Table of Contents
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
FORM 10-K/A
AMENDMENT NO. 1
FOR ANNUAL AND TRANSITION REPORTS
PURSUANT TO SECTIONS 13 OR 15(d) OF THE
SECURITIES EXCHANGE ACT OF 1934
| x | ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the fiscal year ended June 30, 2002
OR
| ¨ | TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
Commission File Number 0-24544
CYBERGUARD CORPORATION
(Exact Name of Registrant as Specified in its Charter)
| Florida |
65-0510339 | |
| (State or Other Jurisdiction |
(I.R.S. Employer | |
| 2000 West Commercial Boulevard, Suite 200, Fort Lauderdale, Florida |
33309 | |
| (Address of Principal Executive Offices) |
(Zip Code) |
Registrant’s telephone number, including area code: (954) 958-3900
Securities Registered Pursuant to Section 12(b) of the Act: None
Securities Registered Pursuant to Section 12(g) of the Act: Common Stock, par value $.01 per share
Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes x No ¨
Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of Registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. ¨
The aggregate market value of voting stock held by non-affiliates of the Registrant was approximately $35,375,373 (Calculated by excluding all shares that may be deemed to be beneficially owned by executive officers, directors and greater than 10% shareholders of the Registrant, without conceding that all such persons are “affiliates” of the registrant for purpose of the federal securities laws), and computed by reference to the last sales price of Registrant’s Common stock on September 26, 2002).
As of September 26, 2002, 19,251,660 shares of the Registrant’s Common Stock, par value $.01 per share were issued and outstanding.
DOCUMENTS INCORPORATED BY REFERENCE
Portions of the Definitive Proxy Statement to be issued in connection with the Registrant’s 2002 Annual Meeting of Shareholders (incorporated in Part III to the extent provided in Items 10,11, 12 and 13 hereof).
Table of Contents
CyberGuard Corporation
Form 10-K
For the Fiscal Year Ended June 30, 2002
Forward-Looking Statements
| Part I: |
||||
| Item 1: Business |
3 | |||
| Item 2: Properties |
17 | |||
| Item 3: Legal Proceedings |
17 | |||
| 18 | ||||
| Part II: |
||||
| Item 5: Market for Registrant’s Common Equity and Related Stockholder Matters |
19 | |||
| Item 6: Selected Financial Data |
20 | |||
| Item 7: Management’s Discussion and Analysis of Financial Condition and Results of Operations |
22 | |||
| Item 7A: Quantitative and Qualitative Disclosure about Market Risk |
35 | |||
| 36 | ||||
| Item 9: Changes In and Disagreements with Accountants on Accounting and Financial Disclosures |
37 | |||
| Part III: |
||||
| 37 | ||||
| Item 11: Executive Compensation |
37 | |||
| Item 12: Security Ownership of Certain Beneficial Owners and Management |
37 | |||
| 37 | ||||
| Part IV: |
||||
| Item 14: Exhibits, Financial Statement Schedules and Reports on Form 8-K |
38 | |||
| 41 | ||||
1
Table of Contents
FORWARD-LOOKING STATEMENTS
Statements regarding future products, future prospects, future profitability, business plans and strategies, future revenues and revenue sources, future liquidity and capital resources, future computer network security market directions, future acceptance of the Company’s products and possible growth in markets, as well as all other statements contained in this Report on Form 10-K that are not purely historical are forward-looking statements.
Forward-looking statements are based upon assumptions and analyses made by the Company in light of current conditions, future developments and other factors the Company believes are appropriate in the circumstances, or upon information obtained from third parties, and are subject to a number of assumptions, risks and uncertainties. Readers are cautioned that forward-looking statements are not guarantees of future performance and that the actual results might differ materially from those suggested or projected in the forward-looking statements. Accordingly, there can be no assurance that the forward-looking statements will occur or that results will not vary significantly from those described in the forward-looking statements. Some of the factors that might cause future actual events to differ from those predicted or assumed include: future advances in technologies and computer security; the Company’s history of annual net operating losses and the financing of these losses through the sale of assets and newly issued Company securities; the Company’s ability to execute on its business plans; the Company’s dependence on outside parties such as its key customers and alliance partners; competition from major computer hardware, software, and networking companies; risk and expense of government regulation and effects on changes in regulation; the limited experience of the Company in marketing its products; uncertainties associated with product performance liability; risks associated with growth and expansion; global economic conditions; the slowing U.S. economy; changes in customer needs resulting from economic conditions; dependence on information systems; risks associated with obtaining and maintaining patent and intellectual property right protection; uncertainties in availability of expansion capital in the future and other risks associated with capital markets; the events of September 11, 2001, and its repercussions. In addition, certain other factors may cause future actual events to differ from those predicted or assumed, including: the impact of the restatement of financial results for the Company’s fiscal year ended June 30, 1997 and quarters ended September 30, 1997, December 31, 1997 and March 31, 1998; the completion of the numerous organizational changes within the Company; the assembly of a new management team for CyberGuard; and the outcome of a class action lawsuit against the Company and former executive officers and directors of the Company relating to the restatement of financial results for the fiscal periods noted above. In addition, the forward-looking statements herein involve assumptions, risks and uncertainties, including, but not limited to economic, competitive, operational, management, governmental, regulatory, litigation and technological factors affecting the Company’s operations, liquidity, capital resources, markets, strategies, products, prices and other factors discussed elsewhere herein and in the other documents filed by the Company with the Securities and Exchange Commission. Many of the foregoing factors are beyond the Company’s control.
The Company’s future success is based largely on its ability to develop and sell increasingly technologically advanced network security solutions in sufficient volume and at sufficient prices to become profitable on a consistent basis. In addition, the network security market is characterized by extremely rapid technological change, requiring rapid product development. The velocity of technological change has accelerated, and the Company believes that it is important to its future that it keeps pace with these changes. The Company believes that competition will continue to intensify in the rapidly evolving markets in which the Company is involved, and that the continued development of technologically advanced products will be necessary to keep its products current. The Company believes that its ability to generate adequate cash flow from operations will be critical to its future.
2
Table of Contents
PART I
Overview
CyberGuard Corporation, referred to as CyberGuard or the Company, is a leading provider of network security solutions designed to protect enterprises that use the Internet for electronic commerce and secure communication (customers include Fortune 1000 companies, major financial institutions, and government agencies worldwide). The Company’s CyberGuard® appliance, which includes firewall and virtual private network, provides a level of security, features and availability that the Company believes is not matched in the industry. Through a combination of proprietary and third-party technology, the Company provides a full suite of products and services that are designed to protect the integrity of electronic data and customer applications from unauthorized individuals and digital thieves.
CyberGuard delivers appliance solutions that, we believe, are high performance, easy to install and cost effective. The appliance is sold to end users directly and indirectly by direct sales and resellers worldwide in over thirty countries.
