customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our operations, financial

performance and business. Any inability of us or our employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties to adequately address privacy and security concerns, even if unfounded, or comply with applicable laws, regulations, standards and obligations, could result in additional cost and liability to us, damage our reputation, inhibit sales, and adversely affect our business and results of operations.

Failure to comply with laws and regulations applicable to our business could subject us to fines and penalties and could also cause us to lose customers in the public sector or negatively impact our ability to contract with the public sector.

Our business is subject to regulation by various federal, state, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing privacy and data protection laws and regulations, employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, anti-bribery laws, import and export controls, federal securities laws and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than in the United States. Noncompliance by us, our employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties with applicable regulations or requirements could subject us to:

•

investigations, enforcement actions and sanctions;

•

mandatory changes to our platform;

•

disgorgement of profits, fines and damages;

•

civil and criminal penalties or injunctions;

•

claims for damages by its customers or distribution partners;

•

termination of contracts;

•

loss of intellectual property rights; and

•

temporary or permanent debarment from sales to government organizations.

If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations and financial condition could be adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, results of operations and financial condition.

We endeavor to properly classify employees as exempt versus non-exempt under applicable law. Although there are no pending or threatened material claims or investigations against us asserting that some employees are improperly classified as exempt, the possibility exists that some of our current or former employees could have been incorrectly classified as exempt employees.

These laws and regulations will impose added costs on our business, and failure by us, our employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties to comply with these or other applicable regulations and requirements could lead to claims for damages, penalties, termination of contracts, loss of exclusive rights in our intellectual property and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could result in reduced sales of our products, substantial product inventory write-offs, reputational damage, penalties, and other sanctions, any of which could harm its business, reputation, and results of operations.

We are subject to laws and regulations, including governmental export and import controls, sanctions, and anti-corruption laws, that could impair our ability to compete in our markets and subject us to liability if we are not in full compliance with applicable laws.

We are subject to laws and regulations, including governmental export controls, that could subject it to liability or impair our ability to compete in our markets. Our products are subject to U.S. export controls, including the U.S. Department of Commerce’s Export Administration Regulations, and we and our employees, representatives, contractors, agents, intermediaries, and other third parties are also subject to various economic and trade sanctions regulations administered by the U.S. Treasury Department’s Office of Foreign Assets Control and other governmental authorities. We incorporate standard encryption algorithms into our products, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of further encryption registration and classification requests. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain cloud-based solutions to countries, governments, and persons targeted by U.S. sanctions. Governmental regulation of the import or export of our products, or our failure to obtain any required import or export authorization for our products under the laws of the United States or other countries, could harm our ability to engage in international trade and adversely affect its revenue. Moreover, any new export or import restrictions, new legislation or shifting approaches in the enforcement or scope of existing regulations, or in the countries, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export our products to existing or potential customers or to conduct business with foreign parties. An actual or alleged violation of these laws or regulations would negatively affect our business, financial condition and results of operations.

Various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement its products in those countries. Changes in our products or changes in export and import regulations may create delays in the introduction of our products into international markets, prevent our customers with international operations from deploying its products globally or, in some cases, prevent the export or import of our products to certain countries, governments or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell its products to, existing or potential customers with international operations. Under these global trade and sanctions laws and regulations, as well as other laws governing our operations, various government agencies may seek to impose modifications to business practices, including cessation of business activities in sanctioned countries or with sanctioned persons or entities and modifications to compliance programs, which may increase compliance costs, and may subject us to fines, penalties and other sanctions. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, results of operations and financial condition.

We are also subject to the U.S. Foreign Corrupt Practices Act of 1977, or FCPA, the UK Bribery Act 2010, or Bribery Act, and other anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws in the United States and other countries in which it conducts activities. Anti-corruption and anti-bribery laws, which have been enforced aggressively and are interpreted broadly, prohibit companies and their employees, agents, intermediaries, and other third parties from promising, authorizing, making or offering improper payments or other benefits to government officials and others in the private sector. We leverage third parties, including intermediaries, agents, and distribution partners, to conduct our business in the United States and abroad, to sell subscriptions to our platform and to collect information about cyber threats. We and these third-parties may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and may be held liable for the corrupt or other illegal activities of these third- party business partners and intermediaries, our employees, representatives, contractors, distribution partners, agents, intermediaries, and other third parties, even if we do not explicitly authorize such activities.

While we have, and we will continue to have, policies and procedures to address compliance with FCPA, Bribery Act and other applicable anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws, we cannot assure you that they will be effective, or that all of our employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties have taken, or will not take actions, in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase. Noncompliance with these laws could subject us to investigations, severe criminal or civil sanctions, settlements, prosecution, loss of export privileges, suspension or debarment from U.S. government contracts, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, whistleblower complaints, adverse media coverage and other consequences. Any investigations, actions, or sanctions could harm our reputation, business, results of operations, and financial condition.

We also collect information about cyber threats from open sources, intermediaries, and third parties that it makes available to its customers. While we have implemented certain procedures to facilitate compliance with applicable laws and regulations in connection with the collection of this information, we cannot assure you that these procedures have been effective or that we, or third parties, many of whom we does not control, have complied with all laws or regulations in this regard. Failure by us or our employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties to comply with applicable laws and regulations in the collection of this information also could have negative consequences, including reputational harm, government investigations and penalties.

Although we have taken precautions to prevent our information collection practices and services from being provided in violation of such laws, our information collection practices and services may have been in the past, and could in the future be, provided in violation of such laws. If we or its employees, representatives, contractors, distribution partners, agents, intermediaries, or other third parties fail to comply with these laws and regulations, we could be subject to civil or criminal penalties, including the possible loss of export privileges and fines. We may also be adversely affected through reputational harm, loss of access to certain markets, or otherwise. Obtaining the necessary authorizations, including any required license, for a particular transaction may be time-consuming, is not guaranteed and may result in the delay or loss of sales opportunities.

Some of our technology incorporates “open source” software, which could negatively affect our ability to sell our platform and subject us to possible litigation.

Our products and subscriptions contain third-party open source software components, and failure to comply with the terms of the underlying open source software licenses could restrict our ability to sell our products and subscriptions. The use and distribution of open source software may entail greater risks than the use of third- party commercial software, as open source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code. Many of the risks associated with use of open source software cannot be eliminated and could negatively affect our business. In addition, the wide availability of source code used in its solutions could expose us to security vulnerabilities.

Some open source licenses contain requirements that we make available source code for modifications or derivative works it creates based upon the type of open source software we use. If We combines its proprietary software with open source software in a certain manner, it could, under certain open source licenses, be required to release the source code of our proprietary software to the public, including authorizing further modification and redistribution, or otherwise be limited in the licensing of our services, each of which could provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in its solutions, require us to re-engineer all or a portion of our platform, and could reduce or eliminate the value of our services. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales.

The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products and subscriptions incorporating such software. Moreover, we cannot assure you that our processes for controlling its use of open source software in its products and subscriptions has been or will be effective. From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open source license. These claims could result in litigation. Litigation could be costly to defend, have a negative effect on our results of operations and financial condition or require us to devote additional research and development resources to change our solutions. Responding to any infringement or noncompliance claim by an open source vendor, regardless of our validity, discovering certain open source software code in our platform, or a finding that we have breached the terms of an open source software license, could harm our business, results of operations and financial condition, by, among other things:

•

resulting in time-consuming and costly litigation;

•

diverting management’s time and attention from developing our business;

•

requiring us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable;

•

causing delays in the deployment of its platform or service offerings to our customers;

•

requiring us to stop offering certain services or features of our platform;

•

requiring us to redesign certain components of our platform using alternative non-infringing or non-open source technology, which could require significant effort and expense;

•

requiring us to disclose its software source code and the detailed program commands for our software;

•

prohibiting us from charging license fees for the proprietary software that uses certain open source; and

•

requiring us to satisfy indemnification obligations to our customers.

We provide service level commitments under some of our customer contracts. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service and our business could suffer.

Certain of our customer agreements contain service level commitments, which contain specifications regarding the availability and performance of our platform. Any failure of or disruption to our infrastructure could impact the performance of our platform and the availability of services to customers. If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our platform, we may be contractually obligated to provide affected customers with service credits for future subscriptions, and, in certain cases, refunds. To date, there has not been a material failure to meet our service level commitments, and we do not currently have any material liabilities accrued on our balance sheet for such commitments. However, our revenue, other results of operations and financial condition could be harmed if we suffer performance issues or downtime that exceeds the service level commitments under our agreements with our customers.

We may become involved in litigation that may adversely affect us.

We may be subject to claims, suits and government investigations and other proceedings including patent, product liability, class action, whistleblower, personal injury, property damage, labor and employment, commercial disputes, compliance with laws and regulatory requirements and other matters, and we may become subject to additional types of claims, suits, investigations and proceedings as our business develops. While we believe that we have acted in compliance in all material respects with applicable antitrust laws, such

investigation, as well as any other claims, suits, and government investigations and proceedings that may be asserted against us in the future, are inherently uncertain and their results cannot be predicted with certainty. Regardless of the outcome, any of these types of legal proceedings can have an adverse impact on us because of legal costs and diversion of management attention and resources, and could cause us to incur significant expenses or liability, adversely affect our brand recognition, and/or require us to change its business practices. The expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our results of operations. It is possible that a resolution of one or more such proceedings could result in substantial damages, settlement costs, fines and penalties that could adversely affect its business, consolidated financial position, results of operations, or cash flows in a particular period. These proceedings could also result in reputational harm, sanctions, consent decrees, or orders requiring a change in our business practices. Because of the potential risks, expenses and uncertainties of litigation, we may, from time to time, settle disputes, even where we have meritorious claims or defenses, by agreeing to settlement agreements. Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, financial condition, results of operations, and prospects.

Our ability to maintain customer satisfaction will depend in part on the quality of our customer support.

Once our platform is deployed within our customers’ networks, our customers depend on our customer support services to resolve any issues relating to implementation and maintenance of the platform. If we do not provide effective ongoing support, our ability to sell additional subscriptions to existing customers would be adversely affected and our reputation with potential customers could be damaged. Many larger organizations have more complex networks and require higher levels of support than smaller customers. Failure to maintain high-quality customer support could also have a material adverse effect on our business, results of operations and financial condition.

We may need to raise additional capital to maintain and expand our operations and invest in new solutions, which capital may not be available on terms acceptable to us, or at all, and which could reduce our ability to compete and could harm our business.

Retaining or expanding our current levels of personnel and products offerings may require additional funds to respond to business challenges, including the need to develop new products and enhancements to our platform, improve our operating infrastructure, or acquire complementary businesses and technologies. The failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products could reduce our ability to compete and could harm our business. Accordingly, we may need to engage in additional equity or debt financings to secure additional funds. If we raise additional equity financing, stockholders may experience significant dilution of their ownership interests and the market price of the common stock could decline. If we engage in debt financing, the holders of debt would have priority over the holders of common stock, and we may be required to accept terms that restrict our operations or our ability to incur additional indebtedness or to take other actions that would otherwise be in the interests of the debt holders. Any of the above could harm our business, results of operations and financial condition.

Our business is subject to the risks of warranty claims, product returns, product liability, and product defects from real or perceived defects in our solutions or their misuse by customers or third parties, and indemnity provisions in various agreements potentially expose we to substantial liability for intellectual property infringement and other losses.

We may be subject to liability claims for damages related to errors or defects in our solutions. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of its products may harm its business and results of operations. Although we generally has limitations of liability provisions in its terms and conditions of sale, these provisions may not fully or effectively protect us from claims as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. These provisions may also be negotiated to varying levels with different customers. The sale and support of products also entails the risk of product liability claims.

Additionally, our agreements with customers and other third parties typically include indemnification or other provisions under which we agree to indemnify or otherwise be liable to them for losses suffered or incurred as a result of claims regarding intellectual property infringement, breach of agreement, including confidentiality, privacy and security obligations, violation of applicable laws, damages caused by failures of our solutions or to property or persons, or other liabilities relating to or arising from our products and services, or other acts or omissions. These contractual provisions often survive termination or expiration of the applicable agreement. We have not to date received any indemnification claims from third parties. However, as we continue to grow, the possibility of these claims against us will increase. Large indemnity obligations, whether for intellectual property or other claims, could harm our business, results of operations and financial condition.

Additionally, our platform and solutions may be used by our customers and other third parties who obtain access to its solutions for purposes other than for which the platform was intended. For example, the platform might be misused by a customer to monitor our employee’s activities in a manner that violates the employee’s privacy rights under applicable law.

During the course of performing certain solution-related services and professional services, our teams may have significant access to its customers’ networks. We cannot be sure that a disgruntled employee may not take advantage of such access, which may make its customers vulnerable to malicious activity by such employee. Any such misuse of our platform could result in negative press coverage and negatively affect its reputation, which could result in harm to our business, reputation and results of operations.

We maintain insurance to protect against certain claims associated with the use of our products, but our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in the expenditure of funds in litigation, divert management’s time and other resources, and harm our business and reputation.

Future acquisitions, strategic investments, partnerships, or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our results of operations and financial condition.

As part of its business strategy, we have in the past made, and we are likely to continue to make, investments in and/or acquire complementary companies, services, or technologies. The ability to acquire and integrate other companies, services or technologies in a successful manner in the future is not guaranteed. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or ability to achieve our business objectives, and any acquisitions we complete could be viewed negatively by our customers or investors. In addition, if we are unsuccessful at integrating such acquisitions, or the technologies associated with such acquisitions, our revenue and results of operations could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect its financial condition and the market price of our common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.

Additional risks we may face in connection with acquisitions include:

•

diversion of management time and focus from operating our business to addressing acquisition integration challenges;

•

coordination of engineering, analytics, research and development, operations, and sales and marketing functions;

•

integration of product and service offerings;

•

retention of key employees from the acquired company;

•

changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisition;

•

cultural challenges associated with integrating employees from the acquired company into the organization;

•

integration of the acquired company’s accounting, management information, human resources and other administrative systems;

•

the need to implement or improve controls, procedures, and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies;

•

financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that are not adequately addressed and that cause our reported results to be incorrect;

•

liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities;

•

unanticipated write-offs or charges; and

•

litigation or other claims in connection with the acquired company, including claims from terminated employees, customers, former stockholders or other third parties.

The failure to address these risks or other problems encountered in connection with acquisitions and investments could cause us to fail to realize the anticipated benefits of these acquisitions or investments, cause us to incur unanticipated liabilities, and harm our business generally.

If we cannot maintain our company culture as we grow, we could lose the innovation, teamwork, passion and focus on execution that have contributed to our success, and our business may be harmed.

We believe that our corporate culture has been a contributor to our success, which we believe fosters innovation, teamwork, passion and focus on building and marketing its platform. As we grow and develops the infrastructure of a public operating company, it may be difficult to maintain our corporate culture. Any failure to preserve that culture could harm our future success, including our ability to retain and recruit personnel, innovate and operate effectively and execute on our business strategy. Additionally, our productivity and the quality of our solutions may be adversely affected if we do not integrate and train new employees quickly and effectively. If we experience any of these effects in connection with future growth, it could impair our ability to attract new customers, retain existing customers and expand their use of our platform, all of which would adversely affect our business, financial condition and results of operations.

Our international operations and plans for future international expansion expose us to significant risks, and failure to manage those risks could adversely impact our business.

We derived 39% and 14% of its total revenue from its international customers for fiscal 2021 and fiscal 2020, respectively. Our growth strategy includes expansion into target geographies, but there is no guarantee that such efforts will be successful. We expect that our international activities will continue to grow in the future, as we continue to pursue opportunities in international markets. These international operations will require significant management attention and financial resources and are subject to substantial risks, including:

•

greater difficulty in negotiating contracts with standard terms, enforcing contracts, and managing collections, including longer collection periods;

•

higher costs of doing business internationally, including costs incurred in establishing and maintaining office space and equipment for international operations and creating international operating entities, where applicable;

•

management communication and integration problems resulting from cultural and geographic dispersion;

•

risks associated with trade restrictions and foreign legal requirements, including any importation, certification, and localization of our platform that may be required in foreign countries;

•

greater risk of unexpected changes in applicable foreign laws, regulatory practices, tariffs, and tax laws and treaties;

•

compliance with anti-bribery laws, including the U.S. Foreign Corrupt Practices Act of 1977, as amended, the U.S. Travel Act and the UK Bribery Act 2010, violations of which could lead to significant fines, penalties, and collateral consequences;

•

heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;

•

the uncertainty of protection for intellectual property rights in some countries;

•

general economic and political conditions in these foreign markets;

•

foreign exchange controls or tax regulations that might prevent us from repatriating cash earned outside the United States;

•

political and economic instability in some countries;

•

the potential for foreign government demands for access to information or corporate property;

•

double taxation of international earnings and potentially adverse tax consequences due to changes in the tax laws of the United States or the foreign jurisdictions in which we operate;

•

unexpected costs for the localization of services, including translation into foreign languages and adaptation for local practices and regulatory requirements;

•

requirements to comply with foreign privacy, data protection, and information security laws and regulations and the risks and costs of noncompliance;

•

greater difficulty in identifying, attracting and retaining local qualified personnel, and the costs and expenses associated with such activities;

•

greater difficulty identifying qualified distribution partners and maintaining successful relationships with such partners;

•

differing employment practices and labor relations issues; and

•

difficulties in managing and staffing international offices and increased travel, infrastructure, and legal compliance costs associated with multiple international locations.

Additionally, all of our sales contracts are currently denominated in U.S. dollars. However, a strengthening of the U.S. dollar could increase the cost of our solutions to our international customers, which could adversely affect our business and results of operations. In addition, an increasing portion of operating expenses is expected to be incurred outside the United States and denominated in foreign currencies, and will be subject to fluctuations due to changes in foreign currency exchange rates. If we become more exposed to currency fluctuations and are not able to successfully hedge against the risks associated with currency fluctuations, our results of operations could be adversely affected.

As we continue to develop and grow our business globally, our success will depend in large part on our ability to anticipate and effectively manage these risks. The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources. Our failure to successfully manage international operations and the associated risks could limit the future growth of our business.

Our ability to use our net operating loss carryforwards and certain other tax attributes may be limited.

As of January 31, 2021, we had aggregate U.S. federal and state net operating loss carryforwards of $154.9 million and $100.0 million, respectively, which may be available to offset future taxable income for income tax purposes.

U.S. federal net operating loss carryforwards generated in taxable years beginning before January 1, 2018 may be carried forward for 20 years to offset future taxable income. Under tax legislation commonly referred to as the Tax Cuts and Jobs Act (the “Tax Act”), as modified by the Coronavirus Aid, Relief, and Economic Security Act (the “CARES Act”), U.S. federal net operating losses generated in taxable years beginning after December 31, 2017, can be carried forward indefinitely, but the deductibility of such net operating loss carryforwards in taxable years beginning after December 31, 2020 is limited to 80% of taxable income. It is uncertain if and to what extent various states will conform their tax laws and regulations to the Tax Act or the CARES Act.

If not utilized, $25.3 million of our U.S. federal net operating loss carryforwards expire on various dates through 2037 and $129.7 million are able to be carried forward indefinitely under current law. Realization of these net operating loss carryforwards depends on future taxable income, and there is a risk that, even if we achieve profitability, our existing carryforwards could expire unused or be subject to limitations and be unavailable to offset future income tax liabilities, which could adversely affect our results of operations.

In addition, under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended (the “Code”), if a corporation undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in ownership by “5 percent shareholders” over a rolling three-year period, the corporation’s ability to use its pre-change net operating loss carryovers and other pre-change tax attributes to offset its post-change income or taxes may be limited. We may experience ownership changes in the future as a result of shifts in its stock ownership (which may be outside of its control). In addition, at the state level, there may be periods during which the use of net operating loss carryforwards is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed. As a result, if we earn net taxable income, our ability to use pre-change net operating loss carryforwards to offset U.S. federal taxable income may be subject to limitations, which could potentially result in increased future tax liability to us.

Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added or similar taxes, and we could be subject to liability with respect to past or future sales, which could adversely affect our results of operations.

We do not collect sales and use, value added or similar taxes in all jurisdictions in which we have sales because we have been advised that such taxes are not applicable to our services in certain jurisdictions. Sales and use, value added, and similar tax laws and rates vary greatly by jurisdiction. Certain jurisdictions in which we do not collect such taxes may assert that such taxes are applicable, which could result in tax assessments, penalties and interest, to us or our customers for the past amounts, and we may be required to collect such taxes in the future. If we are unsuccessful in collecting such taxes from our customers, we could be held liable for such costs, which may adversely affect our results of operations.

Our operations and intercompany arrangements will be subject to the tax laws of various jurisdictions, and we could be obligated to pay additional taxes, which would harm our results of operations.

We will expand our international operations and staff to support our business in international markets. We expect that we will generally conduct international operations through wholly owned subsidiaries and may be required

to report our taxable income in various jurisdictions worldwide based upon its business operations in those jurisdictions. Our intercompany relationships will be subject to complex transfer pricing regulations administered by taxing authorities in various jurisdictions. The amount of taxes paid in different jurisdictions may depend on the application of the tax laws of the various jurisdictions, including the United States, to our international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies, and its ability to operate our business in a manner consistent with its corporate structure and intercompany arrangements. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position was not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of its operations.

We will be subject to U.S. federal, state, and local income, sales, and other taxes in the United States and income, withholding, transaction, and other taxes in numerous foreign jurisdictions. Significant judgment will be required in evaluating its tax positions and its worldwide provision for taxes. During the ordinary course of our business, there are many activities and transactions for which the ultimate tax determination may be uncertain. In addition, its tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by recognizing tax losses or lower than anticipated earnings in jurisdictions where it has lower statutory rates and higher than anticipated earnings in jurisdictions where it has higher statutory rates, by changes in foreign currency exchange rates, or by changes in the valuation of its deferred tax assets and liabilities. We may be audited in various jurisdictions, and such jurisdictions may assess additional taxes, sales taxes and value added taxes against it. Even if we believe our tax estimates are reasonable, the final determination of any tax audits or litigation could be materially different from our historical tax provisions and accruals, which could have an adverse effect on our results of operations or cash flows in the period or periods for which a determination is made.

If our estimates or judgments relating to its critical accounting policies prove to be incorrect or financial reporting standards or interpretations change, our results of operations could be adversely affected.

The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We have historically based our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as discussed in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements will include, and may include in the future, those related to revenue recognition; allowance for doubtful accounts; costs to obtain or fulfill a contract; valuation of common stock; valuation of stock-based compensation; carrying value and useful lives of long-lived assets; loss contingencies; and the provision for income our and related deferred taxes. Our results of operations may be adversely affected if its assumptions change or if actual circumstances differ from those in our assumptions, which could cause our results of operations to fall below the expectations of industry or financial analysts and investors, resulting in a decline in the market price of the common stock.

Additionally, we will regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and drafts thereof that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we might be required to change our accounting policies, alter our operational policies and implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or we may be required to restate our published financial statements. Such changes to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial position and profit, or cause an adverse deviation from our revenue and operating profit targets, which may negatively impact our financial results.

Our business will be subject to the risks of natural catastrophic events and to interruption by man-made problems such as power disruptions, computer viruses, data security breaches or terrorism.

A significant natural disaster, such as an earthquake, a fire, a flood, or significant power outage could have a material adverse impact on our business, results of operations and financial condition. Natural disasters could affect our personnel, data centers, supply chain, manufacturing vendors, or logistics providers’ ability to provide materials and perform services such as manufacturing products or assisting with shipments on a timely basis. In addition, climate change could result in an increase in the frequency or severity of natural disasters. In the event that we or our service providers’ information technology systems or manufacturing or logistics abilities are hindered by any of the events discussed above, we could result in missed financial targets, such as revenue, for a particular quarter. In addition, computer malware, viruses and computer hacking, fraudulent use attempts and phishing attacks have become more prevalent in the cybersecurity industry, and our internal systems may be victimized by such attacks. Likewise, we could be subject to other man-made problems, including but not limited to power disruptions and terrorist acts.

Although we will maintain incident management and disaster response plans, in the event of a major disruption caused by a natural disaster or man-made problem, we may be unable to continue its operations and may endure system interruptions, reputational harm, delays in our development activities, lengthy interruptions in service, breaches of data security and loss of critical data, and our insurance may not cover such events or may be insufficient to compensate it for the potentially significant losses we may incur. Acts of terrorism and other geo-political unrest could also cause disruptions in our business or the business of our supply chain, manufacturers, logistics providers, partners, or customers or the economy as a whole. Any disruption in the business of its supply chain, manufacturers, logistics providers, partners or customers that impacts sales at the end of a fiscal quarter could have a significant adverse impact on our financial results. All of the aforementioned risks may be further increased if disaster recovery plans prove to be inadequate. To the extent that any of the above should result in delays or cancellations of customer orders, or the delay in the manufacture, deployment, or shipment of our products, our business, financial condition, and results of operations would be adversely affected.

Our management identified material weaknesses in its internal control over financial reporting and may identify additional material weaknesses in the future or otherwise fail to maintain effective internal control over financial reporting, which may result in material misstatements of our financial statements or cause us to fail to meet our periodic reporting obligations.

In connection with the preparation and audit of our consolidated financial statements for the year ended January 31, 2021, we and our independent registered public accounting firm identified material weaknesses in our internal control over financial reporting. A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of our annual or interim financial statements will not be prevented or detected on a timely basis. We did not have a sufficient number of personnel with an appropriate degree of accounting and internal controls knowledge, experience, and training to appropriately analyze, record and disclose accounting matters commensurate with our accounting and reporting requirements, which resulted in an inability to consistently establish appropriate authorities and responsibilities in pursuit of its financial reporting objectives. This material weakness contributed to the following additional material weaknesses: we did not design and maintain effective controls over the review of journal entries and account reconciliations. Specifically, certain personnel have the ability to both (i) create and post journal entries within our general ledger system, and (ii) prepare and review account reconciliations. we did not design and maintain effective controls over information technology (“IT”) general controls for information systems that are relevant to the preparation of our financial statements. Specifically, we did not design and maintain: (i) program change management controls for the financial systems to ensure that information technology program and data changes affecting financial IT applications and underlying accounting records are identified, tested, authorized and implemented appropriately; (ii) appropriate user access controls to ensure appropriate segregation of duties and that adequately restrict user and privileged

access to financial applications, programs and data to appropriate personnel; (iii) computer operations controls to ensure data backups are authorized and restorations monitored; and (iv) testing and approval controls for program development to ensure that new software development is aligned with business and IT requirements.

These material weaknesses did not result in a material misstatement to the consolidated financial statements. However, these material weaknesses could result in a misstatement of substantially all accounts or disclosures that would result in a material misstatement to the annual or interim consolidated financial statements that would not be prevented or detected.

With the oversight of senior management, we have instituted and continue to execute on plans to remediate these material weaknesses and will continue to take remediation steps, including hiring additional key supporting accounting personnel with public company reporting and accounting operations experience, implementing the required segregation of roles and duties both in manual and systems related processes including for journal entries and account reconciliations, and formalizing the documentation and performance of information technology general controls for information systems utilized for financial reporting.

While we implement and execute on our plan to remediate the material weaknesses described above, we cannot predict the success of such plans or the outcome of our assessment of these plans at this time. If the steps are insufficient to remediate the material weaknesses successfully and otherwise establish and maintain effective internal control over financial reporting, the reliability of our financial reporting, investor confidence, and the value of our common stock could be materially and adversely affected. We can give no assurance that the implementation of this plan will remediate these deficiencies in our internal control over financial reporting or that additional material weaknesses or significant deficiencies in our internal control over financial reporting will not be identified in the future. The failure to implement and maintain effective internal control over financial reporting could result in errors in its financial statements that could result in a restatement of our financial statements, causing us to fail to meet our reporting obligations.

Risks Related to an Investment in Our Securities

There may not be an active trading market for our common stock, which may make it difficult to sell shares of our common stock.

It is possible that an active trading market will not develop or, if developed, that any market will not be sustained. This would make it difficult for you to sell shares of our common stock at an attractive price or at all.

The market price of our securities has been and is likely to be highly volatile, and you may not be able to resell your securities at or above the purchase price. The trading price of our securities has been and is likely to be volatile, and you could lose all or part of your investment.

The following factors, in addition to other factors described in this “Risk Factors” section and included elsewhere in this prospectus, may have a significant impact on the market price of our securities:

•

threatened or actual litigation or government investigations;

•

the occurrence of severe weather conditions and other catastrophes;

•

our operating and financial performance, quarterly or annual earnings relative to similar companies;

•

publication of research reports or news stories about us, our competitors or our industry, or positive or negative recommendations or withdrawal of research coverage by securities analysts;

•

the public’s reaction to our press releases, our other public announcements and our filings with the SEC;

•

announcements by us or our competitors of acquisitions, business plans or commercial relationships;

•

any major change in our board of directors or senior management;

•

additional sales of our securities by us, our directors, executive officers or principal stockholders;

•

adverse market reaction to any indebtedness we may incur or securities we may issue in the future;

•

short sales, hedging and other derivative transactions in our securities;

•

exposure to capital market risks related to changes in interest rates, realized investment losses, credit spreads, equity prices, foreign exchange rates and performance of insurance linked investments;

•

our creditworthiness, financial condition, performance, and prospects;

•

our dividend policy and whether dividends on our common stock have been, and are likely to be, declared and paid from time to time;

•

perceptions of the investment opportunity associated with our securities relative to other investment alternatives;

•

regulatory or legal developments;

•

changes in general market, economic, and political conditions;

•

conditions or trends in our industry, geographies or customers; and

•

changes in accounting standards, policies, guidance, interpretations or principles.

In addition, broad market and industry factors may negatively affect the market price of our securities, regardless of our actual operating performance, and factors beyond our control may cause our stock price to decline rapidly and unexpectedly. In addition, in the past, companies that have experienced volatility in the market price of their stock have been subject to securities class action litigation. Litigation of this type is expensive and could result in substantial costs and diversion of management’s attention and resources, which could have an adverse effect on our business, financial condition, results of operations or prospects. Any adverse determination in litigation could also subject us to significant liabilities.

A small number of stockholders will continue to have substantial control over us, which may limit other stockholders’ ability to influence corporate matters and delay or prevent a third party from acquiring control over us.

Our directors and executive officers and beneficial owners of 5% or more of our voting securities and their respective affiliates, beneficially owned, in the aggregate, approximately 43% of our outstanding common stock as of January 31, 2022. This significant concentration of ownership may have a negative impact on the trading price for our common stock because investors often perceive disadvantages in owning stock in companies with controlling stockholders. In addition, these stockholders will be able to exercise influence over all matters requiring stockholder approval, including the election of directors and approval of corporate transactions, such as a merger or other sale of our company or our assets. This concentration of ownership could limit stockholders’ ability to influence corporate matters and may have the effect of delaying or preventing a change in control, including a merger, consolidation or other business combination, or discouraging a potential acquirer from making a tender offer or otherwise attempting to obtain control, even if that change in control would benefit the other stockholders.

There can be no assurance that we will be able to comply with the continued listing standards of the NYSE.

If NYSE delists our securities from trading on its exchange for failure to meet the listing standards, we and our stockholders could face significant negative consequences including:

•

limited availability of market quotations for our securities;

•

a determination that our common stock is a “penny stock” which will require brokers trading in our common stock to adhere to more stringent rules,

•

possibly resulting in a reduced level of trading activity in the secondary trading market for shares of our common stock;

•

a limited amount of analyst coverage; and

•

a decreased ability to issue additional securities or obtain additional financing in the future.

If our operating and financial performance in any given period does not meet the guidance provided to the public or the expectations of investment analysts, the market price of our common stock may decline.

We may, but are not obligated to, provide public guidance on our expected operating and financial results for future periods. Any such guidance will consist of forward-looking statements, subject to the risks and uncertainties described in this prospectus and in our other public filings and public statements. The ability to provide this public guidance, and the ability to accurately forecast our results of operations, could be impacted by the COVID-19 pandemic. Our actual results may not always be in line with or exceed any guidance it has provided, especially in times of economic uncertainty, such as the current global economic uncertainty being experienced as a result of the COVID-19 pandemic. If, in the future, our operating or financial results for a particular period do not meet any guidance provided or the expectations of investment analysts, or if we reduce our guidance for future periods, the market price of our common stock may decline as well. Even if we do issue public guidance, there can be no assurance that we will continue to do so in the future.

We qualify as an “emerging growth company” as well as a “smaller reporting company.” The reduced public company reporting requirements applicable to emerging growth companies and smaller reporting companies may make our common stock less attractive to investors.

We qualify as an “emerging growth company” under SEC rules. As an emerging growth company, we are permitted and plan to rely on exemptions from certain disclosure requirements that are applicable to other public companies that are not emerging growth companies. These provisions include, but are not limited to: (1) an exemption from compliance with the auditor attestation requirement in the assessment of internal control over financial reporting pursuant to Section 404 of Sarbanes-Oxley, (2) not being required to comply with any requirement that may be adopted by the PCAOB regarding mandatory audit firm rotation or a supplement to the auditor’s report providing additional information about the audit and the financial statements, (3) reduced disclosure obligations regarding executive compensation arrangements in periodic reports, registration statements, and proxy statements, and (4) exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. Further, Section 102(b)(1) of the JOBS Act exempts emerging growth companies from being required to comply with new or revised financial accounting standards until private companies (that is, those that have not had a Securities Act registration statement declared effective or do not have a class of securities registered under the Exchange Act) are required to comply with the new or revised financial accounting standards. The JOBS Act provides that a company can elect to opt out of the extended transition period and comply with the requirements that apply to non-emerging growth companies but any such election to opt out is irrevocable. As a result, the information we provide will be different than the information that is available with respect to other public companies that are not emerging growth companies.

We cannot predict whether investors will find our securities less attractive because we will rely on these exemptions. If some investors find our securities less attractive as a result of our reliance on these exemptions, the trading prices of our securities may be lower than they otherwise would be, there may be less active trading market for our securities and the trading prices of our securities may be more volatile.

Our management has limited experience in operating a public company.

Our executive officers have limited experience in the management of a publicly traded company. Our management team may not successfully or effectively manage our transition to a public company that will be subject to significant regulatory oversight and reporting obligations under federal securities laws. Our limited experience in dealing with the increasingly complex laws pertaining to public companies could be a significant disadvantage in that we are likely that an increasing amount of their time may be devoted to these activities, which will result in less time being devoted to the management and our growth. We may not have adequate personnel with the appropriate level of knowledge, experience, and training in the accounting policies, practices or internal control over financial reporting required of public companies in the United States. The development and implementation of the standards and controls necessary for us to achieve the level of accounting standards required of a public company in the United States may require costs greater than expected. It is possible that we will be required to expand its employee base and hire additional employees to support its operations as a public company, which will increase its operating costs in future periods.

Future sales, or the perception of future sales, could cause the market price of our common stock to drop significantly, even if our business is doing well.

The sale of our securities in the public market, or the perception that such sales could occur, could harm the prevailing market price of our securities. These sales, or the possibility that these sales may occur, also might make it more difficult for us to sell equity securities in the future at a time and at a price that we deem appropriate.

Sales of a substantial number of shares of our common stock in the public market could occur at any time. These sales, or the perception in the market that members of our management or holders of a large number of shares intend to sell shares, could reduce the market price of our common stock.

Our warrants, if exercised, would increase the number of shares eligible for future resale in the public market and result in dilution to stockholders, which may have an adverse effect on the market price of our common stock.

We issued warrants to purchase 8,625,000 shares of our common stock as part of the units offered in the LGL IPO. These warrants are each exercisable to purchase one share of common stock at $11.50 per share, subject to adjustment. To the extent the warrants are exercised, it will increase the number of issued and outstanding shares of common stock, which will result in dilution to our stockholders and increase the number of shares eligible for resale in the public market. Sales of substantial numbers of such shares in the public market could adversely affect the market price of our common stock.

We have no current plans to pay cash dividends on our common stock. As a result, stockholders may not receive any return on investment unless they sell their common stock for a price greater than the purchase price.

We have no current plans to pay dividends on our common stock. Any future determination to pay dividends will be made at the discretion of the Board, subject to applicable laws. It will depend on a number of factors, including our financial condition, results of operations, capital requirements, contractual, legal, tax and regulatory restrictions, general business conditions, and other factors that the Board may deem relevant. In addition, the ability to pay cash dividends may be restricted by the terms of debt financing arrangements, as any

future debt financing arrangement likely will contain terms restricting or limiting the amount of dividends that may be declared or paid on the common stock. As a result, stockholders may not receive any return on an investment in our Common Stock unless they sell their shares for a price greater than that which they paid for them.

We may issue additional shares of common stock or other equity securities without your approval, which would dilute your ownership interests and may depress the market price of our common stock.

We may issue additional shares of common stock or other equity securities of equal or senior rank in the future in connection with, among other things, future acquisitions or repayment of outstanding indebtedness, without stockholder approval, in a number of circumstances.

The issuance of additional shares or other equity securities of equal or senior rank would have the following effects:

•

existing stockholders’ proportionate ownership interest in our company will decrease;

•

the amount of cash available per share, including for payment of dividends in the future, may decrease;

•

the relative voting strength of each share of previously outstanding common stock may be diminished; and

•

the market price of our common stock may decline.

Provisions in our organizational documents and provisions of the DGCL may delay or prevent an acquisition by a third party that could otherwise be in the interests of stockholders.

Our amended and restated certificate of incorporation (the “Charter”) and our amended and restated bylaws contain several provisions that may make it more difficult or expensive for a third party to acquire control of our company without the approval of the Board. These provisions, which may delay, prevent or deter a merger, acquisition, tender offer, proxy contest, or other transaction that stockholders may consider favorable, include the following:

•

the division of the Board into three classes and the election of each class for three-year terms;

•

advance notice requirements for stockholder proposals and director nominations;

•

provisions limiting stockholders’ ability to call special meetings of stockholders, to require special meetings of stockholders to be called, and to take action by written consent;

•

restrictions on business combinations with interested stockholders;

•

in certain cases, the approval of holders representing at least 66 2/3% of the total voting power of the shares entitled to vote generally in the election of directors will be required for stockholders to adopt, amend or repeal the bylaws, or amend or repeal certain provisions of the Charter;

•

no cumulative voting; and

•

the ability of the Board to designate the terms of and issue new series of preferred stock without stockholder approval, which could be used, among other things, to institute a rights plan that would have the effect of significantly diluting the stock ownership of a potential hostile acquirer, likely preventing acquisitions by such acquirer.

These provisions of the Charter and amended and restated bylaws could discourage potential takeover attempts and reduce the price that investors might be willing to pay for the shares of our common stock in the future, which could reduce the market price of the common stock.

The provision of our Charter requiring exclusive venue in the Court of Chancery in the State of Delaware and the federal district courts of the United States for certain types of lawsuits may have the effect of discouraging lawsuits against directors and officers.

Our Charter provides that, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware shall be the sole and exclusive forum for: (1) any derivative action, suit or proceeding brought on behalf of our company, (2) any action, suit or proceeding asserting a claim of breach of fiduciary duty owed by any director, officer or stockholder to the company or its stockholders, (3) any action, suit or proceeding arising pursuant to any provision of the DGCL, the Charter or our amended and restated bylaws, (4) any action asserting a claim against us governed by the internal affairs doctrine. The Charter further provides that, unless we consent in writing to the selection of an alternative forum, the federal district courts of the United States of America shall, to the fullest extent permitted by law, be the exclusive forum for the resolutions of any complaint asserting a cause of action arising under the Securities Act. The exclusive forum clauses described above shall not apply to suits brought to enforce a duty or liability created by the Exchange Act, or any other claim for which the federal courts have exclusive jurisdiction. Although these provisions are expected to benefit us by providing increased consistency in the application of applicable law in the types of lawsuits to which they apply, the provisions may have the effect of discouraging lawsuits against directors and officers. The enforceability of similar choice of forum provisions in other companies’ certificates of incorporation has been challenged in legal proceedings and there is uncertainty as to whether a court would enforce such provisions. In addition, investors cannot waive compliance with the federal securities laws and the rules and regulations thereunder. It is possible that, in connection with any applicable action brought against us, a court could find the choice of forum provisions contained in the Charter to be inapplicable or unenforceable in such action. If so, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition or results of operations.

General Risk Factors

If we are unable to implement and maintain effective internal control over financial reporting in the future, investors may lose confidence in the accuracy and completeness of financial reports, and the market price of our common stock may decline.

We are required to maintain internal control over financial reporting and to report any material weaknesses in such internal controls. In addition, we will be required to furnish a report by management in our annual report on Form 10-K on the effectiveness of our internal control over financial reporting, pursuant to Section 404 of Sarbanes-Oxley. The process of designing, implementing, and testing the internal control over financial reporting required to comply with this obligation is time-consuming, costly, and complicated. If we fail to remediate the material weaknesses in our internal control over financial reporting, if we identify additional material weaknesses in our internal control over financial reporting, if we are unable to comply with the requirements of Section 404 of Sarbanes-Oxley in a timely manner, or if we are unable to assert that our internal control over financial reporting are effective, we will be unable to certify that our internal control over financial reporting is effective. We cannot assure you that there will not be material weaknesses or significant deficiencies in our internal control over financial reporting in the future. Any failure to maintain internal control over financial reporting could severely inhibit our ability to accurately report our financial condition or results of operations. If we are unable to conclude that our internal control over financial reporting is effective, investors may lose confidence in the accuracy and completeness of our financial reports and the market price of our common stock could decline. We could become subject to investigations by the NYSE, the SEC or other regulatory authorities, which could require additional financial and management resources.

We will incur significant increased expenses and administrative burdens as a public company, which could negatively impact our business, financial condition and results of operations.

We will face increased legal, accounting, administrative and other costs and expenses as a public company that Legacy IronNet did not incur as a private company. The Sarbanes-Oxley Act of 2002 (“Sarbanes-Oxley”), including the requirements of Section 404, as well as rules and regulations subsequently implemented by the

SEC, the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 and the rules and regulations promulgated and to be promulgated thereunder, the PCAOB and the securities exchanges, impose additional reporting and other obligations on public companies. Compliance with public company requirements will increase costs and make certain activities more time-consuming. A number of those requirements will require us to carry out activities we have not done previously. For example, we have created new board committees and adopted new internal controls and disclosure controls and procedures. In addition, expenses associated with SEC reporting requirements will be incurred. Furthermore, if any issues in complying with those requirements are identified (for example, if we identify a material weakness or significant deficiency in the internal control over financial reporting), we could incur additional costs rectifying those issues, and the existence of those issues could harm our reputation or investor perceptions of us. It may also be more expensive to obtain director and officer liability insurance. Risks associated with our status as a public company may make it more difficult to attract and retain qualified persons to serve on our board of directors or as executive officers. The additional reporting and other obligations imposed by these rules and regulations will increase legal and financial compliance costs and the costs of related legal, accounting and administrative activities. These increased costs will require the us to divert a significant amount of money that could otherwise be used to expand our business and achieve strategic objectives. Advocacy efforts by stockholders and third parties may also prompt additional changes in governance and reporting requirements, which could further increase costs.

If securities or industry analysts do not publish research or reports about our business or publish negative reports, the market price of our common stock could decline.

The trading market for our common stock will be influenced by the research and reports that industry or securities analysts publish about us or our business. If regular publication of research reports ceases, we could lose visibility in the financial markets, which in turn could cause the market price or trading volume of our common stock to decline. Moreover, if one or more of the analysts who cover us downgrade our common stock or if reporting results do not meet their expectations, the market price of the common stock could decline.

TUMIM STONE CAPITAL COMMITTED EQUITY FINANCING

On February 11, 2022, we entered into the Purchase Agreement and the Registration Rights Agreement with Tumim, pursuant to which Tumim has committed to purchase up to $175 million of our common stock, at our direction from time to time after the date of this prospectus, subject to the satisfaction of the conditions in the Purchase Agreement.

Under the terms and subject to the conditions of the Purchase Agreement, we have the right, but not the obligation, to sell to Tumim, and Tumim is obligated to purchase up to $175 million of our common stock. Such sales of common stock, if any, will be subject to certain limitations, and may occur from time to time at our sole discretion, over the approximately 36-month period commencing on the Commencement Date, provided, that the registration statement that includes this prospectus covering the resale by Tumim of shares of common stock that have been and may be issued under the Purchase Agreement, is declared effective by the SEC and the other conditions set forth in the Purchase Agreement are satisfied.

Tumim has no right to require us to sell any shares of common stock to Tumim, but Tumim is obligated to make purchases at our direction subject to certain conditions. There is no upper limit on the price per share that Tumim could be obligated to pay for the common stock under the Purchase Agreement. Actual sales of shares of Common Stock to Tumim will depend on a variety of factors to be determined by us from time to time, including, among others, market conditions, the trading price of our common stock and determinations by us as to the appropriate sources of funding for us and our operations.

We do not know what the purchase price for our common stock will be and therefore cannot be certain as to the number of shares we might issue to Tumim under the Purchase Agreement after the Commencement Date. As of March 7, 2022, there were 95,347,493 shares of our common stock outstanding, of which 54,154,678 shares were held by non-affiliates. Although the Purchase Agreement provides that we may sell up to $175 million of our Common Stock to Tumim, only 48,503,325 shares of our common stock are being registered under the Securities Act for resale by the Selling Stockholder under this prospectus, which represent shares of common stock that may be issued to Tumim from and after the Commencement Date, if and when we elect to sell shares which have been or may be issued to Tumim in the future under the Purchase Agreement, if and when we sell shares to Tumim under the Purchase Agreement. Depending on the market prices of our common stock at the time we elect to issue and sell shares to Tumim under the Purchase Agreement, we may need to register for resale under the Securities Act additional shares of our common stock in order to receive aggregate gross proceeds equal to the $175,000,000 total commitment available to us under the Purchase Agreement. If all of the 48,503,325 shares offered by Tumim under this prospectus were issued and outstanding as of the date hereof (without taking into account the 19.99% Exchange Cap limitation), such shares would represent approximately 34% of the total number of shares of our common stock outstanding and approximately 47% of the total number of outstanding shares held by non-affiliates, in each case as of the date hereof. If we elect to issue and sell more than the 48,503,325 shares offered under this prospectus to Tumim, which we have the right, but not the obligation, to do, we must first register for resale under the Securities Act any such additional shares, which could cause additional substantial dilution to our stockholders. The number of shares ultimately offered for resale by Tumim is dependent upon the number of shares we may elect to sell to Tumim under the Purchase Agreement from and after the Commencement Date.

Under applicable rules of the New York Stock Exchange (the “NYSE”), in no event may we issue or sell to Tumim under the Purchase Agreement shares of our common stock in excess of the Exchange Cap, unless (i) we obtain stockholder approval to issue shares of common stock in excess of the Exchange Cap or (ii) the average price of all applicable sales of our common stock to Tumim under the Purchase Agreement equals or exceeds $3.608 (which represents the average closing price of our common stock for the five trading days ending on February 10, 2022, the trading day immediately preceding the date the Purchase Agreement was executed) plus an incremental amount, such that issuances and sales of our common stock to Tumim under the Purchase Agreement would be exempt from the Exchange Cap limitation under applicable NYSE rules. In any event, the Purchase Agreement specifically provides that we may not issue or sell any shares of our common stock under the Purchase Agreement if such issuance or sale would breach any applicable NYSE rules.

The Purchase Agreement also prohibits us from directing Tumim to purchase any shares of common stock if those shares, when aggregated with all other shares of our common stock then beneficially owned by Tumim and its affiliates, would result in Tumim and its affiliates having beneficial ownership, at any single point in time, of more than the Beneficial Ownership Cap.

Purchase of Shares Under the Purchase Agreement

Upon the Commencement we have the right, but not the obligation, from time to time at our sole discretion over the approximately 36-month period from and after Commencement Date, to direct Tumim to purchase amounts of our common stock (the “Purchase Share Amount”) under the Purchase Agreement, that we specify in Purchase notices that we deliver to Tumim under the Purchase Agreement on any trading day. The maximum number of shares that may be purchased pursuant to a Purchase is equal to a number of shares of Common Stock equal to the lesser of (the “Purchase Maximum Amount”):

•

(i) the product obtained by multiplying (A) the average daily trading volume in the common stock on the NYSE during the five trading days immediately preceding the applicable day Tumim receives a valid Purchase notice for such Purchase and (B) 0.20, and (ii) the quotient obtained by dividing (A) $20,000,000 by (B) the VWAP of the common stock on the NYSE on the trading day immediately preceding the applicable day Tumim receives a valid Purchase notice for such Purchase, with respect to any VWAP Purchase that is designated as a “Forward VWAP Purchase”; or

•

(i) the product obtained by multiplying (A) the average daily trading volume in the common stock on the NYSE during the five trading days immediately preceding the applicable day Tumim receives a valid Purchase notice for such Purchase and (B) 0.40, and (ii) the quotient obtained by dividing (A) $30,000,000 by (B) the VWAP of the common stock on the NYSE on the trading day immediately preceding the applicable day Tumim receives a valid Purchase notice for such Purchase, with respect to any VWAP Purchase that is designated as a “Alternative VWAP Purchase”.

The Company may deliver a VWAP Purchase Notice to Tumim on any trading day selected by us as the VWAP Purchase Exercise Date for a VWAP Purchase subject to the satisfaction of the conditions contained in the Purchase Agreement; provided that, Tumim shall not be obligated to purchase any shares of common stock set forth in a valid Purchase notice in excess of the Purchase Maximum Amount. We may deliver a Purchase notice on a Purchase Exercise Date, provided that (i) we may not deliver more than one Purchase notice to Tumim on any single trading day, (ii) we may not deliver a Purchase notice to Tumim on any trading day during the period commencing on the Purchase Exercise Date on which a prior Purchase notice has previously been delivered by us to Tumim under the Purchase Agreement, and ending on the applicable trading day immediately following the last trading day of the applicable Purchase Valuation Period (each such date, a “Purchase Settlement Date”) or such later trading day on which Tumim shall have received all of the Purchase Shares subject to such prior Purchase notice in electronic form as “DWAC Shares” (as defined in the Purchase Agreement), subject to certain exceptions and (iii) all Purchase Shares subject to all prior Purchase notices for VWAP Purchases that have been properly delivered by us to Tumim under the Purchase Agreement (as applicable) have theretofore been received by Tumim or its broker-dealer as DWAC Shares, prior to our delivery of such Purchase notice to Tumim on such Purchase Exercise Date.

Shares of common stock will be issued from the Company to Tumim at either a (i) 3% discount to the average daily VWAP of the common stock during the three consecutive trading days from the date that a purchase notice

with respect to a particular purchase is delivered from the Company to Tumim, or (ii) 5% discount to the lowest daily VWAP during the three consecutive trading days from the date that a VWAP Purchase Notice with respect to a particular purchase is delivered from the Company to Tumim.

The payment for, against simultaneous delivery of, shares in respect of each Purchase under the Purchase Agreement will be delivered to Tumim as DWAC Shares not later than 1:00 p.m., New York City Time, on the first trading day immediately following the VWAP Purchase Date (as defined in the Purchase Agreement) on the applicable Purchase Settlement Date, as set forth in the Purchase Agreement.

Conditions to Commencement and Delivery of Purchase Notices

Our ability to deliver Purchase notices to Tumim under the Purchase Agreement are subject to the satisfaction, both at the time of Commencement and at the time of delivery by the Company of any Purchase notice to Tumim, of certain conditions, all of which are entirely outside of Tumim’s control, including, among other things, the following:

•

the accuracy in all material respects of our representations and warranties included in the Purchase Agreement;

•

us having performed, satisfied and complied in all material respects with all covenants, agreements and conditions required by the Purchase Agreement to be performed, satisfied or complied with by us;

•

the effectiveness of this registration statement that includes this prospectus (and any one or more additional registration statements filed with the SEC that include shares of common stock that may be issued and sold by us to Tumim under the Purchase Agreement);

•

the SEC shall not have issued any stop order suspending the effectiveness, prohibiting or suspending the use of the registration statement that includes this prospectus (or any one or more additional registration statements filed with the SEC that include shares of common stock that may be issued and sold by us to Tumim under the Purchase Agreement);

•

there shall not have occurred any event and there shall not exist any condition or state of facts, which makes any statement of a material fact made in the registration statement that includes this prospectus (or in any one or more additional registration statements filed with the SEC that include shares of common stock that may be issued and sold by us to Tumim under the Purchase Agreement) untrue or which requires the making of any additions to or changes to the statements contained therein in order to state a material fact required by the Securities Act to be stated therein or necessary in order to make the statements then made therein (in the case of this prospectus or the prospectus included in any one or more additional registration statements filed with the SEC under the Registration Rights Agreement, in light of the circumstances under which they were made) not misleading;

•

this prospectus, in final form, shall have been filed with the SEC under the Securities Act, and all reports, schedules, registrations, forms, statements, information and other documents required to have been filed by the Company with the SEC pursuant to the reporting requirements of the Exchange Act, shall have been filed with the SEC;

•

trading in our common stock shall not have been suspended by the SEC or the NYSE, we shall not have received any final and non-appealable notice that the listing or quotation of the common stock on the NYSE shall be terminated on a date certain (unless, prior to such date, the common stock is listed or quoted on the NYSE, The Nasdaq Global Market, The Nasdaq Global Select Market the the NYSE American, or the NYSE Arca (or any nationally recognized successor to any of the foregoing) (each, an “Eligible Market”)), and there shall be no suspension of, or restriction on, accepting additional deposits of the common stock, electronic trading or book-entry services by DTC with respect to the common stock;

•

we shall have complied with all applicable federal, state and local governmental laws, rules, regulations and ordinances in connection with the execution, delivery and performance of the Purchase Agreement and the Registration Rights Agreement;

•

the absence of any statute, regulation, order, decree, writ, ruling or injunction by any court or governmental authority of competent jurisdiction which prohibits the consummation of or that would materially modify or delay any of the transactions contemplated by the Purchase Agreement or the Registration Rights Agreement;

•

the absence of any action, suit or proceeding before any arbitrator or any court or governmental authority seeking to restrain, prevent or change the transactions contemplated by the Purchase Agreement or the Registration Rights Agreement, or seeking material damages in connection with such transactions;

•

all of the shares of common stock that may be issued pursuant to the Purchase Agreement shall have been approved for listing or quotation on the NYSE (or if the common stock is not then listed on the NYSE, on any Eligible Market);

•

no condition, occurrence, state of facts or event constituting a material adverse effect shall have occurred and be continuing;

•

any voluntary or involuntary participation or threatened participation in insolvency or bankruptcy proceedings by or against us; and

•

the receipt by Tumim of the opinions, bring-down opinions and negative assurances from outside counsel to us in the forms mutually agreed to by us and Tumim prior to the date of the Purchase Agreement.

No Short-Selling or Hedging by Tumim

Tumim has covenanted not to cause or engage in any manner whatsoever, any direct or indirect short selling or to execute any stock pledge, forward sales contract, option, put, call, swap or similar hedging arrangement (including on a total return basis) of our shares.

Prohibition on Variable Rate Transactions

From and after the date of the Purchase Agreement until the termination of the Purchase Agreement, we have agreed not to enter into any “equity line of credit” or other substantially similar continuous offering in which we may offer, issue or sell common stock or common stock equivalents (or any combination of units thereof) at a future determined price.

Termination of the Purchase Agreement

Unless earlier terminated as provided in the Purchase Agreement, the Purchase Agreement will terminate automatically on the earliest to occur of:

•

the first day of the month next following the 36-month anniversary of the Commencement Date;

•

the date on which Tumim shall have purchased shares of common stock under the Purchase Agreement for an aggregate gross purchase price equal to its $175 million Total Commitment under the Purchase Agreement;

•

the date on which the common stock shall have failed to be listed or quoted on the NYSE or any other Eligible Market; and

•

the date on which we commence a voluntary bankruptcy case or any third party commences a bankruptcy proceeding against us, a custodian is appointed for us in a bankruptcy proceeding for all or substantially all of its property, or we make a general assignment for the benefit of its creditors.

We have the right to terminate the Purchase Agreement at any time after Commencement, at no cost or penalty, upon one trading day’s prior written notice to Tumim. We and Tumim may also terminate the Purchase Agreement at any time by mutual written consent.

Tumim also has the right to terminate the Purchase Agreement upon 1 trading days’ prior written notice to us, but only upon the occurrence of certain events, including:

•

the occurrence of a Material Adverse Effect (as defined in the Purchase Agreement);

•

the occurrence of a Fundamental Transaction (as defined in the Purchase Agreement) involving us;

•

our failure to file with the SEC or have declared effective by the SEC the registration statement that includes this prospectus or any additional registration statement we file with the SEC pursuant to the Registration Rights Agreement, within the time periods set forth in the Registration Rights Agreement or our breach or default of the Registration Rights Agreement;

•

the effectiveness of the registration statement that includes this prospectus or any additional registration statement we file with the SEC pursuant to the Registration Rights Agreement lapses for any reason (including the issuance of a stop order by the SEC), or this prospectus or the prospectus included in any additional registration statement we file with the SEC pursuant to the Registration Rights Agreement otherwise becomes unavailable to Tumim for the resale of all of the shares of common stock included therein, and such lapse or unavailability continues for a period of 30 consecutive trading days or for more than an aggregate of 120 trading days in any 365-day period, other than due to acts of Tumim;

•

trading in the common stock on the NYSE (or if the common stock is then listed on an Eligible Market, trading in the common stock on such Eligible Market) has been suspended for a period of three consecutive trading days; or

•

our material breach or default under the Purchase Agreement.