The Company was incorporated in 1994 in connection with a spin-off from Harris Corporation. The Company produced computers for the real-time computing market as well as the CyberGuard firewall for the secure computing market. The Company changed its name from Harris Computer Systems Corporation in June 1996 following a sale of the Company’s real-time computer business. The Company has two subsidiaries, CyberGuard Europe Ltd. and CYBG Consultant, Inc. CyberGuard Europe Ltd. serves as our United Kingdom Sales marketing office and Europe, Middle East and Africa distribution point. CYBG Consultant, Inc. is a dormant company and is in the process of being dissolved.
Industry Background
Network security has historically been a requisite for government and businesses in security-sensitive industries such as healthcare, financial services, insurance, and telecommunications. Businesses in these industries historically maintained a secure network environment by isolating their networks from others and allowing only authorized users to connect to their privately managed networks.
With the increased growth and reliability of the Internet, businesses are now able to use the Internet as a more cost-effective alternative to their existing private network. These businesses are also shifting corporate data dissemination, which traditionally occurred via call centers, facsimile, and/or postal mail, to the Internet. These systems can provide a more customized interface to their customers, business partners, or employees. As this migration continues, more business sensitive data and systems are exposed to a potentially hostile environment, hence the growing need for network security.
As worldwide Internet usage continues to escalate, so do information security breaches. According to www.cert.org, an Internet site that tracks security breaches, more system and network vulnerabilities were discovered in 2001 than in the entire four preceding years. Attrition.org, another organization that tracks security breaches, reported the number of Web site hacks grew from 245 in 1998 to 22,379 during 2001.
Following the events of September 11, 2001, much greater attention has been paid to the possibility of a cyber attack as the next wave of terrorism. As a result, the U.S. federal government has begun encouraging both government and private sectors to take information assurance more seriously. In February 2002, Richard A. Clarke, special advisor to the President for cyberspace security, said, “The vulnerabilities are too great for someone not to exploit them and make the Nimda and Code Red attacks look like small problems. Information security has been seen as a way of saving money, and it is, but not as much money as we have been saving by shortchanging security.”
NSTISSP 11, the National Information Assurance Acquisition Policy, is a means for the U.S. Government to standardize information assurance purchasing by government agencies. According to the policy, by 1 July 2002, the acquisition of all information assurance IT products “to be used on systems entering, processing, storing, displaying, or transmitting national security information shall be limited only to those which have been
3
Table of Contents
evaluated and validated in accordance with the criteria, schemes, or programs specified.” Listed first is the “International Common Criteria for Information Security Technology Evaluation Mutual Recognition Arrangement.” CyberGuard’s line of appliances holds Common Criteria Augmented Evaluation Assurance Level 4 Certification (EAL4+). In the interest of national cyber security, Richard Clarke has suggested that the requirement to purchase “evaluated and validated” information security products be extended to apply to commercial sector information assurance purchases.
The following elements are principal means for protecting organizations from digital mischief. These elements require substantial integration and interoperability to smoothly implement an organization’s security policy.
Security Policy. Security products are not effective unless they follow a well-thought-out enterprise security policy. Creating a policy requires cooperation between information technology staffers, business unit managers and senior executives. Generally, a policy should follow one of two philosophies. The first is, “That which is not expressly prohibited is permitted.” The second is, “That which is not expressly permitted is prohibited.” The former is less intrusive but will not provide maximum protection. The latter requires discussion and support from management because it affects the workflow of the entire organization—all the way down to rules for locking offices and filing cabinets and discarding waste paper. The use of such security technology as a firewall generally is associated with the second philosophy.
LAN Security. Popular local-area network, commonly referred to as LAN, operating system software provides various security options—many of which are seldom used. Network managers can immediately improve protection by implementing security features such as login restrictions on specific workstations, days of the week and hours of the day. More stringent password policies also create extra barriers, such as increasing the minimum password length, requiring that passwords include a combination of numbers and letters, and forcing regular password changes. Rigorous application of LAN security features can bolster protection from internal breaches.
Firewalls. Firewalls provide access control. They usually are aimed at preventing external security breaches but can also provide additional internal security for corporate intranets. Firewalls are a combination of software and hardware, usually consisting of a fast workstation located outside the LAN but inside the router link to the Internet. To be effective, all network traffic must pass through the firewall, whether going to the outside world or entering the LAN. The firewall permits only authorized traffic to pass either way and must be impervious to unauthorized penetration.
Premium firewalls run on special versions of the UNIX® operating system although Windows NT®-based versions are also popular for less-rigorous security environments. Some firewalls also support ancillary special features such as Web URL filtering or virus scanning. Firewall features and the underlying operating system of the firewall generally determine the level of security that a firewall provides. Presented below is the security spectrum of firewall products available today.
Generally, these technologies build on each other so that the most secure technologies can also perform the functions of the less secure ones and, depending on price and other factors, can serve markets for such products. CyberGuard has developed its products to emphasize stringent security and thus falls to the far right of this diagram.
4
Table of Contents
Traditionally, when businesses have selected a firewall solution, they have had to choose between high security and high performance. CyberGuard’s approach to appliance technology is to offer extremely high security as well as high-speed throughput and substantial numbers of simultaneous connections. CyberGuard’s line of appliances allows purchasers to choose based on the level of performance they require for their particular business environment.
Encryption. Encryption is a data-scrambling technique that prevents information from being read by unauthorized people. It is used to protect data packets during transmission from one point to another. Encryption can be implemented in two ways: from the personal computer that originates the data or from the server or Internet connection device that passes the data outside the LAN. Protected data is decrypted by a reciprocating destination LAN server or personal computer. Digital key technology is a common means of implementing encryption. A digital key bearing a secret value is used to encrypt data. Decryption can occur only by someone who possesses the appropriate decryption key. Systems using the same key for encryption and decryption are referred to as symmetric key encryption systems, whereas those that use a different key for decryption than encryption are referred to as asymmetric or public-key encryption systems. Encryption is a common security technique used to protect virtual private networks and standard intranets.
Anti-Virus. A computer virus modifies programs and data, sometimes in an innocuous manner and sometimes with malicious intent. Some viruses can erase applications and data from systems or merely act as electronic graffiti. Any form of computer virus, regardless of its intent, increases costs and decreases productivity. Anti-virus software can be run from individual workstations or from a network server or firewall. This software scans incoming files and attachments to E-mail messages to protect servers, personal computers and LANs from infection.
Identification and Authentication. On the Internet, no one can truly see who is using the system. Digital identification technology is used to identify who you are before you start using an information system. Authentication is the means for proving to the system that you actually are the person you claim to be. This is similar to the process of signing a check, then showing a driver’s license and a major credit card to a store clerk. Digital identification and authentication employ passwords, keys, physical tokens, badges and smart cards—even fingerprints, retinal scans or voiceprints (biometric identification) in advanced systems. Digital identification and authentication are particularly important for securing electronic commerce, which mostly operates outside the protection of a corporate intranet’s security infrastructure.