No termination of the Purchase Agreement by us or by Tumim will become effective prior to the first Trading Day immediately following the applicable settlement date related to any pending Purchase that has not been fully settled in accordance with the terms and conditions of the Purchase Agreement, and will not affect any of our respective rights and obligations under the Purchase Agreement with respect to any pending Purchase, and both we and Tumim have agreed to complete our respective obligations with respect to any such pending Purchase under the Purchase Agreement. Furthermore, no termination of the Purchase Agreement will affect the Registration Rights Agreement, which will survive any termination of the Purchase Agreement.

Effect of Performance of the Purchase Agreement on our Stockholders

All shares of common stock that have been or may be issued or sold by us to Tumim under the Purchase Agreement that are being registered under the Securities Act for resale by Tumim in this offering are expected to be freely tradable. The shares of common stock being registered for resale in this offering may be issued and sold by us to Tumim from time to time at our discretion over a period of up to 36 months commencing on the date of execution of the Purchase Agreement. The resale by Tumim of a significant amount of shares registered for resale in this offering at any given time, or the perception that these sales may occur, could cause the market price of our common stock to decline and to be highly volatile. Sales of our common stock, if any, to Tumim under the Purchase Agreement will depend upon market conditions and other factors to be determined by us. We may ultimately decide to sell to Tumim all, some or none of the shares of our common stock that may be available for us to sell to Tumim pursuant to the Purchase Agreement.

Pursuant to the terms of the Purchase Agreement, we have the right, but not the obligation, to direct Tumim to purchase up to $175 million of our common stock, subject to certain limitations. We have registered only a portion of the shares that may be issuable under the Purchase Agreement and, therefore, we may seek to issue

and sell to Tumim under the Purchase Agreement more shares of our common stock than are offered under this prospectus in order to receive the aggregate gross proceeds equal to the $175 million Total Commitment available to us under the Purchase Agreement. If we choose to do so, we must first register for resale under the Securities Act any such additional shares, which could cause additional substantial dilution to our stockholders. The number of shares ultimately offered for resale under this prospectus is dependent upon the number of shares we direct Tumim to purchase under the Purchase Agreement.

The following table sets forth the amount of gross proceeds we would receive from Tumim from our sale of shares to Tumim under the Purchase Agreement at varying purchase prices:


Assumed Average Purchase Price Per Share	Number of Registered Shares to be Issued if Full Purchase⁽¹⁾		Percentage of Outstanding Shares After Giving Effect to the Issuance to Tumim⁽²⁾			Gross Proceeds from the Sale of Shares to Tumim Under the Purchase Agreement
$3.00		48,503,325		34	%	$	145,509,975
$3.608⁽³⁾		48,503,325		34	%	$	174,999,997
$4.76⁽⁴⁾		36,764,706		28	%	$	175,000,000
$5.00		35,000,000		27	%	$	175,000,000
$7.00		25,000,000		21	%	$	175,000,000

(1)

Although the Purchase Agreement provides that we may sell up to $175 million of our common stock to Tumim, we are only registering 48,503,325 shares under this prospectus which represents shares which may be issued to Tumim in the future under the Purchase Agreement, if and when we sell shares to Tumim under the Purchase Agreement, and which may or may not cover all the shares we ultimately sell to Tumim under the Purchase Agreement, depending on the purchase price per share. As a result, we have included in this column only those shares that we are registering in this offering, without regard to the Beneficial Ownership Cap or the Exchange Cap. If we seek to issue shares of our common stock, including shares from other transactions that may be aggregated with the transactions contemplated by the Purchase Agreement under the applicable rules of the NYSE, in excess of 17,743,727 shares, or 19.99% of the total common stock outstanding immediately prior to the execution of the Purchase Agreement, we may be required to seek stockholder approval in order to be in compliance with the rules of the NYSE. The assumed average purchase prices per share are solely for illustrative purposes and are not intended to be estimates or predictions of the future performance of our common stock.

(2)	The denominator is based on 95,347,493 shares outstanding as of March 7, 2022. The numerator is based on the number of shares issuable under the Purchase Agreement at the corresponding assumed purchase price set forth in the first column.

(3)	The NYSE base price.

(4)	The closing sale price of our common stock on March 8, 2022.

MARKET AND INDUSTRY DATA

Certain industry data and market data included in this prospectus were obtained from independent third-party surveys, market research, publicly available information, reports of governmental agencies and industry publications and surveys. All of management’s estimates presented herein are based upon management’s review of independent third-party surveys and industry publications prepared by a number of sources and other publicly available information. All of the market data used in this prospectus involves a number of assumptions and limitations, and you are cautioned not to give undue weight to such estimates. We believe that the information from these industry publications and surveys included in this prospectus is reliable. The industry in which we operate is subject to a high degree of uncertainty and risk due to a variety of factors, including those described in the section titled “Risk Factors.” These and other factors could cause results to differ materially from those expressed in the estimates made by the independent parties and by us.

USE OF PROCEEDS

This prospectus relates to shares of our common stock that may be offered and sold from time to time by the Selling Stockholder. All of the common stock offered by the Selling Stockholder pursuant to this prospectus will be sold by the Selling Stockholder for its own account. We will not receive any of the proceeds from these sales. We may receive up to $175.0 million aggregate gross proceeds under the Purchase Agreement from any sales we make to Tumim pursuant to the Purchase Agreement. The net proceeds from sales, if any, under the Purchase Agreement, will depend on the frequency and prices at which we sell shares of common stock to the Selling Stockholder after the date of this prospectus. See the section titled “Plan of Distribution” elsewhere in this prospectus for more information.

We expect to use any proceeds that we receive under the Purchase Agreement for working capital and general corporate purposes, including to fund potential future investments and acquisitions of companies that we believe are complementary to our business and consistent with our growth strategy. As of the date of this prospectus, we cannot specify with certainty all of the particular uses, and the respective amounts we may allocate to those uses, for any net proceeds we receive. Accordingly, we will retain broad discretion over the use of these proceeds. Pending our use of the net proceeds as described above, we intend to invest the net proceeds pursuant to the Purchase Agreement in interest-bearing, investment-grade instruments.

MARKET INFORMATION FOR SECURITIES AND DIVIDEND POLICY

Market Information

Our common stock and Public Warrants are currently listed on NYSE under the symbols “IRNT” and “IRNT.WS”, respectively. Prior to the consummation of the Business Combination, our common stock and our Public Warrants were listed on NYSE under the symbols “DFNS” and “DFNS.WS”, respectively. As of March 7, 2022, there were 433 holders of record of the common stock and three holders of record of our Public Warrants. We currently do not intend to list the Private Warrants on any stock exchange or stock market.

Dividend Policy

We have never declared or paid any dividends on shares of our common stock. We anticipate that we will retain all of our future earnings, if any, for use in the operation and expansion of our business and do not anticipate paying cash dividends in the foreseeable future. Any decision to declare and pay dividends in the future will be made at the sole discretion of our board of directors and will depend on, among other things, our results of operations, cash requirements, financial condition, contractual restrictions and other factors that our board of directors may deem relevant.

MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

The following discussion and analysis of our financial condition and results of operations should be read in conjunction with the consolidated financial statements and related notes thereto included elsewhere in this prospectus. The consolidated financial statements are presented in U.S. dollars (USD) rounded to the nearest thousand, with the amounts in this Management’s Discussion and Analysis of Financial Condition and Results of Operations (“MD&A”) rounded to the nearest tenth of a million. Therefore, differences in the tables between totals and sums of the amounts listed may occur due to such rounding.

Some of the information contained in this MD&A or set forth elsewhere in this prospectus, including information with respect to our plans and strategy for our business, includes forward-looking statements that involve risks and uncertainties. As a result of many factors, including those factors set forth in the section titled “Risk Factors,” our actual results could differ materially from the results described in or implied by the forward-looking statements contained in the following discussion and analysis. Please also see the section titled “Special Note Regarding Forward-Looking Statements.” Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2021 and January 31, 2020 are referred to herein as fiscal 2021 and fiscal 2020, respectively. The three months ended October 31, 2021 and October 31, 2020 are referred to herein as quarter to date 2022 and quarter to date 2021, respectively. The nine months ended October 31, 2021 and October 31, 2020 are referred to herein as year to date 2022 and year to date 2021, respectively.

Overview

GEN Keith B. Alexander (Ret.) founded IronNet Cybersecurity, Inc. in 2014 to solve the major cybersecurity problem he witnessed and defined during his tenure as former head of the NSA and founding Commander of U.S. Cyber Command: You can’t defend against threats you can’t see. Our innovative approach provides the ability for groups of organizations—within an industry sector, supply chain, state or country, for example—to see, detect and defend against sophisticated cyber attacks earlier and faster than ever before.

IronNet has defined a new market category called Collective Defense. IronNet has developed the Collective Defense platform, a solution that can identify anomalous (potentially suspicious or malicious) behaviors on computer networks and share this intelligence anonymously and in real time among Collective Defense community members. Collective Defense communities comprise groups of organizations that have common risks, such as a supply chain, a business ecosystem, or across an industry sector, a state, or a country. This cybersecurity model delivers timely, actionable, and contextual alerts and threat intelligence on attacks targeting enterprise networks, and functions as an early-warning detection system for all community members.

Business Combination and Basis of Presentation

We were originally known as LGL Systems Acquisition Corp. On August 26, 2021, LGL consummated the Business Combination with Legacy IronNet pursuant to the Business Combination Agreement (the “Merger”). Legacy IronNet survived the Merger as a wholly-owned subsidiary of LGL. In connection with the closing of the Merger, LGL changed its name from LGL Systems Acquisition Corp. to IronNet, Inc. The Merger was accounted for as a reverse recapitalization (the “Reverse Recapitalization”). Under this method of accounting, LGL is treated as the “acquired” company and Legacy IronNet is treated as the acquirer for financial reporting purposes. The Reverse Recapitalization was treated as the equivalent of Legacy IronNet issuing stock for the net assets of

LGL, accompanied by a recapitalization. The net assets of LGL are stated at historical cost, with no goodwill or other intangible assets recorded.

As a result of Legacy IronNet being the accounting acquirer in the Merger, the financial reports filed with the U.S. Securities and Exchange Commission (the “SEC”) by the Company subsequent to the Merger are prepared as if Legacy IronNet is the accounting predecessor of the Company. The historical operations of Legacy IronNet are deemed to be those of the Company. See Note 2 in the accompanying unaudited condensed consolidated financial statements for more information.

As a public company, we have been and will continue to be required to hire additional personnel and implement procedures and processes to address public company regulatory requirements and customary practices. We expect to continue to incur additional annual expenses as a public company for, among other things, directors’ and officers’ liability insurance, director fees and additional internal and external accounting, legal and administrative resources, including increased audit and legal fees.

Our Business

We have focused on the development and delivery of a suite of advanced cybersecurity capabilities for detection, alerting, situational awareness and hunt/remediation combined into a comprehensive Collective Defense platform. We compliment these capabilities, delivered to both commercial and public sector enterprises, with professional services.

Software, Subscription and Support Revenue

Our primary line of business is the delivery of its integrated software capabilities through its Collective Defense platform. The platform is comprised of two flagship products:

IronDefense is an advanced NDR solution that uses AI-driven behavioral analytics to detect and prioritize anomalous activity inside individual enterprises. IronNet leverages advanced AI/ML algorithms to detect previously unknown threats, which are those that have not been identified and “fingerprinted” by industry researchers), in addition to screening known threats, and applies its Expert System to prioritize the severity of the behaviors—all at machine speed and cloud scale.

IronDome is a threat-sharing solution that facilitates a crowdsource-like environment in which the IronDefense threat detections from an individual company are shared among members of a Collective Defense community. IronDome analyzes threat detections across the community to identify broad attack patterns and provides anonymized intelligence back to all community members in real time, giving all members early insight into potential incoming attacks. Automated sharing across the Defense Community enables faster detection of attacks at earlier stages of the cyber kill chain.

Our Collective Defense platform delivers strong network effects: every customer contributing its threat data (anonymously) into the community reaps exponential benefits from the shared intelligence of the other organizations. The collaborative aspect of Collective Defense, and the resulting prioritization of alerts based on their potential severity, helps address the known problem of “alert fatigue” that plagues overwhelmed security analysts.

The Collective Defense platform is available for on-premise, cloud (public or private), and hybrid environments, and is scalable to include small-to-medium businesses, public-sector agencies, as well as multinational corporations. We utilize the platform to provide professional cybersecurity services such as incident response and threat hunting, as well as programs to help customers assess cybersecurity governance, maturity, and readiness. Our CS services are designed to create shared long-term success measures with our customers, differentiating us from other cybersecurity vendors by working alongside customers as partners and offering consultative and service capabilities well beyond implementation of our Collective Defense platform.

The Collective Defense platform is available via a subscription-based pricing and flexible delivery model, with options available for major public cloud providers such as AWS and Microsoft Azure; private cloud, or HCI such as Nutanix; and on-premise environments through hardware and virtual options. To make it as easy as possible for customers to add Collective Defense into their existing security stack, we built a rich set of APIs that enable integrations with standard security products, SIEM; SOAR; EDR; NGFW tools; and cloud-native logs from major public cloud providers.

Professional Services

We sell professional services, including development of national cyber security strategies, cyber operations monitoring, security, training, red team, incident response and tailored maturity assessments. Revenue derived from these services is recognized as the services are delivered.

Financing to Date

We have financed our operations primarily through private placements of common stock, warrants, redeemable convertible preferred stock and the closing of the Merger. From inception of Legacy IronNet in 2014 through October 31, 2021, we have raised aggregate gross proceeds of $316.8 million from the issuance of common stock, warrants and redeemable convertible preferred stock in exchange for cash. During the nine months ended October 31, 2021, we have incurred a net loss of $225.8 million of which $160.1 million related to a non-cash expense related to the modification of Restricted Stock Units, as well as a further non-cash expense to reflect the increase in the fair market value in private warrants through the dates they were exercised and used $59.1 million in cash to fund operations. As of October 31, 2021, we had $73.9 million of cash on hand to continue to fund operations.

We except our capital and operating expenditures to increase significantly in connection with its ongoing activities, as we:

•

continue to invest in research and development related to new technologies;

•

increase our investment in marketing and advertising, as well as the sales and distribution infrastructure for our products and services;

•

maintain and improve operational, financial, and management information systems;

•

hire additional personnel;

•

obtain, maintain, expand, and protect our intellectual property portfolio; and

•

enhance internal functions to support our operations as a publicly-traded company.

With the closing of the Merger on August 26, 2021, we received gross proceeds of $138.3 million before fees and expenses.

Key Factors Affecting Performance

New customer acquisition

Our future growth depends in large part on our ability to acquire new customers. If our efforts to attract new customers are not successful, our revenue may decline in the future. Our IronDefense and IronDome platforms are designed to be used in conjunction with point solutions to capture and share critical data and findings to enable our behavioral analytics to identify threats and for defenders to respond more accurately and quickly. IronNet has significant room to capture additional market share and intends to continue to invest in sales and marketing to engage its prospective customers, increase brand awareness, and drive adoption of its solution.

Customer retention

Our ability to increase revenue depends in large part on our ability to retain existing customers.

Investing in business growth

Since inception, we have invested significantly in the growth of our business. While remaining judicious and targeted in our investments, we intend to continue to invest in our research and development team to lead product improvements, our sales team to broaden our brand awareness and our general and administrative expenses to increase for the foreseeable future given the additional expenses for finance, compliance and investor relations as we grow as a public company. In addition to our internal growth, we may also consider acquisitions of businesses, technologies, and assets that complement and bolster additional capabilities to our product offerings.

Key Business Metrics

We monitor the following key metrics to measure our performance, identify trends, formulate business plans and make strategic decisions.

Recurring Software Customers

We believe that our ability to increase the number of subscription and other recurring contract type customers on our platform is an indicator of our market penetration, the growth of our business, and our potential future business opportunities. We have a history of growing the number of customers who have contracted for our platforms on a recurring basis, which does not include our professional services customers. Our recurring software customers include customers who have a recurring contract for either or both of our IronDefense and IronDome platforms. These platforms are generally sold together, but they also can be purchased on a standalone basis. We have consistently increased the number of such customers period-over-period, and we expect this trend to continue as we increase subscription offerings to small and medium-sized businesses, in addition to increased subscription offerings for our larger enterprise customers. The following table sets forth the number of recurring software customers as of the dates presented:


	October 31,
	2021			2020
Recurring Software Customers		74			25
Year-over-year growth		196	%		47	%


	January 31,
	2021			2020
Recurring Software Customers		27			20
Year-over-year growth		35	%		43	%

Annual Recurring Revenue (“ARR”)

ARR is calculated at a particular measurement date as the annualized value of our then existing customer subscription contracts and the portions of other software and product contracts that are to be recognized over the course of the contracts and that are designed to renew, assuming any contract that expires during the 12 months following the measurement date is renewed on its existing terms. We believe this is a reasonable assumption as less than 1% of an approximate total of $160 million in cumulative ARR that would have been reported over the last 12 quarters through the end of fiscal year 2021 did not renew their contract. The following table sets forth our ARR as of the dates presented:


	October 31,
	2021			2020
	(in millions)
Annual recurring revenues	$	27.5		$	21.2
Year-over-year growth		30	%		32	%


	January 31,
	2021			2020
	(in millions)
Annual recurring revenues	$	25.8		$	15.0
Year-over-year growth		72	%		37	%

Dollar-based Average Contract Length

Our dollar-based average contract length is calculated from a set of customers against the same metric as of a prior period end. Because many of our customers have similar buying patterns and the average term of our contracts is more than 12 months, this metric provides a means of assessing the degree of built-in revenue repetition that exists across our customer base.

We calculate our dollar-based average contract length as follows:

•

Numerator: We multiply the average total length of the contracts, measured in years or fractions thereof, by the respective revenue recognized for the applicable reporting period.

•

Denominator: We use the revenue attributable to software and product customers for the same period used in the numerator. This effectively represents the revenue base that is being generated by those customers.

Dollar-based average contract length is obtained by dividing the Numerator by the Denominator. Our dollar-based average contract length decreased from 3.2 to 2.8 years, or (13)%, for the nine months ended October 31, 2021 as compared to the nine months ended October 31, 2020, and decreased from 3.5 to 2.9 years, or 17% for the year ended January 31, 2021 as compared to the year ended January 31, 2020. As our revenues and our customer base increases, we expect our average contract length to trend downward over time. Declines in average contract length are not reflective of the average lifetime of a customer.


	October 31,
	2021		2020
	(in years)
Dollar-based average contract length		2.8		3.2


	January 31,
	2021		2020
	(in years)
Dollar-based average contract length		2.9		3.5

Calculated Billings

Calculated billings is a non-GAAP financial measure that we believe is a key metric to measure our periodic performance. Calculated billings represent our total revenue plus the change in deferred revenue in a period. Calculated billings in any particular period aims to reflect amounts invoiced to customers to access our software-based, cybersecurity analytics products, cloud platform and professional services, together with related support services, for our new and existing customers. We typically invoice our customers on multi-year or annual contracts in advance, either annually or monthly. Calculated billings decreased $9.0 million, or (37)%, in year to date 2022 over year to date 2021 and increased $19.7 million, or 85%, in fiscal 2021 over fiscal 2020. Calculated billings decreased when comparing year to date 2022 to year to date 2021 primarily due to lower revenue and during fiscal year 2021, we were focused on growing our deferred revenue. As deferred revenue remains more consistent, we expect our calculated billings growth rate to trend down over time. We also expect that calculated billings will be affected by timing of entering into agreements with customers; and the mix of billings in each reporting period as we typically invoice customers multi-year or annually in advance and, to a lesser extent, monthly in advance.

While we believe that calculated billings may be helpful to investors because it provides insight into the cash that will be generated from sales of our subscriptions, this metric may vary from period-to-period for a number of reasons, and therefore has a number of limitations as a quarter-to-quarter or year-over-year comparative measure. In addition, other companies, including companies in our industry, may calculate similarly-titled non-GAAP measures differently or may use other measures to evaluate their performance, all of which could reduce the usefulness of our metric of calculated billings as tools for comparison. Because of these and other limitations, you should consider calculated billings along with revenue and our other GAAP financial results.

The following table presents a reconciliation of revenue, the most directly comparable financial measure calculated in accordance with GAAP, to calculated billings:


	Three Months Ended October 31,
	2021		2020		2021 vs 2020
	($in millions)
Revenue	$	6.9	$	7.0		(0.1	)	(1	)%
Add: Total Deferred revenue, end of period		30.1		23.0		7.1		31
Less: Total Deferred revenue, beginning of period		33.6		21.9		11.7		53

Calculated billings	$	3.4	$	8.1		(4.7	)	(58	)%


	Nine Months Ended October 31,
	2021		2020		2021 vs 2020
	($in millions)
Revenue	$	19.4	$	21.8		(2.4	)	(11	)%
Add: Total Deferred revenue, end of period		30.1		23.0		7.1		31
Less: Total Deferred revenue, beginning of period		34.0		20.3		13.7		67

Calculated billings	$	15.5	$	24.5		(9.0	)	(37	)%

Adjusted Results of Operations

The following table shows our non-GAAP results of operations for the three and nine months ended October 31, 2021 after excluding the impacts of the stock-based compensation expense and the revaluation of the private warrants prior to their cashless exercise and transaction costs incurred related to the Merger:


	Three Months Ended October 31,			Nine Months Ended October 31,
	2021			2021
	($in thousands)
Net loss	$	(193,122	)	$	(225,789	)
Stock compensation expense (1)		160,094			160,094
Change in fair value of warrants liabilities		11,302			11,302
Transaction costs expense (2)		1,556			2,328

Non-GAAP Adjusted Net Loss	$	(20,170	)	$	(52,065	)

1.	Total stock based compensation of $160.1 million has been recorded within research and development of $20.9 million, sales and marketing of $49.3 million, and general and administrative expense of $89.9 million on the statement of operations

2.	Transaction expenses have been recorded within general and administrative expense on the statement of operations

Components of Our Results of Operations

Revenue

Our revenues are derived from sales of software subscriptions, subscription-like software products and software support contracts as well as from professional services. Products, subscriptions and support revenues accounted for 89% of our revenue in quarter to date 2022, for 85% of our revenue in quarter to date 2021, for 93% of our revenue in year to date 2022, for 83% of our revenue in year to date 2021, and for 85% of our revenue for each of fiscal 2021 and fiscal 2020. Professional services revenues accounted for 11% of our revenue in quarter to date 2022, for 15% of our revenue in our quarter to date 2021, for 7% of our revenue in year to date 2022, for 17% of our revenue in year to date 2021 and for 15% of our revenue for each of fiscal 2021 and fiscal 2020.

Our typical customer contracts and subscriptions range from one to five years. We typically invoice customers in advance. We combine intelligence dependent hardware and software licenses as well as subscription-type deliverables with the related threat intelligence and support and maintenance as a single performance obligation, as it delivers the essential functionality of our cybersecurity solution. Most companies also participate in the IronDome collective defense software solution that provides them access to IronNet’s collective defense infrastructure linking participating stakeholders. As a result, we recognize revenue for this single performance obligation ratably over the expected term with the customer. Amounts that have been invoiced are recorded in deferred revenue or they are recorded in revenue if the revenue recognition criteria have been met. Significant judgement is required for the assessment of material rights relating to renewal options associated with our contracts.

Professional services revenues are generally sold separately from our products and include services such as development of national cyber security strategies, cyber operations monitoring, security, training, red team, incident response and tailored maturity assessments. Revenue derived from these services is recognized as the services are delivered.

Cost of Revenue

Cost of product, subscription and support revenue includes expenses related to our hosted security software, employee-related costs of our customer facing support, such as salaries, bonuses and benefits, an allocated portion of administrative costs and the amortization of deferred costs.

Cost of professional services revenue consists primarily of employee-related costs, such as salaries, bonuses and benefits, cost of contractors and an allocated portion of administrative costs.

Gross Profit

Gross profit, calculated as total revenue less total costs of revenue is affected by various factors, including the timing of our acquisition of new customers, renewals from existing customers, the data center and bandwidth costs associated with operating our cloud platform, the extent to which we expand our customer support organization, and the extent to which we can increase the efficiency of our technology and infrastructure through technological improvements. Also, we view our professional services in the context of our larger business and as a significant lead generator for future product sales. Because of these factors, our services revenue and gross profit may fluctuate over time.

Operating Expenses

Research and development

Our research and development efforts are aimed at continuing to develop and refine our products, including adding new features and modules, increasing their functionality, and enhancing the usability of our platform. Research and development costs primarily include personnel-related costs and acquired software costs. Research and development costs are expensed as incurred.

Sales and marketing

Sales and marketing expenses consist primarily of employee compensation and related expenses, including salaries, bonuses and benefits for our sales and marketing employees, sales commissions that are recognized as expenses over the period of benefit, marketing programs, travel and entertainment expenses, and allocated overhead costs. We capitalize our sales commissions and recognize them as expenses over the estimated period of benefit.

We intend to continue to make significant investments in our sales and marketing organization to drive additional revenue, further penetrate the market and expand our global customer base. In particular, we will continue to invest in growing and training our sales force, broadening our brand awareness and expanding and deepening our channel partner relationships. We expect our sales and marketing expenses to decrease as a percentage of our revenue over the long term, although our sales and marketing expenses may fluctuate as a percentage of our revenue from period to period due to the timing and extent of these expenses.

General and administrative

General and administrative costs include salaries, stock-based compensation expenses, and benefits for personnel involved in our executive, finance, legal, people and culture, and administrative functions, as well as third-party professional services and fees, and overhead expenses.

We expect that general and administrative expenses will increase in absolute dollars as we hire additional personnel and enhance our systems, processes, and controls to support the growth in our business as well as our increased compliance and reporting requirements as a public company.

Other income (expense), net

Other income (expense), net consists primarily of interest income, interest expense, and foreign currency exchange gains and losses.

Change in fair value of warrants liabilities

Change in fair value of warrants liabilities consists of the change in the fair value of warrants between the time on which they were valued as of the prior quarterly reporting period and the date on which they were exercised.

Provision for income taxes

Provision for income taxes consists of federal and state income taxes in the United States and income taxes and withholding taxes in certain foreign jurisdictions in which we conduct business. We maintain a full valuation allowance on our U.S. federal and state deferred tax assets.

Results of Operations

Comparison of Quarter to Date 2022 and Quarter to Date 2021

The following tables set forth our consolidated statement of operations in dollar amounts and as a percentage of total revenue for each period presented:


	Three Months Ended October 31,
	2021			2020			Change $			Change%
	($ in thousands)
Product, subscription and support revenue	$	6,132		$	5,958		$	174			3	%
Professional services revenue		781			1,055			(274	)		(26	)%

Total revenue		6,913			7,013			(100	)		(1	)%
Cost of product, subscription and support revenue		2,082			1,252			830			66	%
Cost of professional services revenue		286			817			(531	)		(65	)%

Total cost of revenue		2,368			2,069			299			14	%

Gross profit		4,545			4,944			(399	)		(8	)%

Operating expenses
Research and development		28,144			5,687			22,457			395	%
Sales and marketing		57,196			7,155			50,041			699	%
General and administrative		100,267			4,715			95,552			2,027	%

Total operating expenses		185,607			17,557			168,050			957	%

Operating loss		(181,062	)		(12,613	)		(168,449	)		1,336	%
Other (expense) income, net		(724	)		178			(902	)		(507	)%

Change in fair value of warrants liabilities		(11,302	)		—			(11,302	)		100	%
Loss before income taxes		(193,088	)		(12,435	)		(180,653	)		1,453	%
Benefit (provision) for income taxes		(34	)		(19	)		(15	)		79	%

Net loss	$	(193,122	)	$	(12,454	)	$	(180,668	)		1,451	%

Revenue

Total revenue decreased by $0.1 million or (1)% in quarter to date 2022 compared to quarter to date 2021.

Product, subscription and support revenue increased by $0.2 million or 3% primarily due to the Company’s transition from contracts that had material non-recurring elements which would not renew in full to contract forms that were designed to fully renew.

Professional services revenue decreased $0.3 million or (26)% in quarter to date 2022 compared to quarter to date 2021, primarily due to the completion of a key enterprise engagement in quarter to date 2021. Professional services accounted for 11% of our total revenue in quarter to date 2022 and for 15% of our total revenue in quarter to date 2021.

Cost of revenue

Total cost of revenue increased by $0.3 million or 14%, in quarter to date 2022, compared to quarter to date 2021. Cost of product, subscription and support revenue increased by $0.8 million or 66%, in quarter to date 2022, compared to quarter to date 2021. The increase was due primarily to an increase in customer cloud costs with business scale and a $0.2 million amortization catch-up for deployed sensors during quarter to date 2022 compared to quarter to date 2021.

Gross Profit and Gross Margin

Mix changes in cost of revenue resulted in a decrease in software gross margin to 66% in quarter to date 2022 compared to 79% in quarter to date 2021, and an increase in professional services gross margin to 63% in quarter to date 2022 compared to 23% in quarter to date 2021. Quarter to date 2022 margin was lower due to amortization catch-up of $0.2 million that was not realized in the first half of fiscal 2022. In quarter to date 2021 we also onboarded several significant revenue customers which had not yet ramped their full cloud costs in the period and finalized the delivery of a key significant service contract in EMEA. This had materially increased margins in the comparable quarter last year. Professional services margin will continue to be volatile contract to contract as we scale the business.

We expect that gross margins for the rest of fiscal 2022 will improve slightly. Margins may remain volatile compared to fiscal 2021 due to the continuing presence of large contracts in our revenue mix.

The following tables show gross profit and gross margin, respectively, for software products and support revenue and professional services revenue for quarter to date 2022 as compared to quarter to date 2021.


	Three Months Ended October 31,
	2021		2020		Change $			Change%
	($ in millions)
Product, subscription and support gross profit	$	4.0	$	4.7	$	(0.7	)		(15	)%
Professional services gross profit		0.5		0.2		0.3			150	%

Total gross profit	$	4.5	$	4.9	$	(0.4	)		(8	)%


	2021			2020			Change
Product, subscription and support margin		66.0	%		79.0	%		(13.0	)%
Professional services margin		63.4	%		22.6	%		40.8	%

Total gross margin		65.7	%		70.5	%		(4.8	)%

Operating expenses

Research and development

Research and development expenses increased by $22.5 million or 395%, in quarter to date 2022, compared to quarter to date 2021 primarily due to non-cash stock compensation expenses ($20.9 million) triggered by the modification of the restricted stock units and ramping resources to support product development. At 407% of total revenues in quarter to date 2022 compared to 81% in quarter to date 2021, we expect that our overall R&D expenditure rate as a percentage of revenues will decline in the future.

Sales and marketing

Sales and marketing cost increased by $50.0 million or 699% in quarter to date 2022, compared to quarter to date 2021, primarily due to non-cash stock compensation ($49.3 million) triggered by the modification of the restricted stock units and ramped sales and marketing personnel in quarter to date 2022. At 827% of revenues in quarter to date 2022 compared to 102% in quarter to date 2021, we expect that our overall sales and marketing expenditure rates as a percentage of revenues will decline in the future.

General and administrative

General and administrative costs increased by $95.6 million or 2027% when comparing quarter to date 2022 to quarter to date 2021, primarily due to non-cash stock compensation ($89.9 million) triggered by the modification of the restricted stock units and costs related to being public. Quarter to date 2022 general and administrative expenses were at 1450% of total revenues compared to 67% in quarter to date 2021. We expect that our overall general and administrative expenditure rates as a percentage of revenues will decline in the future.

Other (expense) income, net

The net fluctuation of $0.9 million in Other (expense) income is largely the result of interest expense of $0.7 million related to the Paycheck Protection Program (“PPP”) loan and SVB Bridge loan. These debts and the interest were paid off at the date of the Merger.

Change in fair value of warrants liabilities

$11.3 million of non-cash expense was recognized due to the change in fair value of warrants liabilities.

Provision for income taxes

The change in provision for income taxes was immaterial to the results of operations primarily due to our continued net loss position, the accumulation of net loss carryforwards, and offsetting valuation allowance.

Comparison of Year to Date 2022 and Year to Date 2021

The following tables set forth our consolidated statements of operations in dollar amounts and as a percentage of total revenue for each period presented:


	Nine Months Ended October 31,
	2021			2020			Change $			Change %
	($ in thousands)
Product, subscription and support revenue	$	18,038		$	18,047		$	(9	)		(0	)%
Professional services revenue		1,327			3,779			(2,452	)		(65	)%
Total revenue		19,365			21,826			(2,461	)		(11	)%
Cost of product, subscription and support revenue		5,505			3,534			1,971			56	%
Cost of professional services revenue		617			1,596			(979	)		(61	)%
Total cost of revenue		6,122			5,130			992			19	%
Gross profit		13,243			16,696			(3,453	)		(21	)%
Operating expenses
Research and development		42,606			19,965			22,641			113	%
Sales and marketing		72,046			23,265			48,781			210	%
General and administrative		111,952			16,690			95,262			571	%
Total operating expenses		226,604			59,920			166,684			278	%
Operating loss		(213,361	)		(43,224	)		(170,137	)		394	%
Other (expense) income, net		(1,070	)		125			(1,195	)		(956	)%
Change in fair value of warrants liabilities		(11,302	)		—			(11,302	)		100	%
Loss before income taxes		(225,733	)		(43,099	)		(182,634	)		424	%
Benefit (provision) for income taxes		(56	)		(58	)		2			(3	)%
Net loss	$	(225,789	)	$	(43,157	)	$	(182,632	)		423	%

Revenue

Total revenue decreased by $2.5 million or (11)% in year to date 2022 compared to year to date 2021.

Product, subscription and support revenue decreased slightly by $0.01 million primarily due to the net effect of the Company’s transition from contracts that had material non-recurring elements which would not renew in full, replaced by revenues from contract forms that were designed to fully renew with legacy customers and signing new customers.

Professional services revenue decreased $2.5 million or (65)% in year to date 2022 compared to year to date 2021, primarily due to the completion of a national cybersecurity strategy engagement in EMEA, a key enterprise engagement, in fiscal 2021 and delays in professional services contract starts in year to date 2022 due to COVID-19. Professional services accounted for 7% of our total revenue in year to date 2022 and for 17% of our total revenue in year to date 2021.

Cost of revenue

Total cost of revenue increased by $1 million or 19%, in year to date 2022, compared to year to date 2021. Cost of product, subscription and support revenue increased by $2 million or 56%, in year to date 2022, compared to year to date 2021. The increase was due primarily to an increase in customer counts and related cloud hosting costs during year to date 2022 compared to year to date 2021.

Cost of professional service revenue decreased by $1 million or (61)% in year to date 2022, compared to year to date 2021. The decrease in cost of service revenue was primarily due to a decrease in overall professional services activity in year to date 2022 compared to year to date 2021.

Gross Profit and Gross Margin

Mix changes in cost of revenue resulted in a decrease in software gross margin to 70% in year to date 2022 compared to 80% in year to date 2021, and a decrease in professional services gross margin to 54% in year to date 2022 compared to 58% in year to date 2021. In year to date 2021 we onboarded several significant revenue customers which had not yet ramped their full cloud costs in period and finalized delivery of key significant service contract in EMEA. This had materially increased margin in the comparable period last year. Professional services margin will continue to be volatile contract to contract as we scale the business.

We expect that gross margins for the rest of fiscal 2022 will improve. Margins may remain volatile compared to fiscal 2021 due to the continuing presence of large contracts in our revenue mix.

The following tables show gross profit and gross margin, respectively, for software products and support revenue and professional services revenue for year to date 2022 as compared to year to date 2021.


	Nine Months Ended October 31,
	2021		2020		Change $			Change %
	($ in thousands)
Product, subscription and support gross profit	$	12.5	$	14.5	$	(2.0	)		(14	)%
Professional services profit		0.7		2.2		(1.5	)		(68	)%
Total gross profit	$	13.2	$	16.7	$	(3.5	)		(21	)%


	2021			2020			Change
Product, subscription and support margin		69.5	%		80.4	%		(10.9	)%
Professional services margin		53.5	%		57.8	%		(4.3	)%
Total gross margin		68.4	%		76.5	%		(8.1	)%

Operating expenses

Research and development

Research and development expenses increased by $22.6 million or 113%, in year to date 2022, compared to year to date 2021 primarily due to non-cash stock compensation expenses ($20.9 million) triggered by the modification of the restricted stock units and the ramping external costs to support product development. At 220% of total revenues in year to date 2022 compared to 91% in year to date 2021, we expect that our overall R&D expenditure rate as a percentage of revenues will decline in the future.

Sales and marketing

Sales and marketing cost increased by $48.8 million or 210% in year to date 2022, compared to year to date 2021, primarily due to non-cash stock compensation expense ($49.3 million) triggered by the modification of the restricted stock units. At 372% of total revenues in year to date 2022 compared to 107% in year to date 2021, we expect that our overall sales and marketing expenditure rates as a percentage of revenues will decline in the future.

General and administrative

General and administrative costs increased by $95.3 million when comparing year to date 2022 to year to date 2021, primarily due to stock compensation expense ($89.9 million) triggered by the modification of the restricted stock units and costs related to being public. Year to date 2022 general and administrative expenses were at 578% of total revenues compared to 76% in year to date 2021. We expect that our overall general and administrative expenditure rates as a percentage of revenues will decline in the future.

Other (expense) income, net

The net fluctuation of $1.2 million in Other (expense) income is largely the result of interest expense of $1.1 million related to the PPP loan and SVB Bridge loan. These debts and the interest were paid off at the date of the Merger.

Change in fair value of warrants liabilities

$11.3 million of non-cash expense was recognized due to the change in fair value of warrants liabilities.

Provision for income taxes

Comparison of Fiscal 2021 and Fiscal 2020

The following tables set forth our consolidated statements of operations in dollar amounts and as a percentage of total revenue for each period presented (dollars in millions):


	Year Ended January 31,
	2021					2020					2021 vs 2020
	(in millions)
Products, subscription and support revenue	$	24.7		85	%	$	19.8		85	%	$	4.9		25	%
Professional services revenue		4.5		15	%		3.4		15	%		1.1		32	%

Total revenue		29.2		100	%		23.2		100	%		6.0		26	%
Cost of product, subscription and support revenue		5.4		18	%		5.9		25	%		(0.5	)	-8	%
Cost of professional service revenue		1.6		5	%		0.7		3	%		0.9		129	%

Total cost of revenue		7.0		24	%		6.6		29	%		0.4		6	%

Gross profit		22.2		76	%		16.6		72	%		5.6		34	%

Operating expenses:
Research and development		25.8		88	%		26.6		115	%		(0.8	)	-3	%
Sales and marketing		30.4		104	%		17.9		77	%		12.5		70	%
General and administrative		21.3		73	%		20.5		88	%		0.8		4	%

Total operating expenses		77.5		265	%		65.0		280	%		12.5		19	%

Operating loss		(55.3	)	-189	%		(48.4	)	-209	%		(6.9	)	14	%
Other income, net		(0.0	)	0	%		0.5		2	%		(0.5	)	-100	%

Loss before provision for income taxes		(55.3	)	-189	%		(47.9	)	-206	%		(7.4	)	15	%
Provision for income taxes		(0.1	)	0	%		(0.0	)	0	%		(0.1	)	nm

Net loss	$	(55.4	)	-190	%	$	(47.9	)	-206	%	$	(7.5	)	16	%

Nm – not meaningful

Revenue

Total revenue increased by $6.0 million or 26% in fiscal 2021 compared to fiscal 2020. The increase was mostly due to disproportionally high growth as the APJ and EMEA regions came online with their sales teams, increasing the proportion of total revenues from those regions to 26% and 13% of the total revenues in fiscal 2021, respectively, up from 7% and 7%, respectively in fiscal 2020.

Software, subscription and support revenue accounted for 85% of our total revenue in both fiscal 2021 and fiscal 2020. Software, subscription and support revenue accounted for 85% of our total revenue in both fiscal 2021 and fiscal 2020. The cloud-based subscription revenue portion increased by $6.0 million or 154%, in fiscal 2021, from $3.9 million to $9.9 million and accounted for 40% of our total software revenue overall in fiscal 2021, up from 20% in fiscal 2020. The increase in subscription revenue was driven primarily by $4.0 million of revenue from three large contracts from new customers starting in fiscal 2021 and $2.4 million in increased revenue from contracts with existing customers who either upsold or had proceeded into their first full year of revenue recognition. These increases were offset in part by a net revenue decrease of $0.4 million from several smaller customers.

Professional services revenue accounted for 15% of our total revenue in both fiscal 2021 and fiscal 2020. The professional services revenue increased $1.1 million or 32% in fiscal 2021 compared to fiscal 2020, primarily due to a large, $1.5 million consulting contract with a new customer to advise a country in the EMEA region about strategies for protecting their nation. Though several professional services contracts reoccur on a regular basis, most are project specific and last less than a fiscal year.

Cost of revenue

Total cost of revenue increased by $0.4 million or 6%, in fiscal 2021, compared to fiscal 2020. Cost of software, subscription and support revenue decreased by $0.5 million or (8)%, in fiscal 2021, compared to fiscal 2020. The decrease was due primarily to more efficient purchasing of third-party computing costs and increased efficiency in providing software support to customers.

Cost of professional service revenue increased by $0.9 million in fiscal 2021, compared to fiscal 2020. The increase in cost of service revenue was primarily due to an increase in overall professional services activity in fiscal 2021 compared to fiscal 2020 combined with an increasing proportion of traditional services margin contracts in the mix, resulting in a decline in the overall services margin to 64%.

Gross Profit and Gross Margin

Favorable changes in the cost of revenue resulted in an increase in software gross margin to 78.1% in fiscal 2021 compared to 70.2% in fiscal 2020. We expect that gross margins for fiscal 2022 will continue to be above the fiscal 2020 level. However, margins may remain volatile compared to fiscal 2021 due to the continuing presence of large contracts in our revenue mix.

The following tables show gross profit and gross margin, respectively, for software products and support revenue and professional services revenue for fiscal 2021 as compared to fiscal 2020.


	Year Ended January 31,
	2021			2020			2021 vs 2020
	(in millions)
Software products margin	$	19.3		$	13.9		$	5.4		39	%
Professional services margin		2.9			2.6			0.3		12	%

Total Gross profit margin	$	22.2		$	16.5		$	5.7		35	%


	2021			2020			Change
Software products margin		78.1	%		70.2	%		7.9	%
Professional services margin		64.4	%		79.4	%		-15.0	%

Total Gross profit margin		76.0	%		71.6	%		4.4	%

Operating expenses

Research and development

Research and development expenses decreased by $0.8 million or (3%), in fiscal 2021, compared to fiscal 2020 as we reorganized our engineering departments towards our cloud-based and increasingly SaaS-delivered software offerings and paused net hiring as we completed that transition. At 88% of total revenues in fiscal year 2021 compared to 115% in fiscal 2020, we expect that our overall R&D expenditure rate as a percentage of revenues will continue to decline in the future.

Sales and marketing

Sales and marketing cost increased by $12.5 million or 70% in fiscal 2021, compared to fiscal 2020, primarily due to the continued build out of our sales force globally. We either expanded or initiated activity in Singapore, Japan, Australia, the United Kingdom and in the United Arab Emirates throughout fiscal 2020, resulting in a partial year impact to sale and marketing costs. Aside from the Customer Success teams that had become established by the beginning of fiscal year 2020, the remainder of that Sales and Marketing headcount, inclusive of sales support personnel ended fiscal 2020 with an average through the year of 41 full time equivalents. In comparison, for fiscal 2021, we had an average of 90 full time equivalents (a 120% increase compared to the prior year). At 104% of total revenues in fiscal 2021 compared to 77% in fiscal 2020, we expect that our overall sales and marketing expenditure rates as a percentage of revenues will begin to decline in the future.

General and administrative

General and administrative costs increased by $0.8 million or 4% in fiscal 2021, compared to fiscal 2020 primarily due to $1.5 million of one-time charges relating to our response to COVID-19 restrictions and our staffing shift towards our cloud deployment and support models. These one-time charges included the costs of ending or reducing existing office leases, and severance and extended health benefits for employees. Absent those charges, general and administrative costs would have declined by $0.6 million, or (3%). At 68% of total revenues in fiscal 2021 compared to 88% in fiscal 2020, excluding the one-time charges, we expect that our overall general and administrative expenditure rates as a percentage of revenues will continue to decline in the future.

Other income (expense), net

Other income, net decreased by $0.5 million in fiscal 2021, compared to fiscal 2020 primarily due to a reduction in interest income from investments.

Provision for income taxes

Liquidity and Capital Resources

Sources of Liquidity

We have incurred losses and negative cash flows from operations since inception and had accumulated deficits of $(400.8) million and ($168.8) million as of October 31, 2021 and 2020, respectively. Through October 31, 2021, we have funded our operations with proceeds from sales of our common stock and redeemable convertible preferred stock, proceeds related to public trust shares as part of the recapitalization, proceeds from PIPE Shares (as defined below), loans, and receipts from sales of our products and services to customers in the ordinary course of business and proceeds from the Reverse Recapitalization. As of October 31, 2021, we had cash and cash equivalents of $73.9 million.

At the effective date of the Merger, we repaid the outstanding principal and interests related to the PPP loan and SVB Bridge loan.

Long- Term Liquidity Requirements

Based on our growth plan, we believe that our cash on hand and collectable receivables, together with cash generated from sales of our products and services will satisfy our working capital and capital requirements for at least the next twelve months.

Our future capital requirements will depend on many factors, including, but not limited to the rate of our growth, our ability to attract and retain customers and their willingness and ability to pay for our products and services, and the timing and extent of spending to support our efforts to market and develop our products. Further, we may enter into future arrangements to acquire or invest in businesses, products, services, strategic partnerships, and technologies. As such, we may be required to seek additional equity or debt financing. In the event that additional financing is required from outside sources, we may not be able to raise it on terms acceptable to us or at all. If additional funds are not available to us on acceptable terms, or at all, our business, financial condition, and results of operations could be adversely affected.

Cash Flows

For Year to Date 2022 and Year to Date 2021

The following table summarizes our cash flows for the periods presented:


	Nine Months Ended October 31,
	2021			2020
	(in thousands)
Net cash used in operating activities	$	(59,095	)	$	(39,897	)
Net cash (used in) provided by investing activities	$	(2,156	)	$	1,057
Net cash provided by financing activities	$	103,381		$	49,707

Operating Activities

Net cash used in operating activities during year to date 2022 was $(59.1 million), which resulted from a net loss of $(225.8 million), primarily driven by the modification of the restricted stock units awards of $160.1 million and related non-cash expenses. There was also an increase in the fair value of warrants liabilities of $11.3 million and an increase in accrued expenses. This was offset by a decrease in deferred revenue of $3.9 million and a decrease in prepaid expenses and other current assets of $3.2 million.

Net cash used in operating activities during year to date 2021 was $(39.9 million), which resulted from a net loss of $(43.2 million) adjusted for noncash charges of $1.3 million. Non-cash charges primarily consisted of $0.9 million of depreciation and amortization expense. Cash used in operating activities during year to date 2021 benefited from the change in deferred revenue of $2.7 million, offset by a change in accounts receivable of $(1.0 million).

The overall increase in net cash used in operating activities by the Company in 2022 compared to 2021 was driven by an increase in cash operating expenses of approximately $6.6 million, primarily due to one-time expenses of preparing for and completing the Merger as well as the new recurring costs of operating as a public company, decreases in services revenue and increases in cost of sales totaling approximately $3.4 million as more customers analytics came more fully online, and, on the balance sheet, primarily a reduction in deferred revenue of $6.6 million attributable to higher than usual, multi-year cash prepayments received in 2021 compared to the current year.

Investing Activities

Net cash used in investing activities during year to date 2022 of $(2.2 million) was primarily due to $(2.1 million) in purchases of property and equipment.

Net cash provided by investing activities during year to date 2021 of $1.1 million was primarily due to net proceeds from sales and maturities of investments of $1.4 million offset by $(0.4 million) in purchases of property and equipment.

Financing Activities

Net cash provided by financing activities of $103.4 million during year to date 2022 was primarily due to gross proceeds from the Merger recapitalization of $13.3 million and issuance of PIPE Shares of $125.0 million and borrowing related to the SVB Bridge loan for $15.0 million, offset by payment of PPP loan and SVB Bridge loan of $5.6 million.

Net cash provided by financing activities of $49.7 million during year to date 2021 was primarily due to net proceeds from our issuance of common stock of $44.1 million and the net proceeds from the PPP loan of $5.6 million. The PPP loan was fully paid on August 26, 2021 as part of the Merger.

Comparison of Fiscal 2021 and Fiscal 2020

The following table summarizes our cash flows for the periods presented:


	Year Ended January 31,
	2021			2020
	(in millions)
Net cash used in operating activities	$	(42.7	)	$	(48.8	)
Net cash provided by investing activities	$	0.1		$	24.2
Net cash provided by financing activities	$	63.3		$	10.7

Operating Activities

Net cash used in operating activities during fiscal 2021 was $(42.7) million, which resulted from a net loss of $(55.4) million, primarily driven by growth-related operating expenses exceeding the gross profits from sales, adjusted for non-cash charges of $1.4 million and net cash inflows of $11.3 million from changes in operating assets and liabilities. Non-cash charges primarily consisted of $1.2 million of depreciation and amortization expense, $0.2 million in losses on the sale of fixed assets as the result of the closure of facilities, offset by a net credit in stock-based compensation expense due to increased forfeiture rates in fiscal 2021. Cash used in operating activities during fiscal 2021 benefited from the change in deferred revenue of $13.7 million, offset by a change in accounts receivable of $(3.4) million, which were the result of timing of new customer contracts.

Net cash used in operating activities during fiscal 2020 was $(48.8) million, which resulted from a net loss of $(47.9) million adjusted for non-cash charges of $1.2 million and net cash outflows of $(2.1) million from changes in operating assets and liabilities. Non-cash charges primarily consisted of $1.0 million of depreciation and amortization expense and stock-based compensation expense of $0.2 million. Cash used in operating activities during fiscal year 2020 was the result of spending on inventory in preparation of new customer contracts and changes in accounts payable.

Investing Activities

Net cash provided by investing activities during fiscal 2021 of $0.1 million was primarily due to $1.0 million in proceeds from the maturity of investments and $0.1 million in proceeds from the sale of property and equipment offset by $1.0 million in purchases of property and equipment.

Net cash provided by investing activities during fiscal 2020 of $24.2 million was primarily due to net proceeds from sales and maturities of investments of $25.2 million offset by $1.1 million in purchases of property and equipment.

Financing Activities

Net cash provided by financing activities of $63.3 million during fiscal 2021 was primarily due to net proceeds from our sale of Legacy IronNet Series B preferred stock of $57.4 million, the net proceeds from the PPP loan of $5.6 million and the issuance of common stock, including upon exercise of stock options by employees of $0.3 million.

Net cash provided by financing activities of $10.7 million during fiscal 2020 was primarily due to net proceeds from our sale of Legacy IronNet Series B preferred stock of $10.6 million and the issuance of common stock upon the exercise of stock options by employees of $0.1 million.

Contractual obligations

Our principal commitments consist of lease obligations for office space. For more information regarding our lease obligations, see Note 7, Commitments and Contingencies to the interim condensed consolidated financial statements. In addition, as described above, we received proceeds from a PPP loan resulting in debt on our balance sheet. We funded these obligations with cash flows from operations and existing cash.

During year to date 2022 and in future years, we have made and expect to continue to make additional investments in our product, scale our operations, and continue to enhance our security measures. We will continue to expand the use of software systems to scale with our overall growth.

Off-Balance sheet arrangements

As of October 31, 2021, we did not have any off-balance sheet arrangements.

Critical Accounting Policies and Estimates

Our financial statements are prepared in accordance with GAAP. The preparation of these financial statements require us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue and expenses, as well as related disclosures. We evaluate our estimates and assumptions on an ongoing basis. Our estimates are based on historical experience and various other assumptions that we believe to be reasonable under the circumstances. Our actual results could differ from these estimates.

The critical accounting policies, assumptions and judgements that we believe have the most significant impact on our consolidated financial statements are described below.

Revenue Recognition

Our revenues are derived from sales of software, subscriptions, support and maintenance, and other services. The Company satisfies performance obligations to recognize revenue for a single performance obligation ratably over the expected term with the customer.

Revenue is recognized when all of the following criteria are met:

•

Identification of the contract, or contracts, with a customer—A contract with a customer to account for exists when (i) we enter into an enforceable contract with a customer that defines each party’s rights regarding the goods or services to be transferred and identifies the payment terms related to these

goods or services, (ii) the contract has commercial substance and the parties are committed to perform, and (iii) we determine that collection of substantially all consideration to which we will be entitled in exchange for goods or services that will be transferred is probable based on the customer’s intent and ability to pay the promised consideration.

•

Identification of the performance obligations in the contract—Performance obligations promised in a contract are identified based on the goods or services that will be transferred to the customer that are both capable of being distinct, whereby the customer can benefit from the goods or service either on its own or together with other resources that are readily available from third parties or from us, and are distinct in the context of the contract, whereby the transfer of the goods or services is separately identifiable from other promises in the contract. To the extent a contract includes multiple promised goods or services, we apply judgment to determine whether promised goods or services are capable of being distinct and distinct in the context of the contract. If these criteria are not met the promised goods or services are accounted for as a combined performance obligation.

•

Determination of the transaction price—The transaction price is determined based on the consideration to which we will be entitled in exchange for transferring goods or services to the customer.

•

Allocation of the transaction price to the performance obligations in the contract—We allocate the transaction price to each performance obligation based on the amount of consideration expected to be received in exchange for transferring goods and services to the customer. If the contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation on a relative standalone selling price based on the observable selling price of our products and services.

•

Recognition of revenue when, or as, we satisfy performance obligations—We satisfy performance obligations either over time or at a point in time as discussed in further detail below. Revenue is recognized at or over the time the related performance obligation is satisfied by transferring a promised good or service to a customer.

Costs to Obtain or Fulfill a Contract

We capitalize incremental costs of obtaining a non-cancelable subscription and support revenue contract and on professional services revenue as contract acquisition costs. The capitalized amounts consist primarily of sales commissions paid to our direct sales force. The capitalized amounts are recoverable through future revenue streams under all non-cancelable customer contracts. Amortization of capitalized costs, which occurs on a straightline basis, is included in Sales and marketing expense in the accompanying consolidated statements of operations. Contract fulfillment costs include appliance hardware and installation costs that are essential in providing the future benefit of the solution, which are also capitalized. We amortize our contract fulfillment costs ratably over the contract term in a manner consistent with the related revenue recognition on that contract and are included in cost of revenue.

Stock-based Compensation

Stock compensation expense for incentive stock options (“ISOs”) is recognized on a straight line basis and with a provision for forfeitures matched to historical experience for matured grant cohorts. Stock compensation expense for RSUs is recognized on a graded basis matched to the length and vesting tranches for each grant. In the event that a RSU grant holder is terminated before the award is fully vested, the full amount of the unvested portion of the award will be recognized as a forfeiture in the period of termination.

We use the Black-Scholes pricing model to estimate the fair value of options on the date of grant. On August 26, 2021, the Board authorized that the liquidity event satisfaction for the restricted stock units will be deemed to have been met as a result of the merger and shares of common stock subject to the awards will be

delivered, in accordance with the terms of the restricted stock unit agreement. As a consequence, the Company recognized a non cash expense in the fiscal third quarter 2022 in an amount of $160.1 million related to 16,634,972 outstanding RSUs, 8,204,455 remain unvested as of October 31, 2021.

The use of a valuation model requires management to make certain assumptions with respect to selected model inputs. We grant stock options at exercise prices determined equal to the fair value of common stock on the date of the grant. The fair value of our common stock at each measurement date is based on a number of factors, including the results of third-party valuations, our historical financial performance, and observable arms-length sales of our capital stock including convertible preferred stock, and the prospects of a liquidity event, among other inputs. We estimate an expected forfeiture rate for stock options, which is factored into the determination of stock-based compensation expense. The volatility assumption is based on the historical and implied volatility of our peer group with similar business models. The risk-free interest rate is based on U.S. Treasury zero-coupon issues with a remaining term equal to the expected life assumed at the date of grant. The dividend yield percentage is zero because we do not currently pay dividends nor do we intend to do so in the future.

These estimates involve inherent uncertainties and the use of different assumptions may have resulted in stock-based compensation expense that was different from the amounts recorded.

Internal Control Over Financial Reporting

A company’s internal control over financial reporting is a process designed by, or under the supervision of, that company’s principal executive and principal financial officers, or persons performing similar functions, and influenced by that company’s board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements in accordance with generally accepted accounting principles. Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with policies or procedures may deteriorate.