The CyberGuard Solution
The Company produces a family of appliances that all utilize a UNIX operating system obtained from Caldera International, Inc. CyberGuard has modified the Caldera SCO® UnixWare® operating system to remove penetration vulnerabilities that are common in UNIX platforms.
The Company’s secure operating system and secure networking software technologies allow CyberGuard to position its product suite to address the broad range of customer requirements in the commercial network security market. Generically speaking, a firewall consists of the hardware, a firewall application, an operating system and networking software, each playing an important role in the receipt and processing of data through the firewall. In competitive network security products, only the firewall application has been designed to resist penetration by an attacker, leaving the operating system and network software unsecured. Therefore, an attacker can penetrate a competitive firewall through the unsecured operating system or networking software. CyberGuard’s appliance uses a secure operating system and secure networking software to prevent network penetration by requiring network communication to pass through the firewall application.
The graphic presentation below depicts the three major components of a firewall system and demonstrates the fundamental security deficiency of an application-only solution as compared to the CyberGuard appliance.
5
Table of Contents
CyberGuard’s secure operating system and secure networking software are based on multilevel security; that is, they restrict access to information based on the sensitivity of the information and the access authorization of system users. In a multilevel security system, a user cannot read data that has been labeled at a level more sensitive than the security level that person has been given and cannot create or modify data having a different security label. The operating system and programs reside at a protected level that cannot be read or modified by network users.
The Company’s secure operating system and networking software are designed to meet the United States TCSEC/NCSC (Trusted Computer System Evaluation Criteria/National Computer Security Center) criteria at a B1 level. The National Computer Security Center assurance levels for operating systems range from D (systems with minimal security) to A1 (systems with assured security). Certain agencies of the United States government have incorporated the National Computer Security Center ratings into their procurement requirements, and commercial users, while not having specific National Computer Security Center rating requirements, often look to an National Computer Security Center rating as an indication of the product’s proven reliability. These components have also been successfully evaluated by the Centre d’Electronique de l’Armement, typically called CELAR, in France and have been awarded an E3 evaluation level in the United Kingdom and Australia against the United Kingdom’s Information Technology Security Evaluation Criteria predefined assurance scale. On this scale, E (evaluation level) is followed by a number ranging from 1 to 6, where 6 represents the highest evaluation level. In December of 2000, the Company completed its common criteria evaluation for its operating system and networking software and was awarded Evaluation Assurance Level 4. Evaluation Assurance Level followed by a number ranging from 1 to 7 denotes the assurance level of the product on the common criteria’s predefined assurance scale, where 7 represents the highest evaluation assurance level. Evaluation Assurance Level 4 represents assurance on a methodically designed, tested, and reviewed product. In April of 2002, the Company was awarded augmented Evaluation Assurance Level 4 certification for addition of a flaw remediation module. It also received its latest audit certificate for common criteria assurance maintenance.
In July 2002, the Company’s appliance line was recognized by ICSA Labs, a division of TruSecure Corporation, as having achieved ICSA Labs Firewall Certification.
The Company’s CyberGuard appliance also meets the compliance standards of the Internet Protocol Security Standard. Internet Protocol Security Standard is a framework of open standards for ensuring private communications over public networks like the Internet. Based on standards developed by the internet engineering task force IP security working group, Internet Protocol Security Standard is an industry-driven standard that ensures confidentiality, integrity, and authenticity on a network, and is a key component of this standards-based, flexible solution for deploying a network-wide security policy.
6
Table of Contents
In addition to enhanced operating system and network security, CyberGuard’s appliances have been built on the Company’s legacy of providing high-performance, real-time computing systems. Therefore, the Company’s CyberGuard appliance also addresses the high performance end of the commercial network security market because the underlying operating system and networking software were designed for demanding security environments. The Company’s secure operating system is designed to function as a high performance, real-time operating system able to process high levels of throughput without time-consuming failures. This same operating system technology underlies the Company’s secure networking software and firewall technology.
The CyberGuard appliance product is the basis for the Company’s ability to offer a complete suite of enterprise-wide security products including mobile security applications, secure database applications, and network access control filters.
The Company’s appliance system is currently using Caldera’s SCO UnixWare 2.1.3. The Company is currently transitioning its firewall technology to be multiplatform capable. This will enhance the Company’s ability to take advantage of advancements in operating system technology as well as third-party products.
PRODUCTS AND SERVICES
Products
CyberGuard produces a line of premium appliances built on technology developed when the Company was originally a division of Harris Corporation. The technology is based on an operating system that was first evaluated to meet operating system security features outlined by the TCSEC/NCSC. The result was a trusted secure operating system that uses layers of protection or multilevel security to provide the high level of network protection required by such customers as the U.S. and European governments, who need to safeguard classified, national security information.
Today’s product offerings continue to earn high level independent security certifications and evaluations. CyberGuard’s products are designed for high-end customers who require high levels of security and are serious about their security needs. Potential customers could include a governmental agency protecting sensitive classified information, a worldwide financial institution securing customers’ private financial data and transactions, an international communications corporation safeguarding its headquarters and operations around the globe, or a Global 2000 company whose dependence on electronic commerce continues to grow at the same time Internet security dangers increase.
After introducing a line of premium appliances in 2000, which integrate high security, high performance and manageability to meet various customer bandwidth requirements and operating environments, in 2001 CyberGuard introduced and began shipping an integrated virtual private network with its appliances.
While firewalls protect the information within a secured network, virtual private networks use mathematical encryption to protect data as it moves across an unprotected network, such as the Internet. Virtual private networks encrypt data as it leaves one point and then decrypt it at the receiving end.
Prior to 2001, the Company offered a third-party virtual private network solution to customers. As the need for secure connections for remote access points and, most notably, mobile workers and telecommuters has grown along with Internet usage, demand for virtual private networks has grown accordingly. The Company recognized the demand both from its existing customer base and the overall market for an integrated virtual private network solution and responded to that demand with an integrated solution.
Additionally, in 2001, the Company made the deliberate decision to transition from a direct sales model in North America to a channel sales model to replicate the successful distribution strategy in Europe, Middle East, Africa and Asia. To support that strategy, the Company decided to develop and introduce an entry-level appliance model. The LX model was designed with a partial complement of proxies, lesser level of performance, and a simplified user interface so as to be suitable for a less sophisticated end user. While the LX is an economic, compact version of the other appliances, nonetheless it carries high level certification, which makes it suitable for environments requiring very high security.
7
Table of Contents
The channel sales model is used to leverage the sales staff of a qualified reseller in order to eliminate the need to build a direct sales force. Transitioning to a reseller (indirect) model from direct, allows us to reach many more prospects through our channel partner relationships than we could by using a direct sales force. Additionally we are able to create a variable cost for sales as opposed to a direct sales force that would require an initial and continuous cost. In addition, technically trained partners give us the ability to support customers in more geographic areas than CyberGuard could do on its own. We have used the model very effectively in the Europe, Middle East and Africa region and Asia Pacific Rim region as demonstrated by the revenue growth in excess of 50% in those regions. Our goal is to reproduce those results in North America. There are no relationships with third party channel partners whose loss would cause material harm to the Company.