Prior to the Merger, Legacy IronNet was a private company and historically had limited accounting and financial reporting personnel and other resources with which to address our internal control over financial reporting. In connection with the preparation and audit of our consolidated financial statements for the year ended January 31, 2021, we identified material weaknesses in our internal control over financial reporting. A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of our annual or interim financial statements will not be prevented or detected on a timely basis.

We did not have a sufficient number of personnel with an appropriate degree of accounting and internal controls knowledge, experience, and training to appropriately analyze, record and disclose accounting matters commensurate with our accounting and reporting requirements, which resulted in an inability to consistently establish appropriate authorities and responsibilities in pursuit of their financial reporting objectives. This material weakness contributed to the following additional material weaknesses:

•

We did not design and maintain effective controls over the review of journal entries and account reconciliations. Specifically, certain personnel have the ability to both (i) create and post journal entries within our general ledger system, and (ii) prepare and review account reconciliations.

•

We did not design and maintain effective controls over information technology general controls for information systems that are relevant to the preparation of our financial statements. Specifically, we did not design and maintain: (i) program change management controls for the financial systems to ensure that information technology program and data changes affecting financial IT applications and underlying accounting records are identified, tested, authorized and implemented appropriately;

(ii) appropriate user access controls to ensure appropriate segregation of duties and that adequately restrict user and privileged access to financial applications, programs and data to appropriate Company personnel; (iii) computer operations controls to ensure data backups are authorized and restorations monitored; and (iv) testing and approval controls for program development to ensure that new software development is aligned with business and IT requirements.

With the oversight of senior management, we have instituted plans to remediate these material weaknesses and have committed significant effort and resources to the remediation and improvement of our internal control over financial reporting. These remediation measures are ongoing and include hiring additional key supporting accounting personnel with public company reporting and accounting operations experience. We are also implementing the required segregation of roles and duties both in manual and systems related processes including for journal entries and account reconciliation, and formalizing the documentation and performance of remaining information technology general controls for information systems utilized for financial reporting. We believe the measures described above will remediate the material weakness identified and strengthen our internal control over financial reporting. We are committed to continuing to improve our internal control processes and will continue to diligently and vigorously review our financial reporting controls and procedures.

Quantitative and Qualitative Disclosures about Market Risk

We have operations in the United States and internationally, and we are exposed to market risk in the ordinary course of our business.

Foreign Currency Risk

The significant majority of our sales contracts are denominated in U.S. dollars, with a small number of contracts denominated in foreign currencies. A portion of our operating expenses are incurred outside the United States, denominated in foreign currencies and subject to fluctuations due to changes in foreign currency exchange rates, particularly changes in the Singapore Dollar, British Pound, Japanese Yen and Australian Dollar. Additionally, fluctuations in foreign currency exchange rates may cause us to recognize transaction gains and losses in our consolidated statements of operations. The effect of a hypothetical 10% change in foreign currency exchange rates applicable to our business would not have a material impact on our historical consolidated financial statements for year to date 2022 or fiscal year 2021. As the impact of foreign currency exchange rates has not been material to our historical operating results, we have not entered into derivative or hedging transactions, but we may do so in the future if our exposure to foreign currency becomes more significant.

Emerging Growth Company (“EGC”) and Smaller Reporting Company (“SRC”) Status

We are an emerging growth company, as defined in the JOBS Act. Under the JOBS Act, EGCs can delay adopting new or revised accounting standards issued subsequent to the enactment of the JOBS Act until those standards apply to private companies. We have elected to use this extended transition period for complying with certain new or revised accounting standards that have different effective dates for public and private companies until the earlier of the date we (i) are no longer an EGC or (ii) affirmatively and irrevocably opt out of the extended transition period provided in the JOBS Act. As a result, our consolidated financial statements may or may not be comparable to companies that comply with new or revised accounting pronouncements as of public companies’ effective dates.

We are also a smaller reporting company as defined by Rule 12b-2 of the Exchange Act. We may continue to be an SRC even after we are no longer an EGC. We may take advantage of certain of the scaled disclosures

available to SRCs and will be able to take advantage of these scaled disclosures for so long as the market value of our common stock held by non-affiliates is less than $250.0 million measured on the last business day of our second fiscal quarter, or our annual revenue is less than $100.0 million during the most recently completed fiscal year and the market value of our common stock held by non-affiliates is less than $700.0 million measured on the last business day of our second fiscal quarter.

If we are an SRC at the time we cease to be an EGC, we may continue to rely on exemptions from certain disclosure requirements that are available to SRCs. Specifically, as an SRC, we may choose to present only the two most recent fiscal years of audited financial statements in our Annual Report on Form 10-K and, similar to EGCs, SRCs have reduced disclosure obligations regarding executive compensation.

BUSINESS

Overview

We are transforming cybersecurity through Collective Defense using our behavioral analytics technology.

We compete in the Network Detection and Response (“NDR”) category, which is a growing aspect of modern enterprise security, but which does include major competitors. Our value proposition and competitive differentiator is our collective defense concept. The founder of Legacy IronNet and our Co-CEO, GEN Keith B. Alexander (Ret.), serves as a valuable business development resource for establishing relationships with larger enterprise and government buyers. The significant majority of our current revenue comes from our IronDome and IronDefense products. IronDefense is an NDR cybersecurity product that uses artificial intelligence (“AI”), machine learning (“ML”), behavioral analytics, and operational tradecraft expertise to quickly identify specific network behaviors or events indicative of malicious threats. Enriched by our cyber tradecraft knowledge, alerts produced by our company help analysts quickly contextualize and prioritize threats that pose the greatest risks. By doing this we are able to provide clients, across a variety of industries, nation-state-level defensive capabilities to reduce cyber risk.

The Cyberspace Solarium Commission suggests the importance of this service in the following statement in its March 2020 report:

“The reality is that we are dangerously insecure in cyber. Your entire life—your paycheck, your health care, your electricity—increasingly relies on networks of digital devices that store, process and analyze data. These networks are vulnerable, if not already compromised. Our country has lost hundreds of billions of dollars to nation-state sponsored intellectual property theft using cyber espionage.”

We are a metric-driven organization with a differentiated and potentially transformational approach to the cybersecurity problem facing every organization today. With an ever-increasing cybersecurity threat posed by advanced persistent threat (“APT”) actors, a team of experts assembled by GEN Alexander, the longest serving Director of the National Security Agency (“NSA”) and Commander of Cyber Command in U.S. history, can help solve this problem. It takes knowledge of how APTs operate and their tactics, techniques and procedures in order to defeat them; few individuals and even fewer companies have that knowledge or capability. Our differentiated market offering called IronDome offers users a collective defense model to help mitigate threats posed by an APT enhanced by its IronDefense platform, offering our clients new protections against an APT with its technology.

According to a report commissioned by LGL to 5by5 Cyber Consulting, the question, “Does IronNet have reasonable defensive measures in place across people, processes and technology?” concluded that we have invested a lot of time and effort into our security architecture, have obtained an impressive array of certifications and have undergone extensive audits and testing to ensure we are meeting industry standards. We have highly skilled people in critical security roles and mature processes in place for crucial areas like change management, data protection and software development. We also have a robust technology stack to defend our network and skilled analysts to operate them. We take training seriously and require annual training for all members of the organization on information security and have a defined training track for our security analysts. While this is not a guarantee a company will not have a security breach, 5by5 concluded that we have taken reasonable precautions to protect against it.

Cyber Landscape Overview

“Cybersecurity is one of the most systemically important issues facing the world today. Cyber information sharing is critical to helping better collective security in the digital ecosystem in which society increasingly relies.”

—World Economic Forum

From an independent assessment of our platform performed by TAG Cyber, it is clear that cyber security has advanced from a niche technical concern to a mainstream consideration for organizations of all sizes and in all sectors. Security protection concerns are most intense where safety or life-critical consequences might arise in response to a cyber threat. Power companies, financial services firms, telecommunications companies, military organizations, and government agencies thus have the greatest need for security protection, and now make considerable investments in cyber.

The primary security challenge in modern organizations is the complexity that has evolved in the typical business or government entity. Applications, networks, systems, endpoints, and data have experienced considerable sprawl as the costs associated with computing have decreased significantly. This is especially true for cloud-based infrastructure and SaaS-based applications, where cheap ubiquitous services are now available on-demand and for nearly every purpose imaginable.

Modern organizations must therefore develop security protections that address such growth, often delivered in the context of digital transformation initiatives. An additional complication is that hackers have been augmented by determined, capable adversaries, often funded or otherwise backed by criminal groups or nation- states. Serious consideration must thus be given to the types of protections that are necessary to defend against the threat from such capable threat actors.

An additional dimension is that the velocity associated with computing infrastructure and their associated threats has accelerated. Agile DevOps processes generate new features at increasing rates, sometimes hourly for popular services, and hackers use automated platforms to bombard targeted infrastructure with alarming intensity. Security engineers thus require controls that are automated and that address this challenge of increased speed. Manually controlled point solutions no longer stop threats.

A further complication is the massive and increasing scale associated with the types of systems operated by larger enterprise teams. Large-scale IT and network systems remove the ability for organizations to rely on manual maintenance, fixed configurations, and simple asset management. Furthermore, the visibility of assets that might be well-known by smaller organizations can only be approximated in large scale settings. This greatly complicates the challenge of delivering security in a large-scale setting.

In response to these challenges, modern Chief Information Security Officers (“CISOs”) put considerable time and effort into designing and implementing a workable security architecture. Individual CISO-led teams—even if they focus their efforts – have come to recognize that they cannot address the cyber challenge on their own. It is well-understood in the cybersecurity community that enterprise security teams need considerable external assistance, coordination and cooperative guidance.

Some of this assistance is obvious: Businesses rarely develop their own security tools, but rather buy from vendors or adjust open-source tools. Similarly, information sharing groups have emerged to support cooperative discussions between experts. It is therefore not controversial to suggest that business and agencies need to work together to address cyber threats. The big question, instead, is how this objective can be best achieved. This is one of the challenges addressed by IronNet.

Background of IronNet

We are a global cybersecurity company revolutionizing how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing a number of former National Security Agency (“NSA”) cybersecurity operators with offensive and defensive cyber experience, we integrate deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing the world today.

GEN Alexander founded Legacy IronNet in 2014 to solve the major cybersecurity problem he witnessed and defined during his tenure as former head of the NSA and founding Commander of U.S. Cyber Command: You can’t defend against threats you can’t see. Our innovative approach provides the ability for groups of organizations—within an industry sector, supply chain, state or country, for example—to see, detect and defend against sophisticated cyber attacks earlier and faster than ever before.

Understanding Collective Cyber Defense

Ideally the U.S. Government could defend the nation against cyberattacks similar to what was developed for the Intercontinental Ballistic Missile (“ICBM”) missile threat. Unfortunately, the ability to enact such a defense would likely require limiting personal freedoms on the internet that Americans currently enjoy. Legislation limiting personal freedoms would likely be challenging to pass and thus the probability of that happening in the near future is low. The Cyberspace Solarium Commission report submitted in July 2020 contains over 80 recommendations to address the issue of cybersecurity, with one of them being “Reshaping the Cyber Ecosystem.” That report states:

“Raising the baseline level of security across the cyber ecosystem—the people, processes, data, and technology that constitute and depend on cyberspace—will constrain and limit adversaries’ activities. Over time this will reduce the frequency, scope, and scale of their cyber operations. Because the vast majority of this ecosystem is owned and operated by the private sector, scaling up security means partnering with the private sector and adjusting incentives to produce positive outcomes.”

Our collective defense model, IronDome, is a means for the private sector to “raise the baseline” level of security by partnering amongst themselves to “produce positive outcome.” This overwatch function is a differentiator for our portfolio of offerings, making us one of the few companies that has the ways, ends and means to enact this transformational concept due to the technical capabilities required to ensure its success.

To properly understand our platform and solution approach, it is best to begin with an outline of how collective defense can reduce cyber risk for larger organizations. This approach benefits from many years of organizations beginning to share data through various groups such as Information Sharing and Analysis Organizations (“ISAO”). We are the first major commercial vendor to offer an end-to-end means to take full advantage of the collective concept.

Toward a Collective Cyber Defense

Businesses and agencies will only cooperate on collective cybersecurity initiatives if they see meaningful benefits with low associated risk. Admittedly, this is how almost all business decisions are made, but large-scale

cybersecurity introduces an added benefit for collective defense—namely, that cyber protection schemes work much better when they involve a wider range of intelligence, visibility, and security coverage. Working together in cybersecurity thus introduces clear benefits for participants.

Nevertheless, cooperation between businesses, agencies, and other groups must address two ends of the spectrum: upside benefits and downside risks for each of the entities and groups involved. In both instances, the case can be made that, for large-scale infrastructure, both benefits and risks can cascade, perhaps even accelerating as lateral traversal of an attack occurs. That is, threats to someone else’s system, however remote, might cascade across networks and systems.

Within a large organization, collective protection across business units can have comparable benefit, particularly in companies that evolved through mergers and acquisitions, where a collective defense can help to bring together disparate data sources, defensive perspectives, and protection platforms into a common defense. Such intra-enablement within a large organization is a major focus area for IronNet.

The primary benefits of a collective defense for large-scale cyber defense, whether stretched across a sector, combined between multiple organizations, or combined across the business units of one company, include the following:

Early Warning System—An organization can develop a more effective early warning system if other groups share their indicators in real-time. Not engaging in such sharing limits the ability of a local team to capitalize on early warning that a cascading attack might be underway.

Broader Visibility—By working together with other groups, the local security team benefits from broader visibility, including an improved understanding of how local enterprise changes (e.g., DNS- related) might cascade to other targets.

Strength in Numbers—The fact that cooperation increases visibility into a cyber threat means that organizations who cooperate with external groups are able to leverage strength-in-numbers and thereby provide better security support.

The corresponding risks that must be managed in the development of any large-scale cooperative arrangement for cybersecurity include the following:

Privacy of Shared Data—The possibility emerges that sharing information with a cooperative might result in leaked data or a serious privacy incident. For highly regulated industries, sharing with government may also expose businesses to some regulatory risk (although this is partially mitigated by certain provisions of the Cybersecurity Information Security Act of 2014 (“CISA”)) if the data is not properly anonymized or otherwise does not comply with legal requirements. Controls must be in place to ensure that cooperating teams are not exposed to this risk.

Attribution of Incidents—Public attribution of an embarrassing or problematic cybersecurity incident to a sharing entity may reduce (or even remove) the willingness of that organization (and others) to share further information about something that might reflect poorly on their own actions. This is less an issue for collective defenses implemented across the business units of one organization.

Competitive Relationship—The risk of one company directly assisting its competitor through participation in a collective defense scheme (e.g., AT&T assisting Verizon, or General Motors assisting Toyota) cannot be ignored. The legal and marketing teams from participating organizations would be wise to adopt the airline and energy industry’s observations that a mutual focus on safety helps every participant.

The benefits and risks of cooperation for large-scale cybersecurity across heterogenous groups must be carefully balanced in setting up a collective defense. Too often, collectives are developed that leave participants wondering

what’s in it for them, and how potential problems might be avoided. One main value proposition from IronNet is that cooperative cybersecurity will work best when such concerns are carefully curated by a trusted provider with a world-class platform.

Role of Government in Collective Defense

One challenge federal governments have in supporting collective cyber defense is that most large businesses are multi-national. This suggests that while national allegiance might be easily identified (e.g., Verizon is American, Huawei is Chinese), such allegiance must address the interests of the company’s shareholders. This emphasis is often misunderstood by government agencies who are focused exclusively on national interests.

Federal governments also have the additional role to regulate and sometimes punish organizations not meeting their security requirements. This obligation complicates government cooperation with business on cybersecurity, at least to the extent that governments are permitted to regulate based on voluntarily shared information. Organizations would thus be hesitant to share information with a cooperative involving government if the reported incident might lead to regulatory investigation.

The biggest challenge, however, is that the majority of critical infrastructure is owned and operated by the private sector. This implies that security telemetry, indicators, and early warnings will come from the private sector, even for many military applications and defensive government activities. This fact is often not understood by citizens and politicians who may demand that government step in and fix large-scale cybersecurity threats. This is usually just not practically feasible.

Government must work hard to share the information it uniquely controls, such as classified indicators that might be downgraded for sharing externally or be shared in a more limited context to defend critical infrastructure. Businesses must also recognize that their obligations extend beyond just the shareholder. This recognition that cooperative sharing is in the best interests of the organization and society in general is an important driver behind our platform offering.

Overview of our Platform Offering

The Collective Defense platform comprises two flagship products:

IronDefense is an advanced NDR solution that uses AI-driven behavioral analytics to detect and prioritize anomalous activity inside individual enterprises. We leverage advanced Artificial Intelligence/Machine-Learning (“AI/ML”) algorithms to detect previously unknown threats that have not been identified and “fingerprinted” by industry researchers), in addition to screening any known threats, and applies its Expert System to prioritize the severity of the behaviors—all at machine speed and cloud scale.

IronDome is a threat-sharing solution that facilitates a crowdsource-like environment in which the IronDefense threat detections from an individual company are shared among members of a Collective Defense community, consisting of our customers who have elected to permit their information to be anonymously shared and cross-correlated by our IronDome systems. IronDome analyzes threat detections across the community to identify broad attack patterns and provides anonymized intelligence back to all community members in real time, giving all members early insight into potential incoming attacks. Automated sharing across the Collective Defense community enables faster detection of attacks at earlier stages.

Our Collective Defense platform is designed to deliver strong network effects. Every customer contributing its threat data (anonymously) into the community is able to reap benefits from the shared intelligence of the other organizations. The collaborative aspect of Collective Defense, and the resulting prioritization of alerts based on their potential severity, helps address the known problem of “alert fatigue” that plagues overwhelmed security analysts.

The Collective Defense platform is available for on-premise, cloud (public or private), and hybrid environments, and is scalable to include small-to-medium businesses and public-sector agencies as well as multinational corporations. We provide professional cybersecurity services such as incident response and threat hunting, as well as programs to help customers assess cybersecurity governance, maturity, and readiness. Our CS services are designed to create shared long-term success measures with its customers, differentiating it from other cybersecurity vendors by working alongside customers as partners and offering consultative and service capabilities beyond implementation.

The Collective Defense platform is available via a subscription-based pricing and flexible delivery model, with options available for major public cloud providers such as Amazon Web Services and Microsoft Azure; private cloud, or Hyper Converged Infrastructure (“HCI”) such as Nutanix; and on-premise environments through hardware and virtual options. To make it as easy as possible for customers to add Collective Defense into their existing security stack, IronNet built a rich set of Application Programming Interfaces (“APIs”) that enable integrations with standard security products, including security information and event management (“SIEM”); security orchestration, automation, and response (“SOAR”); endpoint detection and response (“EDR”); next- generation firewall (“NGFW”) tools; and cloud-native logs from the major public cloud providers.

We describe out go-to-market strategy as “land and expand with network effects.” Our approach is to initially secure influential “cornerstone” customers and then expand into their respective Collective Defense communities with additional “community members” from organizations of similar industry sector, state, country, supply chain, or tailored business ecosystem. As each Collective Defense community grows, so does the volume of shared data, and the value of our platform for each of those members thereby expands both technically and commercially.

We sell into both public and private organizations and the business ecosystems that support them. We have identified tens of thousands of prospective cornerstone customers and more than 100,000 potential community customers.

Some of the world’s largest enterprises, government organizations, high-profile brands, and governments trust us to protect their networks. Our customers include a top global hedge fund, eight of the top 10 U.S. energy companies (based on revenue), a leading Asian mobile phone carrier, two U.S. Department of Defense (“DoD”) branches, a mid-sized bank in the EMEA region, four U.S. state agencies, U.K. and Singapore government entities, and a large global holding company.

We began targeting large enterprises and Fortune 500 companies, but the flexibility and scalability of our cloud-native platform and enhanced go-to-market approach enabled us to expand its customer base to smaller companies as well. We have been recognized in the cybersecurity industry by independent third-party analysts, including Gartner, Forrester, IDC, 451 Research Group, and Omdia, who has called our analytics a “potential game changer” in a June 2020 report. In January 2021, the global insurance brokerage Marsh named the Collective Defense platform as one of its industry-recognized Cyber Catalyst solutions. In August 2020, we announced that we had achieved “FedRAMP-ready” for Agency Authorization status, as approved by the Federal Risk and Authorization Management Program (“FedRAMP”).

Industry Background

Cybersecurity trends

There are a number of key trends driving the need for a new approach to cybersecurity.

Increased velocity of sophisticated attacks

Increasingly, adversaries are well-trained, possess significant technological and human resources, and are highly deliberate and targeted in their attacks. Adversaries today range from militaries and intelligence services of well-

funded nation-states, to sophisticated criminal organizations motivated by financial gains, to hackers leveraging readily available advanced techniques. The broad availability and rapid evolution of cyber attack toolkits and use of regional cloud infrastructure or compromised servers to launch attacks make it nearly impossible for security teams to keep up with cyber threats. Given sufficient amount of time and resources, a determined adversary will have the ability to breach current cyber defenses of almost any enterprise, organization, or government.

Rear-facing and insufficient tools

Gartner, an industry research firm, estimates that worldwide spending on global information security will be $186.2 billion by 2024, up from $124.2 billion in 2018. Even with increased cybersecurity spending, however, security outcomes have not substantially improved. The recent widespread SolarWinds/SUNBURST cyberattack is just one example of how a sophisticated adversary can thoroughly permeate an industry, geography or supply chain. The lack of equally sophisticated threat intelligence sharing allowed this hack to penetrate networks more deeply, and for much longer. The evolving threat landscape has rendered traditional defense approaches incapable of protecting organizations against next-generation threats.

The current generation of security products focuses on signature-based approaches that often have limited ability to collect, process, and analyze vast amounts of data—attributes that are required to be effective in today’s increasingly dynamic threat landscape. This includes traditional and next-generation firewalls, Intrusion Detection and Prevention Systems (“IDPS”), SIEMs, and other similar tools that are designed to manage policies for network traffic and rely on rear-facing threat intelligence indicators of compromise (“IoCs”) based on IP, domains, file hashes and other signature-based intelligence from known threats. They are not fundamentally designed to detect advanced, never-before-seen, “unknown unknown” cyber threats in a timely and scalable fashion.

The borderless enterprise where the network is no longer the perimeter

Cloud, IoT and SaaS applications have expanded the attack surface and cyber vulnerabilities. According to a Gartner press release dated May 13, 2020, Gartner reports that, while some cloud transformation projects may have put on hold during the COVID-19 pandemic, it expects overall cloud spending levels previously estimated for 2023 and 2024 to show up as early as 2022. The ongoing COVID-19 pandemic has only accelerated this

trend, with one survey by PricewaterhouseCoopers LLP reporting that 83% of executives believed the shift to remote work had been successful and that 79% of executives would no longer require a traditional five-day onsite work week. Furthermore, IDC, an industry research firm, estimates that by 2025 there will be 55.7 billion connected devices worldwide. The reality of the borderless enterprise will fundamentally change network cyber defenses from a centralized command and control defensive strategy using traditional on-premise blocking infrastructure to a distributed detect and respond strategy that fuses different sources of telemetry data across network, endpoints, and logs into actionable intelligence using large-scale behavioral analysis for security teams to take action.

Scarcity of qualified human capital

Even with the most sophisticated AI-based cyber technology in place, the human element of cybersecurity investigation, triage, and research plays an important role in risk reduction. As the Collective Defense platform is detecting and prioritizing anomalies, the analysts and threat hunters are ultimately deciding which alerts to triage, investigate, and manage through to response and mitigation. Organizations are consistently under-resourced in this area, however, as the ratio of the volume of network traffic versus the number of cybersecurity specialists to analyze that traffic is severely lopsided, resulting in Security Operations Center (“SOC”) staff overwhelm and burnout. A July 2020 report by the Information Systems Security Association states that 70 percent of its members believe that their organization has been impacted by the global cybersecurity skills shortage. The number of unfilled cybersecurity positions has already surpassed four million worldwide.

Cloud impact on enterprise cyber defenses

As digital transformation has accelerated in all industries, traditional security controls implemented on the company’s on-premise network are often no longer available and often must operate differently for the outsourcing of IT infrastructure and operations to the public cloud provider. While the cloud is designed to make business easier, Management and Security Operations are different from traditional on-premise security, as the teams do not have access to the underlying networks or logs, and therefore have limited visibility of cloud infrastructure. The major cloud providers have introduced logging and basic detection using signature-based detection strategies, but these require additional third-party or custom capabilities to provide sufficient defenses. Security vendors have attempted to fill the security gaps by introducing new products for the cloud based on existing on-premise technologies, but these are often cloud bolt-ons that provide limited detection and visibility for cloud environments and are complex to deploy, difficult to scale, brittle to maintain, and costly to own.

Limitations of existing products

Existing detection and threat sharing methods have a number of limitations, including:

Legacy signature-based products

Signature-based products are designed to detect known attacks using a repository of previously identified indicators of compromise, but are not capable of detecting or responding to unknown threats. Used by network security, endpoint security, SIEMs and other standard defense-in-depth cybersecurity solutions as a core detection method, these signature-based detections have resulted in many significant breaches due to the failure of legacy defenses to detect a previously unknown or modified version of a previously known attack. While current technologies remain an essential part of the SOC Visibility Triad, a network-centric approach to threat detection and response described by Gartner in 2019, they miss a large swath of dangerous threats that evade detection, as evidenced by the major SolarWinds/SUNBURST supply chain and Microsoft Exchange server attacks widely reported in the news media in 2020 and 2021.

Log and event management products

SIEMs and similar log management products are designed for compliance, reporting, and security incident management purposes, but they struggle with the scale and processing required to deliver the behavioral-analysis capabilities across current and historical data to detect new or modified versions of known threats. While these systems provide useful correlation capabilities, security operation teams are increasingly leveraging these systems for central aggregation points for workflow, ticketing, and case management, rather than for detection.

First generation network-based behavioral analysis products

First generation network-based behavioral analysis products provide a basic level of outlier detection using Bayesian analysis or other statistical methods to identify obvious patterns in small networks. Often marketed as artificial intelligence (“AI”) solutions, these solutions lack the scale, correlation, or analysis capabilities needed to detect threats hiding in plain sight within networks commonly seen at mid-sized or larger enterprises with thousands of devices, hundreds of applications, multiple physical sites, and multi-cloud architectures.

Infrastructure monitoring/network performance monitoring and diagnostic-based products

Traditional network infrastructure providers offer infrastructure monitoring products designed to identify network bottlenecks and other network reliability or performance issues. Increasingly, these vendors have added bolt-on cybersecurity capabilities that can provide security teams’ networks with asset discovery and some network visibility, but they struggle with the algorithmic analysis needed to detect new and unknown threats with high fidelity or the forensic capabilities required by security operations team to investigate, triage, and respond to an identified network anomaly.

Threat intelligence sharing products

Threat intelligence products are designed to share massive amounts of non-specific signature-based IoCs that commonly focus on IP addresses and domains of known threats and often only after a substantial period of time by the contributing organization. The lack of timeliness or specificity to an enterprise severely limits the effectiveness of the shared information from a cyber defense perspective. By the time this information is shared, usually weeks or months after an attack, a sophisticated attacker only needs to slightly modify their methods by changing their attack infrastructure to enable them to bypass cyber defenses of their targeted enterprises, industries, or nations.

Information Sharing and Analysis Centers (“ISACs”) and other threat sharing groups

Threat sharing groups emerged more than 20 years ago as a way for security teams to work together to collect, analyze, and share actionable threat information within their members communities. We believe this is a substantial step in the right direction; however, threat sharing in these groups relies largely on signature-centric threat intelligence platforms that struggle with timeliness and specificity of their intelligence or ad hoc manual forms of communication, such as email and only with a subset of security defenders with whom an analyst has a personal relationship. ISACs and similar groups are the right organizations, but they need technological solutions that enable them to share contextual, relevant, and timely information in real time across the full community.

Creating a new market segment: Collective Defense

“The U.S. government and industry must arrive at a new social contract of shared responsibility to secure the nation in cyberspace. This ‘collective defense’ in cyberspace requires that the public and private sectors work from a place of truly shared situational awareness and that each leverages its unique comparative advantages for the common defense.”

—U.S. Cyberspace Solarium Commission Report, March 2020

We are creating a new market category with Collective Defense. With its Collective Defense platform, we developed the first and, to its knowledge, the only solution that can identify and rate anomalous behaviors on the network and share this anonymized threat intelligence among Collective Defense community members (who may comprise a supply chain, state, or country) as an early-warning system for all.

The power of Collective Defense is that multiple companies can essentially work as a team to detect and defend against attackers early in the network threat intrusion cycle. This differentiated approach allows customers to:

Gain real-time visibility across the threat landscape

Our Collective Defense platform leverages proven behavioral analytics, machine learning (“ML”), and AI techniques across anonymized participant data to identify stealthy, sophisticated threats that otherwise may be missed by an individual enterprise and signature-based tools. The platform has been designed to deliver real-time visibility of cyber threats targeting supply chains, industries, regions, or any custom IronDome Collective Defense grouping.

Reduce impact of cyber attacks with help from fellow cyber defenders

The Collective Defense ecosystem acts as a collaboration hub to enable participants to automatically share real-time detections, triage outcomes, threat indicators, and other insights with members of their Collective Defense group. When suspicious behaviors are identified by any member, IronDome automatically shares a proactive warning to all members at machine speed so each member can prioritize their defense against the identified cyber threat.

Improve effectiveness of existing cybersecurity investments

Threat intelligence is valuable, actionable, and relevant only when received in time, before a threat enters a network. Our innovative collective threat intelligence provides immediate alerts at machine speed and context into urgent threats, enabling organizations to prioritize threats and build a proactive defense. This information can be used by a customer’s existing network, endpoint, or other security tools to identify and stop adversaries from retargeting their attack.

The following diagram depicts several differences between legacy approaches and our new approach:

LOGO

Our Solution: The Collective Defense Platform

The Collective Defense platform comprises two tightly integrated proprietary technologies: Our NDR solution, IronDefense, and our innovative collective threat-sharing solution, IronDome.

Our Collective Defense platform offers a unified set of technologies that powers a wide range of network behavioral detection, security operations, real-time threat landscape visibility, threat sharing, and peer SOC-analyst collaboration capabilities. We can rapidly and cost effectively deploy in our customer’s public cloud, private cloud, and on-premise infrastructure using our flexible deployment options. Our expanding set of open APIs and ecosystem integrations enable us to add new sources of data for behavioral analysis and Collective Defense sharing and collaboration to detect and stop targeted cyber attacks.

Armed with elite detection capabilities and combined offensive operator experience at the highest level of the U.S. government, our founders set out to build a behavioral analytics solution to detect threats heading toward, or already in, the network. A growing portfolio of proprietary analytics forms the backbone of IronDefense.

However, while effective in detecting unknown anomalies, behavioral analytics by itself is insufficient in modern, noisy networks where anomalies are common and can lead to a high number of false positives. For many NDR vendors in the industry, the solution is to tune their analytics to be less sensitive in order to deliver reduced false-positive rates at the expense of letting true positives into the network. We undertook a different strategy to meet this challenge. We introduced our expert system scoring algorithms, supported by our elite cyber hunters, to increase its detection specificity while preserving the sensitivity of its analytics in IronDefense.

We introduced IronDome in 2018. Powered by IronDefense’s threat detections, IronDome is the foundation of our Collective Defense platform, a purpose-built, cloud-native, and holistic platform that is capable of defending, analyzing, and correlating threats from various sources. It delivers timely, actionable, and contextual insights to attacks targeting an enterprise and, from there, is able to provide early warning to all members of the Collective Defense ecosystem.

The differentiated value of our Collective Defense platform is its ability to build a dynamic, comprehensive picture of the threat environment, much like radar for cyberspace, based on real-time, anonymized alert correlation across any participating member environments. It also provides situational context and peer insights for greater visibility and context of the threat landscape at any given time.

The following diagram depicts threat detections on our Collective Defense platform during 2020:

LOGO

Notes:

Represents full-year data for calendar year 2020 except for cumulative number.

Correlated alerts for threat detection earlier in the intrusion cycle

We are not aware of any other vendor in the market with a similar approach to cybersecurity. Even though community members bring disparate network environments, such as cloud, on-premise or hybrid, to the Collective Defense ecosystem, correlated threats stand out given that the adversarial behaviors are typically consistent, no matter who the target is, as was the case with the SolarWinds/SUNBURST attack.

The Collective Defense platform comprises two flagship products:

IronDefense

IronDefense is an advanced NDR solution that provides behavior-based and AI-driven analytics at the network level to detect anomalous activity at individual enterprises and prioritize the highest threats in a company’s

network. We leverage a novel AI/ML algorithms to deliver high-fidelity analytics required to detect previously unknown threats. In addition, we provide advanced enrichment techniques via IronDefense’s Expert System, which has been designed to achieve high efficacy levels, low false positive rates, and improved visibility compared to legacy approaches. This is all done at network speed and cloud scale.

The following picture shows a representative credential phishing detection in IronDefense.

LOGO

Most current cybersecurity tools focus on detecting the final “action-on-target” step of an intrusion. At this stage, identification is easier but the insights come far too late to stop attackers from getting into positions in the network to exfiltrate data, steal IP, or accomplish other malicious objectives. IronDefense uses advanced analytics based on metadata from the traffic in the customer’s network to identify anomalous activity earlier in the intrusion kill chain.

Key components of IronDefense include:

IronDefense behavioral analysis engine

IronDefense leverages behavioral-based detections to identify threats targeting industries and companies earlier in the intrusion cycle, and to identify the underlying behavior and methods to counter unknown threats, or customizations that attackers will implement to target companies in the future. The analytics are built upon algorithms that form the foundation of the patented IronDefense platform. They are computationally designed to understand normal network behavior by applying tests to create a benchmark of standard, acceptable traffic patterns in the network. Detected anomalies are grouped with similar instances of traffic behavior to minimize alerting and to aggregate events by events within the customers’ networks.

IronDefense Expert System

IronDefense includes an Expert System that automates security operations playbooks of how top cyber operations hunters leverage contextual data and other sources of telemetry data later on in the detection and response process and applies it to the risk scoring of anomalies detected by its behavioral analysis. This enables us to preservice its detection accuracy without sacrificing the sensitivity of its algorithms by leveraging the wisdom of our elite cyber hunters triaging thousands of alerts from real-world environments. The expert system also alleviates the “alert fatigue” that plagues every SOC by minimizing the tedious steps in an investigation, reducing alert fatigue and allowing security teams to focus on responding to high risk detection in their environments. The Expert System is continually optimized through machine learning from anonymized triaged outcomes by our cyber hunters using IronDefense.

IronDefense CoDA engine

Threat analysts and hunters spend a significant portion of their time triaging individual alerts by identifying corroborating evidence and related information. In 2021, we launched a new correlation engine called CoDA, for Correlation of Detections and Alerts, that models adversary attack techniques and pre-correlates anomalous activity by threat categories to improve risk scoring and alert prioritization, as well as to dramatically reduce alert load. This system leverages a multi-pass system that first optimizes for detecting as many potential instances of a particular type of threat activity and enriching detections with threat intelligence and other external and internal data sources to optimize for detection precision. Events are further aggregated by entity information, attack stage identification, and time sequence data to deliver a timeline of an attack and scored by risk to the enterprise.

IronDefense threat hunting interface

IronDefense includes a threat hunting interface built by our elite cyber hunters to empower security operations teams to conduct detailed investigative workflows and forensic analysis of threats detected by IronDefense. The hunting interface empowers security analysts to investigate across all raw traffic, network metadata, logs, telemetry data, and collective threat intelligence captured by IronDefense, all the way down to full-packet capture of individual network flows.

IronDefense sensors

IronDefense sensors are cloud, virtual, and physical sensors that are deployed at the network perimeter to ingest “north-south” traffic within internal networks to provide “east-west” traffic visibility across an enterprise. Cloud sensors are available for public cloud environments to ingest raw traffic data directly from Infrastructure-as-a-Service (“IaaS”) virtual networks from major cloud providers such as AWS and Microsoft Azure deployments. The sensor extracts rich network session metadata from the raw traffic and sends it to our behavior analysis engine for processing and expert system validation. The IronDefense sensors also continuously collect full raw traffic packet capture for inspection during hunting operations.

IronDefense direct data ingest

IronDefense has the ability to utilize a wide-range of data types and telemetry data directly from existing sources. These data sources include standard protocols such as DNS, HTTP/S, or Active Directory; common network log formats such as BRO/ZEEK or NetFlow; Cloud Provider logs such as AWS VPC, AWS CloudTrail or Microsoft Azure NSG logs; and application logs such as Office 365.

IronDome

IronDome is a threat-sharing solution that facilitates a crowdsourced-like environment in which the IronDefense findings from an individual company are automatically and anonymously shared within groups of related entities,

such as portfolio companies, supply chains, industries, or nations, for correlation and further analysis. IronDome analyzes threat detections across companies to identify broad attack patterns and provides anonymized intelligence back to all customers in real time.

IronDome enables Collective Defense member enterprises to actively share individual anonymized cyber anomalies at machine speed across a community of public-private peers. This capability allows companies to identify stealthy attackers earlier in the attack cycle when many of their methods fall below the threshold of detection at a single company by allowing companies to aggregate data and run higher-order analysis across industry data.

Key components of IronDome include:

IronDome Collective Defense communities

IronDome threat sharing is organized by communities of enterprises based on their business ecosystem, industry, region, or nation. Enterprises can be members of multiple communities based on their sharing preference and threat sharing needs. As customer adoption grows, the network effect of each additional enterprise participating in IronNet’s Collective Defense platform will amplify the breadth and depth of its dataset and intelligence.

IronDome collective threat intelligence sharing

IronDome links communities of enterprises together to provide contextual insights into the threat landscape. Machine and human intelligence is shared in real time across the community by threat correlations, as well as outcomes and insights related to how various analysts at different enterprises rated and triaged similar threats in their environment. Real-time feedback of these insights delivers enhanced threat landscape visibility and detection insights that allow members to immediately react to active threats targeting their industry and to adjust their defenses to combat the threat.

IronDome RadarView

IronDome creates a radar-like view of cyberspace that links private and public sector stakeholders in their Collective Defense community. The RadarView graph provides an anonymized real-time view of threats targeting an enterprise’s business ecosystem, supply chain, industry, or region.

The following picture shows a sample Detection Correlation Dashboard in IronDome.

LOGO

Called Collective Defense communities, spearheaded by a “cornerstone” company or organization, an IronDome could be established for a company’s business ecosystem, such as a wealth management firm with many portfolio companies; a sector-based collaborative, such as in within energy or finance), or a cross-sector formation; states and countries; and private-public sector configurations.

In each Collective Defense community, members agree to share anonymized data about threats detected on their individual networks with the collective, on an ongoing basis. This collaborative approach is designed to “flip the script” on attackers by raising the defensive capabilities of any one player. If correlated alerts and attribution based on behaviors suggest that a nation-state is involved, Collective Defense participants can voluntarily share threat information with the government for cyber defense on a national scale as needed to defend the nation.

The Collective Defense platform is available for on-premise, cloud (public and private), and hybrid environments, and it is scalable to include small-medium businesses as well as multinational corporations.

Threat Intelligence

Using information derived from the Collective Defense Platform, we also provide our customers with threat intelligence.

IronNet Threat Intelligence Rules

We develop threat intelligence rules (“TIRs”) based on significant community findings. These detection rules for network, endpoint, or other security tools allow customers to proactively protect themselves against known threats through more secure controls.

IronNet Threat Intelligence Brief

The monthly IronNet Threat Intelligence Brief provides top observed threats across our Collective Defense communities. It includes significant community findings, such as network behavioral anomalies that were rated as suspicious or malicious by us and/or participant analysts, threat intelligence rules, a snapshot of monthly correlated alerts, and threat research highlights.

Key Benefits of Our Solution

Our solution offers our customers several benefits, including:

•

differentiated business value that includes behavioral analytics, which find threats that other tools cannot;

•

real-time threat-sharing across communities; and

•

value to the Collective Defense ecosystem through integrations.

These benefits are summarized in the graphic below.

LOGO

Behavioral analytics that find threats that other tools cannot detect

Superior threat behavior detection to see unknown threats

IronDefense examines the network traffic itself, which is much harder for an attacker to evade or manipulate. IronDefense threat detections are based on advanced, high-fidelity analytics and AI/ML detection capabilities built by top cyber subject matter experts (“SMEs”), continuous full packet capture (“PCAP”), an expert system that applies the judgment and tradecraft playbooks of the nation’s top cyber defenders, and integrated cyber hunting (packet level visibility that improves speed and depth of investigations).

Visibility across the full enterprise to close threat detection gaps

IronDefense network detections fill the known void in threat visibility, which is being able to see unknown, novel threats on the network that other tools cannot see. The Collective Defense platform is an essential part of the SOC Visibility Triad, complementing endpoint detection and response (“EDR”) and logs. It is the engine that can transform this triad into a dynamic pyramid for comprehensive visibility across the threat landscape.

Cognitive detection, correlation, and prioritization analytics for reduced false positives

The Collective Defense platform collects, processes, correlates, and analyzes high-fidelity data from customer networks (anonymized), threat intelligence on real-world attacks, significant community findings, and correlated alerts in the Collective Defense communities. We use this data to continually train and enhance our IronDefense behavioral analytics to increase the signal-to-noise ratio to detect new, unknown attacks with high-fidelity analytics. We automatically chain and score related events into signals to increase analyst visibility.

Data ingest at scale for a broader view of the threat landscape

IronDefense gathers data streams from a variety of sources to build a more comprehensive picture of threats. Network sensors provide streaming capture of all network packets for detection and visibility into all protocols activity. Network logs provide asset discovery and device metadata for event enrichment and contextualization. Cloud data on user activity and usage patterns only the cloud provider can collect. Security ecosystem data provide entity and user operational state which supplements network and cloud data collected.

The only real-time threat sharing capability across companies for stronger defense

The ability to defend better as a collective force

The Collective Defense platform orchestrates threat-sharing and collaboration in real time to deliver immediate visibility and instant sharing of malicious cyber threats targeting supply chains, industries, regions, or any custom Collective Defense community to reduce impact of cyber attacks with help from fellow cyber defenders. IronDome acts as a collaboration hub to enable members to automatically share real-time detections, triage outcomes, threat indicators, and other insights with members of their Collective Defense community.

Faster warning and response capabilities

When suspicious behaviors are identified by any member, IronDome automatically shares a proactive warning to all members at machine speed so each member can prioritize their defense against the identified cyber threat. This capability allows companies to identify stealthy attackers earlier in the attack cycle when many of their methods fall below the threshold of detection at a single company by allowing companies to aggregate data and run higher-order analyses across industry data. The platform supports opt-in anonymized sharing with governments for national response when necessary.

Real-time sharing of peer insights for stronger defense

The Collective Defense platform allows community members to share threat context, prevalence, and expert commentary about how to triage and response, much like the Waze app for traffic, except for cybersecurity. By banding together and working together with peers, Collective Defense community members are better able to pool and optimize resources so they can achieve “defensive economies of scale” that allow them to keep up with and counteract cyber attackers.

Deep subject matter expertise to improve customer defense

We have an elite cyber operations team working directly with customers’ security teams to detect, triage, and respond. Our teams are led by cyber offensive and defensive SMEs. Approximately one-half of our cyber operations experts have National Security Agency or U.S. Department of Defense experience, and 40% have cyber offensive, intel, or research experience.

A force multiplier effect to help strained SOC teams

Our deep SME knowledge enables a multiplier effect for severely strained SOC analysts, who can leverage insights from its security analysts and threat hunters, as well as peer insights and triage outcomes from the

Collective Defense community. This approach addresses the cyber talent shortage, improving the effectiveness of SOC teams and optimizing tools and human resources. Our high-fidelity analytics and threat intelligence provide autonomous identification, prioritization, and recommendation to accelerate incident investigation and the response process.

Added value to the cybersecurity ecosystem

Easy-to-use deployment for faster time to value

The Collective Defense platform has been designed to be easy to provision, configure, and manage, working seamlessly with a suite of SIEM, SOAR, EDR, and NGFW APIs to streamline siloed security products. These integrations provide a natural complement to IronDefense and reinforce the users’ existing security infrastructures. Analysts do not need to re-learn anything and can see detections from a single view.

Security for any environment

IronNet can provide security protection across cloud, multi-cloud, on-premise, and virtual environments to support customers with different needs. Public cloud options are Amazon Web Services (“AWS”) and Microsoft Azure, and we have private cloud options based on Nutanix for customers that want to leverage their own on-premise HCI environments. The on-premise deployment option is our hardware appliance or virtual application.

Improved effectiveness of existing security investments

IronDefense automates many of the time-consuming threat discovery and investigation steps and indicates the severity of anomalous activity. Its customers’ analysts can make decisions in a shorter amount of time.

Industry Recognition, Awards and Designations

Industry analyst reports

Over the past 24 months, we and our platform and products have been recognized in 10 reports by multiple third-party industry analysts, including Gartner, Forrester, IDC, 451 Research Group, and Omdia, who has called our analytics a “potential game changer” in a June 2020 report.

Industry designations

Cyber Catalyst by Marsh^™ designation

In January 2021, the global insurance brokerage Marsh named the Collective Defense platform as one of its industry-recognized Cyber Catalyst solutions. This evaluation program is designed to help organizations make more informed choices about cybersecurity products and services to manage their cyber risk, by providing independent reviews conducted by insurers who fully understand the impact of risk exposure.

FedRAMP Ready for Agency Authorization

In August 2020, we announced that we had achieved “FedRAMP ready” status for Agency Authorization status, as approved by the FedRAMP. Our achievement of this status means the FedRAMP PMO has determined that we can meet the FedRAMP security requirements and could be granted an Authority to Operate (“ATO”) from federal agencies.

Industry certifications

GDPR-compliant

We are committed to data privacy and are compliant under the European Union (“EU”) General Data Protection Regulation (“GDPR”). We are also an active member of the EU/ Swiss-US Privacy Shield Framework through

the U.S. Department of Commerce. The EU/Swiss-U.S. Privacy Shield Framework provides a method for companies to transfer personal data to the United States from the EU in a way that is consistent with EU law and acceptable under EU GDPR.

ISO/IEC 27001

ISO 27001 is an international standard for information security management systems (“ISMS”). An ISO 27001 certification demonstrates that we have addressed the following areas: security policy, organization and information security, asset management, human resources security, physical and environmental security, communication and operations management, access control, information systems acquisition, security incident management, business continuity management, and compliance.

SOC2 Type I and SOC2 Type II

We are also SOC2/Type I and Type II certified, verifying that we have a suitable design of controls to meet the criteria for the security, availability, confidentiality, and processing integrity principles of the SOC2 standard. Having Type II attestation demonstrates the operational effectiveness of our design controls.

Department of Homeland Security Continuous Diagnostics & Monitoring

We are registered with The Department of Homeland Security (“DHS”) Continuous Diagnostics & Monitoring (“CDM”) program recognizing cybersecurity tools and sensors that are reviewed by the DHS program for conformance with Section 508, federal license users and CDM technical requirements. We also received two separate acceptances/approvals for the DHS CDM Approved Products List for IronDefense (IRO-0002-20180103) and IronDome (IRO-0004-20180405).

Industry Award highlights

2020 Fortress Cyber Security Award

We won a Fortress Cyber Security Award for two years in a row in the Public & Private Cloud category for IronDome. The award recognizes the world’s leading companies and products that are working to keep data and digital assets safe.

2020 CyberSecurity Breakthrough Award

Our IronDome Collective Defense solution was named the “Overall Incident Response Solution of the Year” by the 2020 CyberSecurity Breakthrough Awards. The CyberSecurity Breakthrough Awards program recognizes the top companies, technologies, and products in the global information security market.

2020 Cyber Security Awards

Our IronDome Collective Defense platform was named the winner of the “Innovative Product of the Year—Threat Detection” by the Cyber Security Awards. The Cyber Security Awards recognize the best individuals, teams, and companies within the cybersecurity industry for excellence and innovation across 18 categories.

2020 CRN Emerging Vendors List

We were named to the 2020 Emerging Vendors list in the Security Channel by CRN. This annual list honors new, rising technology suppliers that exhibit great promise in shaping the future success of the channel with their dedication to innovation.

Our Market Opportunity

“Information sharing is critical for empowering the global ecosystem to move from individual to collective cyber resilience.”

—World Economic Forum Centre for Cybersecurity, “Cyber Information Sharing: Building Collective Security,” October 2020

We were founded on the belief that network defense accelerated by AI was the future of cybersecurity and that the ability to share these AI-based threat detections in real time was non-existent in the market at the time of Legacy IronNet’s inception. Our goal has been to give companies, organizations, and governments better ways to fight back against organized criminal groups and nation-state adversaries.

To best operationalize AI in a security setting, we have turned to the ML subset of AI. It uses ML models to detect “unknown unknown” threats to networks. An unknown threat, or a zero-day threat, is considered a malicious code that has not been seen before, hence without a “signature.” Such threats exploit vulnerabilities as advanced persistent threats or targeted attacks. Behavioral analytics, which are data-driven algorithms tuned to detect behaviors on networks, can increase an organization’s visibility across the network, reduce the impact of cyber attacks, and improve the effectiveness of their cybersecurity investments.

We believe there is a clear market need to systemically fix a broken approach to cybersecurity. According to the Center for Strategic and International Studies, global cybercrime losses have nearly doubled from $523 billion in 2018 to $945 billion in 2020. Being able to detect unknown, malicious threats and share threat intelligence through Collective Defense is critical for mitigating the impact on business continuity and cost. An independent industry study conducted in 2020 estimates that it takes an average of 315 days to detect and contain a data breach caused by a malicious attack, while an average of 230 days is necessary to identify a malicious breach, giving hackers dangerous network dwell time to steal personally identifiable information (at the average cost of $175 per record in malicious attacks) and intellectual property. Security automation can reduce that lifecycle by about 2.5 months. Shortening the detect-to-contain cycle to less than 200 days could potentially cut the total cost by about a quarter.

Market Overview

The following graphic depicts our estimated total addressable market:

LOGO

Source: Gartner: Forecast: Information Security and Risk Management, Worldwide, 2018-2024, 4Q20 Update

(1)	Summation of revenues generated from solutions for Security Information and Event Management (SIEM) Software, IDPS Equipment, Enterprise Data Loss Prevention, Threat Intelligence Software, Network Detection and Response, and Network Access Control.

Our customers utilize our Collective Defense platform across a wide variety of use cases. Its total addressable market initially began as a behavioral-based detection and response opportunity in the network security market, but has significantly expanded due to rapid innovation and adoption of the Collective Defense platform across additional security segments.

In addition, our increasing market opportunity is driven by the rapidly increasing desire and willingness of public and private enterprises of all sizes to share collective threat intelligence and work together in common defense to support their continued acceleration of digital transformation and cloud computing, adoption of the Internet of Things (“IoT”), and the ability to defend their enterprises in a continually intensifying threat landscape.

Our innovative approach is unique in the security industry. We identify anomalies across network traffic using advanced behavioral analytics, artificial intelligence, and machine learning techniques; applies integrated security operations automation through the use of our Expert System; automatically correlates pre-triaged detections; and shares collective threat intelligence across an enterprise’s business ecosystem. Because of its solution strategy and architecture, the IronNet Collective Defense platform is the first to address multiple security markets, including markets not typically associated with Network Detection and Response.

The markets we address comprise the following:

Network Security Equipment and Infrastructure Protection

In 2016, we launched its IronDefense product to disrupt the Enterprise Network Security Equipment market that included what is now the NDR, Network Access Control (“NAC”), and Intrusion Detection & Prevention System (“IDPS”) markets, respectively. As part of its launch of IronDefense, it included a security operations capability built by world-class security experts specific for security operations to address the SIEM and Enterprise Data Loss Prevention (“DLP”) markets, respectively. In 2018, we launched our IronDome product to disrupt the threat intelligence market by providing enterprises with real-time visibility to their threat landscape and curated threat intelligence to actual threats targeting their business ecosystem, supply chain, industry, and region. Gartner estimated that the global market for these segments in the Network Security Equipment and the Infrastructure Protection would be $10.0 billion in 2021.

Application Security, Web Security, and Enterprise Endpoint

Additional enhancements in 2020 to IronDefense and IronDome that further enable use to operate in public cloud environments allow us to address the Application Security segment and web security market that Gartner estimated at $3.3 billion and $2.8 billion, respectively, in 2020. The addition of ecosystem integrations in 2021 across a range of security ecosystems increases our footprint within a security ecosystem, and our ability to work natively with endpoint detection and response vendors under our Collective Defense capabilities enables us to address the enterprise endpoint market, which Gartner estimated at $9.1 billion in 2020.

IronNet’s Go-to-Market Strategy

We describe our go-to-market strategy as “land and expand with network effects.” Our approach is to initially secure what we describe as influential “cornerstone” customers and then to expand their respective Collective Defense community with additional “community members” from organizations of similar industry sector, state, country, supply chain, or tailored business ecosystem. As each Collective Defense community grows, so does the volume of shared data, and the value of our platform for each of those members thereby expands both technically and commercially.

The following diagram depicts this strategy:

LOGO

Foothold with Cornerstone Customers expanded to follow-on, sector-leading Community Customers

We define a Collective Defense cornerstone customer as a customer who is a leader of a recognized industry, nation, state, or vertical. Example of cornerstone customers include the U.S. government, with the defense industrial base, whereby a large systems integrator, along with a branch of the military, that are securing their thousands of supply chain members within a Collective Defense community. Another example is a global investment fund in the Asia Pacific Japan region with a $300 billion portfolio. Our relationship with this fund led to securing a single portfolio company as a community customer, and we have now expanded to multiple companies within the fund’s portfolio.

By securing business with organizations that are influential in their sector, proving our value through our Collective Defense solution, and partnering with their senior leadership, we believe we can sell into similar organizations effectively and with great credibility.

Our emphasis on information sharing has also helped us find particular success working with key industry associations, such as the Electricity Information Sharing and Analysis Center (“E-ISAC”) to capitalize on the strong relationships and shared goals among member organizations. By becoming a trusted thought leader responding to their shared challenges in cybersecurity, we seek to gain access to potential customers while providing cybersecurity insight, instruction, and advice to the association as well—a core tenet of our Collective Defense mission.

100

The overall effect of our go-to-market approach drives two powerful network effects, which are depicted in the graphic below. The first is the growth in the value of our platform as it ingests more and different data to improve the detection of its machine learning-driven algorithms. The second is our customer community-driven growth model, which drives a more efficient route to market with lower community customer acquisition costs and higher customer lifetime values.

LOGO

Our Growth Strategy

We see the opportunity for multi-dimensional innovation and growth. We believe that the SolarWinds/SUNBURST attack in 2020 has validated our mission to drive AI-driven behavioral analytics and Collective Defense to the overall security market.

Our revenues have grown steadily since our first product was released in 2016. We made our first moves to the cloud in 2018, and we intend to accelerate scalability from our cloud offerings. This evolution in our products allow us to deploy to customers more rapidly, scale more quickly, and drive revenue growth.

Our strategies to grow our business include the following:

Grow our customer base by replacing legacy and other NDR products

Given the limitations of existing products in the NDR, SIEM, IDPS, EDLP, and Threat Intelligence Software segments, we intend to continue to grow our customer base organically as organizations replace these signature-based and stand-alone offerings with AI-driven behavioral analytics and Collective Defense. Our customer acquisition campaigns and channel partnerships with MDR providers are expected to allow us to pair pursuit of large enterprise customers with cost-effective penetration into smaller and medium-sized enterprises.

Further expand offerings with existing customers

We will continue to expand our relationships with our customers by expanding our network coverage of their business towards 100% and by cross-selling additional Collective Defense offerings. When we first deploy our products to a customer, it usually covers only a portion of their network traffic. As we are able to demonstrate the value of our behavioral analytics and membership in Collective Defense, we have to up-sell opportunities as we expand network coverage to other parts of the business or portfolio. We also have the opportunity to cross-sell offerings like cloud traffic analytics or digital fraud detection. Over time, we seek to deploy our solutions enterprise-wide for all customers, thereby increasing our revenue from existing customers and therefore our dollar-based net retention rates.

101

Expand into new customer segments

While we first targeted large and sophisticated enterprise customers, we also have an internal sales development team and an inside sales team to expand our go-to-market efforts. These teams focus on early qualification and development for cycles with potential cornerstone customers. They utilize intelligence from our Account Based Marketing system as well as social sales development tools to nurture these opportunities to a handoff point with field sales. These teams also focus on full cycles with potential community members once a cornerstone-driven Collective Defense community has been established. We are using a combination selling approach to scale our sales into additional industry verticals, with which we can sell our Collective Defense capabilities to the largest enterprises or smallest businesses with any level of security sophistication and budget.