The LX is a lower priced product, which caters to a more entry-level customer. Most resellers like to have less expensive products to sell, because they cater to the wider market of small to medium sized business. The LX is used as an entry-level product with the hope of “up selling” our other products once the customer has been introduced to the Company’s products.
CyberGuard’s appliances include the following features and attributes in varying combinations based on the specific products or customer requirements:
PACKET FILTERING. CyberGuard uses packet-filtering technology to allow the firewall to expressly permit or deny connections using criteria based upon source and destination host or network and the type of network service being requested and the time of day or day of week.
SECURITY AUDITING AND ALARMS. CyberGuard’s appliance technology incorporates built-in auditing and alarm functions designed to permit administrators to review a chronological record of dynamic system activities and allow the reconstruction of security sensitive activities. CyberGuard’s appliance can be configured to process the security auditing information and, in real-time, take explicit actions in response to actions deemed security sensitive or possible attempts to attack the network or appliance.
APPLICATION PROXIES. CyberGuard’s appliance technology supports a number of security-enhanced application proxies for many network services, including remote login, terminal emulation, file transfer protocol, hypertext transport protocol, secure sockets layer security, network news transport protocol, simple mail transport protocol, x-window system, lightweight directory access protocol, server message block, load equalizer, Lotus Notes®, port guard intercept, post office protocol version 3, Oracle SQL*Net for secure connection to a database host, proxy-writer for custom proxies, RealAudio™ protocol proxy, and Gopher™ protocol.
SECURE REMOTE ADMINISTRATION. CyberGuard’s appliance supports the ability to remotely monitor and administer an appliance from a network operations center. Using this remote administration capability, a system administrator can manage a CyberGuard appliance from a remote site as if he or she were physically located with the appliance.
CENTRAL MANAGEMENT. CyberGuard’s appliance technology provides the ability to centrally manage and monitor multiple remote CyberGuard appliances. Remote, or target, appliances can be administered and monitored individually or within groups from one central station, the firewall manager. To ensure constant availability, CyberGuard offers central management fail-over, a mechanism that allows a back-up firewall manager to take over management duties for the primary firewall manager when the primary manager is not available (during system maintenance or a power outage, for example). The back-up manager can be located anywhere in the world remote from the primary appliance manager.
DYNAMIC NETWORK ADDRESS TRANSLATION. A CyberGuard appliance can be configured to translate all internal addresses to the appliance’s network address. From the Internet, the appliance appears to be the only machine connected, reducing the risk of possible penetration attacks against the internal network.
STATIC NETWORK ADDRESS TRANSLATION. CyberGuard appliances support the ability to map internal private network addresses to public network addresses. This allows machines with illegal or private network addresses to be accessed via a public network address different from that of the appliance.
8
Table of Contents
GRAPHICAL USER INTERFACE. CyberGuard’s appliances provide a graphical user interface designed to facilitate system configuration and administration. The graphical user interface is generally considered easier to use than the traditional command-line interface.
SPLIT DOMAIN NAME SERVICE. The CyberGuard appliance can function as a domain name service server. With split domain name server, the network responds to queries differently depending on their source. For example, responses to requests from the Internet might contain only CyberGuard appliance information; responses from internal requests might contain a complete list of hosts.
VIRTUAL PRIVATE NETWORKING. CyberGuard now offers an integrated Internet Protocol Security Standard virtual private network solution in all of its line of appliances. The technology utilizes SSH® virtual private network technology. It features a single management interface that the Company believes makes setup and use easy. It provides support for gateway-to-gateway and gateway-to-client virtual private network configurations; use of certificates with Internet Protocol Security Standard and internet key exchange; capability for virtual private network access through network address translation to remote private networks; access control for all traffic; central administration, monitoring and logging capabilities; support for a wide range of cryptographic algorithms; and optional cryptographic hardware acceleration support. CyberGuard offers a safenet virtual private network client option with its appliances. A limited number is included with the purchase of a CyberGuard firewall/virtual private network appliance. Additional virtual private network clients are available for purchase. CyberGuard’s virtual private network solution is interoperable with a number of other clients, including the Microsoft® Windows®’ XP virtual private network client. To optimize virtual private network performance, the Company offers an optional hardware accelerator.
LINK AGGREGATION. CyberGuard provides a feature called link aggregation that will combine multiple physical network interface controller ports into one logical network interface. This feature offers two benefits. The first is an increase in the overall reliability of the network gained from redundancy. In this instance, two physical ports are configured beneath one link aggregation device, and one port will be active while the other will be a hot standby. The second benefit is that link aggregation can also be used to provide higher throughput. In this case, multiple ports are configured under a single link aggregation device, and the link aggregation driver will optimize port utilization by balancing the traffic load.
AUTOMATIC SYSTEM UPDATE. CyberGuard’s appliance includes a feature that allows an administrator to update the appliance automatically with necessary patches via a remote download. This feature is especially useful for very large appliance installations because the administrator is able to implement patches to large numbers of firewalls from a single central location.
NETWORK TIME PROTOCOL SUPPORT. CyberGuard appliances provide a means to update time automatically via a network. Time synchronized via a trusted network time protocol server is required to insure that audit data can be accurately correlated. This feature is especially important to installations with large numbers of appliances.
AUTOMATED AUDIT LOG ARCHIVING. The CyberGuard appliance offers a feature for automatically archiving audit logs to a remote archive server. The log files can be encrypted to insure confidentiality. This feature is especially important with the increase in the amount of audit information that is directly proportional to data throughput.
HIGH AVAILABILITY. CyberGuard’s appliances support an optional high availability configuration that combines two appliances to operate as a single logical unit. If there is a disruption in network connectivity or if the primary appliance fails, the secondary appliance is designed to automatically take over to provide nearly continuous network connectivity. All configuration changes are automatically synchronized between the appliances in the high availability pair. For critical connections, such as those to electronic commerce sites, this high availability configuration minimizes the risk of lost network connectivity.
THIRD-PARTY PRODUCTS AND SERVICES
9
Table of Contents
Through strategic alliances, the Company offers other network security products for use with CyberGuard’s appliances. These products include:
URL BLOCKING AND FILTERING. This software monitors and controls access to non-business-related Web sites such as pornography, gambling, on-line shopping, stock trading, job searching, sports, “pay-to-surf” sites and other sites that an employer may wish to block. CyberGuard’s appliance integrates with Websense™ Enterprise v4, allowing businesses to more effectively monitor, report and manage employee activity on the Internet. As personal use of the Internet increases in the work setting, more organizations are exploring solutions to limit inappropriate use of the Internet. An integrated solution enables businesses to accomplish that by establishing acceptable parameters on personal Internet use.