Extend our Collective Defense platform and ecosystem

We have designed our architecture to be open, interoperable, and highly extensible. It is constantly adding integrations to our platform in order to ingest more sources of data for analysis and to provide detection outputs to more response systems. We also add new algorithms and new combinations of algorithms to detect behaviors of unknown but potentially malicious attacks. In addition, we innovate with partners to add our NDR and Collective Defense capabilities to their customer offerings. An example of this is our recent announcement of a strategic partnership with Mandiant, a part of FireEye, Inc., under which the parties will work together to provide best-in-breed managed cyber defense capabilities to companies and government agencies of all sizes. The new jointly managed collective defense service offering is designed to remove the burden of identifying new and novel threats from public and private security teams by providing a potent software and services combination. We expect that innovations and partnerships such as our partnership with Mandiant will enhance the distribution of our platform and represent future sources of revenue.

Broaden reach into the U.S. federal government vertical

We spent the first five years of our life building foundational customer relationships in the commercial sector. This was intentional, as the company mission required it first to build the technology and business basis required to protect the private side of the public/private partnership. We are now actively investing in the acquisition of customers in the U.S. federal government vertical. We are FedRAMP Ready and are registered with the Department of Homeland Security Continuous Diagnostics & Monitoring program approved products list to provide federal agencies with innovative security tools. In addition, our platform is deployed in the AWS GovCloud. We are pursuing opportunities in the civilian, defense, and intelligence sectors.

Expand our international footprint

We are expanding our international operations and will continue to invest globally to broaden our international footprint. We intend to grow our presence in the Asia Pacific Japan and EMEA regions by adding headcount and establishing overseas hosting relationships.

Our Technology

Cloud-native architecture

Our platform is designed to be secure, highly scalable, redundant, resilient, and high-performing. Delivering from the cloud is intended to enable agility, ease of use, and flexible detection of threats within individual enterprises and the correlation and sharing of those insights with their broader Collective Defense communities. Individual enterprises can choose to deploy our products and solutions using a variety of public and private cloud deployment options including AWS and Microsoft Azure. Enterprises that prefer to leverage their own private cloud infrastructure using hyper converged infrastructure can deploy our products and solutions through our partnership with Nutanix.

102

Flexible architecture for all enterprise networks

Our Collective Defense platform enables enterprises to add behavioral detection and Collective Defense to their on-premise, cloud, or multi-cloud infrastructure. Our platform can monitor workloads in major public cloud providers and on-premise physical and virtual networks from a single platform. Our Collective Defense platform can monitor network traffic and raw traffic in AWS and Azure or leverage existing logs to detect threats targeting their cloud infrastructure. With us, enterprises can apply the power of IronNet Collective Defense to their IT infrastructure and share collective threat intelligence with their Collective Defense community to detect threats targeting their community.

APIs / integrations

The Collective Defense platform and architecture is built around a rich set of APIs intended to efficiently and effectively complement and expand a customer’s existing security infrastructure, such as SIEMs, EDRs, NGFWs, ITSM workflow tools, and other common cybersecurity tools. The platform includes the ability to query and interact with these tools, allowing customers and partners to integrate its detection into their security operations and to execute native response against detected threats. By connecting existing security systems to the IronNet Collective Defense platform, we allow our customers to drive higher efficiencies and value from their security investments. For example, we integrate with CrowdStrike to provide 1-click containment and can leverage CrowdStrike information to provide host details in the IronDefense Threat Hunting interface to deliver a seamless security operations experience across network and devices.

Data center operations

The Collective Defense platform utilizes a combination of global and customer infrastructure to deliver the solution. Customers can choose a variety of deployment options for their own enterprise however global and Collective Defense community level information is hosted in AWS data centers located in the United States and regional AWS data centers to support our international business. Our technology infrastructure, combined with the use of AWS resources, provides us with a distributed and scalable architecture on a global scale.

Our Services

Cyber Operations Center (“CyOC”)

IronDefense customers can extend their SOC with our dedicated CyOC team, which comprises expert offensive and defensive cybersecurity operators with experience defending both private and public sectors against sophisticated threats. From monitoring to threat hunting, we enhance IronDefense capabilities by providing customers 24/7/365 NDR services backed by Collective Defense, enabling customer SOC analysts to spend more time focusing on strategic tasks.

Our cybersecurity operators add to the power of IronDefense by leveraging best practices to deliver advanced NDR capabilities that meet compliance standards. Our services are scalable, measurable, and cost- effective, and they provide complete real-time visibility into the network.

CyOC services include the following:

Hunt collaboration

Our Hunt Team comprises highly technical security analysts with real-world operational experience in defending highly secure networks across industries and sectors. Our analysts leverage our IronDefense platform to work side-by-side with customers’ security operations personnel to detect and mitigate threats identified in the customer network.

103

Threat notifications

The CyOC team continually monitors and researches events and anomalies found in customer networks. The IronNet Customer Portal is used to notify customers of IronDefense findings of interest related to a customer’s network. Notification is distributed to members determined by the customer and includes full event analysis and mitigation recommendation.

Rule deployment

The CyOC’s Threat Intelligence analysts support customer operations by providing context to manual hunt operations and alert triage. The team produces tailored threat information to customer instances of IronDefense through Threat Intelligence Rule updates based on current suspicious and malicious IoCs, IronDome insights, emerging threat research, and results of research by our malware reverse engineers.

Reachback support

The CyOC team offers remote event collaboration, incident response, cybersecurity expertise, and platform support for IronDefense related security operations.

Reporting

Periodic insight reports are provided to customers on threat trends correlated to the customer’s network and sector. These reports provide summarized and actionable IoCs associated with high risk network behaviors mapped to the MITRE ATT&CK Detection framework to identify the stage and progression of the threat. These reports also include a detailed list of resulting Threat Intelligence Rules deployed to customer instances of IronDefense.

Custom hunt tracking

Introductory and advanced training for end-users on analytics, alerts, entity enrichment, hunting, and network defense techniques are available. Periodic on-site side-by-side hunt operations, threat identification techniques, and review of newly implemented product features are also available.

Customer Success Team

Through our core products and services, we seek to increase our customers’ visibility into the threat landscape, reduce the impact of a potential attack and improve the overall effectiveness of cybersecurity investments. One of the ways we do this is with our dedicated Customer Success (“CS”) team. While some vendors charge a premium for expert Customer Success care, we include access to our CS team as part of a customer’s subscription, including a dedicated Customer Success Manager for the life of the subscription.

At the onset of a new deployment, our CS team works with customer stakeholders to map out what success looks like, determine the key deliverables required to achieve those goals and create a success plan for the life of the partnership.

Governance and Maturity Services

These services measure adherence to specific regulatory or contractual requirements and provide measurable data as to the maturity of the organization’s cybersecurity capabilities.

Cybersecurity Readiness Services

Given that threat actors continuously change their tactics, techniques, and procedures (“TTP”), these services are designed to ensure organizations are prepared for the latest and most immediate threats.

104

Incident Response Services

We provide incident response and digital forensic investigative services powered by an accomplished team with deep expertise. We specialize in providing incident response and digital forensic investigative services to companies of all sizes, ranging from large U.S. Fortune 50 companies to smaller organizations.

Training

Leveraging decades of cybersecurity experience, our results-focused training programs enable customers to unlock a higher level of cyber resilience. We adopt a hands-on approach to build technical proficiency and operational confidence using industry best practices. Cyber skillset training techniques include hunt methodology, offensive methodology, data analytics for security intelligence, SOC leadership, cyber threat intelligence operations, executive education, and custom cyber threat seminars.

Our Customers

Some of the world’s largest enterprises, government organizations, high-profile brands, and governments trust us to protect their networks. The following graphic depicts our representative customers.

Customer case studies

LOGO

Critical infrastructure customer case study: Southern Company

Within our first months in business, we had five major utility companies sharing cyber events in the IronDome across 25 states, helping secure infrastructure that delivers power to nearly 35 million customers.

Situation: Serving nine million customers across six states, Southern Company faced risks as a target for cyber attackers to steal information or disrupt operations.

Solution: As an early adopter of Collective Defense, one of the reasons Southern Company works with us is to get high quality, automated situational awareness and to move away from relying on manual methods.

Southern Company invested in its partnership with us to increase its ability to detect Advanced Persistent Threats, reduce dwell time and more quickly recover in the event of an attack.

Our relationship with Southern Company extends beyond just a vendor/client relationship, as senior leadership from both companies appear together at numerous events and government briefings to discuss their positions on topics like nuclear energy and the security of the U.S. power grid.

Southern Company’s Chief Information Security Officer notes that “Broad situational awareness within sectors and across sectors is something we believe in, and why we are doing work with IronNet and many other partners in energy and other critical sectors, both nationally and internationally.”

105

Critical infrastructure case study: American Electric Power (“AEP”)

Situation: With the nation’s largest transmission system consisting of more than 40,000 miles of transmission lines and more extra-high-voltage transmission lines than all other companies combined in North America, AEP needed to ensure the security of its own operations—while recognizing its role in contributing to the security of the electrical grid overall. collaborative cyber defense to combat adversaries.

Solution: Collective Defense provides the high-fidelity threat sharing to make AEP’s cyber intelligence truly actionable, to ensure the cyber security of its 5.5 million customers.

AEP’s Chief Security Officer says that “AEP values the relationship and initiatives being led by GEN Alexander and IronNet.”

Financial services customer case study: NBH Bank

Situation: National Bank Holdings (“NBH”) needed a way to detect unknown threats. Monitoring only known threats, or “signatures” such as compromised domain names, IP addresses, or file hashes, missed a huge swath of threats that evade traditional signature-based threat detection. NBH needed a tool that could alert the security team of advanced threats across the cyber kill chain, in real time, in turn empowering the team to take action before the threat could affect operations.

Solution: After evaluating other platforms, NBH chose IronDefense for its ability to successfully detect malicious behaviors for DNS Tunneling, Domain Generation Algorithm (“DGA”), and Periodic Beaconing HTTP. As part of an IronDome, NBH has strengthened its ability to take proactive action against emerging threats detected by machine learning and further qualified by anonymized knowledge-sharing in the Collective Defense ecosystem.

NBH selected us because of our precise analytics; proactive hunt team support; partnership with our Customer Success team; and the ability to crowdsource expertise across their peers through Collective Defense.

NBH’s VP of Enterprise Technology has stated that it views our Collective Defense as the “next big thing in cyber.”

Sovereign wealth fund customer case study

Situation: An Asia-Pacific-based sovereign wealth fund with a $300 billion portfolio needed better visibility of network threats across its portfolio companies. Prior to implementing Collective Defense, neither the sovereign wealth fund nor its portfolio companies had a viable method for correlating IoCs across multiple organizations. They also lacked the ability to detect malicious threat activity based on network behaviors.

Solution: The company chose a Collective Defense IronDome to reduce time to detection via threat sharing across its portfolio companies.

In one instance, our analytics detected a sinister BotNet intrusion attempt into the firm’s perimeter. The detection allowed the firm to act fast and catch the BotNet on their firewall before it got inside their network—all within 24 hours of detection.

The fund’s Chief Technology Officer said that “None of our other threat hunting tools sparked an alarm. This may suggest that we can turn off some of our other threat hunting tools and save some money by using IronNet. This is IronNet value at work.”

In addition to becoming our customer, the sovereign wealth fund also later became an investor in our company.

106

Oil & gas customer case study

Situation: A Fortune 500 midstream natural gas and crude oil pipeline company sought to increase its detection capabilities and accelerate threat response. Other methods of information sharing proved challenging for driving real business value.

Solution: IronDome provides visibility across the sector and an instantaneous way to share anonymized threat information, allowing the company to identify unknown threats faster and react more quickly. Based on network behavior, our detection analytics help the company to maximize the value of its other cybersecurity investments by identifying potential misconfigurations or gaps to tighten overall security.

According to the company’s leader of Security Operations, “IronNet is truly a partner and not just another vendor.”

Our Sales and Marketing

Sales

We use a “to and through” sales strategy. By maintaining a direct sales force consisting of senior-level account executives with deep security and high-tech experience, we have been able to leverage extensive professional networks and build inroads to strategic accounts. Because of this and the caliber of our senior leadership team, we believe we have a differentiated ability to convene CEOs, Chief Information Security Officers (CISOs) and other leaders within an entire industry, such as energy company CEOs. This is what enables our cornerstone/community selling approach.

We have three sales teams in the United States: Public Sector, covering federal, state and local segments; Critical Infrastructure, covering energy, oil & gas, and related segments; and Enterprise, covering financial services, insurance, tech, and a variety of other sectors. We have direct sales staff in six countries, as well as a growing portfolio of channel, managed services and technology partners across the United States, Europe, Middle East and Africa (“EMEA”) and Asia-Pacific regions to scale our ability to discover, qualify, and close business.

In addition, we have inside sales development teams to expand our selling capabilities. These teams focus on early qualification and development of opportunities that we either close directly or transition to the field sales teams (for named accounts). These inside teams’ primary objective is filling Collective Defense communities with smaller companies.

Marketing

Our marketing organization employs high-tech multichannel digital and content marketing for lead generation, aggressive public relations, social media and thought leadership programs to drive awareness, and specialization in strategies such as employee advocacy and search engine optimization. We were recently the top organic search engine result for “Network Detection and Response” in a competitive market.

Our public relations and media program has resulted in regular coverage in business press, cybersecurity trade media and industry trade media.

Our event program is focused on exposure to audiences that are aligned to our sales strategy. We incorporate a combination of both large industry events like Black Hat with regional and sector-focused events that allow us to capture leads on new customers to build out Collective Defense communities. Immediately at the onset of the COVID-19 pandemic, we pivoted our in-person event plan and launched a program of more than 40 webinars over the past 12 months with industry thought leaders. We also regularly host customers on our webinars as a strategic way to create customer case studies from transcripts.

107

We focus on providing compelling content for both demand generation and awareness-building. Our monthly Threat Intelligence Briefs summarize the IOCs and detections our SOC has discovered in order to inform the efforts of other operations analysts in the cybersecurity space. Our threat researchers produce in-depth analysis on topics such as ransomware detection and unique technical observations about the SUNBURST attack and other topics, which have been featured in media outlets. This helps build credibility with the security analyst audience, a key influencer in the buying process.

Our Partnership Ecosystem

Our partner ecosystem consists of leading organizations that have been carefully selected to help it deliver the power of Collective Defense across a variety of dimensions.

Technology partners

When used together, our partner integrations leverage our collective threat intelligence to react in real time, as well as proactively combat threats across the entire network, and create workflows that mitigate compromised devices. Our integrations are designed to increase the efficiency of security teams with smarter, more effective workflows built through collective threat intelligence. To streamline the alert triage and incident response processes, IronDefense can integrate with a number of security products, including:

SIEM tools to retrieve logs, share detections, and retrieve analyst feedback;

SOAR tools to share detections, retrieve analyst feedback, and augment existing playbooks;

EDR platforms to ingest endpoint event and entity context and initiate response to malicious activity; and

NGFW products to dynamically block malicious activity and ingest logs for analysis.

Current and planned future integrations and APIs include:

Cloud

AWS

Azure

GCP

SIEM

Splunk

IBM QRadar

Microsoft Azure Sentinel

LogRhythm

SOAR

Cortex XSOAR (formerly Demisto)

Splunk Phantom

Swimlane

108

ITSM

ServiceNow

EDR

CrowdStrike

Carbon Black

Forescout

Tanium

NGFW

Palo Alto Networks

Checkpoint Software Technologies

Zscaler

Go To Market (“GTM”) Partners

With our GTM partners, we seek to accelerate service growth and value for their customers through a mutually beneficial program.

Raytheon Technologies

This partnership delivers cybersecurity solutions that defend against advanced threats that leverage behavior-based network traffic analysis and collective defense. The Raytheon-IronNet partnership combines our Collective Defense Platform with Raytheon’s Managed Security Operations Center (“MSOC”), Managed Detection and Response (“MDR”) and Cyber Security Operations Center (“CSOC”) capabilities. This partnership delivers new analytical solutions that strengthen enterprise protection, along with a customized onboarding to integrate and operate the platform.

Accenture

We and Accenture work together to help companies protect critical infrastructure by quickly deploying and updating a system of machine-speed, advanced threat analytics across IT and Operational Technology, which automatically filters out the noise of false positives with the insight provided by community sourced context. Accenture provides the expertise in scalable implementation when it orchestrates our collective defense platform, delivering actionable attack information in real-time for their customers to prevent impact to critical infrastructure.

MDR/MSSP partners

Chosen channel partners work with us to develop and deliver an end-to-end solution designed to detect and prevent damaging and difficult-to-detect cyberattacks that continue to plague organizations across public and private sectors. For example, Jacobs’ partnership with us brings together unique capabilities, helping customers to navigate the complexities of the current threat landscape more easily. Jacobs provides a full spectrum of professional services including consulting, technical, scientific and project delivery for the government and private sector. The joint offering of Jacobs and our collective defense platform brings advancements in machine learning and AI, which provides innovative cyber defense detection to discover both known and unknown cyber threats, allowing a more thorough and effective approach to network security for their clients.

109

Our other integration and sales partners include Atlantic Data Forensics, Blacklake Security, Booz Allen Hamilton, Unlimited Technology, ArmorText, Carahsoft, Domain Tools, Ensign Infosecurity, Forescout and Global Cyber Alliance.

Our Research and Development

Our Engineering and Product Development teams are responsible for the architecture and implementation of our Collective Defense platform. Our team of data scientists, data engineers, and emerging threat researchers work together to continually improve the analytics which drive IronDefense. Our Cloud Infrastructure and Sensor teams are dedicated to making IronDome sustained reliability, and scalable on premises and in the cloud.

We are built upon innovations in cybersecurity technology, delivering continuous improvement in detection and mitigation of threats. Our expertise and history in defense and cybersecurity brings a holistic point of view to the design of our solutions, allowing us to find novel threats and share them in real time. We focus investment on research into emerging threats and advanced data science to keep our Collective Defense platform at the forefront of the most dangerous security issues. We use feedback from our customers and channel partners, as well as studies of market needs, to guide product development, ensuring prioritization of new integrations, product features and functionality.

We have a regular weekly cadence to report internally on our own infrastructure and security operations, as well as the health of all of our customer instances. On an annual basis, we use a third-party penetration testing team to test our environment. Additionally, we use our internal Red Team to perform quarterly testing and our Security Operations Center (“SOC”) vulnerability scans in our environment at least monthly. We also monitor and report on hunt findings and threat intelligence updates.

Our Competition

The market for our products and services is intensely competitive and characterized by rapid changes in technology, customer requirements, and by frequent new product and service offerings and improvements. We compete with a range of established and emerging security solution vendors. Conditions in our market could change rapidly and significantly as a result of technological advancements, partnerships, or acquisitions by competitors or continuing market consolidation and we expect the competitive environment to remain intense.

Our competitors include the following by general category:

•

First-generation NDR vendors such as DarkTrace or Vectra Networks, who offer point products based on Bayesian analysis, outlier analysis, and heuristic detection-based detection;

•

Legacy network infrastructure and performance monitoring companies such as ExtraHop and Arista Networks, who are adding security use cases to their infrastructure products.

We compete on the basis of a number of factors, including but not limited to its ability to:

•

Detect advanced network threats and to prevent security breaches;

•

Anonymously correlate and share threats in real-time across a community of peer enterprises;

•

Share human-intelligence across a Collective Defense community on how peer enterprises have rated and triaged similar detections; and

•

Integrate with other participants in the security ecosystem.

110

We also compete on our:

•

Time to value, price, and total cost of ownership;

•

Brand awareness, reputation, and trust in our services;

•

Strength of sales, marketing, and channel partner relationships; and

•

Customer success, cyber hunt, and cyber advisory services.

Although some of our competitors enjoy greater resources, higher brand recognition, broader range of IT and security products, larger existing customer bases, or more mature intellectual property portfolios, we believe that we compete favorably with respect to these factors.

Our Intellectual Property

We believe that our intellectual property rights are valuable and important to our business. We rely on trademarks, patents, copyrights, trade secrets, license agreements, intellectual property assignment agreements, confidentiality procedures, non-disclosure agreements, and employee non-disclosure and invention assignment agreements to establish and protect our proprietary rights. Though we rely in part upon these legal and contractual protections, we believe that factors such as the skills and ingenuity of our employees and the functionality and frequent enhancements to our solutions are larger contributors to our success in the marketplace.

As of February 15, 2022, we had 3 issued patents and 6 pending applications in the United States covering our technology, as well as 37 issued international patents, 6 pending international patent applications, and 5 filed PCT applications. Our issued patents expire between 2035 and 2037.

As of March 4, 2022, we had five registered brands in the United States, subject to four single-class trademark registrations and five single- and multiple-class service mark registrations. Four of those five brands are also registered internationally. In addition, we own pending, multi-class, combined trademark/service mark applications in both the United States and abroad. We believe these registrations and pending applications offer robust protection for all of our brands. We intend to pursue additional intellectual property protection to the extent we believe it would be beneficial and cost-effective.

Despite our efforts to protect our intellectual property rights, they may not be respected in the future or may be invalidated, circumvented, or challenged. Our industry is characterized by the existence of a large number of patents and frequent claims and related litigation based on allegations of patent infringement or other violations of intellectual property rights. We believe that competitors will try to develop products that are similar to our products and that may infringe our intellectual property rights. Our competitors or other third parties may also claim that our security platform and other solutions infringe their intellectual property rights. In particular, some companies in our industry may have extensive patent portfolios. From time to time, third parties may in the future assert claims of infringement, misappropriation and other violations of intellectual property rights against us or our customers, with whom our agreements may obligate us to indemnify against these claims. Successful claims of infringement by a third party could prevent us from offering certain products or features, require us to develop alternate, non-infringing technology, which could require significant time and during which we could be unable to continue to offer our affected products or solutions, require us to obtain a license, which may not be available on reasonable terms or at all, or force us to pay substantial damages, royalties, or other fees.

Our Facilities

Our corporate headquarters occupy approximately 12,000 square feet in Tysons, Virginia, part of the Washington, D.C. metropolitan region, under a lease that expires in June 2026. We also lease office space in Raleigh, North Carolina. We have a data center co-location facility in Reston, Virginia, and we also utilize AWS regional cloud services located around the world for our storage needs and to help deliver our solution.

111

We believe that our existing facilities are sufficient for our current needs. In the future, we may need to add new facilities and expand our existing facilities as we add employees, grow our infrastructure and evolve our business, and we believe that suitable additional or substitute space will be available on commercially reasonable terms to meet our future needs.

Our Employees / Human Capital Resources

Our employees worldwide power our innovation, contributing unique perspectives and a growth mindset to create breakthrough technologies and transformative solutions. We are committed to fostering a diverse and inclusive workplace that attracts and retains exceptional talent. Through ongoing employee development, comprehensive compensation and benefits, and a focus on health, safety and employee wellbeing, we strive to help our employees in all aspects of their lives so they can do their best work, every single day.

As of January 31, 2022, we had 316 full-time employees. Of these employees, 92% are in the United States and 8% are in international locations. We have not experienced work stoppages and believe our employee relations are good.

Diversity and Inclusion

Innovation at our company comes from the diverse perspectives, knowledge, and experiences of our employees. We strive to create an inclusive workplace where people can bring their authentic selves to work. We employ inclusive recruitment practices to source diverse candidates and mitigate potential bias.

Our Diversity Ambassadors team’s mission is to build a more diverse and inclusive company through clear and measurable goals across all levels and geographies, and encouraging and enabling all our employees to drive change and create an inclusive environment for everyone every day through educational, professional, and social programs. The mission of the Diversity Ambassadors is to establish a world-class program that continually delivers an accurate assessment of diversity, equity, and inclusion to decision makers across the company, and empowers us to operate in accordance with our values.

The Diversity Ambassador team seeks to achieve this vision by focusing on efforts that have been studied to show results, such as voluntary training, using disaggregated data to provide transparency into the fabric of our company, disassembling the employee lifecycle and re-engineering it so that all team members have equal access to a level playing field, targeting early talent recruiting, sponsorship, and creating employee-driven diversity teams.

Compensation, Benefits and Well-being

We offer competitive compensation and benefits that support our employees’ overall well-being. To ensure alignment with our short- and long-term objectives, our compensation programs for all employees include base pay, short-term incentives, and opportunities for long-term incentives. We offer benefits including comprehensive health and welfare insurance, paid time-off and leaves, and retirement support. Our gym reimbursement program in the United States further helps to support employees’ physical well- being.

In response to the COVID-19 pandemic, we implemented significant changes in the best interest of employees as well as the communities in which we operate. This includes having the vast majority of our employees work from home, while implementing additional safety measures for employees continuing critical on-site work. We have also provided a work-from-home reimbursement program, as well as online classes and weekly newsletters to assist employees in that transition. To create a specific focus on the mental health and wellbeing of our employees, we created the “Unplug” program that provides several company- wide paid days off to help employees balance their work and life responsibilities.

112

Growth and Development

We actively foster a learning culture where employees are empowered to drive their career progression, supporting professional development and providing on-demand learning platforms. Employees enjoy numerous learning platforms, and our education reimbursement program offers each eligible employee an allowance for long-term undergraduate and graduate studies, as well as short-term professional development. Our development programs play a critical role in engaging and retaining our employees as these programs offer opportunities to continually enhance their skills for a variety of career opportunities across the company.

Legal Proceedings

From time to time, we may be subject to legal proceedings arising in the ordinary course of business. We are not currently a party to any litigation the outcome of which, if determined adversely to it, would individually or in the aggregate be reasonably expected to have a material adverse effect on our business, financial position, results of operations or cash flows.

113

MANAGEMENT

Directors and Executive Officers

Our directors and executive officers, and their ages as of January 31, 2022, are as follows:


Name	Age		Position
*Executive Officers*
GEN Keith B. Alexander (Ret.)		70	Co-Chief Executive Officer, President and Chairman
William E. Welch		54	Co-Chief Executive Officer and Director
James C. Gerber		61	Chief Financial Officer
Donald Closser		53	Chief Product Officer

*Non-Employee Directors*
Donald R. Dixon⁽¹⁾		74	Director
Mary E. Gallagher⁽¹⁾		56	Director
Gen. John M. Keane (Ret.)⁽³⁾		78	Director
Robert V. “Rob” LaPenta Jr.⁽²⁾		52	Director
Vadm. John M. McConnell (Ret.)⁽²⁾.		78	Director
André Pienaar⁽³⁾		51	Director
Hon. Michael J. Rogers⁽¹⁾		58	Director
Theodore E. Schlein⁽²⁾		57	Director
Vadm. Jan E. Tighe (Ret.)⁽³⁾		59	Director

(1)	Member the Audit Committee.

(2)	Member of the Compensation Committee.

(3)	Member of the Nominating and Corporate Governance Committee.

Executive Officers

Keith B. Alexander. GEN Keith B. Alexander (Ret.), U.S. Army, founded Legacy IronNet in 2014 and has served as the chairman of its board of directors since inception. He served as Legacy IronNet’s chief executive officer until February 2019 and as its co-chief executive officer thereafter, becoming president, co-chief executive officer and chairman of our company upon the closing of the Business Combination. GEN Alexander served as the Commander of U.S. Cyber Command from 2010 to 2014 and was Director of the NSA and Chief of the Central Security Service from 2005 to 2014. He also served as a Deputy Chief of Staff for Intelligence, Department of the Army; Commanding General of the U.S. Army Intelligence and Security Command; Director of Intelligence for United States Central Command; and Deputy Director for Requirements, Capabilities, Assessments and Doctrine for the Joint Chiefs of Staff. He has served as a director of Amazon.com, Inc. since September 2020 and previously served as a director of CSRA, Inc., an information technology provider to the U.S. government, from 2015 until its acquisition by General Dynamics Corporation in April 2018. GEN Alexander holds a B.S. degree from the United States Military Academy and an M.S. degree in Business Administration and Management from Boston University. We believe GEN Alexander is qualified to serve as a member of our Board due to his leadership of the company since its inception, his extensive government and leadership experience and his unique expertise on cybersecurity issues.

William E. Welch. Mr. Welch served as Legacy IronNet’s co-chief executive officer since February 2019 and became co-chief executive officer of our company upon the closing of the Business Combination. From June 2018 to September 2018, Mr. Welch served as president and chief operating officer of Duo Security, Inc., a cybersecurity company. He previously served in executive roles with Zscaler, Inc., a cloud-based network security company, including as its chief operating officer from January 2017 to May 2018 and chief revenue officer from 2015 to January 2017. From 2012 to 2014, he served as vice president and general manager of Hewlett Packard Enterprise Company’s Americas Software division, and from 2006 to 2012 he was vice president of sales specialists in the Americas for Symantec Corporation. Mr. Welch holds a B.S. degree in

114

finance and political science from LaSalle University. We believe Mr. Welch is qualified to serve as a member of our Board due to his leadership experience and background in the cybersecurity and software fields.

James C. Gerber. Mr. Gerber served as Legacy IronNet’s chief financial officer since 2016 and and became chief financial officer of our company upon the closing of the Business Combination. From 2007 to 2016, Mr. Gerber served as chief financial officer of Lakeland Holdings, a global educational services provider. He was previously the chief financial officer of the Pension Benefit Guaranty Corporation, a private pension insurer, and executive vice president in the rail products business group of Trinity Industries. Mr. Gerber began his career as an electronics and systems engineer with General Electric and founded the Automated Systems Division of Morrison Knudsen Corporation. He holds an M.B.A. degree from Harvard Business School and a B.S. degree in Mechanical and Aerospace Engineering from Princeton University. Formerly chairing the entrepreneurship programs advisory council in Princeton’s engineering school, he now serves on the advisory council of the Center for Information Technology Policy at Princeton.

Donald Closser. Mr. Closser served as Legacy IronNet’s chief product officer since October 2019, becoming chief product officer of our company upon the closing of the Business Combination. From January 2019 to October 2019, he served as chief product officer of FireMon, LLC, a network security company. From 2016 to June 2018, Mr. Closser served as vice president and general manager of Trend Micro, a network security company, and from 2014 to 2016 he was vice president and general manager at Hewlett Packard. From 2006 to 2014, he served in various executive product roles at Symantec Corporation. Mr. Closser holds a B.A.A.S. degree from Dallas Baptist University.

Non-Employee Directors

Donald R. Dixon. Mr. Dixon served as a member of Legacy IronNet’s board of directors since May 2015 and became a director of our company upon the closing of the Business Combination. In 2015, he co-founded, and has since served as the managing director of, ForgePoint Capital, an investment firm focused on cybersecurity. In 1993, he co-founded, and has since served as managing director of, Trident Capital, a venture capital fund. From 1988 to 1993, Mr. Dixon was co-president of Partech International, a private equity fund manager associated with Banque Paribas. From 1983 to 1988, he was managing director of Alex. Brown & Sons, an investment banking firm. Earlier in his career, Mr. Dixon was a vice president of Morgan Stanley & Co. and a senior account officer at Citibank, N.A. Within the past five years, Mr. Dixon has served on the boards of directors of the publicly held companies Qualys, Inc. and Top Image Systems Ltd. In addition to IronNet, he serves as a director of several privately held companies. Mr. Dixon holds a B.S.E. degree in mechanical and aerospace engineering from Princeton University and an M.B.A. degree from Stanford Graduate School of Business. He serves on the advisory board of the Harvard Kennedy School Center for Public Leadership and is a director of the Business Executives for National Security (BENS). We believe Mr. Dixon is qualified to serve as a member of our Board because of his experience as a technology investor and a director of publicly held technology companies.

Mary E. Gallagher. Ms. Gallagher has served as a member of our Board since the consummation of the Business Combination. Between September 2019 and the consummation of the Business Combination, Ms. Gallagher served as a member of the board of directors and as chair of the audit committee of LGL. From 2016 to 2018, Ms. Gallagher served as chief financial officer of Wheels Up, a membership-based private aviation company. From 2004 to 2016, Ms. Gallagher held several executive financial roles with United Technologies Corporation (now Raytheon Company), a global leader in aerospace and building technologies, most recently serving as chief financial officer of Sikorsky Aircraft from 2013 to 2016. From 1996 to 2004, Ms. Gallagher served as vice president, controller and chief accounting officer of Olin Corporation, a global manufacturer and distributor of chemical products and a leading U.S. manufacturer of ammunition. Ms. Gallagher previously served with the accounting firm KPMG in various positions in the audit, mergers/acquisitions, consulting and training groups. Ms. Gallagher is also a director and chair of the audit committee of the publicly held company American Outdoor Brands, Inc. and of the KKR portfolio company Novaria Group. Since April 2021, Ms. Gallagher has served as a member of the board of directors of Leonardo DRS, a military contractor subsidiary of Leonardo S.p.A., an Italian aerospace company listed on the Milan Stock Exchange. Ms. Gallagher holds a B.S. degree in

115

accounting from the University of Vermont and an M.B.A. degree from the Massachusetts Institute of Technology. Ms. Gallagher is a Certified Public Accountant in the State of New York. We believe Ms. Gallagher is qualified to serve on our Board due to her business experience and contacts and relationships in the defense industry, as well as her background as a CPA.

Gen. John M. “Jack” Keane (Ret.). Gen. Keane served as a member of our Legacy IronNet’s board of directors since May 2015 and became a director of our company upon the closing of the Business Combination. He has served as the chairman of the Institute for the Study of War since 2007 and as president of GSI, LLC, a consulting firm, since 2004. Prior to retiring from a 37-year career in the U.S. Army at the rank of General, Gen. Keane served as its vice chief of staff from 1999 to 2003. From 2009 to 2012, he was senior partner of SCP Partners, a venture capital firm, and from 2005 to 2009 he was managing director of Keane Advisors, LLC, a private equity and consulting firm. Within the past five years, he served on the board of directors of the publicly held company General Dynamics Corp. Gen. Keane holds a B.S. degree in accounting from Fordham University and a master’s degree in philosophy from Western Kentucky University. We believe Gen. Keane is qualified to serve as a member of our Board because of his appreciation for the complexities of the U.S. military and the defense industry, combined with his demonstrated leadership and strategic skills and his understanding of public company governance and operations from his service on public company boards of directors.

Robert V. “Rob” LaPenta Jr. has served as a member of our Board since the consummation of the Business Combination. Between March 2021 and the consummation of the Business Combination, Mr. LaPenta served as the Co-Chief Executive Officer and Chief Financial Officer of LGL. Prior to that, he served as LGL’s Executive Vice President and Chief Financial Officer from September 2019 to March 2021. Mr. LaPenta has an extensive career spanning over 25 years in finance, accounting, consulting, capital markets origination, equity trading, asset allocation and mergers and acquisitions and has been active in transaction sourcing, processing and execution. Mr. LaPenta began his career as a Senior Associate at Coopers & Lybrand as a CPA responsible for managing audits, consulting, M&A due diligence and special project engagements for multiple clients in various industries. He was Managing Director and Co-head of Equity Trading at Bank of America Securities, LLC where he managed the firm’s equity capital commitment, proprietary trading, secondary offerings and risk management within cash trading. In 2007, Mr. LaPenta joined L-1 Identity Solutions, Inc. as Vice President of Mergers and Acquisitions and Corporate Strategy. Following the sale of L-1, Mr. LaPenta became a Partner of Aston Capital an alternative asset management firm of the LaPenta family office and co-founded the Boundary Group, an investment partnership focused on private investments in the aerospace, defense, and intelligence markets. In addition to currently serving as a director of The LGL Group, Inc., a publicly held company, Mr. LaPenta previously served within the past five years on the boards of directors of the public companies Revolution Lighting Technologies, Inc. and TherapeuticsMD Inc. Mr. LaPenta graduated from Boston College with a Bachelor’s degree in Accounting and Finance and has been a registered CPA (inactive) in the State of New York. We believe Mr. LaPenta is qualified to serve on our Board due to his business experience and experience as an entrepreneur, investor and banker.

Vadm. John M. “Mike” McConnell (Ret.). Vadm. McConnell served as a member of Legacy IronNet’s board of directors since May 2015 and became a director of our company upon the closing of the Business Combination. In 1996, he retired from the U.S. Navy as a vice admiral after 29 years of service, including 26 as a career intelligence officer. From 1992 to 1996, while on active duty, he served as the Director of the National Security Agency. Following his retirement from the Navy, he served as executive vice president and vice chairman of Booz Allen Hamilton Holding Corp. until his retirement from those positions in 2014. From 2007 to 2009, Vadm. McConnell served in the Cabinet-level position of U.S. Director of National Intelligence. He currently serves as the executive director of the Florida Center for Cybersecurity, hosted by the University of South Florida to promote cybersecurity education and research. He holds a B.A. degree in economics from Furman University and an M.P.A. degree from George Washington University and is a graduate of the National Defense University and the National Defense Intelligence College. We believe Vadm. McConnell is qualified to serve as a member of our Board because of his appreciation for the complexities of the U.S. military and the defense industry, combined with his demonstrated leadership and his deep experience in national intelligence.

116

André Pienaar. Mr. Pienaar served as a member of Legacy IronNet’s board of directors since May 2018 and became a director of our company upon the closing of the Business Combination. In 2014, Mr. Pienaar founded, and has since served as managing partner of, C5 Capital, a technology investment firm focused on cybersecurity, cloud computing and AI. In 2004, Mr. Pienaar founded, and until 2014 served as chief executive of, G3 Good Governance Group, an international risk advisory firm. He started his career at the security firm Kroll Inc. In addition to IronNet, Mr. Pienaar serves as a director of several privately held companies. He holds a Master of Science in Economics degree from the University of Wales and law degrees from Nelson Mandela University in South Africa. We believe Mr. Pienaar is qualified to serve as a member of our Board because of his experience as a technology investor and entrepreneur.

Hon. Michael J. Rogers. The Honorable Mike Rogers served as a member of Legacy IronNet’s board of directors since May 2015 and became a director of our company upon the closing of the Business Combination. He has served on the board of trustees of The MITRE Corporation, a not-for-profit organization that operates federally funded research and development centers and public-private partnerships, since 2016 and as its vice chairman since 2018. A national security commentator, Mr. Rogers represented Michigan’s 8th Congressional District in the U.S. House of Representatives from 2001 to 2015, where has sat on the Energy and Commerce Committee and chaired the House Permanent Select Committee on Intelligence. Mr. Rogers previously served as an Army Officer and FBI Special Agent. In addition to serving on IronNet’s board of directors, he currently serves on the board of directors for IAP and Constella Intelligence, the board of advisors for Telefonica, NS2 and D-Wave, and the board of trustees for the Atlantic Council and the Center for the Study of the Presidency and Congress. He is also a Senior Fellow at Harvard University. Mr. Rogers holds a bachelor’s degree in criminal justice and sociology from Adrian College. We believe Mr. Rogers is qualified to serve as a member of our Board because of his extensive experience in public service and his extensive background in cybersecurity.

Theodore E. Schlein. Mr. Schlein served as a member of Legacy IronNet’s board of directors since October 2015 and became a director of our company upon the closing of the Business Combination. He has served as a general partner of Kleiner Perkins, a venture capital firm, since 1996. From 1986 to 1996, Mr. Schlein served in various executive positions at Symantec Corporation, a provider of internet security technology and business management technology solutions, including as Vice President of Enterprise Products. He currently serves on the board of directors of the publicly held company Chegg, Inc. and on the boards of directors of a number of privately held companies. Within the past five years, he served on the board of directors of the publicly held company Jive Software, Inc. Mr. Schlein holds a B.A. degree in Economics from the University of Pennsylvania. We believe Mr. Schlein is qualified to serve as a member of our Board because of his extensive experience as a technology investor.

Vadm. Jan E. Tighe (Ret.). Vadm. Tighe served as a member of Legacy IronNet’s board of directors since August 2019 and became a director of our company upon the closing of the Business Combination. In 2018, she retired from the U.S. Navy as a vice admiral after 38 years of service, including leadership roles in the Navy and for the National Security Agency. From 2016 to 2018, she served as the Deputy Chief of Naval Operations for Information Warfare and Director of U.S. Naval Intelligence. Vadm. Tighe also had prior leadership positions in U.S. Cyber Command, commanded the Navy’s Fleet Cyber Command, and served as President of the Naval Postgraduate School. A graduate of the U.S. Naval Academy and the Naval Postgraduate School, she holds a B.S. degree in mathematics, an M.S. degree in applied mathematics and a Ph.D. degree in electrical engineering. She has been a Governance Fellow of the National Association of Corporate Directors (NACD) since August 2018 and in September 2021 became NACD Directorship Certified^™. Vadm. Tighe serves on the boards of directors of The Goldman Sachs Group, Inc., The Progressive Corporation and Huntsman Corporation. She also serves on the board of trustees of The MITRE Corporation. We believe Vadm. Tighe is qualified to serve as a member of our Board because of her extensive leadership, global perspective and operational experience in complex cybersecurity matters, information technology systems, risk management, strategic planning, implementation and assessment and corporate governance.

117

Family Relationships

There are no family relationships among any of our directors or executive officers.

Board Composition

Our business and affairs are organized under the direction of our board of directors (the “Board”) which meets on a regular basis and additionally as required.

In accordance with our amended and restated bylaws, the Board may establish the authorized number of directors from time to time by resolution. The Board currently consists of eleven (11) members. The Board is divided into three classes with staggered three-year terms. At each annual general meeting of stockholders, the successors to directors whose terms then expire will be elected to serve from the time of election and qualification until the third annual meeting following election, subject to his or her office being vacated sooner pursuant to our amended and restated bylaws.

Our initial directors are divided among the three classes as follows:

•

the Class I directors are Donald R. Dixon, Theodore E. Schlein and André Pienaar, and their terms will expire at the annual meeting of stockholders to be held in 2022;

•

the Class II directors are Vadm. John M. McConnell (Ret.), Hon. Michael J. Rogers, Gen. John M. Keane (Ret.) and Robert “Rob” LaPenta Jr., and their terms will expire at the annual meeting of stockholders to be held in 2023; and

•

the Class III directors are Mary E. Gallagher, William E. Welch, Vadm. Jan E. Tighe (Ret.) and GEN Keith B. Alexander (Ret.), and their terms will expire at the annual meeting of stockholders to be held in 2024.

Any additional directorships resulting from an increase in the number of directors will be distributed among the three classes so that, as nearly as possible, each class will consist of one-third of the directors.

The initial division of the Board into three classes with staggered three-year terms may delay or prevent a change of our management or a change in control.

Director Independence

The Board has reviewed the independence of each director. Based on information provided by each director concerning her or his background, employment and affiliations, the Board has determined that none of the directors, other than GEN Alexander and Mr. Welch, has any relationships that would interfere with the exercise of independent judgment in carrying out the responsibilities of a director and that each of the directors, other than other than GEN Alexander and Mr. Welch, is “independent” as that term is defined under the NYSE listing standards. In making these determinations, the Board considered the current and prior relationships that each non-employee director has with IronNet and all other facts and circumstances the Board deems relevant in determining their independence including the beneficial ownership of securities IronNet by each non-employee director and the transactions described in the section titled “Certain Relationships and Related Party Transactions.”

Role of the Board in Risk Oversight/Risk Committee

One of the key functions of the Board is the informed oversight of our risk management process. The Board does not have a standing risk management committee, but rather administers this oversight function directly through the board of directors as a whole, as well as through various standing committees of the Board that address risks inherent in their respective areas of oversight. In particular, the Board is responsible for monitoring and assessing strategic risk exposure and the audit committee has the responsibility to consider and discuss our major financial

118

risk exposures and the steps our management will take to monitor and control such exposures, including guidelines and policies to govern the process by which risk assessment and management is undertaken. The audit committee will also monitor compliance with legal and regulatory requirements. The compensation committee assesses and monitors whether our compensation plans, policies and programs comply with applicable legal and regulatory requirements.

Board Committees

Upon the consummation of the Business Combination, the Board reconstituted our audit committee, compensation committee, and nominating and corporate governance committee and adopted a new charter for each of these committees, which comply with the applicable requirements of current SEC and NYSE rules. We intend to comply with future requirements to the extent applicable. Copies of the charters for each committee are available on the investor relations portion of our website at www.ironnet.com.

Audit Committee

The audit committee consists of Mary Gallagher, Donald Dixon and Michael Rogers, each of whom the Board has determined satisfies the independence requirements under NYSE listing standards and Rule 10A- 3(b)(1) of the Exchange Act. The chair of the audit committee is Ms. Gallagher. Ms. Gallagher is an “audit committee financial expert” within the meaning of SEC regulations. Each member of the audit committee can read and understand fundamental financial statements in accordance with applicable requirements. In arriving at these determinations, the board of directors has examined each audit committee member’s scope of experience and the nature of their employment.

The primary purpose of the audit committee is to discharge the responsibilities of the Board with respect to our corporate accounting and financial reporting processes, systems of internal control and financial statement audits, and to oversee the independent registered public accounting firm. Specific responsibilities of the audit committee include:

•

helping the Board oversee corporate accounting and financial reporting processes;

•

managing the selection, engagement, qualifications, independence and performance of a qualified firm to serve as the independent registered public accounting firm to audit the financial statements;

•

discussing the scope and results of the audit with the independent registered public accounting firm, and reviewing, with management and the independent accountants, the interim and year-end operating results;

•

developing procedures for employees to submit concerns anonymously about questionable accounting or audit matters;

•

reviewing related person transactions;

•

obtaining and reviewing a report by the independent registered public accounting firm at least annually that describes internal quality control procedures, any material issues with such procedures and any steps taken to deal with such issues when required by applicable law; and

•

approving or, as permitted, pre-approving, audit and permissible non-audit services to be performed by the independent registered public accounting firm.

Compensation Committee

The compensation committee consists of Mike McConnell, Ted Schlein and Rob LaPenta. The chair of the compensation committee is Vadm. McConnell. The Board has determined that each member of the compensation committee is independent under the NYSE listing standards and a “non-employee director” as defined in Rule 16b-3 promulgated under the Exchange Act.

119

The primary purpose of the compensation committee is to discharge the responsibilities of the Board in overseeing the compensation policies, plans and programs and to review and determine the compensation to be paid to executive officers, directors and other senior management, as appropriate. Specific responsibilities of the compensation committee include:

•

reviewing and approving the compensation of the co-chief executive officers, other executive officers and senior management;

•

administering the equity incentive plans and other benefit programs;

•

reviewing, adopting, amending and terminating incentive compensation and equity plans, severance agreements, profit sharing plans, bonus plans, change-of-control protections and any other compensatory arrangements for the executive officers and other senior management; and

•

reviewing and establishing general policies relating to compensation and benefits of the employees, including the overall compensation philosophy.

Nominating and Corporate Governance Committee

The nominating and corporate governance committee consists of Jan Tighe, Andre Pienaar and Jack Keane. The chair of the nominating and corporate governance committee is Vadm. Tighe. The Board has determined that each member of the nominating and corporate governance committee is independent under the NYSE listing standards. Specific responsibilities of the nominating and corporate governance committee include:

•

identifying and evaluating candidates, including the nomination of incumbent directors for reelection and nominees recommended by stockholders, to serve on the Board;

•

considering and making recommendations to the board of directors regarding the composition and chairmanship of the committees of the Board;

•

developing and making recommendations to the board of directors regarding corporate governance guidelines and matters, including in relation to corporate social responsibility; and

•

overseeing periodic evaluations of the performance of the Board, including its individual directors and committees.

Compensation Committee Interlocks

None of the members of the compensation committee was ever an executive officer or employee of Legacy IronNet. Mr. LaPenta, a member of the compensation committee, was an executive officer of LGL prior to the Business Combination. None of our executive officers currently serve, or has served during the last completed fiscal year, on the compensation committee or board of directors of any other entity that has one or more executive officers that serve as a member of the Board or compensation committee.

Limitation on Liability and Indemnification of Directors and Officers

Our certificate of incorporation limits a directors’ liability to the fullest extent permitted under the DGCL. The DGCL provides that directors of a corporation will not be personally liable for monetary damages for breach of their fiduciary duties as directors, except for liability:

•

for any transaction from which the director derives an improper personal benefit;

•

for any act or omission not in good faith or that involves intentional misconduct or a knowing violation of law;

•

for any unlawful payment of dividends or redemption of shares; or

•

for any breach of a director’s duty of loyalty to the corporation or its stockholders.

120

If the DGCL is amended to authorize corporate action further eliminating or limiting the personal liability of directors, then the liability of the directors will be eliminated or limited to the fullest extent permitted by the DGCL, as so amended.

Delaware law and our amended and restated bylaws provide that we will, in certain situations, indemnify our directors and officers and may indemnify other employees and other agents, to the fullest extent permitted by law. Any indemnified person is also entitled, subject to certain limitations, to advancement, direct payment, or reimbursement of reasonable expenses (including attorneys’ fees and disbursements) in advance of the final disposition of the proceeding.

In addition, we have entered into separate indemnification agreements with our directors and officers. These agreements, among other things, require us to indemnify our directors and officers for certain expenses, including attorneys’ fees, judgments, fines, and settlement amounts incurred by a director or officer in any action or proceeding arising out of their services as one of our directors or officers or any other company or enterprise to which the person provides services at our request.

We also maintain a directors’ and officers’ insurance policy pursuant to which our directors and officers are insured against liability for actions taken in their capacities as directors and officers. We believe these provisions in the certificate of incorporation and amended and restated bylaws and these indemnification agreements are necessary to attract and retain qualified persons as directors and officers.

Insofar as indemnification for liabilities arising under the Securities Act may be permitted to directors, officers, or control persons, in the opinion of the SEC, such indemnification is against public policy as expressed in the Securities Act and is therefore unenforceable.

Code of Business Conduct and Ethics

We have adopted a Code of Business Conduct and Ethics, or the Code of Conduct, applicable to all of our employees, executive officers and directors. The Code of Conduct is available at the investors section of our website at www.ironnet.com. Information contained on or accessible through this website is not a part of this prospectus, and the inclusion of such website address in this prospectus is an inactive textual reference only. Any amendments to the Code of Conduct, or any waivers of its requirements, are will be disclosed on our website to the extent required by applicable rules and exchange requirements.

121

EXECUTIVE COMPENSATION

As used in this section, “IronNet,” “we,” “us” or “our” refers to IronNet Cybersecurity, Inc. prior to the closing of the Business Combination and IronNet, Inc. after the closing of the Business Combination. Upon the closing of the Business Combination, the executive officers of IronNet Cybersecurity, Inc. became executive officers of IronNet, Inc.

For the year ended January 31, 2022, our named executive officers were:

•

GEN Keith B. Alexander (Ret.), our Chairman, President and Co-Chief Executive Officer;

•

William Welch, our Co-Chief Executive Officer;

•

James C. Gerber, our Chief Financial Officer;

•

Donald Closser, our Chief Product Officer; and

•

Sean Foster, our former Chief Revenue Officer.

Summary Compensation Table

The following table shows the total compensation earned by our named executive officers for our fiscal years ended January 31, 2022 and 2021:


Name and Principal Position	Fiscal Year		Salary ($)			Bonus ($)			Stock Awards ($)⁽¹⁾		Non-Equity Incentive Plan Compensation ($)⁽²⁾		All Other Compensation ($)⁽³⁾		Total ($)
Gen Keith B. Alexander (Ret.)		2022		360,000			—			—		—		15,544		375,544
Chairman, President and Co-Chief Executive Officer		2021		339,000			—			—		44,350		10,680		394,030
William E. Welch		2022		360,000			—			—		—		11,192		371,192
Co-Chief Executive Officer		2021		339,000			—			—		44,350		11,400		394,750
James C. Gerber		2022		340,000			125,000	⁽⁵⁾		695,673		—		12,183		1,172,856
Chief Financial Officer(4)
Donald Closser		2022		330,000			—			627,671		—		11,152		968,823
Chief Product Officer(4)
Sean Foster		2022		275,000	⁽⁶⁾		—			627,671		113,204		1,462,420		2,478,295
Former Chief Revenue Officer		2021		383,336	⁽⁷⁾		—			—		88,029		11,948		483,313

(1)

The amounts in this column reflect the aggregate grant date fair value of restricted stock units, or RSUs, granted in the applicable year, computed in accordance with Financial Accounting Standards Board, or FASB, Accounting Standards Codification Topic 718 for stock-based compensation transactions.

(2)	For officers other than Mr. Foster, the amounts in this column reflect cash incentive bonuses earned under our bonus plan during the respective year and paid during the first quarter of the following year. For Mr. Foster only, amount represent sales commissions.

(3)

Amounts in this column consist primarily of 401(k) plan matching contributions. For Mr. Foster, amounts for fiscal 2022 also include (a) cash severance payments of $150,000, (b) post-termination benefit payments in the amount of $14,303, and (c) $1,288,680, representing the value of acceleration of vesting of restricted stock units to the date of termination.

(4)	Mr. Gerber and Mr. Closser were not named executive officers for fiscal 2021, and as a result their compensation for that year has been omitted pursuant to applicable SEC rules and regulations.

(5)	Amount represents a discretionary bonus paid upon the closing of the Business Combination.

(6)	Mr. Foster’s employment with our company ceased on December 31, 2021, and amounts in this table for fiscal 2022 represent amounts paid or earned for service through that date.

(7)	Consists of $300,000 in base salary and $83,336 in sales commissions, including non-recoverable draws against such commissions.

122

Outstanding Equity Awards at Fiscal Year-End

The following table sets forth the equity-based awards held by the named executive officers that were outstanding on January 31, 2022.


	Option Awards								Stock Awards
Name	Number of Securities Underlying Unexercised Options Exercisable (#)		Number of Securities Underlying Unexercised Options Unexercisable (#)		Option Exercise Price ($)		Option Expiration Date⁽¹⁾		Number of Shares or Units of Stock That Have Not Vested (#)			Market Value of Shares or Units of Stock That Have Not Vested ($)⁽²⁾		Equity Incentive Plan Awards: Number of Unearned Shares, Units or Other Rights That Have Not Vested (#)			Equity Incentive Plan Awards: Market or Payout Value of Unearned Shares, Units or Other Rights that Have Not Vested ($)⁽²⁾
William E. Welch										4,438,674	⁽³⁾		15,135,878
										244,126	⁽⁴⁾		832,470
										244,126	⁽⁵⁾		832,470		983,905	⁽⁶⁾		3,355,116
James C. Gerber		81,412		—		0.58		4/23/2027
										94,842	⁽³⁾		323,411
Donald Closser										659,426	⁽³⁾		2,248,643
Sean Foster										1,043,684	⁽³⁾		3,558,962

(1)	The expiration date of each stock option is ten years from the date of grant.

(2)	The market value amount is calculated based on the closing price of our common stock of $3.41 on January 31, 2022.

(3)

These shares represent time-based RSUs outstanding at January 31, 2022 which vested 25% on the first anniversary of their grant date, with the remaining 75% vesting thereafter in 36 monthly installments, subject to the officer’s continuous service as of each vesting date. Certain of the amounts vested at January 31, 2022 remained subject to a liquidity event condition that was satisfied subsequent to January 31, 2022, at which time the vested portion of the RSUs were settled and shares were issued to the officer, net of shares sold to satisfy tax withholding obligations.

(4)	Of the shares underlying this restricted stock unit award, 25% will vest on July 31, 2022 and the remainder will vest in 36 monthly installments thereafter, such that the award will be fully vested on July 31, 2025, subject to the officer’s continuous service as of each such vesting date.

(5)	Of the shares underlying this restricted stock unit award, 25% will vest on August 26, 2022 and the remainder will vest in 36 monthly installments thereafter, such that the award will be fully vested on August 26, 2025, subject to the officer’s continuous service as of each such vesting date.

(6)	These shares represent RSUs granted in February 2019 as performance-based grants. The vesting of these shares will be based on the achievement of specified performance conditions.

Emerging Growth Company Status

We are an “emerging growth company,” as defined in the JOBS Act. As an emerging growth company, we are exempt from certain requirements related to executive compensation, including the requirements to hold a nonbinding advisory vote on executive compensation and to provide information relating to the ratio of total compensation of our President and Chief Executive Officer to the median of the annual total compensation of all of our employees, each as required by the Investor Protection and Securities Reform Act of 2010, which is part of the Dodd-Frank Act.

123

401(k) Plan

We provide a retirement savings plan for the benefit of our employees, including our named executive officers. The plan is intended to qualify as a tax-qualified 401(k) plan so that contributions to the 401(k) plan, and income earned on such contributions, are not taxable to participants until withdrawn or distributed from the 401(k) plan (except in the case of contributions under the 401(k) plan designated as Roth contributions). The 401(k) plan provides that each participant may contribute up to an annual statutory limit. Participants who are at least 50 years old can also contribute additional amounts based on statutory limits for “catch-up” contributions. Under the 401(k) plan, each employee is fully vested in his or her deferred salary contributions. Employee contributions are held and invested by the plan’s trustee as directed by participants. We also fully match employee contributions up to the first 4% of salary, which amounts are fully vested.

Other Employee Benefits

Our named executive officers are eligible to participate in our health and welfare plans to the same extent as all full-time employees.

We generally have not provided perquisites or personal benefits except in limited circumstances, and we did not provide any perquisites or personal benefits to our named executive officers during the fiscal year ended January 31, 2022.

Employment Agreements

Below are descriptions of the employment agreements with our named executive officers. Each of our named executive officers is an at-will employee.