TOKEN AUTHENTICATION PRODUCTS. CyberGuard offers a number of third-party token authentication devices, including those offered through alliances with Symantec Corporation and RSA Security, Inc., among others. Token authentication devices provide an alternative to the use of static passwords for user authentication, resulting in reduced likelihood of system penetration through the reuse of an old password.
ANTI-VIRUS. F-Secure Anti-VirusTM for Firewalls, Windows version, is a content vectoring protocol server that provides a means for detection and disinfection of viruses and malicious code before they traverse the CyberGuard appliance. Key features of this product that enhance protection and improve performance include the use of multiple scanning engines, caching of recent scan results, automatic database updates, and transparency to end users.
CENTRALIZED MONITORING AND REPORTING. In 2001, the Company introduced an advanced reporting function in conjunction with Soft-ex, Inc. The product, which is private-labeled CSMART™ (Centralized Solution for Monitoring, Auditing, Reporting and Tracking), allows businesses to implement an Internet usage monitoring and control methodology similar to “communications accounting.” CyberGuard’s CSMART is a simple, enterprise-wide solution that provides information that enables network administrators to decide what is excessive or inappropriate Internet use, establish acceptable boundaries for Internet activity, and plan for and allocate costs. This allows companies to take full advantage of Internet benefits while minimizing risks.
SERVICES
CyberGuard offers a range of services to customers who have its appliances and to customers who require consulting or professional services. In January 2001, Information Security magazine published the results of a survey of more than 2,000 readers. Among companies grouped by size, CyberGuard scored highest overall in customer satisfaction. Among the largest companies, that is, those with more than 50,000 employees, CyberGuard received a perfect score of 5. Among government users, CyberGuard received the highest overall score.
SUPPORT SERVICES. CyberGuard believes that service can be a key differentiator for the Company. Our worldwide customer support center provides help on the phone and online around the clock. Support staff are highly trained and qualified, level-2 experienced security professionals. Many of them currently hold one of the highest levels of certifications a security professional can achieve. Support services currently represent 90% of total service revenues.
Service revenues consist primarily of the annual fee for maintenance (post-contract customer support) and maintenance renewals from our existing customers and are recognized ratably on a monthly basis over the service contract term. These services provide our customers access to our worldwide support organization for technical support, unspecified product updates/enhancements on a when and if available basis and general security information with the exception of certain product sales that are sold with annual maintenance (for which vendor-specific objective evidence of fair value exists). The Company does not have any transactions with multiple elements/arrangements. All products and services are separately contracted.
With the globalization of the economy and the connectivity made possible by the Internet, many large organizations no longer operate regionally or nationally. Instead those organizations have begun to operate globally, either independently or as part of a large multinational corporate entity. CyberGuard has a strategic agreement with a major international service provider to expand its worldwide support services, adding onsite and hardware support around the clock, around the globe, and in multiple languages.
10
Table of Contents
TRAINING AND EDUCATION. The Company offers a variety of courses to help customers make the most of their CyberGuard appliance product. The courses include basic and advanced training and are offered at CyberGuard’s corporate headquarters in Ft. Lauderdale, Florida; at its subsidiary headquarters in London; and at various reseller locations. Training courses may also be offered at customer locations as appropriate.
Additionally, the Company has developed modular CyberGuard sales professional training designed to equip the sales force—both internal and channel—to better sell CyberGuard products against its competition.
As customers and resellers become more knowledgeable about the product, they also become better advocates for the technology and the CyberGuard advantages. Since word of mouth is one of the most effective forms of advertising, the Company believes that a successful strategy for growing the Company must include an emphasis on education and training.
Recognizing that the educated consumer is the Company’s most valued customer, CyberGuard is developing a certification track for its suite of network security solutions. The courses involved are CyberGuard Security Foundations, CyberGuard Firewall Security Administrator, and CyberGuard Firewall Security Officer. These offerings will create a network security certification to rival Check Point, Cisco and SANs certifications.
These programs will be available for instructor-led delivery by select channel solution providers throughout the world and via an upcoming online university enabling administrators to become certified without having to physically attend a course. Training currently represents approximately 4% of total service revenues.
PROFESSIONAL SERVICES. Leveraging its security expertise and experience, CyberGuard markets several specific types of consulting services relating to, among others, penetration testing; vulnerability assessment; Internet gateway security and technical evaluation; system security; corporate data security policies and management control; network security policy and management control; Internet security policy and management controls; network security analysis; and information security training. Professional services currently represent 5% of service revenues.
11
Table of Contents
PRODUCT DEVELOPMENT
The following table shows the significant products and product enhancements that the Company introduced during the last two quarters of fiscal year 2002 and will introduce during the first two quarters of fiscal year 2003.
| Product |
Introduction |
Description | ||
| FS Hardware Upgrade |
Q3 2002 |
Transition from 1st generation hardware platform to 2nd | ||
| Firewall Software Update |
Q4 2002 |
Graphical user interface enhancement, save and restore performance enhancement, and resolution of known issues | ||
| LX Introduction |
Q4 2002 |
New set-top appliance designed for small-and medium-sized enterprises | ||
| 5.1 |
Q2 2003 |
New software release for the appliance family that includes high availability state synchronization and PKI support |
The expected dates of introduction in the above table are forward-looking statements and are based on certain assumptions, including assumed levels of staffing and capital resources and assumptions regarding contractual arrangements with suppliers, customers or strategic allies, market conditions, overall product development costs and related sales and marketing expenses, and the nature of available competing and complementary technologies and products. Should these assumptions change or prove to be inaccurate, or should the Company’s plans change due to certain unforeseen factors, the development of such products may be delayed or discontinued.
Development of new products and features is performed by the Company’s internal engineering staff and through third-party licensing. The Company has approximately 35 full-time employees and independent contractors devoted to product development. The Company supplements the development staff from time to time with contract engineers as needed to meet product demands in the market.
For the fiscal years ended June 30, 2002, June 30, 2001, and June 30, 2000, the Company spent approximately $4.7, $5.5 million, and $3.0 million, respectively, on research and development, an equivalent of 21%, 22%, and 16%, respectively, of total sales during such periods.
STRATEGIC ALLIANCES AND RELATIONSHIPS
The Company has entered into several strategic alliances to offer and sell CyberGuard products within and outside the United States. Some of these strategic alliances relate to the Company’s encryption, token authentication, intrusion detection and virus detection products. The Company relies heavily on its strategic partners to resell the Company’s products in the United States, Asia, the United Kingdom, Europe, the Middle East and Latin America.
12
Table of Contents
The Company relies on third parties for assistance in the development of certain of the Company’s products under development. The Company seeks such alliances to continue efforts to develop additional products or enhancements to the Company’s existing products.
The Company outsources all of its hardware manufacturing and assembly, primarily to one third-party manufacturer and assembly house, Omni Tech Corporation, and we do not have a long term manufacturing contract with this company. We have only recently established arrangements with an alternative manufacturer and assembly house and we may not be able to meet the demands for our products if we were to lose our relationship with our primary manufacturer and assembly house. Our operations could be disrupted for an extended period of time if we have to switch to a replacement vendor. A prolonged interruption in our hardware supply could result in a loss of customer orders and revenue and diminish the reputation of our brands.