Employment Agreement with General Keith Alexander

We entered into an employment agreement with General Keith Alexander, our Chairman, Founder and Co-Chief Executive Officer, effective as of May 8, 2019. This agreement governs the current terms of GEN Alexander’s employment with us. Pursuant to the agreement, GEN Alexander receives an annual base salary of $360,000 and is eligible to receive an annual cash bonus of $200,000, payable based on the achievement of performance goals as established by us or a bonus agreement to be developed by us and GEN Alexander. GEN Alexander is also eligible for standard benefits such as paid time off, for reimbursement of business expenses, and to participate in employee benefit plans and programs.

Pursuant to GEN Alexander’s employment agreement, if GEN Alexander’s employment is terminated by us, absent a “Change in Control,” without “Cause” or by GEN Alexander for “Good Reason” (such terms as defined in the employment agreement), and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) a single lump sum payment equal to his then-current full annual base salary and full annual incentive bonus, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 12 months, and (c) accelerated vesting of the then-unvested portion of each of his outstanding time-based RSU grants, provided that the number of RSUs that shall be accelerated under these circumstances will equal the lesser of (i) 50% of the original number of RSUs granted, or (ii) the total number of outstanding unvested RSUs. In the event that GEN Alexander’s employment is terminated by us without “Cause” or by GEN Alexander for “Good Reason,” in either case, within 6 months prior to or 12 months following a “Change in Control,” and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) a single lump sum payment equal to his then-current full annual base salary and full annual incentive bonus, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 12 months, and (c) accelerated vesting of the then-unvested portion of each of his outstanding time-based and performance-based RSU grants, which shall be deemed to have been satisfied in full effective as of GEN Alexander’s date of termination.

124

Employment Agreement with William Welch

We entered into an employment agreement with William Welch, our Co-Chief Executive Officer, effective as of February 7, 2019. This agreement governs the current terms of Mr. Welch’s employment with us. Pursuant to the agreement, Mr. Welch receives an annual base salary of $360,000 and is eligible to receive an annual cash bonus of $200,000, payable based on the achievement of performance goals as established by us or a bonus agreement to be developed by us and Mr. Welch. Mr. Welch is also eligible for standard benefits such as paid time off, for reimbursement of business expenses, and to participate in employee benefit plans and programs.

Pursuant to Mr. Welch’s employment agreement, if Mr. Welch’s employment is terminated by us, absent a “Change in Control,” without “Cause” or by Mr. Welch for “Good Reason” (such terms as defined in the employment agreement), and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) a single lump sum payment equal to his then-current full annual base salary and full annual incentive bonus, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 12 months, and (c) accelerated vesting of the then-unvested portion of each of his outstanding time-based RSU grants, provided that the number of RSUs that shall be accelerated under these circumstances will equal the lesser of (i) 50% of the original number of RSUs granted, or (ii) the total number of outstanding unvested RSUs. In the event that Mr. Welch’s employment is terminated by us without “Cause” or by Mr. Welch for “Good Reason,” in either case, within 6 months prior to or 12 months following a “Change in Control,” and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) a single lump sum payment equal to his then-current full annual base salary and full annual incentive bonus, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 12 months, and (c) accelerated vesting of the then-unvested portion of each of his outstanding time-based and performance-based RSU grants, which shall be deemed to have been satisfied in full effective as of Mr. Welch’s date of termination.

Employment Agreement with James Gerber

We entered into an employment agreement with James Gerber, our Chief Financial Officer, effective as of September 6, 2019. This agreement governs the current terms of Mr. Gerber’s employment with us. Pursuant to the agreement, Mr. Gerber receives an annual base salary of $340,000 and is eligible to receive a quarterly bonus of up to 20% of Mr. Gerber’s quarterly base salary rate, payable based on the achievement of performance goals as established by us. Mr. Gerber is also eligible for standard benefits such as paid time off, for reimbursement of business expenses, and to participate in employee benefit plans and programs.

Pursuant to Mr. Gerber’s employment agreement, if Mr. Gerber’s employment is terminated by us for any other reason than for “Cause” or if Mr. Gerber resigns for “Good Reason” (such terms as defined in the employment agreement), and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) a single lump sum cash payment of the sum of his then-current annual base salary for 6 months and his prorated quarterly bonus based on the portion of time he worked during the quarter in which the termination occurred and (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 6 months. In the event that Mr. Gerber’s employment is terminated by us without “Cause” or if Mr. Gerber resigns for “Good Reason” within 12 months following a “Change in Control” (as defined in the employment agreement), and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) continuing payments of his then- current full annual base salary and full annual bonus for 12 months, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 12 months, and (c) full accelerated vesting of the then-unvested portion of each of his outstanding option and RSU grants.

125

Employment Agreement with Donald Closser

We entered into an employment agreement with Donald Closser, our Chief Product Officer, effective as of September 19, 2019. This agreement governs the current terms of Mr. Closser’s employment with us. Pursuant to the agreement, Mr. Closser receives an annual base salary of $330,000 and is eligible to receive a quarterly bonus of up to 20% of Mr. Closser’s quarterly base salary rate, payable based on the achievement of performance goals as established by us. Mr. Closser is also eligible for standard benefits such as paid time off, for reimbursement of business expenses, and to participate in employee benefit plans and programs.

Pursuant to Mr. Closser’s employment agreement, if Mr. Closser’s employment is terminated by us for any other reason than for “Cause” or if Mr. Closser resigns for “Good Reason” (such terms as defined in the employment agreement), and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) a single lump sum cash payment of the sum of his then-current annual base salary for 6 months and his prorated quarterly bonus based on the portion of time he worked during the quarter in which the termination occurred and (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 6 months. In the event that Mr. Closser’s employment is terminated by us without “Cause” or if Mr. Closser resigns for “Good Reason” within 12 months following a “Change in Control” (as defined in the employment agreement), and subject to his delivery to us of a general release of claims, he will receive the following severance benefits: (a) continuing payments of his then-current full annual base salary and full annual bonus for 12 months, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 12 months, and (c) full accelerated vesting of the then-unvested portion of each of his outstanding option and RSU grants.

Employment Agreement with Sean Foster

We entered into an employment agreement with Sean Foster, our Chief Revenue Officer, effective as of February 7, 2019. On December 10, 2021, we and Sean Foster mutually agreed that Mr. Foster’s employment with us would end on December 31, 2021. Mr. Foster was compensated in accordance with his employment agreement as though such separation would constitute a termination other than for “Cause” under the agreement. Mr. Foster received the following severance benefits: (a) continuing payments of his then-current annual base salary for 6 months, (b) payment of the premiums necessary to continue health insurance coverage for himself under our group health plans pursuant to COBRA or similar state insurance laws, for up to 6 months, and (c) full accelerated vesting of the then-unvested portion of his outstanding RSU grant from February 11, 2019.

Executive Compensation

Our board of directors and compensation committee will oversee the compensation policies, plans and programs and review and determine compensation to be paid to our executive officers, directors and other senior management, as appropriate. The compensation policies followed by us will be intended to provide for compensation that is sufficient to attract, motivate and retain executives and other individuals and to establish an appropriate relationship between executive compensation and the creation of stockholder value.

Equity-Based Compensation

Equity-based compensation has been and will continue to be an important foundation in executive compensation packages, as we believe it is important to maintain a strong link between executive incentives and the creation of stockholder value. We believe that performance and equity-based compensation can be an important component of the total executive compensation package for maximizing stockholder value while, at the same time, attracting, motivating and retaining high-quality executives.

Formal guidelines for the allocations of equity-based compensation to the named executive officers by us have not yet been determined, but it is expected that the 2021 Plan will be an important element of our compensation arrangements for both executive officers and directors, and that the executive officers will also be eligible to participate in the ESPP.

126

2021 Plan

In August 2021 our board of directors adopted and our stockholders approved the 2021 Plan. The 2021 Plan became effective immediately upon the closing of the Business Combination.

Eligibility

Any individual who is an employee of IronNet or any of its affiliates, or any person who provides services us or any of our affiliates, including members of our board of directors, is eligible to receive awards under the 2021 Plan at the discretion of the plan administrator.

Awards

The 2021 Plan provides for the grant of ISOs within the meaning of Section 422 of the Code to employees, including employees of any parent or subsidiary, and for the grant of nonstatutory stock options (“NSOs”), stock appreciation rights, restricted stock awards, restricted stock unit awards, performance awards and other forms of awards to employees, directors and consultants, including employees and consultants of our affiliates.

Authorized Shares

Initially, the maximum number of shares that may be issued under the 2021 Plan was 13,500,000 shares of our common stock. In addition, the number of shares of our common stock reserved for issuance under the 2021 Plan will automatically increase on February 1 of each year, beginning on February 1, 2022 and continuing through and including February 1, 2031, in an amount equal to (1) 5% of the sum of (i) the total number of shares of common stock outstanding on the immediately preceding January 31, plus (ii) the number of shares of common stock reserved for issuance under the 2021 Plan as of the immediately preceding January 31, or (2) a lesser number of shares of common stock determined by the board of directors prior to the date of the increase. On February 1, 2022, the number of shares reserved for issuance under the 2021 Plan increased by 4,933,969 shares. The maximum number of shares of our common stock that may be issued upon the exercise of ISOs under the 2021 Plan is 40,000,000 shares.

Shares subject to stock awards granted under the 2021 Plan that expire or terminate without being exercised or otherwise issued in full or that are paid out in cash rather than in shares do not reduce the number of shares available for issuance under the 2021 Plan. Shares withheld under a stock award to satisfy the exercise, strike or purchase price of a stock award or to satisfy a tax withholding obligation do not reduce the number of shares available for issuance under the 2021 Plan. If any shares of our common stock issued pursuant to a stock award are forfeited back to or repurchased or reacquired by us (1) because of the failure to vest, (2) to satisfy the exercise, strike or purchase price or (3) to satisfy a tax withholding obligation in connection with an award, the shares that are forfeited, repurchased or reacquired will revert to and again become available for issuance under the 2021 Plan.

Non-Employee Director Compensation Limit

The aggregate value of all compensation granted or paid to any non-employee director with respect to any calendar year, including awards granted and cash fees paid to such non-employee director, will not exceed $1,000,000 in total value, calculating the value of any equity awards based on the grant date fair value of such equity awards for financial reporting purposes and excluding distributions from a deferred compensation program.

Plan Administration

Our board of directors, or a duly authorized committee thereof, will administer the 2021 Plan and is referred to as the “plan administrator” herein. Our board of directors may also delegate to one or more of our officers the authority to (1) designate employees (other than officers) to receive specified stock awards and (2) determine the

127

number of shares subject to such stock awards. Under the 2021 Plan, our board of directors has the authority to determine award recipients, grant dates, the numbers and types of stock awards to be granted, the applicable fair market value, and the provisions of each stock award, including the period of exercisability and the vesting schedule applicable to a stock award.

Under the 2021 Plan, our board of directors also generally has the authority to effect, without the approval of stockholders but with the consent of any materially adversely affected participant, (1) the reduction of the exercise, purchase, or strike price of any outstanding option or stock appreciation right; (2) the cancellation of any outstanding option or stock appreciation right and the grant in substitution therefore of other awards, cash, or other consideration; or (3) any other action that is treated as a repricing under generally accepted accounting principles.

Stock Options

ISOs and NSOs are granted under stock option agreements adopted by the plan administrator. The plan administrator determines the exercise price for stock options, within the terms and conditions of the 2021 Plan, provided that the exercise price of a stock option generally cannot be less than 100% of the fair market value of a share of our common stock on the date of grant. Options granted under the 2021 Plan vest at the rate specified in the stock option agreement as determined by the plan administrator.

The plan administrator determines the term of stock options granted under the 2021 Plan, up to a maximum of 10 years. Unless the terms of an optionholder’s stock option agreement provide otherwise or as otherwise provided by the plan administrator, if an optionholder’s service relationship with us or any of our affiliates ceases for any reason other than disability, death, or cause, the optionholder may generally exercise any vested options for a period of three months following the cessation of service. This period may be extended in the event that exercise of the option is prohibited by applicable securities laws. Unless the terms of an optionholder’s stock option agreement provide otherwise or as otherwise provided by the plan administrator, if an optionholder’s service relationship with us or any of our affiliates ceases due to death, or an optionholder dies within a certain period following cessation of service, the optionholder or a beneficiary may generally exercise any vested options for a period of 18 months following the date of death. Unless the terms of an optionholder’s stock option agreement provide otherwise or as otherwise provided by the plan administrator, if an optionholder’s service relationship with us or any of our affiliates ceases due to disability, the optionholder may generally exercise any vested options for a period of 12 months following the cessation of service. In the event of a termination for cause, options generally terminate upon the termination date. In no event may an option be exercised beyond the expiration of its term.

Acceptable consideration for the purchase of our common stock issued upon the exercise of a stock option will be determined by the plan administrator and may include (1) cash, check, bank draft or money order, (2) a broker-assisted cashless exercise, (3) the tender of shares of our common stock previously owned by the optionholder, (4) a net exercise of the option if it is an NSO or (5) other legal consideration approved by the plan administrator.

Unless the plan administrator provides otherwise, options and stock appreciation rights generally are not transferable except by will or the laws of descent and distribution. Subject to approval of the plan administrator or a duly authorized officer, an option may be transferred pursuant to a domestic relations order.

Tax Limitations on ISOs

The aggregate fair market value, determined at the time of grant, of our common stock with respect to ISOs that are exercisable for the first time by an award holder during any calendar year under all of our stock plans may not exceed $100,000. Options or portions thereof that exceed such limit will generally be treated as NSOs. No ISO may be granted to any person who, at the time of the grant, owns or is deemed to own stock possessing more than 10% of total combined voting power of IronNet or that of any of our parent or subsidiary corporations unless (1) the option exercise price is at least 110% of the fair market value of the stock subject to the option on the date of grant and (2) the term of the ISO does not exceed five years from the date of grant.

128

Restricted Stock Unit Awards

Restricted stock unit awards are granted under restricted stock unit award agreements adopted by the plan administrator. Restricted stock unit awards may be granted in consideration for any form of legal consideration that may be acceptable to the plan administrator and permissible under applicable law. A restricted stock unit award may be settled by cash, delivery of shares of our common stock, a combination of cash and shares of our common stock as determined by the plan administrator, or in any other form of consideration set forth in the restricted stock unit award agreement. Additionally, dividend equivalents may be credited in respect of shares covered by a restricted stock unit award. Except as otherwise provided in the applicable award agreement or by the plan administrator, restricted stock unit awards that have not vested will be forfeited once the participant’s continuous service ends for any reason.

Restricted Stock Awards

Restricted stock awards are granted under restricted stock award agreements adopted by the plan administrator. A restricted stock award may be awarded in consideration for cash, check, bank draft or money order, services to us, or any other form of legal consideration that may be acceptable to the plan administrator and permissible under applicable law. The plan administrator determines the terms and conditions of restricted stock awards, including vesting and forfeiture terms. If a participant’s service relationship with us ends for any reason, we may receive any or all of the shares of our common stock held by the participant that have not vested as of the date the participant terminates service with us through a forfeiture condition or a repurchase right.

Stock Appreciation Rights

Stock appreciation rights are granted under stock appreciation right agreements adopted by the plan administrator. The plan administrator determines the strike price for a stock appreciation right, which generally cannot be less than 100% of the fair market value of a share of our common stock on the date of grant. A stock appreciation right granted under the 2021 Plan vests at the rate specified in the stock appreciation right agreement as determined by the plan administrator. Stock appreciation rights may be settled in cash or shares of our common stock or in any other form of payment, as determined by the plan administrator and specified in the stock appreciation right agreement.

The plan administrator determines the term of stock appreciation rights granted under the 2021 Plan, up to a maximum of 10 years. Unless the terms of a participant’s stock appreciation rights agreement provide otherwise or as otherwise provided by the plan administrator, if a participant’s service relationship with us or any of our affiliates ceases for any reason other than cause, disability, or death, the participant may generally exercise any vested stock appreciation right for a period of three months following the cessation of service. This period may be further extended in the event that exercise of the stock appreciation right following such a termination of service is prohibited by applicable securities laws. Unless the terms of a participant’s stock appreciation rights agreement provide otherwise or as otherwise provided by the plan administrator, if a participant’s service relationship with us or any of our affiliates ceases due to disability or death, or a participant dies within a certain period following cessation of service, the participant or a beneficiary may generally exercise any vested stock appreciation right for a period of 12 months in the event of disability and 18 months in the event of death. In the event of a termination for cause, stock appreciation rights generally terminate immediately upon the occurrence of the event giving rise to the termination of the individual for cause. In no event may a stock appreciation right be exercised beyond the expiration of its term.

Performance Awards

The 2021 Plan permits the grant of performance awards that may be settled in stock, cash or other property. Performance awards may be structured so that the stock or cash will be issued or paid only following the achievement of certain pre-established performance goals during a designated performance period. Performance awards that are settled in cash or other property are not required to be valued in whole or in part by reference to, or otherwise based on, our common stock.

129

The performance goals may be based on any measure of performance selected by the plan administrator. The performance goals may be based on company-wide performance or performance of one or more business units, divisions, affiliates or segments and may be either absolute or relative to the performance of one or more comparable companies or the performance of one or more relevant indices. Unless specified otherwise by the plan administrator when the performance award is granted, the plan administrator will appropriately make adjustments in the method of calculating the attainment of performance goals as follows: (1) to exclude restructuring and/or other nonrecurring charges; (2) to exclude exchange rate effects; (3) to exclude the effects of changes to generally accepted accounting principles; (4) to exclude the effects of any statutory adjustments to corporate tax rates; (5) to exclude the effects of items that are “unusual” in nature or occur “infrequently” as determined under generally accepted accounting principles; (6) to exclude the dilutive effects of acquisitions or joint ventures; (7) to assume that any portion of our business which is divested achieved performance objectives at targeted levels during the balance of a performance period following such divestiture; (8) to exclude the effect of any change in the outstanding shares of our common stock by reason of any stock dividend or split, stock repurchase, reorganization, recapitalization, merger, consolidation, spin-off, combination or exchange of shares or other similar corporate change, or any distributions to holders of our common stock other than regular cash dividends; (9) to exclude the effects of stock based compensation and the award of bonuses under our bonus plans; (10) to exclude costs incurred in connection with potential acquisitions or divestitures that are required to be expensed under generally accepted accounting principles; and (11) to exclude the goodwill and intangible asset impairment charges that are required to be recorded under generally accepted accounting principles. In addition, our board of directors may establish or provide for other adjustment items in the award agreement at the time the award is granted or in such other document setting forth the performance goals at the time the performance goals are established.

Other Stock Awards

The plan administrator may grant other awards based in whole or in part by reference to our common stock. The plan administrator will set the number of shares under the stock award (or cash equivalent) and all other terms and conditions of such awards.

Changes to Capital Structure

In the event there is a specified type of change in our capital structure, such as a stock split, reverse stock split or recapitalization, appropriate adjustments will be made to (1) the class and maximum number of shares reserved for issuance under the 2021 Plan, (2) the class of shares used to determine the number of shares by which the share reserve may increase automatically each year, (3) the class and maximum number of shares that may be issued on the exercise of ISOs and (4) the class and number of shares and exercise price, strike price or purchase price, if applicable, of all outstanding stock awards.

Corporate Transactions

The following applies to stock awards under the 2021 Plan in the event of a corporate transaction (as defined in the 2021 Plan), unless otherwise provided in a participant’s stock award agreement or other written agreement with us or one of our affiliates or unless otherwise expressly provided by the plan administrator at the time of grant.

In the event of a corporate transaction, any stock awards outstanding under the 2021 Plan may be assumed, continued or substituted for by any surviving or acquiring corporation (or its parent company), and any reacquisition or repurchase rights held by us with respect to the stock award may be assigned to our successor (or its parent company). If the surviving or acquiring corporation (or its parent company) does not assume, continue or substitute for such stock awards, then (i) with respect to any such stock awards that are held by participants whose continuous service has not terminated prior to the effective time of the corporate transaction, or current participants, the vesting (and exercisability, if applicable) of such stock awards will be accelerated in full (or, in the case of performance awards with multiple vesting levels depending on the level of performance, vesting will accelerate at 100% of the target level) to a date prior to the effective time of the corporate transaction (contingent

130

upon the effectiveness of the corporate transaction), and such stock awards will terminate if not exercised (if applicable) at or prior to the effective time of the corporate transaction, and any reacquisition or repurchase rights held by us with respect to such stock awards will lapse (contingent upon the effectiveness of the corporate transaction), and (ii) any such stock awards that are held by persons other than current participants will terminate if not exercised (if applicable) prior to the effective time of the corporate transaction, except that any reacquisition or repurchase rights held by us with respect to such stock awards will not terminate and may continue to be exercised notwithstanding the corporate transaction.

In the event a stock award will terminate if not exercised prior to the effective time of a corporate transaction, the plan administrator may provide, in its sole discretion, that the holder of such stock award may not exercise such stock award but instead will receive a payment equal in value to the excess (if any) of (i) the per share amount payable to holders of our common stock in connection with the corporate transaction, over (ii) any per share exercise price payable by such holder, if applicable.

Plan Amendment or Termination

Our board of directors has the authority to amend, suspend, or terminate the 2021 Plan at any time, provided that such action does not materially impair the existing rights of any participant without such participant’s written consent. Certain material amendments also require approval of the our stockholders. No ISOs may be granted after the tenth anniversary of the date our board of directors adopted the 2021 Plan. No stock awards may be granted under the 2021 Plan while it is suspended or after it is terminated.

U.S. Federal Income Tax Consequences

The following is a summary of the principal U.S. federal income tax consequences to participants and us with respect to participation in the 2021 Plan, which became effective as of the closing of the Business Combination. This summary is not intended to be exhaustive and does not discuss the income tax laws of any local, state or foreign jurisdiction in which a participant may reside. The information is based upon current U.S. federal income tax rules and therefore is subject to change when those rules change. Because the tax consequences to any participant may depend on such participant’s particular situation, each participant should consult the participant’s tax adviser regarding the federal, state, local and other tax consequences of the grant or exercise of an award or the disposition of stock acquired under the 2021 Plan. The 2021 Plan is not qualified under the provisions of Section 401(a) of the Code and is not subject to any of the provisions of the Employee Retirement Income Security Act of 1974, as amended. Our ability to realize the benefit of any tax deductions described below depends on our generation of taxable income as well as the requirement of reasonableness and the satisfaction of our tax reporting obligations.

Nonstatutory Stock Options

Generally, there is no taxation upon the grant of a NSO. Upon exercise, a participant will recognize ordinary income equal to the excess, if any, of the fair market value of the underlying stock on the date of exercise of the stock option over the exercise price. If the participant is employed by us or one of our affiliates, that income will be subject to withholding taxes. The participant’s tax basis in those shares will be equal to their fair market value on the date of exercise of the stock option, and the participant’s capital gain holding period for those shares will begin on the day after they are transferred to the participant. Subject to the requirement of reasonableness, the deduction limits under Section 162(m) of the Code and the satisfaction of a tax reporting obligation, we will generally be entitled to a tax deduction equal to the taxable ordinary income realized by the participant.

Incentive Stock Options

The 2021 Plan provides for the grant of stock options that are intended to qualify as “incentive stock options,” as defined in Section 422 of the Code. Under the Code, a participant generally is not subject to ordinary income tax upon the grant or exercise of an ISO. If the participant holds a share received upon exercise of an ISO for more

131

than two years from the date the stock option was granted and more than one year from the date the stock option was exercised, which is referred to as the required holding period, the difference, if any, between the amount realized on a sale or other taxable disposition of that share and the participant’s tax basis in that share will be long-term capital gain or loss. If, however, a participant disposes of a share acquired upon exercise of an ISO before the end of the required holding period, which is referred to as a disqualifying disposition, the participant generally will recognize ordinary income in the year of the disqualifying disposition equal to the excess, if any, of the fair market value of the share on the date of exercise of the stock option over the exercise price.

However, if the sales proceeds are less than the fair market value of the share on the date of exercise of the stock option, the amount of ordinary income recognized by the participant will not exceed the gain, if any, realized on the sale. If the amount realized on a disqualifying disposition exceeds the fair market value of the share on the date of exercise of the stock option, that excess will be short-term or long-term capital gain, depending on whether the holding period for the share exceeds one year. For purposes of the alternative minimum tax, the amount by which the fair market value of a share of stock acquired upon exercise of an ISO exceeds the exercise price of the stock option generally will be an adjustment included in the participant’s alternative minimum taxable income for the year in which the stock option is exercised. If, however, there is a disqualifying disposition of the share in the year in which the stock option is exercised, there will be no adjustment for alternative minimum tax purposes with respect to that share. In computing alternative minimum taxable income, the tax basis of a share acquired upon exercise of an ISO is increased by the amount of the adjustment taken into account with respect to that share for alternative minimum tax purposes in the year the stock option is exercised. We are not allowed a tax deduction with respect to the grant or exercise of an ISO or the disposition of a share acquired upon exercise of an ISO after the required holding period. If there is a disqualifying disposition of a share, however, we will generally be entitled to a tax deduction equal to the taxable ordinary income realized by the participant, subject to the requirement of reasonableness, the deduction limits under Section 162(m) of the Code and provided that either the employee includes that amount in income or we timely sastify its reporting requirements with respect to that amount.

Restricted Stock Awards

Generally, the recipient of a restricted stock award will recognize ordinary income at the time the stock is received equal to the excess, if any, of the fair market value of the stock received over any amount paid by the recipient in exchange for the stock. If, however, the stock is subject to restrictions constituting a substantial risk of forfeiture when it is received (for example, if the employee is required to work for a period of time in order to have the right to transfer or sell the stock), the recipient generally will not recognize income until the restrictions constituting a substantial risk of forfeiture lapse, at which time the recipient will recognize ordinary income equal to the excess, if any, of the fair market value of the stock on the date it becomes vested over any amount paid by the recipient in exchange for the stock. A recipient may, however, file an election with the Internal Revenue Service, within 30 days following the date of grant, to recognize ordinary income, as of the date of grant, equal to the excess, if any, of the fair market value of the stock on the date the award is granted over any amount paid by the recipient for the stock. The recipient’s basis for the determination of gain or loss upon the subsequent disposition of shares acquired from a restricted stock award will be the amount paid for such shares plus any ordinary income recognized either when the stock is received or when the restrictions constituting a substantial risk of forfeiture lapse. Subject to the requirement of reasonableness, the deduction limits under Section 162(m) of the Code and the satisfaction of a tax reporting obligation, we will generally be entitled to a tax deduction equal to the taxable ordinary income realized by the recipient of the restricted stock award.

Restricted Stock Unit Awards

Generally, the recipient of a restricted stock unit award will generally recognize ordinary income at the time the stock is delivered equal to the excess, if any, of (i) the fair market value of the stock received over any amount paid by the recipient in exchange for the stock or (ii) the amount of cash paid to the participant. The recipient’s basis for the determination of gain or loss upon the subsequent disposition of shares acquired from a restricted stock unit award will be the amount paid for such shares plus any ordinary income recognized when the stock is

132

delivered, and the participant’s capital gain holding period for those shares will begin on the day after they are transferred to the participant. Subject to the requirement of reasonableness, the deduction limits under Section 162(m) of the Code and the satisfaction of a tax reporting obligation, we will generally be entitled to a tax deduction equal to the taxable ordinary income realized by the recipient of the restricted stock unit award.

Stock Appreciation Rights

Generally, the recipient of a stock appreciation right will recognize ordinary income equal to the fair market value of the stock or cash received upon such exercise. Subject to the requirement of reasonableness, the deduction limits under Section 162(m) of the Code and the satisfaction of a tax reporting obligation, we will generally be entitled to a tax deduction equal to the taxable ordinary income realized by the recipient of the stock appreciation right.

Tax Consequences to IronNet

Compensation of Covered Employees

Our ability to obtain a deduction for amounts paid under the 2021 Plan could be limited by Section 162(m) of the Code. Section 162(m) of the Code limits our ability to deduct compensation, for U.S. federal income tax purposes, paid during any year to a “covered employee” (within the meaning of Section 162(m) of the Code) in excess of $1 million.

Golden Parachute Payments

Our ability (or the ability of one of our subsidiaries) to obtain a deduction for future payments under the 2021 Plan could also be limited by the golden parachute rules of Section 280G of the Code, which prevent the deductibility of certain “excess parachute payments” made in connection with a change in control of a corporation.

New Plan Benefits

The awards, if any, that will be made to eligible persons under the 2021 Plan are subject to the discretion of our compensation committee. Therefore, we cannot currently determine the benefits or number of shares subject to awards that may be granted in the future and a new plan benefits table is thus not provided.

ESPP

In August 2021 our board of directors adopted, and our stockholders approved, the ESPP. The ESPP Plan became effective immediately upon the closing of the Business Combination.

Purpose

The purpose of the ESPP is to provide a means by which our eligible employees and certain designated companies may be given an opportunity to purchase shares of our common stock, to assist us in retaining the services of eligible employees, to secure and retain the services of new employees and to provide incentives for such persons to exert maximum efforts for our success.

The Plan includes two components: a 423 Component and a Non-423 Component. We intend that the 423 Component will qualify as options issued under an “employee stock purchase plan” as that term is defined in Section 423(b) of the Code. Except as otherwise provided in the ESPP or determined by our board of directors, the Non-423 Component will operate and be administered in the same manner as the 423 Component.

Share Reserve

The maximum number of shares of our common stock that may be issued under the ESPP was initially 2,700,000 shares. Additionally, the number of shares of our common stock reserved for issuance under the ESPP will

133

automatically increase on February 1 of each year, beginning on February 1, 2022 and continuing through and including February 1, 2031, by the lesser of (1) 1% of the total number of shares of our common stock outstanding on the immediately preceding January 31, (2) 2,000,000 shares of our common stock, or (3) such lesser number of shares of our common stock as determined by our board of directors. Shares subject to purchase rights granted under the ESPP that terminate without having been exercised in full will not reduce the number of shares available for issuance under the ESPP. On February 1, 2022, the number of shares reserved for issuance under the ESPP increased by 888,763 shares.

Administration

Our board of directors, or a duly authorized committee thereof, will administer the ESPP.

Limitations

Our employees and the employees of any of its designated affiliates, will be eligible to participate in the ESPP, provided they may have to satisfy one or more of the following service requirements before participating in the ESPP, as determined by the administrator: (1) customary employment with us or one of our affiliates for more than 20 hours per week and for five or more months per calendar year or (2) continuous employment with us or one of our affiliates for a minimum period of time, not to exceed two years, prior to the first date of an offering. In addition, our board of directors may also exclude from participation in the ESPP or any offering, employees who are “highly compensated employees” (within the meaning of Section 423(b)(4)(D) of the Code) or a subset of such highly compensated employees. An employee may not be granted rights to purchase stock under the ESPP (a) if such employee immediately after the grant would own stock possessing 5% or more of the total combined voting power or value of all classes of our stock or (b) to the extent that such rights would accrue at a rate that exceeds $25,000 worth of our stock for each calendar year that the rights remain outstanding.

The ESPP is intended to qualify as an employee stock purchase plan under Section 423 of the Code. The administrator may specify offerings with a duration of not more than 27 months, and may specify one or more shorter purchase periods within each offering. Each offering will have one or more purchase dates on which shares of our common stock will be purchased for the employees who are participating in the offering. The administrator, in its discretion, will determine the terms of offerings under the ESPP. The administrator has the discretion to structure an offering so that if the fair market value of a share of our common stock on any purchase date during the offering period is less than or equal to the fair market value of a share of our common stock on the first day of the offering period, then that offering will terminate immediately, and the participants in such terminated offering will be automatically enrolled in a new offering that begins immediately after such purchase date.

A participant may not transfer purchase rights under the ESPP other than by will, the laws of descent and distribution, or as otherwise provided under the ESPP.

Payroll Deductions

The ESPP permits participants to purchase shares of our common stock through payroll deductions of up to 15% of their earnings. Unless otherwise determined by the administrator, the purchase price per share will be 85% of the lower of the fair market value of a share of our common stock on the first day of an offering or on the date of purchase. Participants may end their participation at any time during an offering and will be paid their accrued contributions that have not yet been used to purchase shares, without interest. Participation ends automatically upon termination of employment with us and our related affiliates.

Withdrawal

Participants may withdraw from an offering by delivering a withdrawal form to us and terminating their contributions. Such withdrawal may be elected at any time prior to the end of an offering, except as otherwise provided by the administrator. Upon such withdrawal, we will distribute to the employee such employee’s

134

accumulated but unused contributions without interest, and such employee’s right to participate in that offering will terminate. However, an employee’s withdrawal from an offering does not affect such employee’s eligibility to participate in any other offerings under the ESPP.

Termination of Employment

A participant’s rights under any offering under the ESPP will terminate immediately if the participant either (i) is no longer employed by us or any of our parent or subsidiary companies (subject to any post-employment participation period required by law) or (ii) is otherwise no longer eligible to participate. In such event, we will distribute to the participant such participant’s accumulated but unused contributions, without interest.

Corporate Transactions

In the event of certain specified significant corporate transactions, such as a merger or change in control, a successor corporation may assume, continue, or substitute each outstanding purchase right. If the successor corporation does not assume, continue, or substitute for the outstanding purchase rights, the offering in progress will be shortened and a new purchase date will be set. The participants’ purchase rights will be exercised on the new purchase date and such purchase rights will terminate immediately thereafter.

Amendment and Termination

Our board of directors has the authority to amend, suspend, or terminate the ESPP, at any time and for any reason, provided certain types of amendments will require the approval of our stockholders. Any benefits privileges, entitlements and obligations under any outstanding purchase rights granted before an amendment, suspension or termination of the ESPP will not be materially impaired by any such amendment, suspension or termination except (i) with the consent of the person to whom such purchase rights were granted, (ii) as necessary to facilitate compliance with any laws, listing requirements, or governmental regulations or (iii) as necessary to obtain or maintain favorable tax, listing, or regulatory treatment. The ESPP will remain in effect until terminated by the our board of directors in accordance with the terms of the ESPP.

U.S. Federal Income Tax Consequences

The following is a summary of the principal U.S. federal income tax consequences to participants and us with respect to participation in the ESPP. This summary is not intended to be exhaustive and does not discuss the income tax laws of any local, state or foreign jurisdiction in which a participant may reside. The information is based upon current U.S. federal income tax rules and therefore is subject to change when those rules change. Because the tax consequences to any participant may depend on such participant’s particular situation, each participant should consult the participant’s tax adviser regarding the federal, state, local, and other tax consequences of the grant or exercise of a purchase right or the sale or other disposition of our commons tock acquired under the ESPP. The ESPP is not qualified under the provisions of Section 401(a) of the Code and is not subject to any of the provisions of the Employee Retirement Income Security Act of 1974, as amended.

423 Component of the ESPP

Rights granted under the 423 Component of the ESPP are intended to qualify for favorable U.S. federal income tax treatment associated with rights granted under an employee stock purchase plan which qualifies under the provisions of Section 423 of the Code.

A participant will be taxed on amounts withheld for the purchase of shares of our common stock as if such amounts were actually received. Otherwise, no income will be taxable to a participant as a result of the granting or exercise of a purchase right until a sale or other disposition of the acquired shares. The taxation upon such sale or other disposition will depend upon the holding period of the acquired shares.

135

If the shares are sold or otherwise disposed of more than two years after the beginning of the offering period and more than one year after the shares are transferred to the participant, then the lesser of the following will be treated as ordinary income: (i) the excess of the fair market value of the shares at the time of such sale or other disposition over the purchase price; or (ii) the excess of the fair market value of the shares as of the beginning of the offering period over the purchase price (determined as of the beginning of the offering period). Any further gain or any loss will be taxed as a long-term capital gain or loss.

If the shares are sold or otherwise disposed of before the expiration of either of the holding periods described above, then the excess of the fair market value of the shares on the purchase date over the purchase price will be treated as ordinary income at the time of such sale or other disposition. The balance of any gain will be treated as capital gain. Even if the shares are later sold or otherwise disposed of for less than their fair market value on the purchase date, the same amount of ordinary income is attributed to the participant, and a capital loss is recognized equal to the difference between the sales price and the fair market value of the shares on such purchase date. Any capital gain or loss will be short-term or long-term, depending on how long the shares have been held.

Non-423 Component

A participant will be taxed on amounts withheld for the purchase of shares of our common stock as if such amounts were actually received. Under the Non-423 Component, a participant will recognize ordinary income equal to the excess, if any, of the fair market value of the underlying stock on the date of exercise of the purchase right over the purchase price. If the participant is employed by us or one of our affiliates, that income will be subject to withholding taxes. The participant’s tax basis in those shares will be equal to the fair market value of the shares on the date of exercise of the purchase right, and the participant’s capital gain holding period for those shares will begin on the day after the shares are transferred to the participant.

There are no U.S. federal income tax consequences to us by reason of the grant or exercise of rights under the ESPP. We are entitled to a deduction to the extent amounts are taxed as ordinary income to a participant for shares sold or otherwise disposed of before the expiration of the holding periods described above (subject to the requirement of reasonableness, the deduction limits under Section 162(m) of the Code and the satisfaction of tax reporting obligations).

New Plan Benefits

Participation in the ESPP is voluntary and each eligible employee will make an individual decision regarding whether and to what extent to participate in the ESPP. Therefore, we cannot currently determine the benefits or number of shares subject to purchase rights and a new plan benefits table is thus not provided.

2014 Stock Incentive Plan

Our board of directors adopted and our stockholders approved IronNet’s 2014 Stock Incentive Plan (the “2014 Plan”) on September 29, 2014 and on October 17, 2014, respectively. The 2014 Plan has been periodically amended, most recently on June 7, 2019. The 2014 Plan permits the grant of ISOs, NSOs, stock appreciation rights, restricted stock, restricted stock units, and other stock-based awards. ISOs may be granted only to our employees and to any of the employees of our subsidiary corporations’ employees. All other awards may be granted to employees, directors and consultants of the company and to any of our parent or subsidiary corporation’s employees or consultants.

As of March 7, 2022, stock options covering 1,317,178 shares of IronNet’s common stock, with a weighted-average exercise price of $0.55 per share, were outstanding under the 2014 Plan, and 9,920,389 restricted stock units entitling the holders to receive one share of IronNet’s common stock for each such RSU were outstanding as of that date. No further grants of awards may be made under the 2014 Plan, but outstanding awards will continue to be governed by the terms of the 2014 Plan.

136

Administration. IronNet’s board of directors or a committee delegated by IronNet’s board of directors administers the 2014 Plan. Subject to the terms of the 2014 Plan, the administrator has the power, among other things, to grant awards, to adopt, amend an repeal administrative rules, guidelines and practices related to the

2014 Plan, to correct any defect, supply any omission or reconcile any inconsistency in the Plan or any award, and to construe and interpret the terms of the 2014 Plan and awards granted thereunder.

Options. Subject to the provisions of the 2014 Plan, the administrator determines the terms of options, including any vesting and exercisability requirements, the method of payment of the option exercise price, the option expiration date, and the period following termination of service during which options may remain exercisable.

Repricing of Awards. IronNet’s board of directors may amend outstanding awards to reduce the exercise price below the then current exercise price, or may cancel an outstanding award and substitute a new award with a lower exercise price, in either case without obtaining shareholder approval.

Restricted Stock Units. The administrator may grant awards in the form of restricted stock units entitling participants to receive, for each restricted stock unit, one share of IronNet’s Class A common stock or cash (equal to the value of one share of IronNet’s Class A common stock) that is delivered at the time a restricted stock unit vests. Participants have no voting rights with respect to outstanding restricted stock units.

Changes to Capital Structure. In the event there is a specified type of change in IronNet’s capital structure, such as any stock split, reverse stock split, stock dividend, recapitalization, combination of shares, reclassification of shares, spin off, or other similar change in capitalization or event, or any dividend or distribution to holders of common stock other than an ordinary cash dividend, then, among other items, IronNet’s board of directors will equitably adjust in a manner it determines the (i) the classes and maximum number of shares subject to the 2014 Plan, (ii) the classes and maximum number of shares that may be issued upon the exercise of stock options, and (iii) the classes, number of shares and price per share of stock subject to outstanding stock awards.

Transactions. In the event of certain specified reorganization events, IronNet’s administrator generally may take one or more of the following actions with respect to outstanding awards (other than restricted stock):

•

arrange for the assumption, continuation or substitution of a stock award by an acquiring or succeeding entity or an affiliate;

•

provide that an award will become exercisable, realizable or deliverable, or restrictions applicable to the award will lapse, in whole or part, prior to or upon the reorganization event (accelerate the vesting of the award);

•

upon written notice to a holder of an award, provide that all of the unexercised awards will terminate immediately prior to the consummation of such reorganization event unless exercised (to the extent exercisable) within a specified period following the date of such notice;

•

In the case of a reorganization event under which the holders of IronNet’s common stock will receive a cash payment for each share surrendered in such reorganization event (the acquisition price), cancel or arrange for the cancellation of the stock award in exchange for a cash payment equal to the number of shares of IronNet’s common stock subject to the vested portion of the award, multiplied by the excess of (1) the acquisition price, over (2) the exercise, measurement or purchase price otherwise payable in connection with the award; or

•

any combination of the foregoing.

In a reorganization event that is not a dissolution or liquidation, IronNet’s repurchase rights and other rights with respect to outstanding restricted stock will inure to the benefit of IronNet’s successor, and, unless IronNet’s board of directors determines otherwise, will apply to the cash, securities or other property into which our common stock was converted or exchanged as part of the reorganization event on the same basis as it applied to the restricted stock.

137

IronNet’s board of directors is not obligated to treat all awards in the same manner in the case of a reorganization event.

Under the 2014 Plan, a reorganization event is generally the consummation of (1) any transfer or disposition of all of IronNet’s common stock for cash, securities or other property pursuant to a share exchange or other transaction, (2) IronNet’s merger or consolidation with or into another entity as a result of which all of IronNet’s common stock is converted into or exchanged for the right to receive cash, securities or other property or is cancelled, or (3) IronNet’s liquidation or dissolution.

Plan Amendment or Termination. IronNet’s board of directors may amend, modify or, terminate the 2014 Plan at any time, but any amendment will only apply to the holders of an outstanding award if the does not materially and adversely affect the rights of the holder under the 2014 Plan, and provided further that certain types of amendments also require the approval of IronNet’s stockholders.

Transferability. Unless the administrator of the 2014 Plan provides otherwise, awards granted under the 2014 Plan are generally are not transferable except to family members by gift or pursuant to a domestic relations order, or to an executor or guardian upon the death or disability of a participant.

Rule 10b5-1 Sales Plans

Our directors and executive officers may adopt written plans, known as Rule 10b5-1 plans, in which they will contract with a broker to buy or sell shares of common stock on a periodic basis. Under a Rule 10b5-1 plan, a broker executes trades pursuant to parameters established by the director or executive officer when entering into the plan, without further direction from them. The director or executive officer may amend a Rule 10b5-1 plan in some circumstances and may terminate a plan at any time. Our directors and executive officers also may buy or sell additional shares outside of a Rule 10b5-1 plan when they are not in possession of material nonpublic information, subject to compliance with the terms of our insider trading policy.

Non-Employee Director Compensation

Director Compensation Table for Fiscal 2022

The following table sets forth information regarding the compensation earned for service on our Board during the fiscal year ended January 31, 2022. GEN Alexander and Mr. Welch are also members of our Board, but they did not receive any additional compensation for service as a director. GEN Alexander’s and Mr. Welch’s compensation as an executive officer is set forth above under “Summary Compensation Table.”


Name	CASH ($) FEES EARNED OR PAID IN CASH ($)		STOCK AWARDS ($)⁽¹⁾		TOTAL ($)
Donald R. Dixon⁽²⁾		16,369		196,320		212,689
Mary E. Gallagher⁽³⁾		21,538		196,320		217,858
Gen. John M. Keane (Ret.)⁽⁴⁾		14,431		196,320		210,751
Robert V. “Rob” LaPenta Jr.⁽³⁾		15,077		196,320		211,397
Vadm. John M. McConnell (Ret.)⁽⁴⁾		18,092		196,320		214,412
André Pienaar⁽³⁾		14,431		196,320		210,751
Hon. Michael J. Rogers⁽⁴⁾		16,369		196,320		212,689
Theodore E. Schlein⁽³⁾		15,077		196,320		211,397
Vadm. Jan E. Tighe (Ret.)⁽⁵⁾		16,154		196,320		212,474

(1)	This column reflects the aggregate grant date fair value of restricted stock units granted during the year measured pursuant to Financial Accounting Standard Board Accounting Standards Codification Topic 718,

138

the basis for computing stock-based compensation in IronNet’s consolidated financial statements. This calculation assumes that the director will perform the requisite service for the award to vest in full as required by SEC rules. The assumptions used in valuing options are described in Note 6 to IronNet’s consolidated financial statements included in this prospectus. These amounts do not reflect the actual economic value that will be realized by the director upon settlement of the restricted stock units or the sale of the common stock underlying such restricted stock units.

(2)	The director held an aggregate of 271,672 restricted stock units as of January 31, 2022.

(3)	The director held an aggregate of 24,000 restricted stock units as of January 31, 2022.

(4)	The director held an aggregate of 387,252 restricted stock units as of January 31, 2022.

(5)	The director held an aggregate of 139,580 restricted stock units as of January 31, 2022.

Non-Employee Director Compensation Policy

In September 2021, our Board approved the adoption of a non-employee director compensation policy (the “Policy”) that will be designed to align compensation with the company’s business objectives and the creation of stockholder value, while enabling the company to attract, retain, incentivize and reward directors who contribute to the long-term success of the company. Under the Policy, we will pay our non-employee directors a cash retainer for service on our Board and for service on each committee on which the director is a member. The chairman of each committee will receive higher retainers for such service. These fees will be payable in arrears in four equal quarterly installments on the last day of each quarter, provided that the amount of such payment is prorated for any portion of such quarter that the director is not serving on our Board. Under the Policy, the fees paid to non-employee directors for service on the board of directors and for service on each committee of our Board on which the director is a member, which will have retroactive effect to August 26, 2021, will be as follows:


	MEMBER ANNUAL FEE		CHAIRMAN ADDITIONAL ANNUAL FEE
Board of Directors	$	30,000	$	20,000
Audit Committee		8,000		20,000
Compensation Committee		5,000		12,000
Nominating and Corporate Governance Committee		3,500		7,500

Our Board granted each of our existing non-employee directors 24,000 RSUs under the 2021 Plan, which RSUs will vest annually over three years commencing on August 26, 2021, the closing date of the Business Combination. Going forward, each new non-employee director who joins the Board will receive an initial RSU grant with a fair market value of $240,000 on the date of grant (the “Initial Grant”) upon his or her initial election or appointment to our Board. The RSUs subject to the Initial Grant will vest annually until all shares are vested on the third anniversary of the date of grant, subject to the non-employee director’s continued service as a director. Further, on the date of each annual meeting of stockholders, beginning with the annual meeting of stockholders to be held in 2022, each non-employee director that has served on our Board since at least the beginning of such fiscal year will receive a grant of RSUs under the 2021 Plan having a fair market value of $180,000 on the date of grant (the “Annual Director Grant”). The RSUs subject to the Annual Director Grant will vest on the earlier of (i) the first anniversary of the date of grant, or (ii) the date of next annual meeting of stockholders, subject to the non-employee director’s continued service as a director as of the vesting date.

139

CERTAIN RELATIONSHIPS AND RELATED PARTY TRANSACTIONS

Other than compensation arrangements for our directors and named executive officers, which are described elsewhere in this prospectus, below is a description of transactions since January 1, 2019 to which we, LGL or Legacy IronNet were a party or will be a party, in which:

•

the amounts involved exceeded or will exceed $120,000; and

•

any of our directors, executive officers or holders of more than 5% of our capital stock, or any member of the immediate family of, or person sharing the household with, the foregoing persons, had or will have a direct or indirect material interest.

LGL Related Person Transactions

LGL entered into an administrative services agreement with LGL Systems Nevada Management Partners LLC, an affiliate of the Sponsor, pursuant to which LGL paid a total of $10,000 per month for office space, utilities and secretarial support. All amounts due under this agreement were paid prior to the consummation of the Business Combination.

Founder Shares

In April 2019, LGL issued to the Sponsor an aggregate of 3,593,750 Founder Shares in exchange for a capital contribution of $25,000, or approximately $0.007 per share. Prior to the initial investment in the company of $25,000 by the Sponsor, LGL had no assets, tangible or intangible. In November 2019, LGL effected a stock dividend of 0.2 shares for each share outstanding, resulting in there being an aggregate of 4,312,500 Founder Shares outstanding at a price of approximately $0.006 per share. The per-share prices of the Founder Shares above were determined by dividing the amount contributed to LGL by the number of Founder Shares issued.

The Founder Shares automatically converted into our common stock on the first business day following the consummation of the Business Combination on a one-for-one basis.

The 4,312,500 Founder Shares included an aggregate of 1,078,125 Founder Shares subject to forfeiture. Immediately prior to the consummation of the Business Combination, 1,078,125 Founder Shares were surrendered and forfeited for no consideration, resulting in 2,904,375 Founder Shares outstanding immediately following consummation of the Business Combination.

Private Warrants

The Sponsor and LGL’s officers and directors purchased an aggregate of 5,200,000 Private Warrants (for a total purchase price of $5,200,000) from LGL on a private placement basis simultaneously with the consummation of LGL’s Initial Public Offering. The Private Warrants were identical to the warrants included in the units sold in the Initial Public Offering except that the Private Warrants: (i) are not redeemable and (ii) may be exercised for cash or on a cashless basis, as described in the prospectus for the Initial Public Offering, so long as they are held by the initial purchasers or any of their permitted transferees.

Sponsor Agreement

In connection with the Initial Public Offering, the Sponsor entered into an agreement, dated on November 6, 2019 and as amended on March 15, 2021 (the “Sponsor Agreement”), pursuant to which it agreed not to transfer or otherwise dispose of 2,904,375 shares of our common stock for a period of six months following the Business Combination, subject to relief from the lock-up provisions to allow gifts to charitable organizations. LGL’s officers, directors and special advisors entered into similar agreements which, as amended in connection with the Business Combination Agreement, also provided for a six-month post-business combination lock-up restriction.

140

Further, the Sponsor entered into a lock-up agreement pursuant to which it agreed not to transfer its 5,200,000 Private Warrants or common stock underlying the Private Warrants, subject to limited exceptions, until 30 days after the Closing.

Additional Related Party Transactions

Other than as described above, no compensation of any kind has been paid by LGL to the Sponsor, LGL’s executive officers and directors, or any of their respective affiliates, for services rendered prior to or in connection with the completion of the Business Combination. However, these individuals were reimbursed for any out-of-pocket expenses incurred in connection with activities on LGL’s behalf such as identifying potential target businesses and performing due diligence on suitable business combinations. LGL’s audit committee reviewed on a quarterly basis all payments that were made to the Sponsor, officers, directors or its or their affiliates.

Legacy IronNet Related Person Transactions

Promissory Notes

During the fiscal year January 31, 2020, Legacy IronNet entered into a promissory note with an employee, who was a former executive officer of Legacy IronNet at the time of issuance. During the fiscal year ended January 31, 2021, Legacy IronNet entered into a promissory note with a current executive officer of Legacy IronNet and the company. Details of the promissory notes are included in the table below. The principal and interest on each of these promissory notes were repaid in full upon the closing of the Business Combination.


Borrower	Date of Promissory Note		Largest Aggregate Amount of Principal Outstanding During the Period		Amount Outstanding as of Closing of Business Combination		Annual Rate or Amount of Interest Payable on the Indebtedness
James Heath		12/29/2018	$	1,000,000		—		2.8	%
James Gerber		10/24/2019	$	435,836		—		1.7	%

Private Placements of Securities

Series B-2 Preferred Stock Financing⁽¹⁾

Between January 2020 and December 2020, Legacy IronNet sold the current equivalent on a post-merger, as converted basis of 7,595,170 shares of Common A in shares of its Series B-2 convertible preferred stock at a current equivalent, as converted, purchase price of $8.95 per share for an aggregate amount of $68.0 million. The following table summarizes purchases of Legacy IronNet’s Series B-2 convertible preferred stock by related persons:


Stockholder	Shares of Series B-2 Preferred Stock Purchased		Total Purchase Price (in millions of dollars)
C5 Partners, LLC⁽²⁾		2,791,870	$	25.0
Entities affiliated with ForgePoint Capital⁽³⁾		1,383,280	$	12.4
KPCB Holdings, Inc., as nominee⁽⁴⁾		558,370	$	5.0

(1)

Each share of Series B-2 convertible preferred stock converted into ten shares of IronNet common stock immediately following the consummation of the Business Combination. After further application of the Merger Exchange Ratio of 0.814107, the numbers presented herein are expressed on an as-converted to IronNet common stock basis.

(2)	This entity beneficially owns more than 5% of IronNet’s capital stock. André Pienaar, a member of our board of directors and that of Legacy IronNet, is an affiliate of C5 Capital.

141

(3)

Consists of 1,103,900 shares purchased by ForgePoint Cybersecurity Fund I, L.P., 1,284 shares purchased by ForgePoint Cyber Affiliates Fund I, L.P. and 266,540 shares purchased by ForgePoint Cyber Co-Investors I-E, L.P. Donald R. Dixon, a member of our board of directors and that of Legacy IronNet, is an affiliate of ForgePoint Capital, of which the foregoing purchasers are affiliated funds. These entities collectively beneficially own more than 5% of IronNet’s capital stock.

(4)	KPCB Holdings, Inc., as nominee beneficially owns more than 5% of IronNet’s capital stock. Ted Schlein, a member of our board of directors and that of Legacy IronNet, is an affiliate of KPCB Holdings, Inc.

Series B-1 Preferred Stock Financing⁽¹⁾

Between April and June 2018, Legacy IronNet sold the current equivalent on a post-merger, as converted basis of 8,720,220 shares of its Series B-1 convertible preferred stock at a purchase price of $8.95 per share for an aggregate amount of $78.1 million. The following table summarizes purchases of Legacy IronNet’s Series B-1 convertible preferred stock on a current equivalent, as converted basis by related persons:


Stockholder	Shares of Series B-1 Preferred Stock Purchased		Total Purchase Price (in millions of dollars)
C5 Partners, LLC⁽²⁾		3,908,620	$	35.0
Entities affiliated with ForgePoint Capital⁽³⁾		3,886,280	$	34.8
KPCB Holdings, Inc., as nominee⁽⁴⁾		670,050	$	6.0

(1)	Each share of Series B-1 convertible preferred stock converted into ten shares of Legacy IronNet common stock immediately prior to the consummation of the Business Combination. The numbers presented herein are expressed on an as-converted to Legacy IronNet common stock basis.

(2)	This entity beneficially owns more than 5% of IronNet’s capital stock. André Pienaar, a member of our board of directors and that of Legacy IronNet, is an affiliate of C5 Capital.

(3)

Consists of 1,159,110 shares purchased by ForgePoint Cybersecurity Fund I, L.P., 748,220 shares purchased by ForgePoint Cyber Co-Investors I-B, L.P., 1,965,475 shares purchased by ForgePoint Cyber Co-Investors I-C, L.P., and 13,475 shares purchased by ForgePoint Cyber Affiliates Fund I, L.P. Donald R. Dixon, a member of our board of directors and that of Legacy IronNet, is an affiliate of ForgePoint Capital, of which the foregoing purchasers are affiliated funds. These entities collectively beneficially own more than 5% of IronNet’s capital stock.

(4)	KPCB Holdings, Inc., as nominee beneficially owns more than 5% of IronNet’s capital stock. Ted Schlein, a member of our board of directors and that of Legacy IronNet, is an affiliate of KPCB Holdings, Inc.

Series A Preferred Stock Financing⁽¹⁾

Between August and October 2015, Legacy IronNet sold the current equivalent on a post-merger, as converted basis of 6,461,160 shares of its Series A convertible preferred stock at a purchase price of $5.03 per share for an aggregate amount of $32.5 million. The following table summarizes purchases of Legacy IronNet’s Series A convertible preferred stock on a current equivalent, as converted basis by related persons:


Stockholder	Shares of Series A Preferred Stock Purchased		Total Purchase Price (in millions of dollars)
Entities affiliated with ForgePoint Capital⁽²⁾		2,982,070	$	15.0
KPCB Holdings, Inc., as nominee⁽³⁾		2,982,070	$	15.0

(1)	Each share of Series A convertible preferred stock converted into ten shares of Legacy IronNet common stock immediately prior to the consummation of the Business Combination. The numbers presented herein are expressed on an as-converted to Legacy IronNet common stock basis.

142

(2)

Consists of 1,491,035 shares purchased by ForgePoint Cyber Co-Investors I, L.P., 1,473,900 shares purchased by ForgePoint Cybersecurity Fund I, L.P., and 17,135 shares purchased by ForgePoint Cyber Affiliates Fund I, L.P. Donald R. Dixon, a member of our board of directors and that of Legacy IronNet, is an affiliate of ForgePoint Capital, of which the foregoing purchasers are affiliated funds. These entities collectively beneficially own more than 5% of IronNet’s capital stock.

(3)	KPCB Holdings, Inc., as nominee beneficially owns more than 5% of IronNet’s capital stock. Ted Schlein, a member of our board of directors and that of IronNet, is an affiliate of KPCB Holdings, Inc.

Customer Relationship with C5 Capital

Between May 2019 and October 2019, Legacy IronNet entered into two subscription agreements for its products with C5 Capital. An entity affiliated with C5 Capital is a beneficial owner of more than five percent of our capital stock, and Andre Pienaar, the founder of C5 Capital, is a member of our board of directors and that of Legacy IronNet. During the fiscal years ended January 31, 2021 and 2020 and the nine months ended October 31, 2021 and 2020, Legacy IronNet recognized $1.9 million, and $1.5 million, and $0.9 million and $1.2 million, of revenue, respectively, in connection with these subscription agreements. As of October 31, 2021 and January 31, 2021, accounts receivable due to Legacy IronNet from C5 Capital were $0.4 million and $2.5 million, respectively.

Stockholder Support Agreement

In connection with the execution of the Business Combination Agreement, certain of Legacy IronNet’s executive officers, directors and securityholders, who at the time of execution collectively held securities constituting more than 80% of the voting power represented by the outstanding shares of Legacy IronNet common stock and Legacy IronNet preferred stock, agreed to execute and deliver a written consent with respect to the outstanding shares of Legacy IronNet common stock and preferred stock held by such holders adopting the Business Combination Agreement and approving the Business Combination.

Other Related Person Transactions

Subscription Agreements

In connection with the execution of the Business Combination Agreement, LGL entered into the Subscription Agreements with the Subscription Investors immediately prior to the execution of the Business Combination Agreement on March 15, 2021. Pursuant to the Subscription Agreements, the Subscription Investors agreed to subscribe for and purchase and we agreed to issue and sell to the Subscription Investors an aggregate of 12,500,000 shares of our common stock for a purchase price of $10.00 per share, or an aggregate of $125 million in gross cash proceeds, in the Private Placement. The closing of the Private Placement occurred on the date of the Business Combination. Of the amounts purchased in the Private Placement, (i) the Sponsor purchased 566,000 shares of common stock for $5,660,000, (ii) entities affiliated with Ted Schlein, a director of Legacy IronNet and of the company, purchased 300,000 shares of common stock for $3,000,000 and (iii) entities affiliated with Donald Dixon, a director of Legacy IronNet and of the company, purchased 300,000 shares of common stock for $3,000,000.

Indemnification Agreements

Our certificate of incorporation contains provisions limiting the liability of our executive officers and directors, and our bylaws provide that we will indemnify each of our executive officers and directors to the fullest extent permitted under Delaware law.

We have entered into indemnification agreements with all of our directors and executive officers. The indemnification agreements provide that we will indemnify each of our directors, executive officers, and other

143

key employees against any and all expenses incurred by such director, executive officer, or other key employee because of his or her status as one of our directors, executive officers, or other key employees, to the fullest extent permitted by Delaware law, the our certificate of incorporation and our bylaws. In addition, the indemnification agreements provide that, to the fullest extent permitted by Delaware law, we will advance all expenses incurred by its directors, executive officers, and other key employees in connection with a legal proceeding involving his or her status as a director, executive officer, or key employee

Related Person Transactions Policy

Our Board has adopted a written related person transactions policy that sets forth our policies and procedures regarding the identification, review, consideration and oversight of “related person transactions.” For purposes of our policy only, a “related person transaction” is a transaction, arrangement, or relationship (or any series of similar transactions, arrangements, or relationships) in which we or our subsidiaries and any ‘related person’, directly or indirectly, are, were or will be participants.

Transactions involving compensation for services provided to us as an employee, consultant or director will not be considered related person transactions under this policy. A related person is any executive officer, director, nominee to become a director or a beneficial owner of more than 5% of any class of our voting securities (including our common stock), including any of their immediate family members and affiliates, including entities owned or controlled by such persons.

Under the policy, the related person in question or, in the case of transactions with a beneficial owner of more than 5% of any class of the our voting securities, an officer with knowledge of a proposed transaction, must present information regarding the proposed related person transaction to our audit committee (or, where review by the our audit committee would be inappropriate, to another independent body of our Board) for review. To identify related person transactions in advance, we will rely on information supplied by our executive officers, directors and certain significant stockholders. In considering related person transactions, our audit committee will take into account the relevant available facts and circumstances, which may include, but are not limited to:

•

the risks, costs, and benefits to us;

•

the impact on a director’s independence in the event the related person is a director, immediate family member of a director or an entity with which a director is affiliated;

•

the terms of the transaction;

•

the availability of other sources for comparable services or products; and

•

the terms available to or from, as the case may be, unrelated third parties.

Our audit committee will approve only those transactions that it determines are fair to us and in the our best interests. All of the transactions described above were entered into prior to the adoption of such policy.

144

PRINCIPAL STOCKHOLDERS

The following table sets forth information regarding the beneficial ownership of shares of our common stock as of January 31, 2022 by:

•

each person known by us to be the beneficial owner of more than 5% of our common stock;

•

each of our named executive officers and directors; and

•

all of our current executive officers and directors as a group.

Beneficial ownership is determined according to the rules of the SEC, which generally provide that a person has beneficial ownership of a security if he, she or it possesses sole or shared voting or investment power over that security, including options and warrants that are currently exercisable or exercisable within 60 days and RSUs that vest within 60 days.

This table is based upon information supplied by officers, directors and principal stockholders and Schedules 13G or 13D filed with the SEC. Unless otherwise indicated in the footnotes to this table and subject to community property laws where applicable, the company believes that all persons named in the table have sole voting and investment power with respect to all shares of common stock beneficially owned by them. The beneficial ownership percentages set forth in the table below are based on 88,876,302 shares of common stock issued and outstanding as of January 31, 2022, adjusted as required by rules promulgated by the SEC.


Name and Address of Beneficial Owner⁽¹⁾	Number of Shares		Percentage of Common Stock Outstanding
*5% or Greater Stockholders*
Entities affiliated with ForgePoint⁽²⁾		10,100,057		11.4	%
Entities affiliated with C5 Partners⁽³⁾		6,794,861		7.6	%
Entities affiliated with Kleiner Perkins Caufield & Byers⁽⁴⁾		6,002,001		6.8	%
*Named Executive Officers and Directors*
GEN Keith B. Alexander (Ret.)⁽⁵⁾ . . . . . . .. . . . . . . . . . . . . . . . . . . .		11,053,024		12.4	%
William E. Welch⁽⁶⁾ . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . .		3,459,249		3.7	%
James C. Gerber⁽⁷⁾		947,752		1.1	%
Donald Closser⁽⁸⁾		397,538		*
Sean Foster⁽⁹⁾		1,011,515		1.1	%
Donald R. Dixon⁽¹⁰⁾ . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . .		10,447,729		11.8	%
Mary E. Gallagher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ..		15,000		*
Vadm. John M. McConnell (Ret.)⁽¹¹⁾ . . . . . .. . . . . . . . . . . . . . . . . . .		363,251		*
Gen. John M. Keane (Ret.)⁽¹²⁾ . . . . . . . . .. . . . . . . . . . . . . . . . . . . . .		388,251		*
André Pienaar⁽³⁾ . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . .		6,794,861		7.6	%
Hon. Michael J. Rogers⁽¹³⁾ . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . .		376,548		*
Theodore E. Schlein⁽¹⁴⁾ . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . .		6,102,001		6.9	%
Vadm. Jan E. Tighe (Ret.)⁽¹⁵⁾ . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . .		115,579		*
Robert V. “Rob” LaPenta Jr. . . . . . . . . . . . . . . . . . . . . . . . . . . . ..		25,000		*
All current directors and executive officers as a group (13 individuals)⁽¹⁶⁾		40,485,783		43.4	%

(1)	Unless otherwise noted, the business address of each of the following entities or individuals is c/o IronNet, Inc., 7900 Tysons One Place, Suite 400, McLean, Virginia, 22102.

(2)

Includes (i) 52,869 shares of common stock held by ForgePoint Cyber Affiliates Fund I, L.P., (ii) 2,278,138 shares of common stock held by ForgePoint Cyber Co-Investors I, L.P., (iii) 758,760 shares of common stock held by ForgePoint Cyber Co-Investors I-B, L.P., (iv) 1,993,158 shares of common stock held by ForgePoint Cyber Co-Investors I-C, L.P., (v) 270,293 shares of common stock held by ForgePoint Cyber Co-Investors I-E, L.P., and (vi) 4,746,839 shares of common stock held by ForgePoint Cybersecurity Fund I, L.P. ((i) to (vi), inclusive, the “ForgePoint Funds”). Donald R. Dixon and Alberto Yepez are the managing

145

members of ForgePoint Cybersecurity GP-1, LLC, which is the general partner of each of the ForgePoint Funds and exercise shared voting, investment and dispositive rights with respect to the shares of stock held by each of the ForgePoint Funds. The address for all entities and individuals affiliated with the ForgePoint Funds is 400 S El Camino Road, Suite 300, San Mateo, CA 94402.

(3)

André Pienaar (a director of the company), William Kilmer and James Coats are the directors of C5 Investors General Partner Limited, which acts on behalf of C5 Investors LP, the sole manager of C5 Partners LLC. C5 Capital Limited is the investment manager of C5 Investors LP and exercises voting, investment and dispositive rights with respect to the shares of stock held by C5 Investors LLC. André Pienaar is the chief executive officer and a director of C5 Capital Limited together with William Kilmer and Linda Zecher. The address of the entities and individuals affiliated with C5 Capital Limited is 7 Vigo Street, London, W1S 3HF, UK .

(4)

Includes (i) 5,853,150 shares of common stock held by KPCB Digital Growth Fund II, LLC (“KPCB DGF II”), and (ii) 148,851 shares of common stock held by KPCB Digital Growth Founders Fund, LLC (“DGF II Founders,” together, the “Kleiner Funds”). The Kleiner Funds’ shares are held for convenience in the name of KPCB Holdings, Inc., as nominee, for the accounts of such individuals and entities. The managing member of the Kleiner Funds is KPCB DGF II Associates, LLC (“DGF II Associates”). Theodore E. Schlein (a director of the company), together with L. John Doerr and Mary Meeker, the managing members of DGF II Associates, exercise shared voting and dispositive control over the shares held by the Kleiner Funds. The principal business address for all entities and individuals affiliated with Kleiner Perkins Caufield & Byers is c/o Kleiner Perkins Caufield & Byers, LLC, 2750 Sand Hill Road, Menlo Park, CA 94025.

(5)

Excludes shares of common stock held by trusts established by GEN Alexander, as (a) each such trust is an irrevocable trust, (b) neither GEN Alexander nor his spouse serve as trustee of any such trust, and (c) GEN Alexander does not otherwise exercise voting, investment or dispositive control over the shares of common stock held by the trusts.

(6)	Consists of (i) 37,772 shares of common stock and (ii) 3,421,477 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(7)	Consists of (i) 870,337 shares of common stock and (ii) 77,415 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(8)	Consists of (i) 3,763 shares of common stock and (ii) 393,775 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(9)	Consists of (i) 8,535 shares of common stock and (ii) 1,002,980 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(10)	Includes (i) the 10,100,057 shares held by the ForgePoint Funds as described in footnote (2) above, (ii) 100,000 shares of common stock held by The Dixon Revocable Trust, of which Mr. Dixon and his spouse are co-trustees, and (iii) 247,672 shares of common stock held directly by Mr. Dixon.

(11)	Consists of (i) 249,277 shares of common stock and (ii) 113,974 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(12)	Consists of (i) 274,277 shares of common stock and (ii) 113,974 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(13)	Consists of (i) 262,574 shares of common stock and (ii) 113,974 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(14)	Consists of the shares described in footnote (4) above and 100,000 shares of common stock held by the Schlein Family Trust, of which Mr. Schlein is the trustee.

(15)	Consists of (i) 1,605 shares of common stock and (ii) 113,974 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

(16)	Consists of (i) 36,137,220 shares of common stock and (ii) 4,348,563 shares of common stock issuable upon the settlement of restricted stock units that will vest within 60 days of January 31, 2022.

146

SELLING STOCKHOLDER

This prospectus relates to the possible resale from time to time by Tumim Stone Capital LLC (“Tumim”) of any or all of the shares of common stock that may be issued by us to Tumim under the Common Stock Purchase Agreement we entered into with Tumim on February 11, 2022 (the “Purchase Agreement”). For additional information regarding the issuance of common stock covered by this prospectus, see the section titled “Tumim Stone Capital Committed Equity Financing” above. We are registering the shares of common stock pursuant to the provisions of the Registration Rights Agreement we entered into with Tumim on February 11, 2022 (the “Registration Rights Agreement”) in order to permit the Selling Stockholder to offer the shares for resale from time to time. Except for the transactions contemplated by the Purchase Agreement and the Registration Rights Agreement, Tumim has not had any material relationship with us within the past three years. As used in this prospectus, the term “Selling Stockholder” means Tumim Stone Capital LLC.

The table below presents information regarding the Selling Stockholder and the shares of common stock that it may offer from time to time under this prospectus. This table is prepared based on information supplied to us by the Selling Stockholder, and reflects holdings as of March 7, 2022. The number of shares in the column “Maximum Number of Shares of Common Stock to be Offered Pursuant to this Prospectus” represents all of the shares of common stock that the Selling Stockholder may offer under this prospectus. The Selling Stockholder may sell some, all or none of its shares in this offering. We do not know how long the Selling Stockholder will hold the shares before selling them, and we currently have no agreements, arrangements or understandings with the Selling Stockholder regarding the sale of any of the shares.

Beneficial ownership is determined in accordance with Rule 13d-3(d) promulgated by the SEC under the Exchange Act, and includes shares of common stock with respect to which the Selling Stockholder has voting and investment power. The percentage of shares of common stock beneficially owned by the Selling Stockholder prior to the offering shown in the table below is based on an aggregate of 95,347,493 shares of our common stock outstanding on March 7, 2022. Because the purchase price of the shares of common stock issuable under the Purchase Agreement is determined on the applicable VWAP Purchase Date with respect to a VWAP Purchase, the number of shares that may actually be sold by us under the Purchase Agreement may be fewer than the number of shares being offered by this prospectus. The fourth column assumes the sale of all of the shares offered by the Selling Stockholder pursuant to this prospectus.


	Number of Shares of Common Stock Owned Prior to Offering				Maximum Number of Shares of Common Stock to be Offered Pursuant to this Prospectus		Number of Shares of Common Stock Owned After Offering
Name of Selling Stockholder	Number⁽¹⁾		Percent⁽²⁾				Number⁽³⁾		Percent⁽²⁾
Tumim Stone Capital LLC⁽⁴⁾		—		—		48,503,325		48,503,325		34	%

(1)

In accordance with Rule 13d-3(d) under the Exchange Act, we have excluded from the number of shares beneficially owned prior to the offering all of the shares that Tumim Stone Capital LLC may be required to purchase under the Purchase Agreement, because the issuance of such shares is solely at our discretion and is subject to conditions contained in the Purchase Agreement, the satisfaction of which are entirely outside of Tumim Stone Capital LLC’s control, including the registration statement that includes this prospectus becoming and remaining effective. Furthermore, the VWAP Purchases of common stock are subject to certain agreed upon maximum amount limitations set forth in the Purchase Agreement. Also, the Purchase Agreement prohibits us from issuing and selling any shares of our common stock to Tumim Stone Capital LLC to the extent such shares, when aggregated with all other shares of our common stock then beneficially owned by Tumim Stone Capital LLC, would cause Tumim Stone Capital LLC’s beneficial ownership of our common stock to exceed the 9.99% Beneficial Ownership Cap. The Purchase Agreement also prohibits us from issuing or selling shares of our common stock under the Purchase Agreement in excess of the 19.99% Exchange Cap, unless we obtain stockholder approval to do so, or unless sales of common stock are made at a price equal to or greater than $3.6080 per share, such that the Exchange Cap limitation would not apply under applicable New York Stock Exchange rules. Neither the Beneficial Ownership Cap nor the Exchange

147

Cap (to the extent applicable under New York Stock Exchange rules) may be amended or waived under the Purchase Agreement.

(2)	Applicable percentage ownership is based on 95,347,493 shares of our common stock outstanding as of March 7, 2022.

(3)	Assumes the sale of all shares being offered pursuant to this prospectus.

(4)

The business address of Tumim Stone Capital LLC is 140 Broadway, 38th Floor, New York, NY 10005. Tumim Stone Capital LLC’s principal business is that of a private investor. Maier Joshua Tarlow is the manager of 3i Management, LLC, the general partner of 3i, LP, which is the sole member of Tumim Stone Capital LLC, and has sole voting control and investment discretion over securities beneficially owned directly by Tumim Stone Capital LLC and indirectly by 3i Management, LLC and 3i, LP. 3i Management, LLC is also the manager of Tumim Stone Capital LLC. We have been advised that none of Mr. Tarlow, 3i Management, LLC, 3i, LP or Tumim Stone Capital LLC is a member of the Financial Industry Regulatory Authority, or FINRA, or an independent broker-dealer, or an affiliate or associated person of a FINRA member or independent broker-dealer. The foregoing should not be construed in and of itself as an admission by Mr. Tarlow as to beneficial ownership of the securities beneficially owned directly by Tumim Stone Capital LLC and indirectly by 3i Management, LLC and 3i, LP.

148

MATERIAL U.S. FEDERAL INCOME TAX CONSEQUENCES

The following discussion is a summary of certain material U.S. federal income tax considerations generally applicable to the ownership and disposition of our common stock and the exercise, disposition and lapse of our Warrants. The common stock and the Warrants are referred to collectively herein as our securities. All prospective holders of our securities should consult their tax advisors with respect to the U.S. federal, state, local and non-U.S. tax consequences of the ownership and disposition of our securities.

This discussion is not a complete analysis of all potential U.S. federal income tax consequences relating to the ownership and disposition of our securities. This summary is based upon current provisions of the Code, existing U.S. Treasury Regulations promulgated thereunder, published administrative pronouncements and rulings of the U.S. Internal Revenue Service (the “IRS”), and judicial decisions, all as in effect as of the date of this prospectus. These authorities are subject to change and differing interpretation, possibly with retroactive effect. Any change or differing interpretation could alter the tax consequences to holders described in this discussion. There can be no assurance that a court or the IRS will not challenge one or more of the tax consequences described herein, and we have not obtained, nor do we intend to obtain, a ruling with respect to the U.S. federal income tax consequences to a holder of the ownership or disposition of our securities.

We assume in this discussion that a holder holds our securities as a “capital asset” within the meaning of Section 1221 of the Code (generally, property held for investment). This discussion does not address all aspects of U.S. federal income taxation that may be relevant to a particular holder in light of that holder’s individual circumstances, nor does it address the special tax accounting rules under Section 451(b) of the Code, any alternative minimum, Medicare contribution, estate or gift tax consequences, or any aspects of U.S. state, local or non-U.S. taxes or any non-income U.S. federal tax laws. This discussion also does not address consequences relevant to holders subject to special tax rules, such as holders that own, or are deemed to own, more than 5% of our capital stock (except to the extent specifically set forth below), corporations that accumulate earnings to avoid U.S. federal income tax, tax-exempt organizations, governmental organizations, banks, financial institutions, investment funds, insurance companies, brokers, dealers or traders in securities, commodities or currencies, regulated investment companies or real estate investment trusts, persons that have a “functional currency” other than the U.S. dollar, tax- qualified retirement plans, holders who hold or receive our securities pursuant to the exercise of employee stock options or otherwise as compensation, holders holding our securities as part of a hedge, straddle or other risk reduction strategy, conversion transaction or other integrated investment, holders deemed to sell our securities under the constructive sale provisions of the Code, passive foreign investment companies, controlled foreign corporations, and certain former U.S. citizens or long-term residents.

In addition, this discussion does not address the tax treatment of partnerships (or entities or arrangements that are treated as partnerships for U.S. federal income tax purposes) or persons that hold our securities through such partnerships. If a partnership, including any entity or arrangement treated as a partnership for U.S. federal income tax purposes, holds our securities, the U.S. federal income tax treatment of a partner in such partnership generally will depend upon the status of the partner and the activities of the partnership. Such partners and partnerships should consult their tax advisors regarding the tax consequences of the ownership and disposition of our securities.

For purposes of this discussion, a “U.S. Holder” means a beneficial owner of our securities (other than a partnership or an entity or arrangement treated as a partnership for U.S. federal income tax purposes) that is, for U.S. federal income tax purposes:

•

an individual who is a citizen or resident of the United States;

•

a corporation, or an entity treated as a corporation for U.S. federal income tax purposes, created or organized in the United States or under the laws of the United States or of any state thereof or the District of Columbia;

•

an estate, the income of which is subject to U.S. federal income tax regardless of its source; or

149

•

a trust if (a) a U.S. court can exercise primary supervision over the trust’s administration and one or more U.S. persons have the authority to control all of the trust’s substantial decisions or (b) the trust has a valid election in effect under applicable U.S. Treasury Regulations to be treated as a U.S. person.

For purposes of this discussion, a “non-U.S. Holder” is a beneficial owner of our securities that is neither a U.S. Holder nor a partnership or an entity or arrangement treated as a partnership for U.S. federal income tax purposes.

Tax Considerations Applicable to U.S. Holders

Taxation of Distributions

If we pay distributions or make constructive distributions (other than certain distributions of our stock or rights to acquire our stock) to U.S. Holders of shares of our common stock, such distributions generally will constitute dividends for U.S. federal income tax purposes to the extent paid or deemed paid from our current or accumulated earnings and profits, as determined under U.S. federal income tax principles. Distributions in excess of our current and accumulated earnings and profits will constitute a return of capital that will be applied against and reduce (but not below zero) the U.S. Holder’s adjusted tax basis in our common stock. Any remaining excess will be treated as gain realized on the sale or other disposition of the common stock and will be treated as described under “—Tax Considerations Applicable to U.S. Holders—Gain or Loss on Sale, Taxable Exchange or Other Taxable Disposition of Common Stock” below.

Dividends we pay to a U.S. Holder that is a taxable corporation generally will qualify for the dividends received deduction if the requisite holding period is satisfied. With certain exceptions (including dividends treated as investment income for purposes of investment interest deduction limitations), and provided certain holding period requirements are met, dividends we pay to a non-corporate U.S. Holder generally will constitute “qualified dividends” that under current law will be subject to tax at long-term capital gains rates. If the holding period requirements are not satisfied, a corporation may not be able to qualify for the dividends received deduction and would have taxable income equal to the entire dividend amount, and non-corporate holders may be subject to tax on such dividend at ordinary income tax rates instead of the preferential rates that apply to qualified dividend income.

Gain or Loss on Sale, Taxable Exchange or Other Taxable Disposition of Common Stock

A U.S. Holder generally will recognize gain or loss on the sale, taxable exchange or other taxable disposition of our common stock. Any such gain or loss will be capital gain or loss, and will be long-term capital gain or loss if the U.S. Holder’s holding period for the common stock so disposed of exceeds one year. The amount of gain or loss recognized generally will be equal to the difference between (1) the sum of the amount of cash and the fair market value of any property received in such disposition and (2) the U.S. Holder’s adjusted tax basis in its common stock so disposed of. A U.S. Holder’s adjusted tax basis in its common stock generally will equal the U.S. Holder’s acquisition cost for such common stock (or, in the case of common stock received upon exercise of a Warrant, the U.S. Holder’s initial basis for such common stock, as discussed below), less any prior distributions treated as a return of capital. Long-term capital gains recognized by non-corporate U.S. Holders generally are eligible under current law for reduced rates of tax. If the U.S. Holder’s holding period for the common stock so disposed of is one year or less, any gain on a sale or other taxable disposition of the shares would be subject to short-term capital gain treatment and would be taxed at ordinary income tax rates. The deductibility of capital losses is subject to limitations.

Exercise of a Warrant

Except as discussed below with respect to the cashless exercise of a Warrant, a U.S. Holder generally will not recognize taxable gain or loss upon the exercise of a Warrant for cash. The U.S. Holder’s initial tax basis in the share of our common stock received upon exercise of the Warrant generally will be an amount equal to the sum

150

of the U.S. Holder’s acquisition cost of the Warrant and the exercise price of such Warrant. It is unclear whether a U.S. Holder’s holding period for the common stock received upon exercise of the Warrant would commence on the date of exercise of the Warrant or the day following the date of exercise of the Warrant; however, in either case the holding period will not include the period during which the U.S. Holder held the Warrants.

In certain circumstances, the Warrants may be exercised on a cashless basis. The U.S. federal income tax treatment of an exercise of a warrant on a cashless basis is not clear, and could differ from the consequences described above. It is possible that a cashless exercise could be a taxable event, a non-realization event, or a tax-free recapitalization. U.S. holders are urged to consult their tax advisors as to the consequences of an exercise of a Warrant on a cashless basis, including with respect to their holding period and tax basis in the common stock received upon exercise of the Warrant.

Sale, Exchange, Redemption or Expiration of a Warrant

Upon a sale, exchange (other than by exercise), redemption, or expiration of a Warrant, a U.S. Holder will recognize taxable gain or loss in an amount equal to the difference between (1) the amount realized upon such disposition or expiration and (2) the U.S. Holder’s adjusted tax basis in the Warrant. A U.S. Holder’s adjusted tax basis in its Warrants generally will equal the U.S. Holder’s acquisition cost of the Warrant, increased by the amount of any constructive distributions included in income by such U.S. Holder (as described below under “Tax Considerations Applicable to U.S. Holders—Possible Constructive Distributions”). Such gain or loss generally will be treated as long-term capital gain or loss if the Warrant is held by the U.S. Holder for more than one year at the time of such disposition or expiration.

If a Warrant is allowed to lapse unexercised, a U.S. Holder generally will recognize a capital loss equal to such holder’s adjusted tax basis in the Warrant. Any such loss generally will be a capital loss and will be long-term capital loss if the Warrant is held for more than one year. The deductibility of capital losses is subject to certain limitations.

Possible Constructive Distributions

The terms of each Warrant provide for an adjustment to the number of shares of common stock for which the Warrant may be exercised or to the exercise price of the Warrant in certain events, as discussed in the section of this prospectus captioned “Description of Capital Stock—Warrants.” An adjustment which has the effect of preventing dilution generally should not be a taxable event. Nevertheless, a U.S. Holder of Warrants would be treated as receiving a constructive distribution from us if, for example, the adjustment increases the holder’s proportionate interest in our assets or earnings and profits (e.g., through an increase in the number of shares of common stock that would be obtained upon exercise or an adjustment to the exercise price of the Warrant) as a result of a distribution of cash to the holders of shares of our common stock that is taxable to such holders as a distribution. Such constructive distribution would be subject to tax as described above under “Tax Considerations Applicable to U.S. Holders—Taxation of Distributions” in the same manner as if such U.S. Holder received a cash distribution from us on common stock equal to the fair market value of such increased interest.

Information Reporting and Backup Withholding

In general, information reporting requirements may apply to distributions paid to a U.S. Holder and to the proceeds of the sale or other disposition of our shares of common stock and Warrants, unless the U.S. Holder is an exempt recipient. Backup withholding may apply to such payments if the U.S. Holder fails to provide a taxpayer identification number (or furnishes an incorrect taxpayer identification number) or a certification of exempt status, or has been notified by the IRS that it is subject to backup withholding (and such notification has not been withdrawn).

151

Backup withholding is not an additional tax. Any amounts withheld under the backup withholding rules will be allowed as a credit against a U.S. Holder’s U.S. federal income tax liability and may entitle such holder to a refund, provided the required information is timely furnished to the IRS. Taxpayers should consult their tax advisors regarding their qualification for an exemption from backup withholding and the procedures for obtaining such an exemption.

Tax Considerations Applicable to Non-U.S. Holders

Taxation of Distributions

In general, any distributions (including constructive distributions) we make to a non-U.S. Holder of shares on our common stock, to the extent paid or deemed paid out of our current or accumulated earnings and profits (as determined under U.S. federal income tax principles), will constitute dividends for U.S. federal income tax purposes and, provided such dividends are not effectively connected with the non-U.S. Holder’s conduct of a trade or business within the United States, we will be required to withhold tax from the gross amount of the dividend at a rate of 30%, unless such non-U.S. Holder is eligible for a reduced rate of withholding tax under an applicable income tax treaty and provides proper certification of its eligibility for such reduced rate (usually on an IRS Form W-8BEN or W-8BEN-E, as applicable). In the case of any constructive dividend (as described below under “—Tax Considerations Applicable to Non-U.S. Holders—Possible Constructive Distributions”), it is possible that this tax would be withheld from any amount owed to a non-U.S. Holder by the applicable withholding agent, including cash distributions on other property or sale proceeds from Warrants or other property subsequently paid or credited to such holder. Any distribution not constituting a dividend will be treated first as reducing (but not below zero) the non-U.S. Holder’s adjusted tax basis in its shares of our common stock and, to the extent such distribution exceeds the non-U.S. Holder’s adjusted tax basis, as gain realized from the sale or other disposition of the common stock, which will be treated as described under “—Tax Considerations Applicable to Non-U.S. Holders—Gain on Sale, Taxable Exchange or Other Taxable Disposition of Common Stock and Warrants” below. In addition, if we determine that we are likely to be classified as a “United States real property holding corporation” (see the section entitled “—Tax Considerations Applicable to Non-U.S. Holders—Gain on Sale, Exchange or Other Taxable Disposition of Common Stock and Warrants” below), we will withhold 15% of any distribution that exceeds our current and accumulated earnings and profits.

Dividends we pay to a non-U.S. Holder that are effectively connected with such non-U.S. Holder’s conduct of a trade or business within the United States (or, if a tax treaty applies, are attributable to a U.S. permanent establishment or fixed base maintained by the non-U.S. Holder) generally will not be subject to U.S. withholding tax, provided such non-U.S. Holder complies with certain certification and disclosure requirements (generally by providing an IRS Form W-8ECI). Instead, such dividends generally will be subject to U.S. federal income tax, net of certain deductions, at the same individual or corporate rates applicable to U.S. Holders. If the non-U.S. Holder is a corporation, dividends that are effectively connected income may also be subject to a “branch profits tax” at a rate of 30% (or such lower rate as may be specified by an applicable income tax treaty).

Exercise of a Warrant

The U.S. federal income tax treatment of a non-U.S. Holder’s exercise of a Warrant generally will correspond to the U.S. federal income tax treatment of the exercise of a Warrant by a U.S. Holder, as described under “—Tax Considerations Applicable to U.S. Holders—Exercise of a Warrant” above, although to the extent a cashless exercise results in a taxable exchange, the tax consequences to the non-U.S. Holder would be the same as those described below in “—Tax Considerations Applicable to Non-U.S. Holders—Gain on Sale, Exchange or Other Taxable Disposition of Common Stock and Warrants.”

152

Gain on Sale, Exchange or Other Taxable Disposition of Common Stock and Warrants

A non-U.S. Holder generally will not be subject to U.S. federal income or withholding tax in respect of gain recognized on a sale, taxable exchange or other taxable disposition of our common stock or Warrants or an expiration or redemption of our Warrants, unless:

•

the gain is effectively connected with the conduct of a trade or business by the non-U.S. Holder within the United States (and, if an applicable tax treaty so requires, is attributable to a U.S. permanent establishment or fixed base maintained by the non-U.S. Holder);

•

the non-U.S. Holder is an individual who is present in the United States for 183 days or more in the taxable year of disposition and certain other conditions are met; or

•

we are or have been a “United States real property holding corporation” for U.S. federal income tax purposes at any time during the shorter of the five-year period ending on the date of disposition or the period that the non-U.S. Holder held our common stock or Warrants and, in the case where shares of our common stock are regularly traded on an established securities market, (i) the non-U.S. Holder has owned, actually or constructively, more than 5% of our common stock at any time within the relevant period or (ii) provided that our Warrants are regularly traded on an established securities market, the non-U.S. Holder has owned, actually or constructively, more than 5% of our Warrants at any time within the within the relevant period. It is unclear how a non-U.S. Holder’s ownership of Warrants will affect the determination of whether the non-U.S. Holder owns more than 5% of our common stock. In addition, special rules may apply in the case of a disposition of warrants if our common stock is considered to be regularly traded, but our Warrants are not considered to be publicly traded. There can be no assurance that our common stock or Warrants will or will not be treated as regularly traded on an established securities market for this purpose.

Gain described in the first bullet point above will be subject to tax at generally applicable U.S. federal income tax rates as if the non-U.S. Holder were a U.S. resident. Any gains described in the first bullet point above of a non-U.S. Holder that is a foreign corporation may also be subject to an additional “branch profits tax” at a 30% rate (or lower applicable treaty rate). Gain described in the second bullet point above generally will be subject to a flat 30% U.S. federal income tax. Non-U.S. Holders are urged to consult their tax advisors regarding possible eligibility for benefits under income tax treaties.

If the third bullet point above applies to a non-U.S. Holder and applicable exceptions are not available, gain recognized by such holder on the sale, exchange or other disposition of our common stock or Warrants, as applicable, will be subject to tax at generally applicable U.S. federal income tax rates. In addition, a buyer of our common stock or Warrants from such holder may be required to withhold U.S. income tax at a rate of 15% of the amount realized upon such disposition. We will be classified as a United States real property holding corporation if the fair market value of our “United States real property interests” equals or exceeds 50% of the sum of the fair market value of our worldwide real property interests plus our other assets used or held for use in a trade or business, as determined for U.S. federal income tax purposes. We do not believe we currently are or will become a United States real property holding corporation; however, there can be no assurance in this regard. Non-U.S. Holders are urged to consult their tax advisors regarding the application of these rules.

Possible Constructive Distributions

153

result of a distribution of cash to the holders of shares of our common stock that is taxable to such holders as a distribution. A non-U.S. Holder would be subject to U.S. federal income tax withholding as described above under “Tax Considerations Applicable to Non-U.S. Holders—Taxation of Distributions” under that section in the same manner as if such non-U.S. Holder received a cash distribution from us on common stock equal to the fair market value of such increased interest.

Foreign Account Tax Compliance Act

Sections 1471 through 1474 of the Code (commonly referred to as the “Foreign Account Tax Compliance Act” or “FATCA”) and Treasury Regulations and administrative guidance promulgated thereunder impose a U.S. federal withholding tax of 30% on certain payments paid to a foreign financial institution (as specifically defined by applicable rules) unless such institution enters into an agreement with the U.S. government to withhold on certain payments and to collect and provide to the U.S. tax authorities substantial information regarding U.S. account holders of such institution (which includes certain equity holders of such institution, as well as certain account holders that are foreign entities with U.S. owners). FATCA also generally imposes a federal withholding tax of 30% on certain payments to a non-financial foreign entity unless such entity provides the withholding agent with either a certification that it does not have any substantial direct or indirect U.S. owners or provides information regarding substantial direct and indirect U.S. owners of the entity. An intergovernmental agreement between the United States and an applicable foreign country may modify these requirements. The withholding tax described above will not apply if the foreign financial institution or non-financial foreign entity otherwise qualifies for an exemption from the rules.

FATCA withholding currently applies to payments of dividends. The U.S. Treasury Department has released proposed regulations which, if finalized in their present form, would eliminate the federal withholding tax of 30% applicable to the gross proceeds of a disposition of our common stock. In its preamble to such proposed regulations, the U.S. Treasury Department stated that taxpayers may generally rely on the proposed regulations until final regulations are issued. Non-U.S. Holders are encouraged to consult with their own tax advisors regarding the possible implications of FATCA on their investment in our securities.

Information Reporting and Backup Withholding.

Information returns will be filed with the IRS in connection with payments of distributions and the proceeds from a sale or other disposition of our common stock and Warrants. A non-U.S. Holder may have to comply with certification procedures to establish that it is not a United States person in order to avoid information reporting and backup withholding requirements. The certification procedures required to claim a reduced rate of withholding under a treaty generally will satisfy the certification requirements necessary to avoid the backup withholding as well. Backup withholding is not an additional tax. The amount of any backup withholding from a payment to a non-U.S. Holder will be allowed as a credit against such holder’s U.S. federal income tax liability and may entitle such holder to a refund, provided that the required information is timely furnished to the IRS.

154

DESCRIPTION OF CAPITAL STOCK

The following is a summary of the rights of our common stock and preferred stock. This summary is qualified by reference to the complete text of our amended and restated certificate of incorporation and amended and restated bylaws filed as exhibits to the registration statement of which this prospectus forms a part.

General

Our amended and restated certificate of incorporation authorizes us to issue up to 500,000,000 shares of common stock, $0.0001 par value per share, and 100,000,000 shares of preferred stock, par value $0.0001 per share. As of March 7, 2022, there were 95,347,493 shares of common stock issued and outstanding.

Common Stock

Voting Rights

Each holder of common stock is entitled to one vote for each share on all matters submitted to a vote of the stockholders, including the election of directors. Under our amended and restated certificate of incorporation, our stockholders will not have cumulative voting rights. Because of this, the holders of a majority of the shares of common stock entitled to vote in any election of directors can elect all of the directors standing for election.

Dividend Rights

Subject to preferences that may apply to any then-outstanding preferred stock, the holders of common stock are entitled to receive ratably those dividends, if any, as may be declared from time to time by the board of directors out of legally available funds. We do not anticipate paying any cash dividends in the foreseeable future.

Liquidation Rights

In the event of our liquidation, dissolution or winding up, holders of common stock will be entitled to share ratably in the net assets legally available for distribution to stockholders after the payment of all of our debts and other liabilities and the satisfaction of any liquidation preference granted to the holders of any then-outstanding shares of preferred stock.

Preemptive or Similar Rights

Holders of common stock have no preemptive, conversion or subscription rights and there are no redemption or sinking fund provisions applicable to the common stock. The rights, preferences and privileges of the holders of common stock are subject to, and may be adversely affected by, the rights of the holders of shares of any series of preferred stock that we may designate in the future.

Preferred Stock

Under our amended and restated certificate of incorporation our board of directors may, without further action by our stockholders, fix the rights, preferences, privileges and restrictions of up to an aggregate of 100,000,000 shares of preferred stock in one or more series and authorize their issuance. These rights, preferences and privileges could include dividend rights, conversion rights, voting rights, terms of redemption, liquidation preferences and the number of shares constituting any series or the designation of such series, any or all of which may be greater than the rights of common stock. Any issuance of preferred stock could adversely affect the voting power of holders of common stock and the likelihood that such holders would receive dividend payments and payments on liquidation. In addition, the issuance of preferred stock could have the effect of delaying, deterring or preventing a change of control or other corporate action. No shares of preferred stock are outstanding as of the closing of the Business Combination. We have no present plans to issue any shares of preferred stock.

155

Stock Awards

Upon the closing of the Business Combination, we assumed stock options and restricted stock units to purchase an aggregate of 18,971,549 shares of common stock that were outstanding under Legacy IronNet’s 2014 Equity Incentive Plan. As of March 7, 2022, there were stock options outstanding to purchase an aggregate of 1,317,178 shares of common stock and restricted stock units outstanding covering an aggregate of 9,920,389 shares of common stock under the 2014 Plan. As of March 7, 2022, there were 4,462,905 shares of common stock reserved for issuance upon vesting and settlement of outstanding restricted stock units and 13,971,064 shares of common stock were reserved for future issuance under our 2021 Equity Incentive Plan, which amount may be subject to increase from time to time. For additional information regarding the terms of these plans, see “Executive Compensation.” We have filed a registration statement on Form S-8 under the Securities Act which register our shares issued or reserved for issuance under our equity incentive plans.

Warrants

As of March 7, 2022, there were 8,615,973 Warrants to purchase common stock outstanding, consisting of 8,606,473 Public Warrants and 9,500 Private Warrants. Each warrant entitles the registered holder to purchase one share of common stock at a price of $11.50 per share. The Warrants will expire at 5:00 p.m., New York City time, on the fifth anniversary of the closing of the Business Combination, or earlier upon redemption or liquidation.

Holders of Public Warrants cannot pay cash to exercise their Public Warrants unless we have an effective and current registration statement covering the issuance of the shares underlying such Warrants and a current prospectus relating thereto. Notwithstanding the foregoing, if a registration statement covering the shares of common stock issuable upon exercise of the Public Warrants is not effective within a specified period following the closing of the Business Combination, warrant holders may, until such time as there is an effective registration statement and during any period when we shall have failed to maintain an effective registration statement, exercise Warrants on a cashless basis pursuant to the exemption provided by Section 3(a)(9) of the Securities Act, provided that such exemption is available. If that exemption, or another exemption, is not available, holders will not be able to exercise their Warrants on a cashless basis. In the event of such cashless exercise, each holder would pay the exercise price by surrendering the Warrants for that number of shares of common stock equal to the quotient obtained by dividing (x) the product of the number of shares of common stock underlying the Warrants, multiplied by the difference between the exercise price of the Warrants and the “fair market value” (defined below) by (y) the fair market value. The “fair market value” for this purpose will mean the average reported closing price of the shares of common stock for the 10 trading days ending on the third trading day prior to the date of exercise.

The Private Warrants are identical to the Public Warrants except that such warrants were not transferable, assignable or salable until 30 days after the completion of the Business Combination (except, among other limited exceptions, to LGL’s officers and directors and other persons or entities affiliated with the Sponsor) and they will not be redeemable by us so long as they are held by the Sponsor or its permitted transferees. The Sponsor or its permitted transferees have the option to exercise the Private Warrants on a cashless basis. If the Private Warrants are held by holders other than the Sponsor and LGL’s current independent directors or their permitted transferees, the Private Warrants will be redeemable by us and exercisable by the holders on the same basis as the Public Warrants.

We may call the Public Warrants for redemption, in whole and not in part, at a price of $0.01 per warrant,

•

at any time after the warrants become exercisable;

•

upon not less than 30 days’ prior written notice of redemption to each warrant holder;

156

•

if, and only if, the reported last sale price of the shares of common stock equals or exceeds $18.00 per share (as adjusted for stock splits, stock dividends, reorganizations and recapitalizations), for any 20 trading days within a 30 trading day period commencing at any time after the warrants become exercisable and ending on the third trading day prior to the notice of redemption to warrant holders; and

•

if, and only if, there is a current registration statement in effect with respect to the shares of common stock underlying such warrants.

The right to exercise will be forfeited unless the Warrants are exercised prior to the date specified in the notice of redemption. On and after the redemption date, a record holder of a warrant will have no further rights except to receive the redemption price for such holder’s warrant upon surrender of such warrant.

The redemption criteria for our Warrants was established at a price which is intended to provide warrant holders a reasonable premium to the initial exercise price and provide a sufficient differential between the then-prevailing share price and the warrant exercise price so that if the share price declines as a result of our redemption call, the redemption will not cause the share price to drop below the exercise price of the Warrants.

If we call the Warrants for redemption as described above, our management will have the option to require all holders that wish to exercise Warrants to do so on a “cashless basis.” In such event, each holder would pay the exercise price by surrendering the Warrants for that number of shares of common stock equal to the quotient obtained by dividing (x) the product of the number of shares of common stock underlying the Warrants, multiplied by the difference between the exercise price of the Warrants and the “fair market value” (defined below) by (y) the fair market value. The “fair market value” for this purpose shall mean the average reported closing price of the shares of common stock for the 10 trading days ending on the third trading day prior to the date on which the notice of redemption is sent to the holders of Warrants.

The Warrants were issued in registered form under the Warrant Agreement between Continental Stock Transfer & Trust Company, as warrant agent, and us. The Warrant Agreement provides that the terms of the Warrants may be amended without the consent of any holder to cure any ambiguity or correct any defective provision, but requires the approval, by written consent or vote, of the holders of at least a majority of the then outstanding Warrants, if such modification or amendment is being undertaken prior to, or in connection with, the closing, or Warrants, if such modification or amendment is being undertaken after the closing.

The exercise price and number of shares of common stock issuable on exercise of the Warrants may be adjusted in certain circumstances including in the event of a stock dividend, or our recapitalization, reorganization, merger or consolidation. The Warrants will not be adjusted for issuances of shares of common stock at a price below their respective exercise prices.

The Public Warrants may be exercised upon surrender of the warrant certificate on or prior to the expiration date at the office of the warrant agent, with the subscription form, as set forth in the warrant, duly executed, accompanied by full payment of the exercise price (unless the exercise is on a cashless basis, if applicable), by certified or official bank check payable to the order of the warrant agent, for the number of Public Warrants being exercised. The warrant holders do not have the rights or privileges of holders of shares of common stock and any voting rights until they exercise their Public Warrants and receive shares of common stock. After the issuance of shares of common stock upon exercise of the Public Warrants, each holder will be entitled to one vote for each share held of record on all matters to be voted on by stockholders.

Public Warrant holders may elect to be subject to a restriction on the exercise of their Public Warrants such that an electing warrant holder would not be able to exercise their Public Warrants to the extent that, after giving effect to such exercise, such holder would beneficially own in excess of 4.9% or 9.8% (as specified by the holder) of the shares of common stock outstanding immediately after giving effect to such exercise.

157

Anti-Takeover Provisions

Section 203 of the Delaware General Corporation Law

We are subject to Section 203 of the DGCL, which generally prohibits a publicly held Delaware corporation from engaging in any business combination with any interested stockholder for a period of three years after the date that such stockholder became an interested stockholder, with the following exceptions:

•

before such date, the board of directors of the corporation approved either the business combination or the transaction that resulted in the stockholder becoming an interested stockholder;

•

upon completion of the transaction that resulted in the stockholder becoming an interested stockholder, the interested stockholder owned at least 85% of the voting stock of the corporation outstanding at the time the transaction began, excluding for purposes of determining the voting stock outstanding, but not the outstanding voting stock owned by the interested stockholder, those shares owned (1) by persons who are directors and also officers and (2) employee stock plans in which employee participants do not have the right to determine confidentially whether shares held subject to the plan will be tendered in a tender or exchange offer; or

•

on or after such date, the business combination is approved by the board of directors and authorized at an annual or special meeting of the stockholders, and not by written consent, by the affirmative vote of at least 66^2/3% of the outstanding voting stock that is not owned by the interested stockholder.

In general, Section 203 defines a “business combination” to include the following:

•

any merger or consolidation involving the corporation and the interested stockholder;

•

any sale, transfer, pledge or other disposition of 10% or more of the assets of the corporation involving the interested stockholder;

•

subject to certain exceptions, any transaction that results in the issuance or transfer by the corporation of any stock of the corporation to the interested stockholder;

•

any transaction involving the corporation that has the effect of increasing the proportionate share of the stock or any class or series of the corporation beneficially owned by the interested stockholder; or

•

the receipt by the interested stockholder of the benefit of any loans, advances, guarantees, pledges or other financial benefits by or through the corporation.

In general, Section 203 defines an “interested stockholder” as an entity or person who, together with the person’s affiliates and associates, beneficially owns or within three years prior to the time of determination of interested stockholder status did own, 15% or more of the outstanding voting stock of the corporation.

A Delaware corporation may “opt out” of these provisions with an express provision in its original certificate of incorporation or an express provision in its amended and restated certificate of incorporation or amended and restated bylaws resulting from a stockholders’ amendment approved by at least a majority of the outstanding voting shares. We have not opted out of these provisions. As a result, mergers or other takeover or change in control attempts of us may be discouraged or prevented.

Certificate of Incorporation and Bylaws

Among other things, our amended and restated certificate of incorporation and amended and restated bylaws:

•

permit our board of directors to issue up to 100,000,000 shares of preferred stock, with any rights, preferences and privileges as they may designate, including the right to approve an acquisition or other change of control;

•

provide that the authorized number of directors may be changed only by resolution of our board of directors;

158

•

provide that, subject to the rights of any series of preferred stock to elect directors, directors may only be removed in the manner specified in Section 141(k) of the DGCL;

•

provide that all vacancies, including newly created directorships, may, except as otherwise required by law, be filled by the affirmative vote of a majority of directors then in office, even if less than a quorum, or by the sole remaining director;

•

require that any action to be taken by our stockholders must be effected at a duly called annual or special meeting of stockholders and not be taken by written consent or electronic transmission;

•

provide that stockholders seeking to present proposals before a meeting of stockholders or to nominate candidates for election as directors at a meeting of stockholders must provide advance notice in writing, and also specify requirements as to the form and content of a stockholder’s notice;

•

provide that special meetings of our stockholders may be called by (i) the chairperson of the board of directors, (ii) the chief executive officer or (iii) a majority vote of the board of directors; and

•

not provide for cumulative voting rights, therefore allowing the holders of a majority of the shares of common stock entitled to vote in any election of directors to elect all of the directors standing for election, if they should so choose.

The amendment of any of these provisions would require approval by the holders of at least 66 2/3% of the voting power of all of our then-outstanding capital stock entitled to vote generally in the election of directors, voting together as a single class.

The combination of these provisions will make it more difficult for our existing stockholders to replace our board of directors as well as for another party to obtain control of us by replacing our board of directors. Since our board of directors has the power to retain and discharge our officers, these provisions could also make it more difficult for existing stockholders or another party to effect a change in management. In addition, the authorization of undesignated preferred stock makes it possible for our board of directors to issue preferred stock with voting or other rights or preferences that could impede the success of any attempt to change our control.

These provisions are intended to enhance the likelihood of continued stability in the composition of our board of directors and its policies and to discourage coercive takeover practices and inadequate takeover bids. These provisions are also designed to reduce our vulnerability to hostile takeovers and to discourage certain tactics that may be used in proxy fights. However, such provisions could have the effect of discouraging others from making tender offers for our shares and may have the effect of delaying changes in our control or management. As a consequence, these provisions may also inhibit fluctuations in the market price of our stock.

The amended and restated certificate of incorporation provides to the fullest extent permitted by law, that derivative actions brought in the company’s name, actions against directors, officers and employees for breach of fiduciary duty and other similar actions may be brought only in the Court of Chancery in the State of Delaware and, if brought outside of Delaware, the stockholder bringing the suit will be deemed to have consented to service of process on such stockholder’s counsel except any action (A) as to which the Court of Chancery in the State of Delaware determines that there is an indispensable party not subject to the jurisdiction of the Court of Chancery (and the indispensable party does not consent to the personal jurisdiction of the Court of Chancery within ten days following such determination), (B) which is vested in the exclusive jurisdiction of a court or forum other than the Court of Chancery or (C) for which the Court of Chancery does not have subject matter jurisdiction. Any person or entity purchasing or otherwise acquiring any interest in shares of the company’s common stock shall be deemed to have notice of and consented to the forum provisions in the second amended and restated certificate of incorporation . The amended and restated certificate of incorporation further provides that the federal district courts of the United States of America will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act.

Section 27 of the Exchange Act creates exclusive federal jurisdiction over all suits brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. As a result, the exclusive forum

159

provision of our amended and restated certificate of incorporation will not apply to suits brought to enforce any duty or liability created by the Exchange Act or any other claim for which the federal courts have exclusive jurisdiction.

Although we believe this provision benefits us by providing increased consistency in the application of Delaware law in the types of lawsuits to which it applies, a court may determine that this provision is unenforceable, and to the extent it is enforceable, the provision may have the effect of discouraging lawsuits against our directors and officers, although our stockholders will not be deemed to have waived our compliance with federal securities laws and the rules and regulations thereunder and therefore bring a claim in another appropriate forum. Additionally, we cannot be certain that a court will decide that this provision is either applicable or enforceable, and if a court were to find the choice of forum provision contained in the amended and restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, operating results and financial condition.

Limitations of Liability and Indemnification

See “Management—Limitation on Liability and Indemnification of Directors and Officers.”

Rule 144

Pursuant to Rule 144 under the Securities Act (“Rule 144”), a person who has beneficially owned restricted common stock or Warrants for at least six months would be entitled to sell their securities provided that (i) such person is not deemed to have been one of our affiliates at the time of, or at any time during the three months preceding, a sale and (ii) we are subject to the Exchange Act periodic reporting requirements for at least three months before the sale and has filed all required reports under Section 13 or 15(d) of the Exchange Act during the 12 months (or such shorter period as we were required to file reports) preceding the sale.

Persons who have beneficially owned restricted common stock or Warrants for at least six months but who are our affiliates at the time of, or at any time during the three months preceding, a sale, would be subject to additional restrictions, by which such person would be entitled to sell within any three-month period only a number of securities that does not exceed the greater of:

•

1% of the total number of shares of our common stock then outstanding; or

•

the average weekly reported trading volume of our common stock during the four calendar weeks preceding the filing of a notice on Form 144 with respect to the sale.

Sales by our affiliates under Rule 144 are also limited by manner of sale provisions and notice requirements and to the availability of current public information about us.

Restrictions on the Use of Rule 144 by Shell Companies or Former Shell Companies

Rule 144 is not available for the resale of securities initially issued by shell companies (other than business combination related shell companies) or issuers that have been at any time previously a shell company. However, Rule 144 also includes an important exception to this prohibition if the following conditions are met:

•

issuer of the securities that was formerly a shell company ceased to be a shell company;

•

the issuer of the securities is subject to the reporting requirements of Section 13 or 15(d) of the Exchange Act;

•

the issuer of the securities has filed all Exchange Act reports and material required to be filed, as applicable, during the preceding 12 months (or such shorter period that the issuer was required to file such reports and materials), other than Form 8-K reports; and

160

•

at least one year has elapsed from the time that the issuer filed current Form 10-type information with the SEC reflecting its status as an entity that is not a shell company.

Common stock that stockholders of Legacy IronNet received in connection with the Business Combination are freely tradable without restriction or further registration under the Securities Act, except for certain shares of our common stock issued pursuant to the 2014 Plan and 2021 Plan, and any shares issued to our affiliates within the meaning of Rule 144.

Transfer Agent

The transfer agent for our securities is Continental Stock Transfer & Trust Company. The transfer agent’s address is One State Street Plaza, 30th Floor New York, New York 10004.

161

PLAN OF DISTRIBUTION

The shares of common stock offered by this prospectus are being offered by the selling stockholder, Tumim Stone Capital LLC (“Selling Stockholder” or “Tumim”). The shares may be sold or distributed from time to time by the Selling Stockholder directly to one or more purchasers or through brokers, dealers, or underwriters who may act solely as agents at market prices prevailing at the time of sale, at prices related to the prevailing market prices, at negotiated prices, or at fixed prices, which may be changed. The sale of the shares of common stock offered by this prospectus could be effected in one or more of the following methods:

•

ordinary brokers’ transactions;

•

transactions involving cross or block trades;

•

through brokers, dealers, or underwriters who may act solely as agents;

•

“at the market” into an existing market for the common stock;

•

in other ways not involving market makers or established business markets, including direct sales to purchasers or sales effected through agents;

•

in privately negotiated transactions; or

•

any combination of the foregoing.

In order to comply with the securities laws of certain states, if applicable, the shares may be sold only through registered or licensed brokers or dealers. In addition, in certain states, the shares may not be sold unless they have been registered or qualified for sale in the state or an exemption from the state’s registration or qualification requirement is available and complied with.

Tumim is an “underwriter” within the meaning of Section 2(a)(11) of the Securities Act.

Tumim has informed us that it intends to use one or more registered broker-dealers to effectuate all sales, if any, of our common stock that it has acquired and may in the future acquire from us pursuant to the Purchase Agreement. Such sales will be made at prices and at terms then prevailing or at prices related to the then current market price. Each such registered broker-dealer will be an underwriter within the meaning of Section 2(a)(11) of the Securities Act. Tumim has informed us that each such broker-dealer will receive commissions from Tumim that will not exceed customary brokerage commissions.

Brokers, dealers, underwriters or agents participating in the distribution of the shares of our common stock offered by this prospectus may receive compensation in the form of commissions, discounts, or concessions from the purchasers, for whom the broker-dealers may act as agent, of the shares sold by the Selling Stockholder through this prospectus. The compensation paid to any such particular broker-dealer by any such purchasers of shares of our common stock sold by the Selling Stockholder may be less than or in excess of customary commissions. Neither we nor the Selling Stockholder can presently estimate the amount of compensation that any agent will receive from any purchasers of shares of our common stock sold by the Selling Stockholder.

We know of no existing arrangements between the Selling Stockholder or any other stockholder, broker, dealer, underwriter or agent relating to the sale or distribution of the shares of our common stock offered by this prospectus.

We may from time to time file with the SEC one or more supplements to this prospectus or amendments to the registration statement of which this prospectus forms a part to amend, supplement or update information contained in this prospectus, including, if and when required under the Securities Act, to disclose certain information relating to a particular sale of shares offered by this prospectus by the Selling Stockholder, including the names of any brokers, dealers, underwriters or agents participating in the distribution of such shares by the Selling Stockholder, any compensation paid by the Selling Stockholder to any such brokers, dealers, underwriters or agents, and any other required information.

162

We will pay the expenses incident to the registration under the Securities Act of the offer and sale of the shares of our common stock covered by this prospectus by the Selling Stockholder. As consideration for its irrevocable commitment to purchase our common stock under the Purchase Agreement, we have paid Tumim $1,750,000 in cash. We also have agreed to reimburse Tumim for the fees and disbursements of its counsel, payable upon execution of the Purchase Agreement, in an amount not to exceed $50,000.