There can be no assurance that the Company will be able to enter into future collaborative arrangements on favorable terms, or at all. Even if the Company is successful in entering into such collaborative agreements, there can be no assurance that any such arrangement will be successful. The success of any such arrangement is dependent on, among other things, the skills, experience and efforts of the third party’s employees responsible for the project, the third party’s commitment to the arrangement, and the financial condition of the third party, all of which are beyond the control of the Company.
CUSTOMERS AND MARKETS
CyberGuard has traditionally served very large commercial businesses for which network security is a top priority, including government agencies, utilities and financial institutions. During 2002, the Company provided products and services to over 600 customers worldwide. Note 12 to our Financial Statements sets forth a geographic breakdown of our revenues. The Company targets the Global 500 companies which represent the market for large enterprise customers where security is a priority. During the year ended June 30, 2002, approximately 11% of the Global 500 companies are customers of the Company and three were Fortune 10 companies. The Company does not rely on any single customer for a material portion of its earnings, although one customer accounted for approximately 11% of our revenues during the year ended June 30, 2002.
In many instances, CyberGuard supplies its product to value-added resellers, solution providers, distributors, business partners or system integrators who ultimately sell to and support end users. In turn, the Company supports these reseller channels through training and education, marketing support, consulting and interaction with CyberGuard’s direct sales force.
Target markets for the Company’s products include governments, financial institutions, financial news services, insurance companies, health care institutions, telecommunications companies and companies that market electronic commerce applications to businesses and consumers. In addition, the Company focuses its marketing efforts on specific vertical market sectors including government, banking and finance, telecommunications and healthcare.
SALES, MARKETING AND DISTRIBUTION
The Company employs a worldwide sales force focused on driving sales through our channel partners around the globe. CyberGuard has established a range of channels to market its products in the United States and internationally, including regional value-added distributors, VARs and systems integrators.
CyberGuard employs three regional sales vice presidents who are responsible, respectively, for North America, Europe, Middle East, Africa and the Pacific Rim. Each regional vice president employs a team of
13
Table of Contents
regional sales managers to promote channel sales through their channel partners and direct customers in their respective regions. The sales force focuses its sales and marketing efforts on customers and resellers in selected vertical markets such as financial services, government, healthcare, insurance, telecommunications and electronic commerce application providers. The Company’s sales team also includes a dedicated team of inside sales professionals as well as technical support engineers who extend CyberGuard’s marketing and sales efforts. The sales force also solicits prospective customers and provides technical advice and support with respect to the Company’s products.
Marketing activities include advertising, publishing technical and educational articles in industry journals, participating in industry tradeshows, product technology conferences, regional educational seminars, direct mail, electronic mail, public and media relations, telemarketing, on-going customer and third-party communication programs, sales training and marketing on our Web site. As of June 30, 2002, the Company had 21 employees in the Sales and Marketing organization. CyberGuard also generates interest in and educates potential customers about computer and network security through speaking engagements, contributed articles, media interviews and outreach to industry analysts.
CyberGuard focuses its direct and indirect marketing efforts on commercial businesses that the Company perceives to have a need for network security due to the sensitive nature of data they collect or the potential negative impact of computer hacking. CyberGuard addresses these markets with its direct sales force and through indirect channels such as value-added resellers and systems integrators who already serve such markets. The Company also believes its products are particularly well-suited to a spectrum of Web service providers including internet service providers, application service providers, managed service providers and Internet-based retailers of subscription products and services.
In 2001, the Company established a dedicated federal division to take advantage of the opportunities in the government vertical market. The specialized team focuses exclusively on meeting the needs and information security requirements of the U.S. federal government. Outside sales efforts, which are driven through a channel distribution model, are supported by a group of dedicated inside sales and sales engineering professionals.
COMPETITION
The market for network security products is intensely competitive and characterized by frequent technological change. CyberGuard believes that competition in this market is likely to persist and intensify as demand for network security products continues to increase.
At the same time, the Company believes that it enjoys certain advantages because of its high level of independently evaluated security; its firewall/virtual private network appliance strategy that offers a trusted secure operating system, multilevel security, performance and functionality; and a strong core of developers who helped create the Company’s original technology, which continues to earn industry awards and certifications even as it evolves to meet new security demands.
In market segments requiring the highest levels of network security, CyberGuard competes with Secure Computing Corporation, which also offers a firewall with a security-enhanced operating system. The Company also competes with manufacturers such as Check Point Software Technologies Ltd., Cisco Systems, Inc., and NetScreen. Many of these companies enjoy higher sales volumes than CyberGuard due to their sales of lower-end firewalls and other non-firewall products and applications.
These companies’ products may be considered to be alternatives to CyberGuard. In addition, companies such as Hewlett-Packard and Sun Microsystems, Inc. sell products with similar features and functions that could be considered competitors of the Company. Certain companies, such as Microsoft, now offer network-related security products that could eventually compete with CyberGuard’s firewall products.
Many of CyberGuard’s current and potential competitors have greater name recognition, larger installed customer bases and significantly greater financial, technical and marketing resources. There can be no assurance that CyberGuard can maintain its competitive position against current and potential competitors, especially those with significantly greater financial, marketing, service, support, technical and other competitive resources. Failure to keep pace with rapid technology changes could result in the Company’s products becoming less valuable or obsolete. Certain of CyberGuard’s competitors may determine, for strategic reasons, to consolidate, substantially lower the price of their network security products, or bundle their products with other products such as hardware products or other enterprise software products. The trend
14
Table of Contents
toward enterprise-wide network management and security solutions may result in a consolidation of the network management and security market—for example, the recent acquisition of several specialized security companies by Symantec—around a smaller number of vendors who are able to provide the necessary software and support capabilities. In addition, current and potential competitors have established or may establish financial or strategic relationships among themselves with existing or potential customers, resellers or other third parties.
CyberGuard believes that the principal competitive factors affecting the market for computer and network security products include the product’s level of security, performance and reliability, technical features including interoperability and functionality, ease of use, capabilities, customer service and support, integration of products, manageability of products, brand name recognition, Company reputation, distribution channels and lower total cost of ownership. Based on its understanding of the features of the products and services offered by CyberGuard’s competitors, the Company believes that its products currently compete favorably with respect to most of those factors. Based on its experience and understanding of the existing network security market, CyberGuard believes that potential purchasers of its security products who do not differentiate between the level of security provided by competing security products are as likely to base their purchasing decisions on price, ease of use, or other considerations as they are to base such decisions on the level of security provided. In circumstances where a potential purchaser’s primary concern is the level of security provided by products being considered, the Company believes that its products compete favorably. While CyberGuard provides a low total cost of ownership product, it does not compete in the very low-end space with a low cost product because it believes that that market is highly commoditized and would affect the Company’s margins negatively. The Company has incorporated new ease-of-use features into its LX product line.