We also have agreed to indemnify Tumim and certain other persons against certain liabilities in connection with the offering of shares of our common stock offered hereby, including liabilities arising under the Securities Act or, if such indemnity is unavailable, to contribute amounts required to be paid in respect of such liabilities. Tumim has agreed to indemnify us against liabilities under the Securities Act that may arise from certain written information furnished to us by Tumim specifically for use in this prospectus or, if such indemnity is unavailable, to contribute amounts required to be paid in respect of such liabilities. Insofar as indemnification for liabilities arising under the Securities Act may be permitted to our directors, officers, and controlling persons, we have been advised that in the opinion of the SEC this indemnification is against public policy as expressed in the Securities Act and is therefore, unenforceable.

We estimate that the total expenses for the offering will be approximately $750,000.

Tumim has agreed that during the term of the Purchase Agreement, neither Tumim, nor any of its agents, representatives or affiliates will enter into or effect, directly or indirectly, any short sale (as such term is defined in Rule 200 of Regulation SHO of the Exchange Act) of our common stock or any hedging transaction, which establishes a net short position with respect to our common stock.

We have advised the Selling Stockholder that it is required to comply with Regulation M promulgated under the Exchange Act. With certain exceptions, Regulation M precludes the Selling Stockholder, any affiliated purchasers, and any broker-dealer or other person who participates in the distribution from bidding for or purchasing, or attempting to induce any person to bid for or purchase any security which is the subject of the distribution until the entire distribution is complete. Regulation M also prohibits any bids or purchases made in order to stabilize the price of a security in connection with the distribution of that security. All of the foregoing may affect the marketability of the securities offered by this prospectus.

This offering will terminate on the date that all shares of our common stock offered by this prospectus have been sold by the Selling Stockholder.

Our common stock is currently listed on the New York Stock Exchange under the symbol “IRNT.”

163

LEGAL MATTERS

The validity of the securities offered hereby will be passed upon for us by Cooley LLP, Reston, Virginia.

EXPERTS

The financial statements as of January 31, 2021 and 2020 and for each of the two years in the period ended January 31, 2021, included in this prospectus have been so included in reliance on the report (which contains an explanatory paragraph relating to IronNet Cybersecurity, Inc.’s ability to continue as a going concern as described in Note 1 to the financial statements) of PricewaterhouseCoopers LLP, an independent registered public accounting firm, given on the authority of said firm as experts in auditing and accounting.

164

WHERE YOU CAN FIND MORE INFORMATION

We have filed with the SEC a registration statement on Form S-1 under the Securities Act, with respect to the securities being offered by this prospectus. This prospectus, which constitutes part of the registration statement, does not contain all of the information in the registration statement and its exhibits. For further information with respect to us and the securities offered by this prospectus, we refer you to the registration statement and its exhibits. Statements contained in this prospectus as to the contents of any contract or any other document referred to are not necessarily complete, and in each instance, we refer you to the copy of the contract or other document filed as an exhibit to the registration statement. Each of these statements is qualified in all respects by this reference. You can read our SEC filings, including the registration statement, over the internet at the SEC’s website at www.sec.gov.

We are subject to the information reporting requirements of the Exchange Act, and we file reports, proxy statements and other information with the SEC. These reports, proxy statements and other information will be available for review at the SEC’s website at www.sec.gov. We also maintain a website at www.ironnet.com, at which you may access these materials free of charge as soon as reasonably practicable after they are electronically filed with, or furnished to, the SEC. The information contained in, or that can be accessed through, our website is not part of this prospectus.

165

INDEX TO FINANCIAL STATEMENTS

IRONNET, INC.


	Page
Unaudited Condensed Consolidated Financial Statements as of and for the three and nine months ended October 31, 2021 and 2020
Unaudited Condensed Consolidated Balance Sheets as of October 31, 2021 and January 31, 2021		F-1
Unaudited Condensed Consolidated Statements of Operations for the Three and Nine Months Ended October 31, 2021 and 2020		F-2
Unaudited Condensed Consolidated Statements of Comprehensive Loss for the Three and Nine Months Ended October 30, 2021 and 2020		F-3
Unaudited Condensed Consolidated Statements of Changes in Stockholders’ Equity for the Three and Nine Months Ended October 31, 2021 and 2020		F-4
Unaudited Condensed Consolidated Statements of Cash Flows for the Nine Months Ended October 31, 2021 and 2020		F-8
Notes to Condensed Consolidated Financial Statements		F-9

Audited Consolidated Financial Statements as of and for the years ended January 31, 2021 and 2020
Report of Independent Registered Public Accounting Firm		F-24
Consolidated Balance Sheets as of January 31, 2021 and 2020		F-25
Consolidated Statements of Operations for the years ended January 31, 2021 and 2020		F-26
Consolidated Statements of Comprehensive Income for the years ended January 31, 2021 and 2020		F-27
Consolidated Statements of Preferred Stock and Stockholders’ Equity for the years ended January 31, 2021 and 2020		F-28
Consolidated Statements of Cash Flows for the years ended January 31, 2021 and 2020		F-29
Notes to Consolidated Financial Statements		F-30

IronNet, Inc.

Condensed Consolidated Balance Sheets

($ in thousands, except share and per share data)

(unaudited)


	October 31, 2021			January 31, 2021
Assets
Current assets
Cash and cash equivalents	$	73,891		$	31,543
Accounts receivable		2,246			1,643
Unbilled receivable		3,885			1,425
Related party receivables and loan receivables		3,521			3,599

Account and loan receivables		9,652			6,667
Inventory		2,672			2,180
Deferred costs		2,416			2,068
Prepaid warranty		814			1,037
Prepaid expenses and other current assets		4,254			2,172

Total current assets	$	93,699		$	45,667
Deferred costs		1,320			2,056
Property and equipment, net		5,596			2,792
Prepaid warranty		897			878
Deposits and other assets		490			298

Total assets	$	102,002		$	51,691

Liabilities and stockholders’ equity
Current liabilities
Accounts payable	$	4,380		$	1,922
Accrued expenses		6,196			2,591
Deferred revenue		12,929			12,481
Deferred rent		154			134
Short-term PPP loan		—			3,487
Income tax payable		135			88
Other current liabilities		689			689

Total current liabilities		24,483			21,392
Deferred rent		808			928
Deferred revenue		17,181			21,563
Warrants		43			—
Long-term PPP loan		—			2,093
Other long-term liabilities payable		689			689

Total liabilities	$	43,204		$	46,665
Commitments and contingencies (Note 7)
Stockholders’ equity
Preferred stock, $0.0001 par value; 100,000,000 shares authorized; none issued or outstanding		—			—
Class A common stock; $0.0001 par value; 500,000,000 shares authorized; 88,718,630 and 65,353,098 shares issued and outstanding at October 31, 2021 and January 31, 2021, respectively		9			7
Additional paid-in capital		459,349			180,853
Accumulated other comprehensive (loss) income		268			40
Accumulated deficit		(400,828	)		(175,039	)
Subscription notes receivable		—			(835	)
Total stockholders’ equity		58,798			5,026

Total liabilities and stockholders’ equity	$	102,002		$	51,691

The accompanying notes are an integral part of these unaudited condensed consolidated financial statements.

F-1

IronNet, Inc.

Condensed Consolidated Statements of Operations

($ in thousands, except per share data)

(unaudited)


	Three Months Ended October 31,						Nine Months Ended October 31,
	2021			2020			2021			2020
Product, subscription and support revenue	$	6,132		$	5,958		$	18,038		$	18,047
Professional services revenue		781			1,055			1,327			3,779

Total revenue		6,913			7,013			19,365			21,826
Cost of product, subscription and support revenue		2,082			1,252			5,505			3,534
Cost of professional services revenue		286			817			617			1,596

Total cost of revenue		2,368			2,069			6,122			5,130

Gross profit		4,545			4,944			13,243			16,696

Operating expenses
Research and development		28,144			5,687			42,606			19,965
Sales and marketing		57,196			7,155			72,046			23,265
General and administrative		100,267			4,715			111,952			16,690

Total operating expenses		185,607			17,557			226,604			59,920

Operating loss		(181,062	)		(12,613	)		(213,361	)		(43,224	)
Other (expense) income, net		(724	)		178			(1,070	)		125
Change in fair value of warrants liabilities		(11,302	)		—			(11,302	)		—
Loss before income taxes		(193,088	)		(12,435	)		(225,733	)		(43,099	)
Benefit (provision) for income taxes		(34	)		(19	)		(56	)		(58	)

Net loss	$	(193,122	)	$	(12,454	)	$	(225,789	)	$	(43,157	)

Basic and diluted net loss per common share		(2.22	)		(0.19	)		(3.05	)		(0.67	)
Weighted average shares outstanding, basic and diluted		87,178,432			65,067,942			74,001,217			64,064,424

The accompanying notes are an integral part of these unaudited condensed consolidated financial statements.

F-2

IronNet, Inc.

Condensed Consolidated Statements of Comprehensive Loss

($ in thousands)

(unaudited)


	Three Months Ended October 31,						Nine Months Ended October 31,
	2021			2020			2021			2020
Net loss	$	(193,122	)	$	(12,454	)	$	(225,789	)	$	(43,157	)
Change in net unrealized gains (losses) on available for sale investments, net of tax		—			(397	)		—			(398	)
Foreign currency translations adjustment, net of tax		303			(54	)		228			(4	)

Comprehensive loss	$	(192,819	)	$	(12,905	)	$	(225,561	)	$	(43,559	)

The accompanying notes are an integral part of these unaudited condensed consolidated financial statements.

F-3

IronNet, Inc.

Condensed Consolidated Statements of Changes in Stockholders’ Equity

For the Nine Months Ended October 31, 2021 and 2020

($ in thousands, number of preferred stock and common stock in thousands)

(unaudited)


	Series A						Series B						Class A					Class B						Additional Paid-In Capital			Accumulated Deficit			Accumulated Other Comprehensive Deficit		Subscription Notes Receivables			Total Stockholders’ Equity
	Preferred Stock						Preferred Stock						Common Stock					Common Stock
	Shares			Amount			Shares			Amount			Shares			Amount		Shares			Amount
Balance at January 31, 2021		—		$	—			—		$	—			66,934		$	7		—		$	—		$	180,853		$	(175,039	)	$	40	$	(835	)	$	5,026

Issuance of common stock		—			—			—			—			598			—		—			—			305			—			—		—			305
Merger recapitalization (Note 2)		—			—			—			—			4,555			1		—			—			(12,027	)		—			—		—			(12,026	)
PIPE Shares		—			—			—			—			12,500			1		—			—			109,857			—			—		—			109,858
Issuance of common stock related to Public Warrants		—			—			—			—			29			—		—			—			330			—			—		—			330
Issuance of common stock related to Private Warrants		—			—			—			—			3,188			—		—			—			21,492			—			—		—			21,492
Issuance of earnout		—			—			—			—			1,078			—		—			—			—			—			—		—			—
Interest earned on subscription notes receivable		—			—			—			—			—			—		—			—			8			—			—		(8	)		—
Settlement of related party loan receivable for common shares		—			—			—			—			(108	)		—		—			—			(1,075	)		—			—		—			(1,075	)
Payment of note receivable and settlement of note receivables for common shares		—			—			—			—			(55	)		—		—			—			(550	)		—			—		843			293
Stock-based compensation		—			—			—			—			—			—		—			—			160,156			—			—		—			160,156
Net loss		—			—			—			—			—			—		—			—			—			(225,789	)		—		—			(225,789	)
Foreign currency translation adjustment, net of tax of $0		—			—			—			—			—			—		—			—			—			—			228		—			228

Balance at October 31, 2021		—		$	—			—		$	—			88,719		$	9		—		$	—		$	459,349		$	(400,828	)	$	268	$	—		$	58,798

Balance at January 31, 2020, as previously reported		794		$	32,500			1,217		$	88,711			36,138		$	4		17,607		$	2		$	2,041		$	(119,666	)	$	394	$	(900	)	$	(118,125	)
Retroactive application of recapitalization⁽¹⁾		(794	)		(32,500	)		(1,217	)		(88,711	)		23,984			2		(17,607	)		(2	)		121,194			—			—		—			121,194

F-4


	Series A				Series B				Class A				Class B				Additional Paid-In Capital		Accumulated Deficit			Accumulated Other Comprehensive Deficit			Subscription Notes Receivables			Total Stockholders’ Equity
	Preferred Stock				Preferred Stock				Common Stock				Common Stock
	Shares		Amount		Shares		Amount		Shares		Amount		Shares		Amount
Adjusted Balance at January 31, 2020		—	$	—		—	$	—		60,122	$	6		—	$	—	$	123,235	$	(119,666	)	$	394		$	(900	)	$	3,069
Issuance of common stock		—		—		—		—		5,231		1		—		—		44,079		—			—			—			44,080
Interest earned on subscription notes receivable		—		—		—		—		—		—		—		—		12		—			—			(12	)		—
Payments on subscription notes receivable		—		—		—		—		—		—		—		—		—		—			—			47			47
Stock-based compensation		—		—		—		—		—		—		—		—		27		—			—			—			27
Unrealized loss on investments		—		—		—		—		—		—		—		—		—					(398	)		—			(398	)
Net loss		—		—		—		—		—		—		—		—		—		(43,157	)		—			—			(43,157	)
Foreign currency translation adjustment, net of tax of $0		—		—		—		—		—		—		—		—		—		—			(4	)		—			(4	)

Balance at October 31, 2020		—	$	—		—	$	—		65,353	$	7		—	$	—	$	167,353	$	(162,823	)	$	(8	)	$	(865	)	$	3,664

(1)

Prior to the Merger, as defined in Note 1, Series A and Series B preferred stock were converted 1:10 to Class A common stock and Class B common stock were converted 1:1 to Class A common stock, at the Exchange Ratio of approximately 0.8141070. The conversion has been retroactively restated as of January 31, 2020.

The accompanying notes are an integral part of these unaudited condensed consolidated financial statements.

F-5

IronNet, Inc.

Condensed Consolidated Statements of Changes in Stockholders’ Equity

For the Three months Ended October 31, 2021 and 2020

($ in thousands, number of common stock in thousands)

(unaudited)


	Series A Preferred Stock				Series B Preferred Stock				Class A Common Stock					Class B Common Stock				Additional Paid- In Capital			Accumulated Deficit			Accumulated Other Comprehensive Deficit			Subscription Notes Receivables			Total Stockholders’ Equity
	Shares		Amount		Shares		Amount		Shares			Amount		Shares		Amount		Additional Paid- In Capital			Accumulated Deficit			Accumulated Other Comprehensive Deficit			Subscription Notes Receivables			Total Stockholders’ Equity
Balance at July 31, 2021		—	$	—		—	$	—		67,502		$	7		—	$	—	$	181,181		$	(207,706	)	$	(35	)	$	(548	)	$	(27,101	)

Issuance of common stock		—		—		—		—		30			—		—		—		10			—			—			—			10
Merger recapitalization (Note 2)		—		—		—		—		4,555			1		—		—		(12,027	)		—			—			—			(12,026	)
PIPE Shares		—		—		—		—		12,500			1		—		—		109,857			—			—			—			109,858
Issuance of common stock related to Public Warrants		—		—		—		—		29			—		—		—		330			—			—			—			330
Issuance of common stock related to Private Warrants		—		—		—		—		3,188			—		—		—		21,492			—			—			—			21,492
Issuance of earnout		—		—		—		—		1,078			—						—			—			—			—			—
Interest earned on subscription notes receivable		—		—		—		—		—			—		—		—		2			—			—			(2	)		—
Settlement of related party loan receivable for common shares		—		—		—		—		(108	)		—						(1,075	)		—			—						(1,075	)
Settlement of note receivables for common shares		—		—		—		—		(55	)		—		—		—		(550	)		—			—			550			—
Stock-based compensation		—		—		—		—		—			—		—		—		160,129			—			—			—			160,129
Net loss		—		—		—		—		—			—		—		—		—			(193,122	)		—			—			(193,122	)
Foreign currency translation adjustment, net of tax of $0		—		—		—		—		—			—		—		—		—			—			303			—			303

Balance at October 31, 2021		—	$	—		—	$	—		88,719		$	9		—	$	—	$	459,349		$	(400,828	)	$	268		$	—		$	58,798

F-6


	Series A Preferred Stock				Series B Preferred Stock				Class A Common Stock				Class B Common Stock				Additional Paid- In Capital			Accumulated Deficit			Accumulated Other Comprehensive Deficit			Subscription Notes Receivables			Total Stockholders’ Equity
	Shares		Amount		Shares		Amount		Shares		Amount		Shares		Amount		Additional Paid- In Capital			Accumulated Deficit			Accumulated Other Comprehensive Deficit			Subscription Notes Receivables			Total Stockholders’ Equity
Balance at July 31, 2020		—	$	—		—	$	—		64,818	$	6		—	$	—	$	164,929		$	(150,369	)	$	443		$	(905	)	$	14,104

Issuance of common stock		—		—		—		—		535		1		—		—		2,449			—			—			—			2,450
Interest earned on subscription notes receivable		—		—		—		—		—		—		—		—		4			—			—			(4	)		—
Payments on subscription notes receivable		—		—		—		—		—		—		—		—		—			—			—			44			44
Stock-based compensation		—		—		—		—		—		—		—		—		(29	)		—			—			—			(29	)
Unrealized loss on investments		—		—		—		—		—		—		—		—		—			—			(397	)		—			(397	)
Net loss		—		—		—		—		—		—		—		—		—			(12,454	)		—			—			(12,454	)
Foreign currency translation adjustment, net of tax of $0		—		—		—		—		—		—		—		—		—			—			(54	)		—			(54	)

Balance at October 31, 2020		—	$	—		—	$	—		65,353	$	7		—	$	—	$	167,353		$	(162,823	)	$	(8	)	$	(865	)	$	3,664

The accompanying notes are an integral part of these unaudited condensed consolidated financial statements.

F-7

IronNet, Inc.

Condensed Consolidated Statements of Cash Flows

($ in thousands)

(unaudited)


	Nine Months Ended October 31,
	2021			2020
Cash flows from operating activities
Net loss	$	(225,789	)	$	(43,157	)
Adjustments to reconcile net loss to net cash provided by (used in) operating activities:
Depreciation and amortization		659			935
Loss (Gain) on sale of fixed assets		(1	)		220
Bad debt expense		—			33
Employee stock based compensation		160,156			27
Non-cash interest expense		1,061			97
Change in fair value of warrants liabilities		11,302			—
Non-cash interest income on amounts due from stockholder		(8	)		(12	)
Changes in operating assets and liabilities:					—
Accounts receivable		(2,984	)		(962	)
Deferred costs		388			(982	)
Inventories		(492	)		(494	)
Prepaid expenses and other current assets		(3,157	)		(71	)
Deposits and other assets		(194	)		75
Prepaid warranty		205			157
Accounts payable		1,151			(976	)
Accrued expenses		2,552			1,388
Income tax payable		47			58
Deferred rent		(100	)		(131	)
Deferred revenue		(3,934	)		2,689
Warrants		43			—
Other long-term liabilities payable		0			1,209

Net cash used in operating activities		(59,095	)		(39,897	)

Cash flows from investing activities
Purchases of property and equipment		(2,385	)		(425	)
Proceeds from the sale of fixed assets		228			81
Sales of investments		—			647
Proceeds from the maturity of investments		—			754

Net cash (used in) provided by investing activities		(2,156	)		1,057

Cash flows from financing activities
Proceeds from issuance of common stock		634			44,080
Proceeds from borrowing SVB Bridge loan		15,000			—
Proceeds from borrowing PPP loan		—			5,580
Payment of loan—SVB Bridge		(15,000	)		—
Payment of PPP loan		(5,580	)		—
Merger recapitalization		4,214			—
Proceeds from PIPE Shares		125,000			—
Payment of transaction costs		(21,179	)		—
Proceeds from stock subscriptions		292			47

Net cash provided by financing activities		103,381			49,707

Effect of exchange rate changes on cash and cash equivalents		218			(407	)
Net change in cash and cash equivalents		42,348			10,460
Cash and cash equivalents
Beginning of the period	$	31,543		$	10,806

End of the period		73,891			21,266

Supplemental disclosures of non-cash investing and financing activities
Interest earned on subscription notes receivable	$	8		$	12
Unpaid purchases of property and equipment		(1,306	)		—
Non-cash settlement of related party loan receivable for common shares		(1,075	)		—
Unrealized loss on investment		—			(2	)

The accompanying notes are an integral part of these unaudited condensed consolidated financial statements.

F-8

IronNet, Inc.

Notes to Unaudited Condensed Consolidated Financial Statements

($ in thousands, unless stated otherwise)

1.	Organization and Summary of Significant Accounting Policies

IronNet, Inc. (hereinafter “IronNet”, “we”, “us”, “our”, or “the Company”), through IronNet Cybersecurity, Inc. (“Legacy IronNet”) and its subsidiaries (collectively “Combined Company”), provides a suite of technologies that provide real-time threat assessment and updates, behavioral modeling, big data analytics, and proactive threat detection and response capabilities as well as consulting services and training programs to protect against current and emerging cyber-threats.

The Company, whose securities are listed on the New York Stock Exchange (“NYSE”), serves as the holding company for the businesses of Legacy IronNet and its subsidiaries. Its headquarters are located in McLean, VA. Legacy IronNet was incorporated in the state of Delaware on April 30, 2019.

Merger Agreement

On August 26, 2021, LGL Systems Acquisition Corp. (“Legacy LGL”), through its subsidiary LGL Systems Merger Sub Inc. (“Merger Sub”) and Legacy IronNet, all of them Delaware corporations, consummated the closing of the transactions contemplated by the Merger Agreement, dated March 15, 2021 and as amended August 6, 2021, by and among Legacy IronNet, Legacy LGL, and Merger Sub, following their approval at a special meeting of the stockholders of Legacy LGL held on August 26, 2021 (the “Merger”).

Pursuant to the Merger Agreement, at the effective time of the Merger, (i) each outstanding share of Legacy IronNet common stock and preferred stock (with each share of Legacy IronNet preferred stock being treated as if it were converted into ten (10) shares of Legacy IronNet common stock on the effective date of the Merger) was converted into the right to receive (a) a number of shares of Company common stock equal to the Exchange Ratio (as defined below) and (b) a cash amount payable in respect of fractional shares of Legacy IronNet common stock that would otherwise be issued in connection with the foregoing conversion, if applicable, and (ii) each Legacy IronNet option, restricted stock unit, restricted stock award that was outstanding immediately prior to the closing of the Merger (and by its terms did not terminate upon the closing of the Merger) remains outstanding and (x) in the case of options, represents the right to purchase a number of shares of Company common stock equal to the number of shares of Legacy IronNet common stock subject to such option multiplied by the Exchange Ratio used for Legacy IronNet common stock (rounded down to the nearest whole share) at an exercise price per share equal to the current exercise price per share for such option divided by the Exchange Ratio (rounded up to the nearest whole cent) and (y) in the case of restricted stock units and restricted stock awards, represent a number of shares of Company common stock equal to the number of shares of Legacy IronNet common stock subject to such restricted stock unit or restricted stock award multiplied by the Exchange Ratio (rounded down to the nearest whole share). In addition, Legacy IronNet stockholders and eligible holders of options, restricted stock unit awards and restricted stock awards (as applicable, only to the extent time vested as of the closing of the Merger) were also eligible to receive additional merger consideration in the form of a pro rata portion of 1,078 shares of Company common stock if the volume weighted average closing share price for the Company’s common stock equaled or exceeded $13.00 for ten (10) consecutive days during the two-year period following the closing of the Merger. This condition was satisfied and the additional shares of Company common stock were issued in September 2021.

The Exchange Ratio was 0.8141070 of a share of Company common stock per fully-diluted share of Legacy IronNet common stock.

F-9

On August 26, 2021, the Company received $13,251 held in Legacy LGL’s trust account net of redemptions. Transaction costs related to the issuance of the trust shares were $9,038.

In connection with the execution of the Merger Agreement, a number of purchasers (each, a “Subscriber”) purchased from the Company an aggregate of 12,500,000 shares of Company common stock (the “PIPE Shares”), for a purchase price of $10.00 per share and an aggregate purchase price of $125,000, pursuant to separate subscription agreements entered into effective as of March 15, 2021. Transaction costs related with the issuance were $21,180.

Basis of Presentation and Principles of Consolidation

The unaudited interim condensed consolidated financial statements and accompanying notes are unaudited and have been prepared in accordance with accounting principles generally accepted in the United States of America (“U.S. GAAP”) and regulations of the U.S. Securities and Exchange Commission (“SEC”) for interim financial reporting. The Company’s condensed consolidated financial statements include the accounts of the Company and its wholly owned subsidiaries. All intercompany transactions and balances have been eliminated upon consolidation.

The Merger was accounted for as a Reverse Recapitalization in accordance with Accounting Standards Codification (“ASC”) 805, Business Combination.

As a result of Legacy IronNet being the accounting acquirer in the Merger, the financial reports filed with the SEC by the Company subsequent to the Merger are prepared as if Legacy IronNet is the accounting predecessor of the Company. The historical operations of Legacy IronNet are deemed to be those of the Company. Thus, the financial statements included in this report reflect (i) the historical operating results of Legacy IronNet prior to the Merger; (ii) the consolidated results of the Company, following the Merger on August 26, 2021; (iii) the assets and liabilities of Legacy IronNet at their historical cost; and (iv) the Company’s equity structure for all periods presented. The recapitalization of the number of shares of common stock is reflected retroactively to the earliest period presented and will be utilized for calculating loss per share in all prior periods presented.

These unaudited interim condensed consolidated financial statements should be read in conjunction with the annual consolidated financial statements of Legacy IronNet, Inc. and accompanying notes thereto for the year ended January 31, 2021. Accordingly, they do not include all of the information and footnotes required by U.S. GAAP for complete financial statements.

The Company’s fiscal year ends on January 31. References to fiscal 2022, for example, refer to the fiscal year ending January 31, 2022.

The results of operations for the nine and three months ended October 31, 2021 are not necessarily indicative of the operating results that may be expected for the full fiscal year ending January 31, 2022 or any future period.

The accompanying unaudited condensed consolidated financial statements contain all adjustments, consisting of only normal recurring adjustments, except for the adjustments described as part of the Merger discussed in Note 2, necessary for a fair statement of the Company’s financial position as of October 31, 2021, its results of operations for the three and nine months ended October 31, 2021 and 2020, and cash flows for the nine months ended October 31, 2021 and 2020.

Use of Estimates

The preparation of financial statements requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the financial statements. Such estimates also affect the reported amounts of revenues and expenses during the reporting period. Actual results may differ from estimates under different assumptions or conditions.

F-10

The Company recognized Public Warrants in equity at fair value as of the effective date of the Merger and recognized $15,740 in additional paid in capital.

Warrants

The Company accounts for the 8,606,473 warrants (comprised of 8,596,273 Public Warrants and 10,200 Private Warrants) in accordance with the guidance contained in ASC 815-40-15-7D.

The Private Warrants do not meet the criteria for equity classification and they are recorded as liabilities. Accordingly, the Company classifies the warrant instruments as liabilities at their fair value and adjusts the instrument to fair value at each reporting period. These liabilities are subject to re-measurement at each balance sheet date until exercised, and any change in fair value is recognized in the Company’s condensed consolidated statement of operations. The fair value of the Private Warrants has been determined based on a Monte Carlo model.

In connection with the Merger, the Public Warrants were recorded within equity at a fair value of $15,740. The Public Warrants meet the criteria for equity classification and are recorded within Stockholders’ Equity. Accordingly, Public Warrants are initially measured at fair value and are not subject to re-measurement at each balance sheet date unless, in subsequent periods the Public Warrants no longer qualify for equity classification. The fair value of the Public Warrants issued by the Company has been determined using the quoted price.

Recent Accounting Pronouncements not Yet Adopted

The FASB issued ASU No.2016-02, Leases (Topic 842) (“ASU 2016-02”), which supersedes the current lease requirements in ASC 840, Leases. ASU 2016-02 requires lessees to recognize a right-of-use asset and related lease liability for all leases, with a limited exception for short-term leases. Leases will be classified as either finance or operating, with the classification affecting the pattern of expense recognition in the statement of operations. Currently, leases are classified as either capital or operating, with any capital leases recognized on the consolidated balance sheets. The reporting of lease-related expenses in the consolidated statements of operations and cash flows will be generally consistent with the current guidance. The new lease guidance will be effective the earlier of the year ending January 31, 2023 or the time at which we no longer qualify as an EGC (“Emerging Growth Company”) and will be applied using a modified retrospective transition method to either the beginning of the earliest period presented or the beginning of the year of adoption. The Company is currently evaluating the impact of adopting the new standard. The adoption of this standard will require the recognition of a right of use asset and liability on the Company’s consolidated balance sheets.

In June 2016, the FASB issued ASU2016-13, Measurement of Credit Losses on Financial Instruments (Topic 326). This standard requires a new method for recognizing credit losses that is referred to as the current expected credit loss (“CECL”) method. The CECL method requires the recognition of all losses expected over the life of a financial instrument upon origination or purchase of the instrument, unless the Company elects to recognize such instruments at fair value with changes in profit and loss (the fair value option). This standard is effective for the Company for the earlier of the fiscal years beginning after December 15, 2022 or the time at which we no longer qualify as an EGC. Management is currently evaluating the potential impact of this guidance on its financial statements.

New Accounting Pronouncement Adopted in Fiscal 2022

In December 2019, the FASB issued Accounting Standards Update No. 2019-12, Income Taxes (Topic740): Simplifying the Accounting for Income Taxes, which modifies and eliminates certain exceptions to the general principles of ASC 740, Income Taxes. ASU 2019-12 was adopted in the first quarter of fiscal 2022. The prospective adoption of ASU 2019-12 was not material.

F-11

In August 2018, the FASB issued ASU 2018-15, Intangibles—Goodwill and of Other—Internal-Use Software (Subtopic 350-40): Customer’s Accounting for Implementation Costs Incurred in a Cloud Computing Arrangement That Is a Service Contract. ASU 2018-15 was adopted in the third quarter of fiscal 2022. The prospective adoption of ASU 2018-15 was not material.

Segment and Geographic Information

Segments are defined as components of an enterprise for which separate financial information is evaluated regularly by the chief operating decision maker (“CODM”), in deciding how to allocate resources and assess performance. The CODM reviews financial information presented on a consolidated basis for the purposes of allocating resources and evaluating financial performance. Accordingly, management has determined that the Company operates as one operating segment.

The following table presents revenue by geographic location:


	Three Months Ended October 31,				Nine Months Ended October 31,
	2021		2020		2021		2020
United States	$	6,226	$	6,310	$	17,210	$	20,309
International		687		703		2,155		1,517

Total	$	6,913	$	7,013	$	19,365	$	21,826

Substantially all of the Company’s long-lived assets are located in the United States.

2.	Reverse Recapitalization

On August 26, 2021, the Merger was accounted for as a Reverse Recapitalization under U.S. GAAP. Legacy IronNet was the accounting acquirer and Legacy LGL was the accounting acquiree for financial reporting purposes.

Accordingly, for accounting purposes, the financial statements of the Combined Company represent a continuation of the financial statements of Legacy IronNet, with the Merger being treated as the equivalent of Legacy IronNet issuing stock for the net assets of Legacy LGL, accompanied by a recapitalization. The net assets of Legacy LGL are stated at historical cost, with no goodwill or other intangible assets recorded. Operations prior to the Merger are presented as those of Legacy IronNet.

The following table reconciles the elements of the Merger to the condensed consolidated statement of cash flows for the nine months ended October 31, 2021:


	Recapitalization and associated transactions
Cash (Trust)	$	173,015
Redemptions		(159,763	)
Less: fees to underwriters and advisors		(9,038	)
Net cash received from Merger recapitalization		4,214
Issuance of PIPE Shares		125,000
Less: PIPE fees to underwriters and advisors		(21,179	)
Net cash received from PIPE Shares and Merger recapitalization		108,035
Less: debt settlement		(21,266	)
Net proceeds from Merger recapitalization, PIPE Shares and debt settlement	$	86,769

F-12

The number of outstanding shares of common stock of the Company as of October 31, 2021 is summarized as follows:


Shares by Type	Number of shares
IronNet Class A Common Stock outstanding previous to the Merger		67,501,813
Issuance of common stock (exercises of ISOs and warrant)		28,734
Number of Shares issued at the date of the Business Combination ( Recapitalization)
LGL Class A Common Stock outstanding previous to the Merger		17,250,000
Less: Redemption of LGL Class A previous to the Merger		(15,928,889	)
Total Class A Shares issued to former LGL shareholders		1,321,111
LGL Founders Shares		3,234,375
PIPE Shares		12,500,000
Number of Share issued at the Merger		17,055,486
Number of Shares issued (redeemed) following the consummation of the Merger
Earnout Shares		1,078,125
Private Warrants (Exercised)		3,188,229
Public Warrants (Exercised)		28,719
Payments on subscription notes receivable		(54,955	)
Shares repurchase related to loan pay-off		(107,521	)
Total Shares of Common Stock as of October 31, 2021		88,718,630

In connection with the closing of and as a result of the consummation of the Merger, certain members of the Company’s management and employees received bonus payments in the aggregate amount of $0.5 million. The bonuses have been reflected in general and administrative expenses in the condensed consolidated statements of operations.

For the three and nine months ended October 31, 2021, the Company also incurred transaction costs related to the Merger of approximately $1,556 and $2,328, respectively, which are included in general and administrative expenses on the condensed consolidated statement of operations.

IronNet Class A Common Stock (Legacy IronNet Founders Shares)

Pursuant to the Merger Agreement, at the effective time of the Merger each outstanding share of Legacy IronNet preferred shares and common stock were converted into Class A common stock based on the Exchange Ratio described in Note 1.

PIPE Shares

On August 26, 2021, a number of purchasers (each, a “Subscriber”) purchased from the Company an aggregate of 12,500,000 shares of Company common stock (the “PIPE Shares”), for a purchase price of $10.00 per share and an aggregate purchase price of $125,000, pursuant to separate subscription agreements entered into effective as of March 15, 2021 (each, a “Subscription Agreement”). Pursuant to the Subscription Agreements, the Company granted certain registration rights to the Subscribers with respect to the PIPE Shares. The sale of the PIPE Shares was consummated concurrently with the closing of the Merger in an amount of $125,000.

Founders Shares

Reflects 3,234,375 shares of Class A common stock (the “Founder Shares”) for an aggregate purchase price of $24, or approximately $0.007 per share.

F-13

Debt Settlements

Loan and Security Agreement

On June 21, 2021, Legacy IronNet entered into a Loan and Security Agreement (“Term Loan” or “SVB Bridge”) with SVB Innovation Credit Fund VIII, L.P. for term loan advances of up to $15,000 to provide for working capital needs over the period leading up to completion of the combination with Legacy LGL. The Term Loan was able to be prepaid at any time and had a term for up to six months, or until the date on which Legacy IronNet completed its combination with Legacy LGL, whichever came sooner, and bore monthly interest at a per annum rate equal to eight percent, as well as customary fees for de-SPAC bridge loans of this nature. As of August 26, 2021, in conjunction with the Merger, the Company repaid the term loan principal and accrued interest in an aggregate amount of $15,609.

PPP loan

On April 21, 2020, Legacy IronNet entered into a Paycheck Protection Program (“PPP”) loan from the US Small Business Administration pursuant to the provision of the Coronavirus Aid, Relief and Economic Security (“CARES”) Act, receiving loan funds of $5,580. The loan bears interest at 1% and is payable in monthly installments beginning on September 15, 2021. As of October 31, 2021, and January 31, 2021, Legacy IronNet had an interest accrual of $0 and $44 related to the PPP loan. The unsecured loan was evidenced by a promissory note of the Company with PNC Bank (the “Lender”). On August 26, 2021, in conjunction with the Merger, the Company repaid in full all amounts due and terminated all commitments and obligations under the unsecured PPP loan.

Loans to Employees

On December 29, 2018, Legacy IronNet entered into a loan with a current executive of the Company with a principal balance of $1,000 bearing an interest rate of 2.76% for a term of three years, which was secured by a pledge of certain shares of Legacy IronNet Class A common stock. As of August 26, 2021, in conjunction with the merger, the Company resolved the loan by having the executive surrender to the Company 107,521 shares that would have otherwise been issuable to the executive in the Merger.

Earnout

Pursuant to the terms of the Merger Agreement, the eligible Legacy IronNet Equityholders had the right to receive up to 1,078,125 Earnout Shares, issuable upon the occurrence of the Merger. As of the close of trading on September 10, 2021, the requisite conditions of the Earnout Triggering Event were satisfied and the Company issued 1,078,125 Earnout Shares to the eligible Equityholders. The earnout does not represent contingent consideration and is in accordance with ASC 815-40. The earnout shares were indexed to the Company’s own common stock and meet the requirements for equity classification.

Restricted Stock Units

Under the terms of the Legacy IronNet’s restricted stock units, vesting of each award was subject to, among other conditions including a service requirement, the occurrence of a liquidity event, as defined by Legacy IronNet’s 2014 Stock Incentive Plan. On August 26, 2021, in connection with the close of the Merger with Legacy LGL, the Company’s Board of Directors resolved to deem the Merger as satisfying the liquidity event condition. The resolution resulted in a modification of the restricted stock unit awards under ASC 718 “Compensation—Stock Compensation. ”As a consequence of modification of the awards outstanding, the Company recognized a non-cash expense in the fiscal third quarter 2022 in an amount of $160,094 related to 16,634,972 outstanding RSUs, with 8,204,455 remaining unvested as of October 31, 2021.

F-14

3.	Revenue

Software, subscription and support revenue

The Company sells a collective defense software solution that provides a near real time collective defense infrastructure that is comprised of two product offerings, IronDefense and IronDome. The software platform is delivered through both on-premises licenses bundled with on-premises hardware and through subscription software.

Our security appliance deliverables include proprietary operating system software and hardware, which together with regular threat intelligence updates and support, maintenance, and warranty. We combine intelligence dependent hardware and software licenses with the related threat intelligence and support and maintenance as a single performance obligation, as it delivers the essential functionality of our cybersecurity solution. As a result, we recognize revenue for this single performance obligation ratably over the expected term with the customer. Significant judgement is required for the assessment of material rights relating to renewal options associated with our contracts.

Revenue from subscriptions, which allow customers to use our security software over a contracted period without taking possession of the software, and managed services, where we provide managed detection and response services for customers, are recognized over the contractual term. The cloud- based subscription revenue, where we also provide hosting, recognized for the three months ended October 31, 2021 and 2020 was $3,792 and $2,180, respectively, and for the nine months ended October 31, 2021 and 2020, were $10,993 and $6,475, respectively. Overall subscription revenue recognized for the three months ended October 31, 2021 and 2020, were $6,092 and $4,432, respectively, and for the nine months ended October 31, 2021 and 2020 were $17,992 and $13,231, respectively.

Professional services revenue

The Company sells professional services, including cyber operations monitoring, security, training and tailored maturity assessments. Revenue derived from these services is recognized as the services are delivered.

Customer concentration

For the nine months ended October 31, 2021, and 2020, two customers accounted for 22%, or $4,283, and one customer accounted for 10%, or $2,174, of the Company’s revenue, respectively. As of October, 2021, and January 31, 2021, three customers represent 60% of the total accounts receivable, and as of January 31, 2021, three customers represented 85% of the total accounts receivable balance.

Significant customers are those which represent at least 10% of the Company’s total revenue at each respective period ending date. The following table presents customers that represent 10% or more of the Company’s total revenue:


	For the Three Months Ended October 31,						For the Nine Months Ended October 31,
	2021			2020			2021			2020
Customer A		12	%		*			11	%		*
Customer B		11	%		15	%		11	%		*
Customer C		*			*			*			10	%

		23	%		15	%		22	%		10	%

* - less than 10%

F-15

Deferred Costs

The Company defers contract fulfillment costs that include appliance hardware. The balances in deferred costs are as follows:


Balance at February 1, 2021	$	2,805
Cost of revenue recognized		(1,033	)
Costs deferred		473
Foreign exchange		(3	)

Balance at October 31, 2021	$	2,242

Balance at February 1, 2020		3,080
Cost of revenue recognized		(832	)
Costs deferred		711
Foreign exchange		(3	)

Balance at October 31, 2020	$	2,956

The balance of deferred commissions at October 31, 2021 and January 31, 2021 were $1,494 and $1,319, respectively. Deferred commissions are included in the deferred costs on the condensed consolidated balance sheets, of which $1,061 is current and $433 is long-term as of October 31, 2021.

Deferred revenue

The balance in deferred revenue is as follows:


Balance at February 1, 2021	$	34,044
Revenue recognized		(23,687	)
Revenue deferred		19,765
Foreign exchange		(12	)

Balance at October 31, 2021	$	30,110

Balance at February 1, 2020		20,312
Revenue recognized		(19,507	)
Revenue deferred		22,196
Foreign exchange		—

Balance at October 31, 2020	$	23,001

Remaining performance of deferred revenue

As of October 31, 2021, the remaining performance of deferred revenue totaled $30,110. The Company’s recognition of revenue in the future thereon will be as follows:


Years Ending January 31,
2022 (3 months)	$	5,243
2023		10,770
2024		8,174
2025		4,371
2026		1,552

	$	30,110

F-16

4.	Equity

Common Stock

As of October 31, 2021, the Company had 500,000,000 shares of Class A common stock authorized and 88,718,630 shares common stock issued and outstanding at $0.0001 par value per share.

Each share of Common Stock has 1 vote.

Preferred Stocks

The Company is authorized to issue 100,000,000 shares of preferred stock with a par value of $0.0001 per share with such designation, rights and preferences as may be determined from time to time by the Company’s Board of Directors. At October 31, 2021, there were no shares of preferred stock issued or outstanding.

Warrants

Private Warrants

Simultaneously with the closing of Legacy LGL’s Initial Public Offering, the sponsor purchased an aggregate of 5,200,000 Private Warrants at a price of $1.00 per Private Warrant, for an aggregate purchase price of $5,200 from Legacy LGL. Over the period of September 2021 through October 2021, when the majority of these warrants were exercised on a cashless basis, the formula for such exercises made each Private Warrant effectively exercisable to purchase approximately 0.6 shares of Company common stock on a non-cash basis, each subject to its own exercise calculation applicable to the day on which the exercise was made. The Private Warrants were also redeemable in cash for $11.50 for a share of common stock. No Private Warrants were redeemed on the $11.50 cash basis. In September and October 2021, 5,189,800 Private Warrants were exercised on a cashless basis into 3,188,229 shares of Class A common stock. As of October 31, 2021, the Company had 10,200 Private Warrants outstanding and not exercised. During the period ended October 31, 2021, prior to the exercise of the Private warrants, the Company recognized in the interim condensed statements of operations $11,302 of non-cash expense related to change in fair value of warrants.

Public Warrants

Public Warrants may only be exercised for a whole number of shares at a price of $11.50 per share. No fractional shares will be issued upon exercise of the Public Warrants. The Public Warrants became exercisable in September 2021. The Public Warrants will expire five years after the completion of the Merger or earlier upon redemption or liquidation.

Once the warrants became exercisable upon the effective date of the Company’s S-1 registration statement, the Company obtained the ability to redeem the Public Warrants:

•

in whole and not in part;

•

at a price of $0.01 per warrant;

•

upon not less than 30 days’ prior written notice of redemption; and

•

if, and only if, the reported last sale price of the Company’s common stock equals or exceeds $18.00 per share (as adjusted for stock splits, stock dividends, reorganizations, recapitalizations and the like and subject to adjustment as described below) for any 20 trading days within a 30-trading day period ending on the third business day prior to the notice of redemption to the warrant holders.

If the Company calls the Public Warrants for redemption, management will have the option to require all holders that wish to exercise the Public Warrants to do so on a “cashless basis,” as described in the Warrant Agreement.

F-17

In October, 28,719 Public Warrants were exercised in an amount of $330 and 28,719 shares were issued at a price of $11.50. As of October 31, 2021, the Company had 8,596,273 Public Warrants outstanding and not exercised.

5.	Stock Incentive Plan

Legacy IronNet’s Board of Directors adopted and the stockholders approved Legacy IronNet’s 2014 Stock Incentive Plan (the “2014 Plan”) on September 29, 2014 and on October 17, 2014, respectively. The 2014 Plan was periodically amended, most recently on June 7, 2019. The 2014 Plan permitted the grant of incentive stock options “ISOs,” non-qualified stock options “NSOs,” stock appreciation rights, restricted stock, restricted stock units “RSUs,” and other stock-based awards. ISOs were only able to be granted to Legacy IronNet’s employees and to any of the employees of Legacy IronNet’s subsidiary corporations’ employees. All other awards could be granted to employees, directors and consultants of Legacy IronNet’s and to any of Legacy IronNet’s parent or subsidiary corporation’s employees or consultants.

On August 26, 2021, the closing date of the Merger, per the Merger Agreement, the outstanding Legacy IronNet ISO and RSU grants issued under the 2014 Plan were converted to their post-transaction equivalents based on the conversion ratio, which total 18,971,549 shares in the Combined Company when exercised or converted. Additionally, as of the closing date, the 2021 Equity Incentive Plan (the “2021 Plan”) was approved by Legacy LGL’s stockholders. Under the 2021 Plan, the Company may grant ISOs, RSUs and other equity securities to acquire, to convert into or to receive up to 13,500,000 shares of Class A common stock. As of October 31, 2021, there were 13,500,000 share equivalents that remained available to issue under the 2021 Plan.

All share equivalents issued or issuable under the 2014 Plan and the 2021 Plan (the “Stock Incentive Plans”) normally vest over a forty-eight month period with an initial catch up of 25% vesting at the end of the first year during which no vesting occurs. In limited cases, vesting as short as twelve months with no cliff, vesting based on performance criteria and acceleration under certain events have also been permitted; however, such exceptions apply to less than 15% of the share equivalents authorized under the Stock Incentive Plans.

With regard to stock option grants, the exercise price of each ISO granted under the Stock Incentive Plans may not be less than the fair market value per share of the underlying Class A common stock on the date of grant. The Board of Directors establishes the term and the vesting of all options issued under the Stock Incentive Plans; however, in no event will the term exceed ten years. The fair value of each stock option and RSU award was originally estimated on the date of grant using the Black-Scholes Option Pricing Model using the independent valuations of the Company’s stock. The Company’s determination of the fair value of stock options and restricted stock units is affected by the Company’s stock price as well as a number of subjective and complex assumptions. These assumptions include the Company’s volatility, dividend yield, and risk-free interest rate.

Presented below is a summary of the status of the stock options under the Stock Incentive Plan:


	Number of Shares			Weighted Average Exercise Price		Weighted Average Remaining Contractual Term		Intrinsic Value of outstanding options
						(Years)
Outstanding at February 1, 2021		2,181,668			0.53		5.9		5,572,988
Granted		—			—		—		—
Exercised		(591,157	)		0.52		5.2		7,287,806
Forfeited or expired		(115,671	)		0.57		5.5		—

Outstanding at October 31, 2021		1,474,840			0.53		5.1		18,173,257

Exercisable at October 31, 2021		1,462,370			0.52		5.1		18,024,597

F-18

For the three months ended October 31, 2021 and 2020, the Company recorded $8 and $(29) of compensation cost related to stock options, respectively. For the nine months ended October 31, 2021 and 2020, the Company recorded $40 and $27 of compensation cost related to stock options, respectively.

The RSUs granted under the 2014 Plan contain an additional vesting requirement that, in addition to the applicable time or performance vesting criteria noted above, also requires the occurrence of a liquidity event. On the date of the Merger, the Board of Directors resolved that the Merger constituted a liquidity event, triggering the liquidity event criteria for vesting. As detailed in Note 2, in connection with the close of the Merger with Legacy LGL, the Company recognized a non-cash expense in the fiscal third quarter 2022 in an amount of $160,094.

Presented below is a summary of the status of outstanding RSUs, including showing the vesting status other than the liquidity event condition:


	Number of Shares			Weighted Average Grant Date Fair Value
Non-vested at February 1, 2021		9,712,169		$	11.75
Granted		2,181,077			12.85
Vested		(2,430,871	)		12.85
Forfeited or expired		(1,257,920	)		12.85

Non-vested at October 31, 2021		8,204,455		$	11.55

The fair value of each RSU was previously estimated on the date of grant using the Black-Scholes Option Pricing Model based on the same assumptions utilized for calculating fair market value of the stock options and utilizing the as converted equivalent price of securities issued during the period. As the closing of the Merger represented the satisfaction of the liquidity event vesting requirement for outstanding RSUs, and vesting was not probable until that time, all RSUs issued prior to the completion of the Merger were revalued using a fair value of $12.85, which is the closing share price on that date.

Stock compensation expense for ISOs is recognized on a straight line basis and with a provision for forfeitures matched to historical experience for matured grant cohorts. Stock compensation expense for RSUs is recognized on a graded basis matched to the length and vesting tranches for each grant. In the event that a RSU grant holder is terminated before the award is fully vested, the full amount of the unvested portion of the award will be recognized as a forfeiture in the period of termination.

As of October 31, 2021, there was approximately $ 52,908 of unrecognized compensation cost related to share-based compensation arrangements granted under the 2014 Plan, of which $3 remained for options and $ 52,905 remained for RSUs, respectively. The fair value of the shares under stock options granted that vested, net of forfeitures, during the nine month periods ended October 31, 2021, and 2020 totaled $5,306 and $579, respectively, primarily as a result of the forfeitures recognized during the periods exceeding previous estimates.

Employee Stock Purchase Plan (‘ESPP’)

In August 2021, Legacy LGL’s Board of Directors adopted, and its stockholders approved, the ESPP. The ESPP became effective immediately upon the Closing of the Merger.

F-19

in Section 423(b) of the Code. Except as otherwise provided in the ESPP or determined by our board of directors, the Non-423 Component will operate and be administered in the same manner as the 423 Component.

As of October 31, 2021, there were no purchases of shares for any eligible employee.

6.	Fair Value Measurements

Fair value is defined as the price that would be received to sell an asset in an orderly transaction or paid to settle a liability in an orderly transaction between market participants at the measurement date. Accounting standards utilize a fair value hierarchy that prioritizes the inputs to valuation techniques used to measure fair value into three levels, which are described below:

Level 1 – Quoted prices (unadjusted) for identical assets or liabilities in active markets.

Level 2 – Observable inputs other than quoted prices that are either directly or indirectly observable for the asset or liability.

Level 3 – Unobservable inputs that are supported by little or no market activity.

These levels are not necessarily an indication of the risk of liquidity associated with the financial assets or liabilities disclosed. Assets and liabilities are classified in their entirety based on the lowest level of input that is significant to the fair value measurement, as required under ASC 820-10 “Fair Value Measurement.”

Investments with an original maturity of three months or less at the date of purchase are considered cash equivalents, while all other investments are classified as short-term or long-term based on their maturities and their availability for use in current operations.

The following table presents our assets measured at fair value on a recurring basis:


	October 31,								January 31,
	2021								2021
	Level 1		Level 2		Level 3		Total		Level 1		Level 2		Level 3		Total
Cash equivalents	$	102	$	—	$	—	$	102	$	102	$	—	$	—	$	102
Private Warrants		—		43		—		43		—		—		—		—

Total assets	$	102	$	43	$	—	$	145	$	102	$	—	$	—	$	102

The Company recognized a non-cash expense of $11,302 related to the change in fair value of warrants.

At the effective date of the Merger, the Public Warrants were classified in equity at quoted prices (Level 1). Public Warrants are not revalued at the end of each reporting period.

7.	Commitments and Contingencies

Contingencies

In the ordinary course of business, the Company and its subsidiary may become defendants in certain shareholder claims and other litigation. The Company records a liability when it is probable that a loss has been incurred and the amount is reasonably estimable. To date, no such liability has been recorded.

F-20

Leases

The Company leases office space under the terms of noncancelable operating leases that expire at various dates through November 2026.Certain operating lease agreements provide for an annual 2.75% escalation of the base rent. The Company is also responsible for operating expenses. The following is a schedule by year of the future minimum lease payments required under the Company’s operating leases:


Remaining three months of fiscal 2022		286
2023		1,025
2024		755
2025		775
2026		775
Thereafter		1,455

	$	5,071

The Company is recognizing the total cost of its office leases ratably over the respective lease periods. The difference between rent paid and rent expense is reflected as deferred rent in the accompanying balance sheets.

Rent expense totaled $257 and $296 for the three months ended October 31, 2021, and October 31, 2020, respectively. Rent expense totaled $849 and $1,697 for the nine months ended October 31, 2021, and October 31, 2020, respectively.

In the second fiscal quarter of 2021, we completed lease buyouts of two office spaces in Maryland, for leases that were expiring in fiscal 2021 and fiscal 2022, and we have made payments of $394 to facilitate early terminations for those leases. Based on the Company moving to a more fully remote posture, we also decreased our lease portfolio in Japan and New York.

8.	Income Taxes

The income tax provision for interim periods is determined using an estimate of the Company’s annual effective tax rate as adjusted for discrete items arising in that quarter. The effective income tax rate was (0.0)% and (0.1)% for the nine months ended October 31, 2021 and 2020, respectively. The effective tax rate differs from the U.S. statutory rate primarily due to the full valuation allowances on the Company’s net domestic deferred tax assets and impact of foreign tax rate differential.

On March 27, 2020, the CARES Act was enacted and signed into U.S. law to provide economic relief to individuals and businesses facing economic hardship as a result of the COVID-19 pandemic. Changes in tax laws or rates are accounted for in the period of enactment. The income tax provisions of the CARES Act did not have a significant impact on our current taxes, deferred taxes, or uncertain tax positions.

9.	Related Party Transactions

Product, subscription and support revenue from Related Parties

Certain investors and companies who the Company is affiliated with purchased software, subscription and support revenue during the periods presented. The Company recognized $426 and $434 of revenue from contracts with related parties for the three months ending October 31, 2021, and October 31, 2020, respectively. The Company recognized $1,263 and $1,494 of revenue from contracts with related parties for the nine months ending October 31, 2021, and October 31, 2020, respectively. The corresponding receivable was $3,521 and $ 2,540 as of October 31, 2021, and January 31, 2021, respectively.

Subscription Notes Receivables

During the nine months ended October 31, 2021, the Company received pay offs of balances due of $843. For the nine months ended October 31, 2020, the Company received paid offs of balances due of $48. As of

F-21

October 31, 2021, there are no remaining balances for subscription notes receivables. The subscription notes receivables’ accrued interest ranged from 1.40% to 2.70%, compounded annually.

10.

Net Loss Per Share Attributable to Common Stockholders

Net Loss per common share

The Company computes basic earnings per share (EPS) by dividing income (loss) available to common stockholders by the weighted average number of common shares outstanding for the reporting period. Diluted EPS reflects the effect of potential shares that would be issued if stock option awards, Restricted Stock Units, Public and Private Warrants and preferred shares, to the extent issued, were converted into common stock, to the extent dilutive.

The following table summarizes the computation of basic and diluted net loss per share attributable to common stockholders:


	Three Months Ended October 31,						Nine Months Ended October 31,
	2021			2020			2021			2020
Numerator: Net loss	$	(193,122	)	$	(12,454	)	$	(225,789	)	$	(43,157	)
Denominator: Basic and Diluted Weighted-average shares in computing net loss per share attributable to common stockholders		87,178,432			65,067,942			74,001,217			64,064,424

Net loss attributable to common stockholders—basic and diluted	$	(2.22	)	$	(0.19	)	$	(3.05)		$	(0.67	)

Since the Company was in a net loss position for all periods presented, diluted net loss per share attributable to common stockholders will be the same as the basic net loss per share, as, in a net loss position, the inclusion of all potential common shares outstanding would be antidilutive. The potential shares of common stock excluded from the computation of diluted net loss per share for the periods presented due to their antidilutive impacts are as follows:


	As of October 31, 2021		As of October 31, 2020
Shares of common stock issuable from stock options		1,474,840		2,671,317
Total RSUs unvested pending settlement		8,204,455		16,102,029
Shares of common stock issuable upon conversion from preferred shares		—		21,272,479
Private Warrants		10,200		—
Public Warrants		8,596,273		—

Potential common shares excluded from diluted net loss per share		18,285,768		40,045,825

As of October 31, 2020 there were no Private or Public Warrants outstanding due to the fact that the Legacy LGL interim condensed consolidated balance sheet was consolidated and combined with Legacy IronNet as of the effective date of the Merger. Legacy LGL Public and Private Warrants as of August 26, 2021 were 8,624,992 and 5,200,000, respectively.

F-22

11.

COVID-19—CARES Act. provision

During fiscal 2021, in response to the increased economic uncertainties that the impact of the COVID-19 pandemic was expected to have on our business, results of operations, liquidity and capital resources, Legacy IronNet took measures to ensure that we could continue the continuity of our business operations through the use of funding measures which included the PPP loan from the US Small Business Administration pursuant to the CARES Act. The purpose of the loan was for small businesses to keep their workforces employed through the pandemic. Legacy IronNet received loan funds of $5,580 on April 21, 2020. The loan bore interest at 1% and was payable in monthly installments beginning on September 15, 2021. As of October 31, 2021, and January 31, 2021, the Company had an interest accrual of $0 and $44 related to the PPP loan. The unsecured loan was evidenced by a promissory note of Legacy IronNet with PNC Bank (the “Lender”). As detailed in Note 2, on August 26, 2021, in conjunction with the Merger, the Company repaid in full all amounts due and terminated all commitments and obligations under the unsecured PPP loan.

In addition to seeking and receiving the PPP loan under the CARES Act, Legacy IronNet also elected to defer the Company portion of payroll taxes under the CARES Act. Amounts deferred from March 1, 2020 through to the end of 2020 will become due, at 50% on December 31, 2021, with the remaining 50% due on December 31, 2022. The balance of the payroll tax deferral is $1,378 as of October 31, 2021 and is included in Other current and Long-Term Liabilities on the balance sheet.

12.

Retirement Plans

We provide a retirement savings plan for the benefit of our employees, including our named executive officers. The plan is intended to qualify as a tax-qualified 401(k) plan so that contributions, and income earned on such contributions, are not taxable to participants until withdrawn or distributed from the plan (except in the case of contributions under the 401(k) plan designated as Roth contributions). The 401(k) plan provides that each participant may contribute up to an annual statutory limit. Participants who are at least 50 years old can also contribute additional amounts based on statutory limits for “catch-up” contributions. Under the plan, each employee is fully vested in his or her deferred salary contributions. Employee contributions are held and invested by the plan’s trustee as directed by participants. We also fully match employee contributions up to the first 4% of salary, which amounts are fully vested.

13.

Subsequent Events

The Company has evaluated subsequent events through the date the financial statements were issued, and has determined that the only material subsequent event that requires disclosure in the interim condensed consolidated financial statements is the approval on November 23, 2021 by the Compensation Committee of grants of 1,149,605 RSUs under the 2021 Plan for employees who had started with the company primarily after March 15, 2021, when the last grants under the 2014 Plan were made, and through November 15, 2021. Stock compensation amounts for the grants which had service periods beginning prior to October 31, 2021 will be included in stock compensation expense during the fourth quarter.

F-23

Report of Independent Registered Public Accounting Firm

To the Board of Directors and Stockholders of IronNet, Inc.

Opinion on the Financial Statements

We have audited the accompanying consolidated balance sheets of IronNet Cybersecurity, Inc. and its subsidiaries (the “Company”) as of January 31, 2021 and 2020, and the related consolidated statements of operations, of comprehensive income, of preferred stock and stockholders’ equity and of cash flows for the years then ended, including the related notes (collectively referred to as the “consolidated financial statements”). In our opinion, the consolidated financial statements present fairly, in all material respects, the financial position of the Company as of January 31, 2021 and 2020, and the results of its operations and its cash flows for the years then ended in conformity with accounting principles generally accepted in the United States of America.

Substantial Doubt about the Company’s Ability to Continue as a Going Concern

The accompanying consolidated financial statements have been prepared assuming that the Company will continue as a going concern. As discussed in Note 1 to the consolidated financial statements, the Company has incurred recurring losses from operations and expects to continue to incur significant costs in pursuit of financing that raises substantial doubt about its ability to continue as a going concern. Management’s plans in regard to these matters are also described in Note 1. The consolidated financial statements do not include any adjustments that might result from the outcome of this uncertainty.

Basis for Opinion

These consolidated financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s consolidated financial statements based on our audits. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (PCAOB) and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.

We conducted our audits of these consolidated financial statements in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement, whether due to error or fraud.

Our audits included performing procedures to assess the risks of material misstatement of the consolidated financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the consolidated financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the consolidated financial statements. We believe that our audits provide a reasonable basis for our opinion.

/s/ PricewaterhouseCoopers LLP

Baltimore, Maryland

May 14, 2021, except for the effects of the Merger Agreement and Reverse Recapitalization discussed in Note 1 to the consolidated financial statements, as to which the date is March 10, 2022

We have served as the Company’s auditor since 2019.

F-24

IronNet Cybersecurity, Inc.

Consolidated Balance Sheets

January 31, 2021 and 2020

(Amounts in thousands of U.S. dollars, except share and per share data)


	As of January 31,
	2021			2020
Assets
Current Assets
Cash and Cash Equivalents	$	31,543		$	10,806
Accounts Receivable		1,643			1,216
Unbilled Receivable		1,425			386
Related Party Receivables and Loan Receivables		3,599			1,711

Account and Loan Receivables		6,667			3,313
Investments		—			1,401
Inventory		2,180			1,964
Deferred Costs		2,068			1,081
Prepaid Warranty		1,037			806
Prepaid Expenses and Other Current Assets		2,172			1,555

Total Current Assets		45,667			20,926

Non-Current Assets
Deferred Costs		2,056			2,063
Property and Equipment, Net		2,792			3,184
Prepaid Warranty		878			1,519
Deposits and Other Assets		298			398

Total Assets	$	51,691		$	28,090

Liabilities, Preferred Stock, and Stockholders’ Equity
Current Liabilities
Accounts Payable	$	1,922		$	1,618
Accrued Expenses		2,591			1,844
Deferred Revenue		12,481			7,879
Deferred Rent		134			161
Short-Term PPP Loan		3,487			—
Income Tax Payable		88			10
Other current liabilities		689			—

Total Current Liabilities		21,392			11,512

Long-Term Liabilities
Deferred Rent		928			1,059
Deferred Revenue		21,563			12,433
Long-Term PPP Loan		2,093			—
Other Long-Term Liabilities		689			0

Total Long-Term Liabilities		25,273			13,492

Total Liabilities		46,665			25,004

Commitments and Contingencies (Note 13)
Stockholders’ Equity
Preferred stock, $0.001 par value; 100,000,000 shares authorized; none issued or outstanding
Class A common stock; $0.0001 par value; 500,000,000 shares authorized; 66,933,566 and 60,121,819 shares issued and outstanding at January 31, 2021 and January 31, 2020, respectively		7			6
Additional paid-in capital		180,853			123,251
Accumulated other comprehensive income		40			394
Accumulated deficit		(175,039	)		(119,666	)
Subscription notes receivable		(835	)		(900	)

Total Stockholders’ Equity		5,026			3,086

Total Liabilities and Stockholders’ Equity	$	51,691		$	28,090

The accompanying notes are an integral part of these financial statements.

F-25

IronNet Cybersecurity, Inc.

Consolidated Statements of Operations

Years Ended January 31, 2021 and January 31, 2020

(Amounts in thousands of U.S. dollars, except per share data)


	Year Ended January 31,
	2021			2020
Software, subscription, and support revenue	$	24,701		$	19,798
Professional services revenue		4,526			3,364

Total revenue		29,227			23,162
Cost of software, subscription, and support revenue		5,393			5,904
Cost of services revenue		1,629			726

Total cost of revenue		7,022			6,630

Gross profit		22,205			16,532

Operating expenses
Research and development		25,754			26,587
Sales and marketing		30,381			17,919
General and administrative		21,347			20,451

Total operating expenses		77,482			64,957

Operating loss		(55,277	)		(48,425	)
Other (expense) income, net		(19	)		567

Loss before provision for income taxes		(55,296	)		(47,858	)
Provision for income taxes		(77	)		(11	)

Net loss	$	(55,373	)	$	(47,869	)


Basic and diluted net loss per common share	$	(0.86	)	$	(0.81	)
Weighted average shares outstanding, basic and diluted		64,562			58,838

The accompanying notes are an integral part of these financial statements.

F-26

IronNet Cybersecurity, Inc.

Consolidated Statements of Comprehensive Income

Years Ended January 31, 2021 and January 31, 2020

(Amounts in thousands of U.S. dollars)


	Year Ended January 31,
	2021			2020
Net loss	$	(55,373	)	$	(47,869	)

Other comprehensive income (loss), net of tax:
Change in net unrealized (losses) gains on available for sale investments, net of tax		(397	)		175
Foreign currency translations adjustment, net of tax		42			(3	)

Total comprehensive loss	$	(55,728	)	$	(47,697	)

The accompanying notes are an integral part of these financial statements.

F-27

IronNet Cybersecurity, Inc.

Consolidated Statements of Preferred Stock and Stockholders’ Equity

Years Ended January 31, 2021 and January 31, 2020

(Amounts in thousands of U.S. dollars)


	Series A Preferred Stock						Series B Preferred Stock						Class A Common Stock				Class A Common Stock						Additional Paid-in Capital			Accumulated Deficit			Accumulated Other Comprehensive Income (Loss)			Subscription Notes Receivable			Total Stockholders’ Equity
	Shares			Amount			Shares			Amount			Shares		Amount		Shares			Amount			Additional Paid-in Capital			Accumulated Deficit			Accumulated Other Comprehensive Income (Loss)			Subscription Notes Receivable			Total Stockholders’ Equity
Balance at January 31, 2019, as previously reported		794		$	32,500			1,071		$	78,086			35,690	$	4		17,607		$	2		$	1,675		$	(71,797	)	$	222		$	(793	)	$	(70,687	)

Retroactive application of recapitalization⁽¹⁾		(794	)		(32,500	)		(1,071	)		(78,086	)		22,879		2		(17,607	)		(2	)		110,585			—			—			—			110,585

Balance at January 31, 2019		—		$	—			—		$	—			58,569	$	6		—		$	—		$	112,260		$	(71,797	)	$	222		$	(793	)	$	39,898
Issuance of common stock		—			—			—			—			1,554		—		—			—			10,808			—			—			(95	)		10,713
Interest earned on subscription notes receivable		—			—			—			—			—		—		—			—			12			—			—			(12	)		—
Stock-based compensation		—			—			—			—			—		—		—			—			171			—			—			—			171
Unrealized gain on investments		—			—			—			—			—		—		—			—			—			—			175			—			175
Net loss		—			—			—			—			—		—		—			—			—			(47,869	)		—			—			(47,869	)
Foreign currency translation adjustment, net of tax of $0)																														(3	)					(3	)

Balance at January 31, 2020		—			—			—			—			60,122		6		—			—			123,251			(119,666	)		394			(900	)		3,086

Issuance of common stock		—			—			—			—			6,812		1		—			—			57,592			—			—			—			57,593
Interest earned on subscription notes receivable		—			—			—			—			—		—		—			—			16			—			—			(16	)		—
Payments on subscription notes receivable		—			—			—			—			—		—		—			—			—			—			—			81			81
Stock-based compensation		—			—			—			—			—		—		—			—			(6	)		—			—			—			(6	)
Unrealized gain on investments		—			—			—			—			—		—		—			—			—			—			(396	)		—			(396	)
Net loss		—			—			—			—			—		—		—			—			—			(55,373	)		—			—			(55,373	)
Foreign currency translation adjustment, net of tax of $0)		—			—			—			—			—		—		—			—			—			—			42			—			42

Balance at January 31, 2021		—			—			—			—			66,934		7		—			—			180,853			(175,039	)		40			(835	)		5,026

(1)

The accompanying notes are an integral part of these financial statements.

F-28

IronNet Cybersecurity, Inc.

Consolidated Statements of Cash Flows

Years Ended January 31, 2021 and January 31, 2020

(Amounts in thousands of U.S. dollars)


	Year Ended January 31,
	2021			2020
Operating Activities
Net loss	$	(55,373	)	$	(47,869	)
Adjustments to reconcile net loss to net cash:
Provided by (Used in) Operating Activities:
Depreciation and amortization		1,162			1,026
Loss on disposal of property and equipment		219			7
Bad debt expense		33			—
Employee stock based compensation		(6	)		171
Changes in Operating Assets and Liabilities:
Accounts receivable		(3,356	)		(170	)
Deferred costs		(1,038	)		611
Inventory		(217	)		(1,469	)
Prepaid expenses and other current assets		(610	)		(190	)
Deposits and other assets		104			(77	)
Contract assets		424			(305	)
Accounts payable		1,628			(1,191	)
Accrued expenses		751			754
Income tax payable		76			7
Deferred rent		(158	)		(106	)
Deferred revenue		13,711			38

Net cash used in operating activities		(42,650	)		(48,763	)

Investing Activities
Purchases of property and equipment		(952	)		(1,054	)
Proceeds from the sale of fixed assets		61			22
Purchases of investments		—			(11,153	)
Sales of investments		—			19,386
Proceeds from the maturity of investments		1,003			16,963

Net cash provided by investing activities		112			24,164

Financing Activities
Proceeds from issuance of common stock		57,593			10,713
Proceeds from borrowing of PPP loan		5,580			—
Proceeds from stock subscription		81			—

Net cash provided by financing activities		63,254			10,713

Effect of exchange rate changes on cash and cash equivalents		21			(2	)
Net change in cash and cash equivalents		20,737			(13,888	)
Cash and Cash Equivalents
Beginning of the period		10,806			24,694

End of the period	$	31,543		$	10,806

Supplemental disclosures of non-cash investing and financing activities
Issuance of common stock under subscription note receivable arrangements	$	—		$	95
Interest earned on subscription notes receivable	$	16		$	12

The accompanying notes are an integral part of these financial statements.

F-29

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

1.	Organization and Summary of Significant Accounting Policies

IronNet Cybersecurity, Inc. and subsidiaries (hereinafter “IronNet”, “we”, “us”, “our”, or the “Company”) provide a suite of technologies that provide real-time threat assessment and updates, behavioral modeling, big data analytics, and proactive threat detection and response capabilities as well as consulting services and training programs to protect against current and emerging cyber-threats.

The Company was incorporated in the State of Delaware in May 2014. The Company’s headquarters is located in McLean, Virginia.

The Company’s fiscal year ends on January 31. References to fiscal 2021, for example, refer to the fiscal year ending January 31, 2021.

The significant accounting policies followed by the Company are described below.

Principles of Consolidation

The consolidated financial statements include the accounts of controlled subsidiaries and affiliates and have been prepared in conformity with accounting principles generally accepted in the United States of America (U.S. GAAP). All intercompany transactions have been eliminated in consolidated.

Foreign Currency Translation

The United States Dollar (USD) is the functional currency of IronNet and our subsidiaries in the United States. Our subsidiaries’ financial statements are maintained in their functional currencies, which is the local currency in their country of origin. Our foreign subsidiaries’ financial statements are translated into USD using the exchange rate applicable to the dates of the financial statements. Assets and liabilities are translated into USD using the period-end spot foreign exchange rates. Income and expenses are translated into USD using the weighted-average exchange rates in effect during the period. Equity accounts are translated at historical exchange rates. The effects of these translation adjustments are reported as a component of Accumulated other comprehensive income (loss) included in the Consolidated Statements of Preferred Stock and Stockholders’ Equity.

Use of Estimates

Revenue Recognition

The Company’s revenues are derived from sales of products, subscriptions, support and maintenance, and other services.

Revenue is recognized when all of the following criteria are met:

•

Identification of the contract, or contracts, with a customer—A contract with a customer to account for exists when (i) the Company enters into an enforceable contract with a customer that defines each

F-30

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

party’s rights regarding the goods or services to be transferred and identifies the payment terms related to these goods or services, (ii) the contract has commercial substance and the parties are committed to perform, and (iii) the Company determines that collection of substantially all consideration to which it will be entitled in exchange for goods or services that will be transferred is probable based on the customer’s intent and ability to pay the promised consideration.

•

Identification of the performance obligations in the contract—Performance obligations promised in a contract are identified based on the goods or services that will be transferred to the customer that are both capable of being distinct, whereby the customer can benefit from the goods or service either on its own or together with other resources that are readily available from third parties or from us, and are distinct in the context of the contract, whereby the transfer of the goods or services is separately identifiable from other promises in the contract. To the extent a contract includes multiple promised goods or services, the Company applies judgment to determine whether promised goods or services are capable of being distinct and distinct in the context of the contract. If these criteria are not met the promised goods or services are accounted for as a combined performance obligation.

•

Determination of the transaction price—The transaction price is determined based on the consideration to which the Company will be entitled in exchange for transferring goods or services to the customer.

•

Allocation of the transaction price to the performance obligations in the contract—The Company allocates the transaction price to each performance obligation based on the amount of consideration expected to be received in exchange for transferring goods and services to the customer. If the contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation on a relative standalone selling price based on the observable selling price of our products and services.

•

Recognition of revenue when, or as, we satisfy performance obligations—The Company satisfies performance obligations either over time or at a point in time as discussed in further detail below. Revenue is recognized at or over the time the related performance obligation is satisfied by transferring a promised good or service to a customer.

Accounts Receivable

Accounts receivable are generated from contracts with customers. Management determines the need for an allowance for doubtful accounts by evaluating individual customer receivables and considering a customer’s financial condition, credit history and current economic conditions. Management has evaluated the need for an allowance for doubtful accounts and no amounts were recorded as of January 31, 2021 and 2020, respectively.

Deferred revenue (Contract Liabilities)

Deferred revenue, which is a contract liability, consists of amounts for which we have the unconditional right to bill or advance from customers for which have not yet recognized revenue. We generally bill our customers in advance. To the extent the Company bills customers in advance of the contract commencement date, the accounts receivable and corresponding deferred revenue amounts are netted to zero on the consolidated balance sheets, unless such amounts have been paid as of the balance sheet date.

F-31

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

Deferred costs

The Company amortizes its contract fulfillment costs ratably over the contract term in a manner consistent with the related revenue recognition on that contract and are included in cost of revenue. These costs include appliance hardware and installation costs that are essential in providing the future benefit of the solution.

Deferred Commissions

Sales commissions contract are considered incremental and recoverable costs and are deferred and then amortized on a straight-line basis over the period of benefit determined to be between one and five years, which includes the contractual and expected renewal periods. The Company recognizes the incremental costs to initially obtain a contract with a customer on the statement of financial position if the Company expects the benefit of those costs to be longer than one year. Amortization expense is included in sales and marketing expenses in the accompanying consolidated statement of operations.

Sales commissions paid upon renewal are substantially lower than the commissions paid to initially obtain the contract and are expensed in the period the contract is renewed. The majority of customer contracts are annual and as a result these renewals commissions are paid on an annual basis.

Cash Equivalents

The Company considers all highly-liquid instruments readily convertible into known amounts of cash with original maturities of three months or less to be cash equivalents.

Investments

The Company classifies our investments as available-for-sale and records these investments at fair value. Investments with an original maturity of three months or less at the date of purchase are considered cash equivalents, while all other investments are classified as short-term or long-term based on their maturities and their availability for use in current operations. Investments are A rated securities with maturities through October 16, 2020. Unrealized gains and losses are reported as a component of other comprehensive (loss) income of $(397) and $175 for the years ended January 31, 2021 and January 31, 2020, respectively. Realized gains and losses are reflected in our Consolidated Statements of Operations.

The investment account was closed during FY 2021. The cost basis for short term and long term investments at January 31, 2020 are $1,398 and $0, respectively.

Inventory

Inventory is stated at the lower of cost (determined on a FIFO basis) or net realizable value. No provisions have been made to reduce slow-moving, obsolete or unusable inventories to their net realizable values for January 31, 2021 and 2020. Substantially all of our inventory is finished goods.

Property and Equipment

Property and equipment is stated at cost and depreciated over the assets estimated useful life using the straight-line method. Expenditures for major additions and improvements are capitalized and minor replacements, maintenance, and repairs are charged to expense as incurred. The Company has incurred

F-32

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

repair and maintenance charges of $10 and $67 for the years ended January 31, 2021 and 2020, respectively. When property and equipment is retired, or otherwise disposed of, the cost and accumulated depreciation and amortization is removed and any resulting gain or loss is included in the results of operations.


Computer and other equipment		3-5 years
Leasehold improvements		Shorter of life of lease or life of asset
Furniture and fixtures		7 years
Software		3 years

Software Development Costs

Costs related to research, design and development of software products prior to establishment of technological feasibility are included in research and development as incurred. Software development costs, if material, are capitalized, beginning when a product’s technological feasibility has been established using the working model approach and ending when a product is available for general release to customers. The costs capitalized were $629 and $0 for the years ended January 31, 2021 and 2020, respectively.

Research and Development

Research and development costs are expensed in the year incurred and relate to new product developments and new features and are primarily personnel related costs and acquired software costs. These costs totaled $25,754 and $26,587 for the years ended January 31, 2021 and 2020, respectively.

Advertising

The Company expenses advertising costs as incurred. Advertising costs were $2,631 and $1,129 for the years ended January 31, 2021 and 2020, respectively and are included in the Sales and Marketing expenses.

Stock-based Compensation

The Company recognizes expense for stock-based compensation awards based on the estimated fair value of the award on the date of grant, which is amortized on a straight-line basis over the employee’s or director’s requisite service period, generally the vesting period of the award.

The Company uses the Black-Scholes pricing model to estimate the fair value of options on the date of grant. The use of a valuation model requires management to make certain assumptions with respect to selected model inputs. The Company grants stock options at exercise prices determined equal to the fair value of common stock on the date of the grant. The fair value of the Company’s common stock at each measurement date is based on a number of factors, including the results of third-party valuations, the Company’s historical financial performance, and observable arms-length sales of the Company’s capital stock including convertible preferred stock, and the prospects of a liquidity event, among other inputs. The computation of expected option life is based on an average of the vesting term and the maximum contractual life of the Company’s stock options, as the Company does not have sufficient history to use an alternative method to the simplified method to calculate an expected life for employees. The Company estimates an expected forfeiture rate for stock options, which is factored into the determination of stock-based compensation expense. The volatility assumption is based on the historical and implied volatility of the Company’s peer group with similar business models. The risk-free interest rate is based on U.S. Treasury

F-33

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

zero-coupon issues with a remaining term equal to the expected life assumed at the date of grant. The dividend yield percentage is zero because the Company does not currently pay dividends nor does the Company intend to do so in the future.

These estimates involve inherent uncertainties and the use of different assumptions may have resulted in stock-based compensation expense that was different from the amounts recorded.

Merger Agreement and Reverse Recapitalization

Pursuant to the terms of the Merger Agreement, a merger of Legacy IronNet and Legacy LGL was effected by the merger of Merger Sub with and into Legacy IronNet, with Legacy IronNet surviving the Merger as a wholly-owned subsidiary of Legacy LGL. Following the consummation of the Merger, Legacy LGL changed its name from LGL Systems Acquisition Corp. to IronNet, Inc. on the closing date. Pursuant to the Merger Agreement, at the effective time of the Merger, (i) each outstanding share of Legacy IronNet common stock and preferred stock (with each share of Legacy IronNet preferred stock being treated as if it were converted into ten (10) shares of Legacy IronNet common stock on the effective date of the Merger) was converted into the right to receive (a) a number of shares of Company common stock equal to the Exchange Ratio (as defined below) and (b) a cash amount payable in respect of fractional shares of Legacy IronNet common stock that would otherwise be issued in connection with the foregoing conversion, if applicable, and (ii) each Legacy IronNet option, restricted stock unit, restricted stock award that was outstanding immediately prior to the closing of the Merger (and by its terms did not terminate upon the closing of the Merger) remains outstanding and (x) in the case of options, represents the right to purchase a number of shares of Company common stock equal to the number of shares of Legacy IronNet common stock subject to such option multiplied by the Exchange Ratio used for Legacy IronNet common stock (rounded down to the nearest whole share) at an exercise price per share equal to the current exercise price per share for such option divided by the Exchange Ratio (rounded up to the nearest whole cent) and (y) in the case of restricted stock units and restricted stock awards, represent a number of shares of Company common stock equal to the number of shares of Legacy IronNet common stock subject to such restricted stock unit or restricted stock award multiplied by the Exchange Ratio (rounded down to the nearest whole share).

The Exchange Ratio was 0.8141070 of a share of Company common stock per fully-diluted share of Legacy IronNet common stock.

The Merger was accounted for as a Reverse Recapitalization in accordance with Accounting Standards Codification (“ASC”) 805, Business Combination.

F-34

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

All shares and related share prices covering periods prior to the closing of the Merger on August 26, 2021 have been expressed on a post-conversion basis through the application of the Merger-related exchange ratio of 0.814107, whereby a share or share equivalent of Legacy IronNet is now being expressed in its post conversion equivalent and making it directly comparable to the share, share equivalents and related prices that are presented elsewhere in this report.

Income Taxes

Income taxes are accounted for under the asset and liability method. Deferred tax assets and liabilities are recognized for the future tax consequences attributable to differences between the financial statement carrying amount of existing assets and liabilities and their respective tax bases. Deferred tax assets and liabilities are measured using enacted tax rates expected to apply to taxable income in the years in which those temporary differences are expected to be recovered or settled. The effect on deferred tax assets and liabilities of a change in tax rates is recognized in income in the period that includes the enactment date.

The Company is subject to income taxes in U.S. federal jurisdictions and various state jurisdictions. Tax regulations within each jurisdiction are subject to interpretation of the related tax laws and regulations and require significant judgment to apply. The Company recognizes tax liabilities for uncertain tax positions when it is more likely than not that a tax position will not be sustained upon examination and settlement with various taxing authorities. Liabilities for uncertain tax positions are measured based upon the largest amount of benefit that is greater than 50% likely of being realized upon settlement. The guidance on accounting for uncertainty in income taxes also addresses de-recognition, classification, interest and penalties on income taxes, and accounting in interim periods. Management has evaluated the Company’s tax positions and has concluded that the Company has taken no uncertain tax positions that require adjustment to the financial statements.

Segment and Geographic Information

Segments are defined as components of an enterprise for which separate financial information is evaluated regularly by the chief operating decision maker (“CODM”), in deciding how to allocate resources and access performance. The CODM reviews financial information presented on a consolidated basis for the purposes of allocating resources and evaluating financial performance. Accordingly, management has determined that the Company operates as one operating segment. The Company presents financial information about its geographic areas in Note 10, Geographic Information, to the consolidated financial statements.

Fair Value of Financial Instruments

The fair value of the Company’s cash and cash equivalents, accounts receivable, prepaid expenses and other current assets, accounts payable and accrued expenses approximate their carrying amounts due to the relatively short maturity of these items.

Concentrations of Credit Risk

The Company’s assets that are exposed to credit risk consist primarily of cash and cash equivalents and accounts receivable. Cash and cash equivalents are maintained at financial institutions and, at times,

F-35

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

balances may exceed federally insured limits. The Company has never experienced any losses related to these balances. Amounts on deposit in excess of federally insured limits or accounts not included in federally insured limits at January 31, 2021 approximates $30,728. Accounts receivable consist primarily of amounts due from commercial entities. Historically, the Company has not experienced significant losses related to accounts receivable and, therefore, believes that the credit risk related to accounts receivable is minimal.

Going Concern

As of January 31, 2021, the Company had cash and cash equivalents of $31,543 and collectable receivables of $6,667. The Company completed its latest investment fund raising round in fiscal 2021, securing a total of $68,012 in new capital to further fund company operations. Nevertheless, the Company has incurred recurring losses from operations and expects to continue to incur significant costs in pursuit of its next round of financing in fiscal 2022 for capital funding purposes. Management plans to address this need for capital through that round of financing. Though the Company has had prior success in raising capital on favorable terms in its three previous rounds, the Company cannot assure that its plans to raise capital will be successful. These factors, when considered in the aggregate, raise substantial doubt about the Company’s ability to continue as a going concern. The financial statements do not include any adjustments that might become necessary should the Company be unable to continue as a going concern.

Recent Accounting Pronouncements not Yet Adopted

The FASB issued ASU No. 2016-02, Leases (Topic 842) (“ASU 2016-02”), which supersedes the current lease requirements in ASC 840, Leases. ASU 2016-02 requires lessees to recognize a right-of-use asset and related lease liability for all leases, with a limited exception for short-term leases. Leases will be classified as either finance or operating, with the classification affecting the pattern of expense recognition in the statement of operations. Currently, leases are classified as either capital or operating, with any capital leases recognized on the consolidated balance sheets. The reporting of lease-related expenses in the consolidated statements of operations and cash flows will be generally consistent with the current guidance. The new lease guidance will be effective for the year ending January 31, 2023 and will be applied using a modified retrospective transition method to either the beginning of the earliest period presented or the beginning of the year of adoption. The Company is currently evaluating the impact of adopting the new standard. The adoption of this standard will require the recognition of a right of use asset and liability on the Company’s consolidated balance sheets.

In June 2016, the FASB issued ASU 2016-13, Measurement of Credit Losses on Financial Instruments (Topic 326). This standard requires a new method for recognizing credit losses that is referred to as the current expected credit loss (CECL) method. The CECL method requires the recognition of all losses expected over the life of a financial instrument upon origination or purchase of the instrument, unless the company elects to recognize such instruments at fair value with changes in profit and loss (the fair value option). This standard is effective for the Company for the fiscal years beginning after December 15, 2022. Management is currently evaluating the potential impact on this guidance on its financial statements.

In August 2018, the FASB issued ASU 2018-15, Intangibles - Goodwill and Other - Internal-Use Software (Subtopic 350-40): Customer’s Accounting for Implementation Costs Incurred in a Cloud Computing Arrangement That Is a Service Contract. This standard requires capitalization of the implementation costs incurred in a hosting arrangement that is a service contract with the requirements for capitalizing

F-36

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

implementation costs incurred to develop or obtain internal-use software. Further, the standard also requires the Company to expense the capitalized implementation costs of a hosting arrangement over the term of the hosting arrangement. This standard is effective for the Company for fiscal years beginning after December 15, 2020. Management will evaluate the potential impact of this guidance on its financial statements.

2.	Revenue

Software and support revenue

Our security appliance deliverables include proprietary operating system software and hardware, together with regular threat intelligence updates and support, maintenance, and warranty. We combine intelligence dependent hardware and software licenses with the related threat intelligence and support and maintenance as a single performance obligation, as it delivers the essential functionality of our cybersecurity solution. As a result, we recognize revenue for this single performance obligation ratably over the expected term with the customer. Significant judgement is required for the assessment of material rights relating to renewal options associated with our contracts.

Revenue from Software and Support for the year ended January 31, 2021 and January 31, 2020 was $14,758 and $15,914, respectively.

Subscription revenue

Revenue from subscriptions, which allow customers to use our security software over a contracted period without taking possession of the software, and managed services where we provide managed detection and response services for customers, are recognized over the contractual term. The subscription type revenue recognized for the year ended January 31, 2021 and January 31, 2020 was $9,943 and $3,884, respectively.

Professional services revenue

Major customers

For the years ended January 31, 2021 and 2020, six customers accounted for 46% or $13,381 with one of those customers accounting for 10% and four customers accounted for 48% or $11,187 with all four being over 10% of the Company’s revenue, respectively. As of January 31, 2021 and 2020, three and one customers represents 85% and 30% of the total accounts receivable balance, respectively.

F-37

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands


	Year Ended January 31,
	2021			2020
Customer A		10%			*
Customer B		*			14%
Customer C		*			10%
Customer D		*			10%
Customer E		*			14%

		10	%		48	%

* - less than 10%

Deferred Costs

As described in Note 1, the Company defers contract fulfillment costs that includes appliance hardware. The balances in deferred costs are as follows:


Balance at February 1, 2019	$	3,754
Cost of revenue recognized		(1,541	)
Costs deferred		867

Balance at January 31, 2020		3,080

Balance at February 1, 2020		3,080
Cost of revenue recognized		(1,151	)
Costs deferred		876

Balance at January 31, 2021	$	2,805

The balance of deferred commissions at January 31, 2021 and 2020 were $1,319 and $64, respectively. Deferred commissions are included in the Deferred costs on the Consolidated Balance Sheets of which $794 is current and $525 is long-term as of January 31, 2021.

Deferred revenue

Deferred revenue represents amounts received from and/or billed to customers in excess of revenue recognized. Amounts that have been invoiced are recorded in accounts receivable and in deferred revenue or revenue depending on whether the revenue recognition criteria have been met. During the fiscal years, the Company recognized revenue of $7,809 and $7,441, respectively that was included in the deferred revenue balance at the beginning of each of the respective periods.

F-38

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

The balance in deferred revenue is as follows:


Balance at February 1, 2019	$	20,274
Revenue recognized		(15,746	)
Revenue deferred		15,785
Foreign exchange		(1	)

Balance at January 31, 2020	$	20,312

Balance at February 1, 2020	$	20,312
Revenue recognized		(25,271	)
Revenue deferred		38,940
Foreign exchange		63

Balance at January 31, 2021	$	34,044

Remaining performance obligations

As of January 31, 2021, the remaining performance obligations in deferred revenue totaled $34,044. The Company’s recognition of revenue in the future thereon will be in:


Years Ending January 31,
2022	$	12,481
2023		9,565
2024		6,862
2025		4,150
2026		986
Thereafter		—

	$	34,044

3.	Prepaid Expenses and Other Current Assets

Prepaid expenses and other current assets consist of the following at January 31:


	2021		2020
Prepaid expenses	$	2,046	$	1,507
Other assets		126		48

	$	2,172	$	1,555

F-39

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

4.	Property and Equipment

Property and equipment consists of the following at January 31:


	2021			2020
Computer and other equipment	$	3,701		$	3,665
Leasehold improvements		1,582			1,582
Furniture and fixtures		386			969
Software		629			—

		6,298			6,216
Less: Accumulated depreciation and amortization		(3,506	)		(3,032	)

	$	2,792		$	3,184

Depreciation and amortization expense on property and equipment aggregated $1,162 and $1,026 for the years ended January 31, 2021 and January 31, 2020, respectively.

5.	Retirement Plan

The Company maintains a defined contribution 401(k) profit sharing plan (the Plan) for all employees who are over the age of 21. Participants may make voluntary contributions up to the maximum amount allowable by law. The Company may make contributions to the Plan determined by safe harbor matching and vest to the participants ratably over a four-year period, beginning with the second year of participation. The Company recorded contributions to the Plan of $1,680 and $1,209 for the years ended January 31, 2021 and January 31, 2020, respectively.

6.	Stock Incentive Plan

The Company has a Stock Incentive Plan (the Stock Incentive Plan) under which, as of January 31, 2020, it may grant incentive stock options (ISOs), Restricted Stock Options (RSUs) and other equity securities to acquire, to convert into or to receive up to 29,511 shares of Class A common stock. As of January 31, 2021, there were 3,284 share equivalents that remained available to issue under the Stock Incentive Plan.

All share equivalents issuable under the Stock Incentive Plan normally vest over a forty-eight month period with an initial catch up of 25% vesting at the end of the first year during which no vesting occurs. In limited cases, vesting as short as twelve months with no cliff, vesting based on performance criteria and acceleration under certain events have also been permitted; however, such exceptions apply to less than 15% of the share equivalents authorized under the Stock Incentive Plan.

With regard to stock option grants, the exercise price of each ISO granted under the Stock Option Plan may not be less than the fair market value per share of the underlying Class A common stock on the date of grant. The Board of Directors establishes the term and the vesting of all options issued under the Stock Option Plan; however, in no event will the term exceed ten years.

The fair value of each stock option and restricted stock award was estimated on the date of grant using the Black-Scholes Option Pricing Model using the independent valuations of the company’s stock. The Company’s determination of the fair value of stock options and restricted stock options is affected by the Company’s stock price as well as a number of subjective and complex assumptions. These assumptions include the Company’s volatility, dividend yield, and risk-free interest rate.

F-40

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

The weighted-average assumptions for the years ended January 31 are noted in the following table:


	2021			2020
Expected volatility		55.0	%		50.0	%
Expected dividend yield		0.0	%		0.0	%
Expected option term (in years)		2.0			2.0
Risk-free interest rate		0.23	%		2.27	%

The expected volatility of the options granted was estimated using the historical volatility of share prices of publicly traded companies within the same or similar industry as a substitute for the historical volatility of the Company’s common shares, which is not determinable without an active external or internal market. The expected dividends are based on the Company’s historical estimated issuance and management’s expectations for dividend issuance in the future. The expected term of options granted represents the period of time that options granted are expected to be outstanding. The risk-free interest rate for periods within the expected life of the option is based on the U.S. Treasury yield curve in effect at the time of grant.

Presented below is a summary of the status of the stock options under the Stock Incentive Plan:

Number of
Shares

Weighted
Average
Exercise
Price

Average
Remaining
Contractual
Term
(Years)

Intrinsic
Value of
Outstanding
Options

Outstanding at February 1, 2019

4,211

0.54

6.8

4,431

Granted

—

Exercised

(365

)

0.50

6.4

397

Forfeited or expired

(244

)

0.64

6.9

Outstanding at January 31, 2020

3,602

0.54

6.9

4,088

Exercisable at January 31, 2020

2,638

0.50

6.7

3,069

Outstanding at February 1, 2020

3,602

0.54

5.9

4,088

Granted

—

Exercised

(403

)

0.52

5.2

468

Forfeited or expired

(1,017

)

0.57

6.1

Outstanding at January 31, 2021

2,182

0.53

5.9

5,573

Exercisable at January 31, 2021

1,995

0.52

5.8

5,116

The Company recorded $(6) and $171 of compensation cost related to stock options to operations during the years ended January 31, 2021 and January 31, 2020, respectively. During the year ended January 31, 2021, the number of forfeitures were higher than historical levels, which resulted in the Company revising its estimate for forfeitures from 28.1% to 41.1%.

The Restricted Stock Units (RSUs) granted under the Stock Incentive Plan contain an additional vesting requirement that, in addition to the applicable time or performance vesting criteria noted above, also require the occurrence of a liquidity event. The requirements have not yet been met and therefore there is no expense recorded for RSUs in fiscal year 2021 and 2020. They also have a life of seven years.

F-41

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

Presented below is a summary of the status of outstanding RSUs, including showing the vesting status other than the liquidity event condition:


	Number of Shares			Weighted Average Grant Date Fair Value
Non-vested at February 1, 2019		1,592		$	1.58
Granted		13,969			1.63
Vested		(909	)		1.63
Forfeited or expired		(255	)		1.62

Non-vested at January 31, 2020		14,397		$	1.62

Non-vested at February 1, 2020		14,397		$	1.62
Granted		2,029			3.08
Vested		(5,090	)		1.70
Forfeited or expired		(1,624	)		2.06

Non-vested at January 31, 2021		9,712		$	1.82

The fair value of each RSU was estimated on the date of grant using the Black-Scholes Option Pricing Model based on the same assumptions utilized for calculating fair market value of the stock options and utilizing the as converted equivalent price of securities issued during the period.

As of January 31, 2021, there was $27,908 of unrecognized compensation cost related to share-based compensation arrangements granted under the Stock Incentive Plan, of which $44 remained for options and $27,864 remained for RSUs, respectively. The Company recognizes such compensation costs over the term of each respective grant after taking into account historical forfeiture rates for options and starting at the time of a liquidity event, the period between the date of a liquidity event and the remainder of the vesting period for each RSU grant. The fair value of the shares under stock options granted that vested, net of forfeited vested, during the twelve-month period ending January 31, 2021 and January 31, 2020, totaled $(1,672) and $606, respectively.

7.	Preferred Stock and Stockholders’ Equity

As referred to in Note 1, all Legacy IronNet preferred shares issued and related balances have been recast giving effect to (i) the applicable exchange ratios and (ii) the conversions of Legacy IronNet preferred to Common A relating to the Merger. The following disclosures give effect to the exchange ratio of 0.814107 while also referencing the various effects on voting rights, preferences and other characteristics of the preferred shares of Legacy IronNet as they existed at the time on which they were originally reported.

As of January 31, 2020, 118,654 of the Series B preferred shares were issued in the amount of $10,625 or $89.55 per share. During the year ended January 31, 2021, an additional 641 Series B preferred shares have been purchased at a price of $57,387. The total funds for the Series B funding round totaled $68,012.

For the year ended January 31, 2021 and January 31, 2020, the Company repurchased 0 shares of common stock.

F-42

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

The holders of Class A common stock (Class A Common), Class B common stock (Class B Common) (together Common Stock) and the holders of Series A preferred stock (Series A Preferred) and Series B preferred stock (Series B Preferred) (together Preferred Stock) have the following rights and preferences:

Voting

The holders of the Class A Common Stock and Class B Common Stock are entitled to one and twenty votes, respectively.

Each holder of Preferred stock shall be entitled to the number of votes equal to the number of shares of Common Stock into which the shares of Preferred Stock could be converted and shall have voting rights and powers equal to the voting rights and powers of the Common Stock. Except as otherwise provided by the Articles of Incorporation or as required by law, holders of Preferred stock shall vote together with the Common Stock as a single class.

Dividends

The holders of Series A Preferred, in preference to the holders of Common Stock, shall be entitled to receive dividends at a rate of $3.01 per share of Series A Preferred. The holders of Series B Preferred, shall be entitled to receive dividends at a rate of $5.37 per share. Such dividends shall be payable only when, as and if declared by the Board of Directors. If the Corporation declares, pays or sets aside any dividends on shares of Common Stock, holders of Series A Preferred Stock, Series B Preferred Stock and Common Stock shall be entitled to share in such dividend pro rata based on the number of shares held by each such holder, treating for this purpose all such securities as if they had been converted to Common Stock pursuant to the terms of the Certificate of Incorporation immediately prior to such dividend.

Liquidation

In the event of any voluntary or involuntary liquidation, dissolution or winding up of the Company or Deemed Liquidation Event (defined as either a merger or consolidation, sale of assets, or the sale of the Company’s capital stock that the merger discussed in Footnote 16 will be considered a qualifiying event), before any distribution or payment shall be made to the holders of Common Stock, the holders of Series B Preferred and Series A Preferred shall be entitled to be paid an amount per share equal to the greater of (i) the Series B Preferred or Series A Preferred Original Issue Price, plus any dividends declared but unpaid thereon, or (ii) such amount per share as would have been payable had all shares of Series B Preferred or Series A Preferred have been converted into Common Stock (the Series B or Series A Liquidation Amount). The “Original Issue Price” applicable to the Preferred Stock shall mean, in the case of the Series A Preferred Stock, $50.30 per share and in the case of the Series B Preferred Stock, $89.55 per share. If upon any such liquidation the assets of the Company are insufficient to make payment in full to all holders of Series B and Series A Preferred to the full amount to which they are entitled, then such assets shall be distributed among the holders of Series B Preferred and Series A Preferred ratably in proportion to the full amounts to which they would otherwise be entitled if such amounts had been paid in full. Thereafter, the remaining assets of the Company legally available for distribution, if any, shall be distributed ratably only to the holders of Common Stock.

F-43

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

Conversion

Each share of Preferred stock is convertible, at the option of the holder thereof, into such number of fully paid and nonassessable shares of Common Stock as is determined by dividing the applicable original issuance price by the applicable conversion price, as defined in the Second Amended and Restated Certificate of Incorporation. This conversion price is subject to adjustment under certain anti-dilutive events. Upon either (a) initial public offering of at least $75,000, or (b) the vote or written consent of the holders of at least sixty percent (60%) of the then outstanding shares of Series B and Series A Preferred shareholders, all outstanding shares of Preferred stock shall automatically be converted into shares of Common Stock at the then-effective conversion rate. In March 2021, the Company entered into a merger agreement, as discussed further in Note 16, Subsequent Events, that will lead to the conversion of the shares of Preferred stock into Common Stock as part of the merger.

Redemption

The Class A Common Stock, Class B Common Stock, Series A Preferred Stock and Series B Preferred Stock are not redeemable by any holder thereof.

Warrants

In April 2018, the Company issued warrants to purchase 5,584 shares of Series A Preferred Stock to a bank in connection with a debt arrangement. The warrants expire in April 2028. The warrants for Series A Preferred Stock are non-redeemable and are recorded as a component of equity on the Consolidated Balance Sheets.

Subscription Notes Receivable

During the year ended January 31, 2021, the Company issued no shares. During the year ended January 31, 2020, the Company issued 160 shares of common stock to certain employees of the Company in exchange for promissory notes (the Notes) totaling $95, which were determined to be recourse loans. The Notes accrue interest ranging from 1.40% to 2.70% compounded annually and are due three years from the initial date of the note agreement.

8.	Fair Value Measurements

•

Level 1—Quoted prices (unadjusted) for identical assets or liabilities in active markets;

•

Level 2—Observable inputs other than quoted prices that are either directly or indirectly observable for the asset or liability;

•

Level 3—Unobservable inputs that are supported by little or no market activity.

F-44

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

The following table presents our assets measured at fair value on a recurring basis:


	2021								2020
	Level 1		Level 2		Level 3		Total		Level 1		Level 2		Level 3		Total
Cash equivalents	$	102	$	—	$	—	$	102	$	784	$	—	$	—	$	784
Investments		—		—				—		—		1,401				1,401

Total assets	$	102	$	—	$	—	$	102	$	784	$	1,401	$	—	$	2,185

The Company’s PPP loan approximates fair value based on its terms and classifies it into Level 2 within the fair value hierarcy.

9.	Income Taxes

The provision for income taxes consists of the following for the years ended January 31:


	2021		2020
Current income taxes
Federal	$	—	$	—
State		8		8
Foreign		69		3
Deferred income taxes		—		—

Total income tax expense	$	77	$	11

For the years ended January 31, 2021 and 2020, the foreign income (loss) before provision for income tax was $660 and $(1,123), respectively. For the years ended January 31, 2021 and 2020, the domestic loss before provision for income tax was $(55,956) and $(46,735), respectively.

Indefinite reinvestment is determined by management’s judgment about and intentions concerning the future operations of the Company. As part of our business strategies, we have determined that, all earnings from our foreign continuing operations will be deemed indefinitely reinvested outside of the United States. Our plans to indefinitely reinvest certain earnings are supported by projected working capital and long-term capital requirements in each foreign subsidiary location in which the earnings are generated.

F-45

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

A reconciliation of income tax expense at the U.S. federal statutory income tax rate to annual income tax expense at the Company’s effective tax rate is as follows:


	2021					2020
Income tax expense computed at U.S. federal statutory income tax rate	$	(11,628	)	21.0	%	$	(10,050	)	21.0	%
State income taxes		(2,257	)	4.1	%		(1,951	)	4.1	%
Permanent items		321		-0.6	%		943		-2.0	%
Valuation Allowance		13,632		-24.6	%		11,617		-24.3	%
Other		9		0.0	%		(548	)	1.2	%

Income tax expense computed at U.S. federal statutory income tax rate	$	77		-0.1	%	$	11		0.0	%

Deferred income taxes reflect temporary differences in the recognition of revenue and expenses for income tax reporting and financial statement purposes. Significant components of the Company’s deferred tax assets (liabilities) are as follows:


	2021			2020
Deferred tax assets
Net operating loss carryforward	$	38,933		$	25,296
Accruals and other		757			463
Intangibles		136			135
Depreciation and amortization		70			—
Deferred Revenue		2,754			3,094

Gross deferred tax assets		42,650			28,988
Valuation allowance		(41,849	)		(28,214	)

Net deferred tax asset		801			774
Deferred tax liabilities
Depreciation and amortization		—			(23	)
Deferred costs		(801	)		(751	)

Net deferred tax assets (liabilities)	$	—		$	—

The table below details the activity of the deferred tax asset valuation allowance:


Deferred tax asset valuation allowance	Beginning Balance		Charged to Costs & Expenses		Deductions		Ending Balance
Year Ended
January 31, 2021	$	28,214		13,635		—	$	41,849
January 31, 2020	$	16,598		11,616		—	$	28,214

As of January 31, 2020 and January 31, 2019, the Company had net operating loss carryforwards (NOLs) available to offset federal taxable income of approximately $154,932 and $99,960 respectively. $25,270 of the federal NOLs expire on various dates through 2037 and $129,662 are able to be carried forward indefinitely to offset 80% of future taxable income. The company has tax effected state NOL carryforwards

F-46

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

of approximately $6,223 as of January 31, 2021 and $4,051 as of January 31, 2020 that expire on various dates through 2037.

In accordance with IRC Section 382, the extent to which net operating loss carryforwards can be used to offset future taxable income may be limited, depending on the extent of any ownership changes as defined by federal and various state and local jurisdictions. These limitations may result in the expiration of net operating loss carry forwards before utilization.

In assessing the realizability of its net deferred tax assets, management considers whether it is more likely than not that some portion or all of the net deferred tax assets will be recognized. The ultimate realization of the net deferred tax assets is dependent upon the generation of taxable income during the periods in which temporary differences become deductible. Management considers taxes paid, if any, scheduled reversal of deferred tax liabilities, projected future taxable income, and tax planning strategies that can be implemented by the Company in making this assessment. Based upon the level of historical taxable income, scheduled reversal of deferred tax liabilities, and projections for taxable income over the periods in which the temporary differences become deductible based on available tax planning strategies, management presently believes it is more likely than not that the Company may not realize all of the benefits of these deductible differences and, accordingly, has established a valuation allowance against the net deferred tax assets at January 31, 2021 and 2020.

The Company recognizes a tax position taken or expected to be taken (and any associated interest and penalties) if it is more likely than not that it will be sustained upon examination, including resolution of any related appeals or litigation processes, based on the technical merits of the position. The Company measures the tax position at the largest amount of benefit that is greater than 50% likely of being realized upon ultimate settlement. Management evaluated all income tax positions and determined that there were no uncertain tax positions that required reserves as of January 31, 2021 and 2020. The Company files tax returns in the United States federal jurisdiction and in many state jurisdictions. The tax years 2017 through 2021 remain open to examination by the major taxing jurisdictions to which the company is subject. No examinations are currently open.

On March 27, 2020, the Coronavirus Aid, Relief and Economic Security (CARES) Act was enacted and signed into U.S. law to provide economic relief to individuals and businesses facing economic hardship as a result of the COVID-19 pandemic. Changes in tax laws or rates are accounted for in the period of enactment. The income tax provisions of the CARES Act do not have a significant impact on our current taxes, deferred taxes, or uncertain tax positions.

10.

Geographic Information

The following table presents revenue by geographic location:


	2021		2020
	(in thousands)
United States	$	27,147	$	23,123
International		2,080		39

Total	$	29,227	$	23,162

Substantially all of the long-lived assets are located in the United States.

F-47

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

11.

Other Accrued Expenses

The Company performed a sales tax nexus review to determine if there were any obligations remaining. As a result of the study, the Company recorded an accrual of $611 for the remaining obligations combined with potential interest and penalties related to those years. During the year ended January 31, 2021, the Company added $65 for continued obligations combined with potential interest and penalties. The Company will begin remediation of those liabilities with the respective state jurisdictions.

12.

PPP loan

During FY 2021, in response to the increased economic uncertainties that the impact of the COVID-19 pandemic may have on our business, results of operations, liquidity or capital resources, we have taken measures to ensure that we can continue the continuity of our business operations through the use of funding measures which included the PPP loan from the US Small Business Administration pursuant to the provision of the CARES Act. The purpose of the loan was for small businesses to keep their workforces employed through the pandemic. The company received loan funds of $5,580 on April 21, 2020. At this time, the Company has not made a decision as to whether to repay the loan prior to its conversion into an amortizing term loan on August 15, 2021, whether to repay it in the ordinary course over its current amortization period ending April 15, 2022 or whether to seek forgiveness of the loan under the rules established by the SBA. While the Company has not made final determination, the Company has the current intent to pay based on amortizing loan terms. The loan bears interest at 1% and is payable in monthly installments beginning on September 15, 2021. As of January 31, 2021, the Company has an interest accrual of $44 related to the PPP loan.

In addition to seeking and receiving the PPP loan under the Act, the Company has also elected to defer the Company portion of payroll taxes under the Act. Amounts deferred from March 1, 2020 through to the end of 2020 will become due 50% on December 31, 2021 with the remaining 50% due on December 31, 2022. The balance of the payroll tax deferral is $1,379 as of January 31, 2021 and is included in Other current and Long-Term Liabilities on the balance sheet.

13.

Commitments and Contingencies

Contingencies may arise in the normal course of business. No material contiengencies are outstanding for the year ending January 31, 2021 or January 31, 2020.

F-48

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

Leases

The Company leases office space under the terms of noncancelable operating leases that expire at various dates through November 2026. Certain operating lease agreements provide for an annual 2.75% escalation of the base rent. The Company is also responsible for operating expenses. The following is a schedule by year of the future minimum lease payments required under the Company’s operating leases:


Years Ending January 31,
2022	$	1,303
2023		1,036
2024		755
2025		775
2026		797
Thereafter		658

	$	5,324

Rent expense totaled $1,984 and $1,856 for the years ended January 31, 2021 and January 31, 2020, respectively.

During FY 2021, we have completed lease buyouts of two office spaces in Maryland, for leases that were expiring in FY 21 and FY 22, and we have made payments of $394 to facilitate early terminations for those leases. Based on the company moving to a more fully remote posture, we also decreased our lease portifolio in Japan and New York in addition to the two office spaces in Maryland.

14.

Net Loss Per Share Attributable to Common Shareholders

IronNet computes basic earnings per share (EPS) by dividing income available to common shareholders by the weighted average number of common shares outstanding for the reporting period. Diluted EPS reflects the effect of potential shares that would be issued if stock option awards, restricted stock units, and preferred stock were converted into common stock, to the extent dilutive. Other than voting rights, the Class B common stock has the same rights as the Class A common stock and therefore both are treated as the same class of stock for the purposes of the earnings per share calculation.

The following table summarizes the computation of basic and diluted net loss per share attributable to common stockholders:


	Year ended
	2021			2020
Numerator: Net loss		(55,373	)		(47,869	)
Denominator: Weighted-average shares used in computing net loss per share attributable to common stockholders		64,562			58,838

Net loss attributable to common shareholders - basic and diluted	$	(0.86	)	$	(0.81	)

Since the Company was in a net loss position for all periods presented, basic net loss per share is the same as diluted net loss per share as the inclusion of all potential common shares outstanding would have been

F-49

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

antidilutive. The potential shares of common stock that were excluded from the computation of diluted net loss per share attributable to common stockholders for the periods presented because including them would have been antidilutive are as follows:


	Year ended
	2021		2020
Shares of common stock issuable from stock options		2,182		3,602
RSUs subject to future vesting		15,712		15,305
Shares of common stock issuable upon conversion from preferred shares		22,832		16,424

Potential common shares excluded from diluted net loss per share		40,726		35,331

15.

Related Party Transactions

Software, subscription and support revenue from Related Parties

Certain investors and companies who the Company is affiliated with, purchased software, subscription and support revenue. The Company recognized $1,860 and $676 of revenue from contracts with related parties for the years ending January 31, 2021 and January 31, 2020, respectively. The corresponding receivable was $2,541 and $681 as of January 31, 2021 and January 31, 2020, respectively.

Loans from Employees

On December 29, 2018, the Company entered into a loan with a current executive of the Company with a principal balance of $1,000 bearing an interest rate of 2.76% for a term of three years and is secured by a pledge of certain shares of Class A Common stock. The balance outstanding at January 31, 2021 and January 31, 2020 was $1,059 and $1,030, respectively.

16.

Subsequent Events

The Company has evaluated its January 31, 2021 financial statements for subsequent events through May 14, 2021, the date the financial statements were available to be issued.

On March 15, 2021, The Company entered into an Agreement and Plan of Reorganization and Merger (“Merger Agreement”) by and among LGL, LGL Systems Merger Sub Inc., a Delaware corporation and wholly-owned subsidiary of LGL (“Merger Sub”).

Pursuant to the Merger Agreement, Merger Sub will merge with and into IronNet, with IronNet surviving the merger (the “Merger” and, together with the other transactions contemplated by the Merger Agreement, the “Transactions”). As a result of the Transactions, IronNet will become a wholly-owned subsidiary of LGL, with the stockholders of IronNet becoming stockholders of LGL.

Under the Merger Agreement, the equityholders of IronNet will receive as merger consideration a number of shares of LGL common stock based on an exchange ratio (the “Exchange Ratio”), the numerator of which is equal to the quotient obtained by dividing $863,400 by $10.00, and the denominator of which is equal to the number of outstanding shares of IronNet on a fully diluted and as-converted basis. Preferred shareholders will convert their preferred stock based on the terms of the shareholder agreement. Holders of restricted stock units and restricted stock awards will receive LGL awards that provide for a number of shares of LGL common stock equal to the number of IronNet shares subject to the awards, multiplied by the

F-50

IronNet Cybersecurity, Inc.

Notes to Consolidated Financial Statements

January 31, 2021 and 2020

Dollars and shares in thousands

Exchange Ratio. Holders of IronNet options and warrants outstanding will receive LGL options and warrants exercisable for a number of shares of LGL common stock equal to the number of IronNet shares subject to the options and warrants, multiplied by the Exchange Ratio (adjusted to be on an as-converted to common stock basis), at an exercise price per share equal to the prior per share exercise price, divided by the Exchange Ratio (adjusted to be on an as-converted to common stock basis).

IronNet stockholders and holders of options, warrants, stock unit awards and restricted stock awards (as applicable, only to the extent time vested as of the closing of the Merger) may also receive as additional merger consideration in the form of a pro rata portion of 1,078,125 shares of LGL common stock if the volume weighted average share price for LGL’s common stock equals or exceeds $13.00 for ten consecutive days during the two year period following the closing on the merger.Certain stockholders of IronNet receiving shares of LGL common stock in connection with the Merger will be subject to a post-combination 180-day lockup period for all shares of LGL common stock held by such persons, subject to customary early release provisions. The Transactions are expected to be consummated in the calendar third quarter of 2021, after the required approval by the stockholders of LGL and the fulfillment of certain other conditions.

F-51

LOGO

IronNet (IRNTQ) 424B3Prospectus supplement