Additionally, CyberGuard believes that a key competitive factor in the foreign network security market and certain domestic vertical markets is a computer system’s security rating by intelligence and other government agencies such as the internationally recognized common criteria.
In order for the U.S. government to standardize information assurance purchasing by government agencies, NSTISSP 11, a National Information Assurance Acquisition Policy, mandated that by July 1, 2002, the acquisition of all information assurance IT products “to be used on systems entering, processing, storing, displaying, or transmitting national security information … shall be limited only to those which have been evaluated and validated in accordance with the criteria, schemes, or programs specified.” Listed first is the “International Common Criteria for Information Security Technology Evaluation Mutual Recognition Arrangement.” Richard Clarke, the President’s advisor on cyber security, has suggested that the requirement to purchase “evaluated and validated” information security products may be extended to apply to commercial sector information assurance purchases.
As a result of the policy, a number of competitive products have been or are being evaluated. They include Borderware, Cisco PIX, Check Point, Secure Computing’s Gauntlet and Sidewinder products, and Symantec Enterprise Firewall. It is important to note that a vendor may choose which portions of its firewall technology to have evaluated. When those elements of a firewall that are outside the scope of the target of evaluation are utilized, the firewall does not, in fact, have an evaluation assurance level 4 certification. In each instance where targets of evaluation are compared, the number of features and functions in the CyberGuard firewall that are within the scope of the evaluation assurance level 4 evaluation exceed those of competitive evaluated products.
CyberGuard is the only firewall provider to be enrolled in an ongoing assurance maintenance program, which is a process of ongoing evaluation to ensure that upgrades and enhancements to the originally certified technology retain their certification. It is customary for vendors to periodically release “patches,” when a change is made to the product. When a change is made, the product is no longer the same as the original product that was certified. Without the ongoing evaluation that enrollment in assurance maintenance guarantees, a product that has been “patched” or changed in any way loses its original certification.
Additionally, CyberGuard currently has a history of no publicly reported vulnerabilities. Over the past few years various security vulnerabilities have been discovered in many of our competitors’ firewall products. Many of these exploits have been publicly documented by highly respected security organizations. At this time we are aware of no documented vulnerability on the CyberGuard firewall in any of these organizations.
15
Table of Contents
Patents and Proprietary Technology
The Company relies upon license agreements with customers; trademark, copyright and trade secret laws; employee conflict of interest and third-party non-disclosure agreements and other methods to protect the trade secrets, proprietary know-how and other proprietary rights on which the Company’s business depends. There can be no assurance that these agreements will not be breached, that the Company will have adequate remedies for any breach, or that the Company’s trade secrets will not otherwise become known to or independently developed by competitors. The Company has no pending patent applications to cover any aspects of its technology. The Company has received trademark registration in the United States, Canada and numerous other countries for its CyberGuard® firewall mark and its CyberGuard logo.
Various companies hold patents, copyrights, and other intellectual property rights covering a variety of competing products and processes. We have from time to time received, and may in the future receive, communications from third parties claiming that we may be infringing certain of such parties’ patents and/or other intellectual property rights. The Company may be unable to avoid infringement of third party intellectual rights and may have to obtain a license, defend an infringement action, or challenge the validity of another party’s intellectual property rights in court. Intellectual property litigation is costly and time consuming, and the Company may be unable to prevail in any such litigation or devote sufficient resources to even pursue such litigation. A license may be unavailable on terms and conditions acceptable to the Company, if at all. If the Company does not obtain a license under another party’s intellectual property rights and if it were found liable for infringement, the Company may be liable for significant money damages, may encounter significant delays in bringing products to market, or may be precluded from participating in the manufacture, use, or sale of products requiring such licenses. Any allegation of infringement, infringement claim or other litigation against or by us could have a material adverse effect on our results of operations and financial condition.
Government Regulation
The Company’s security products are subject to export restrictions administered by the U.S. Department of Commerce. Export controls on cryptographic products permit the export of the Company’s encryption products outside the U.S. only with the required level of export license or through an export license exception. Although to date the Company has been able to secure all required U.S. export licenses and license exceptions, there can be no assurance that the Company will continue to be able to secure such licenses or exceptions in the future. The effect of these regulations is to create delays in the introduction of the Company’s products in international markets, and, in some cases, to prohibit them altogether.
There are currently few laws or regulations directly applicable to access to or commerce on the Internet. Additional laws and regulations covering issues such as privacy, pricing and characteristics and quality of products and services could be adopted with respect to the Internet. The adoption of additional laws or regulations may decrease the growth of the Internet, which could, in turn, decrease the demand for the Company’s products and increase the Company’s cost of doing business or otherwise have an adverse effect on the Company’s business, operating results or financial condition.
Employees
On June 30, 2002, the Company employed 106 employees through its Fort Lauderdale headquarters, and its field offices in the United States and abroad. The Company also utilizes the services of four contract engineers on a temporary basis. All employees and contract engineers are bound by agreements containing confidentiality and conflict of interest provisions.
CyberGuard’s future success will depend in significant part on the continued service of its key technical, sales and senior management personnel. Competition for such personnel is intense and there can be no assurance that CyberGuard can retain its key managerial, sales and technical employees, or that it can attract, assimilate or retain other highly qualified technical, sales and managerial personnel in the future. None of CyberGuard’s employees is represented by a labor union. CyberGuard has not experienced any work stoppages and considers its relations with its employees to be good.
16
Table of Contents
The Company’s principal administrative, sales and marketing, development, engineering, production and support facility is located in Fort Lauderdale, Florida, and consists of approximately 26,000 square feet of leased office space. The lease on the facility expires on June 30, 2004. The Company has the right to sublease the premises. Additionally, the Company maintains a marketing and sales office located in the United Kingdom, which also functions as the administrative office for the Company’s subsidiary, CyberGuard Europe Ltd.
The Company leases its office locations in the United States and abroad. CyberGuard believes that its existing facilities are adequate for its current needs and additional space will be available at current market rates as required in the future.
On August 24, 1998, the Company announced, among other things, that due to a review of its revenue recognition practices relating to distributors and resellers, it would restate prior financial results. After the August 24, 1998 announcement, twenty-five purported class action lawsuits were filed by alleged shareholders against the Company and certain former officers and directors. Pursuant to an order issued by the Court, these actions have been consolidated into one action, styled Stephen Cheney, et al. v. CyberGuard Corporation, et al., Case No. 98-6879-CIV-Gold, in the United States District Court, Southern District of Florida. On August 23, 1999, the plaintiffs filed a Consolidated and Amended Class Action Complaint. This action seeks damages purportedly on behalf of all persons who purchased or otherwise acquired the Company’s common stock during various periods from November 7, 1996 through August 24, 1998. The complaint alleges, among other things, that as a result of accounting irregularities relating to the Company’s revenue recognition policies, the Company’s previously issued financial statements were materially false and misleading and that the defendants knowingly or recklessly published these financial statements which caused the Company’s common stock prices to rise artificially. The action alleges violations of Section 10(b) of the Securities Exchange Act of 1934 (“Exchange Act”) and SEC Rule 10b-5 promulgated thereunder and Section 20(a) of the Exchange Act. Subsequently, the defendants, including the Company, filed their respective motions to dismiss the Consolidated and Amended Class Action Complaint. On July 31, 2000, the Court issued a ruling denying the Company’s and Robert L. Carberry’s (the Company’s CEO from June 1996 through August 1998) motions to dismiss. The court granted the motions to dismiss with prejudice for defendants William D. Murray (the Company’s CFO from November 1997 through August 1998), Patrick O. Wheeler (the Company’s CFO from April 1996 through October 1997), C. Shelton James (the Company’s former Audit Committee Chairman), and KPMG Peat Marwick LLP (“KPMG”). On August 14, 2000, the plaintiffs filed a motion for reconsideration of that order. The Company filed an answer to the plaintiffs’ Consolidated and Amended Class Action Complaint on August 24, 2000. On March 20, 2001, the Court ruled on the plaintiffs’ motion for reconsideration that the previously dismissed defendants William D. Murray, Patrick O. Wheeler and C. Shelton James should not have been dismissed from the action and shall be defendants in this action under the control person liability claims under Section 20(a) of the Exchange Act, and that the plaintiffs may amend the Consolidated and Amended Class Action Complaint to bring claims against C. Shelton James under Section 10(b) of the Exchange Act and Rule 10b-5 promulgated thereunder. On April 5, 2001, the plaintiffs filed their Second Consolidated and Amended Class Action Complaint to include amended claims against C. Shelton James. On May 10, 2001, the Company filed an answer and affirmative defenses to plaintiffs’ Second Consolidated and Amended Class Action Complaint. On August 14, 2002, the Court granted the plaintiffs’ Motion for Class Certification and certified the class to include all investors who acquired the Company’s common stock between November 7, 1996 and August 24, 1998 and were damaged by the purchase of such stock. The trial is scheduled for March 2004.
The Company’s obligation to indemnify its officers and directors under the aforementioned lawsuit is insured to the extent of the limits of the applicable insurance policies. The Company has notified its insurance carrier of the existence of the lawsuit, and the carrier has sent the Company a reservation of rights letter. The Company intends to vigorously defend this action, and believes that in the event that it is unsuccessful, insurance coverage will be available to defray a portion, or substantially all, of the expense of defending and settling the lawsuit or paying a judgment. However, the Company is unable to predict the ultimate outcome of the litigation. There can be no assurance that the Company will be successful in defending the lawsuit or, if unsuccessful, that insurance will be available to pay all or any portion of the expense of the lawsuit. If the
17
Table of Contents
Company is unsuccessful in defending the lawsuit and the insurance coverage is unavailable or insufficient, the resolution of the lawsuit could have a material adverse effect on the Company’s consolidated financial position, results of operations, and cash flows. The Company’s consolidated financial statements do not include any adjustments related to these matters.
The Company is aware that on January 30, 2002, the SEC filed an enforcement action in the United States District Court, Southern District of Florida against CyberGuard’s former Chief Executive Officer and Chairman of CyberGuard’s Board of Directors, Robert L. Carberry; CyberGuard’s former Chief Financial Officer and Vice President of North American Sales and current Vice President of Business Development, Patrick O. Wheeler; and CyberGuard’s former Controller, Steven S. Gallers, alleging violations of the anti-fraud provisions of the Exchange Act and seeking permanent injunctions, civil monetary penalties and bars against serving as officers and directors of a public company. SEC vs. Wheeler et al., Case No. 02-60131-CIV-Graham. Mr. Carberry and Mr. Gallers entered into settlements with the SEC whereby, without admitting or denying the allegations of the complaint, they agreed to be permanently enjoined from future violations of the Exchange Act, pay a $50,000 civil penalty each and, in the case of Mr. Gallers, be barred from serving as officer or director of a public company. Mr. Wheeler continues to defend against the lawsuit. The Company is unable to determine at this time what impact the SEC proceedings against Mr. Wheeler will have on the Company.
On September 16, 1999, the Company filed a lawsuit against KPMG and August A. Smith, the KPMG engagement partner. The lawsuit is pending in the Circuit Court of the 17th Judicial Circuit in and for Broward County, Case No. 00-004102-CACE-14. On May 1, 2000, the Company filed the First Amended Complaint, alleging that KPMG failed to properly audit the Company’s financial statements and provided inaccurate advice on accounting matters for fiscal years 1996, 1997 and 1998. The action alleges professional malpractice, breach of fiduciary duty, breach of contract and breach of implied duty of good faith, and seeks damages in excess of $10 million. KPMG and Mr. Smith filed motions to dismiss, which were denied. In August 2000, KPMG and Mr. Smith filed their answers and KPMG filed counterclaims against the Company, alleging the Company’s breach of contract, negligent misrepresentation and abuse of process, and seeking an unspecified amount of damages consisting of unpaid service fees and legal fees and costs. The Company filed an answer to KPMG’s counterclaims and moved to dismiss KPMG’s abuse of process counterclaim. On April 9, 2001, the Court dismissed the abuse of process counterclaim with prejudice. The parties are currently conducting discovery.
On November 2, 2001, the Company filed a lawsuit against a former customer in the United States District Court of the Southern District of Florida, alleging breach of contract, and seeking, among other remedies, damages of approximately $4.2 million. On November 26, 2001, the customer filed an answer and affirmative defenses. On or about January 15, 2002, the customer filed a motion challenging the jurisdiction of the U.S. District Court, Southern District of Florida. On or about March 27, 2002, the U.S. District Court for the Southern District of Florida dismissed the action on jurisdictional grounds. The Company continues to consider its alternatives with respect to this litigation, including whether to re-file the action in a different jurisdiction.
The Company is involved from time to time, in the ordinary course of its business, in various litigation relating to the conduct of its business. The Company believes that these other litigation matters will not have a material adverse effect on its consolidated financial position, results of operations or cash flows.
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS
No matters were submitted to a vote of security holders during the fourth quarter of the fiscal year ended June 30, 2002.
18
Table of Contents
PART II
ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS
The Company’s Common Stock was traded on NASDAQ under the symbol “CYBG” from June 1996 until October 2, 1998. From October 2, 1998 until January 13, 1999, the Company’s stock symbol was changed to “CYBGE” due to the Company being late in filing its Form 10-K for its fiscal year ended June 30, 1998. On January 13, 1999, the Company was de-listed from the NASDAQ Stock Market because the Company was delinquent in its filings under the Exchange Act. From January 13, 1999 to March 18, 2002, the Company’s securities were traded by market makers through the “pink sheets” again under the symbol “CYBG.” On March 19, 2002, the Company began trading on the OTC Bulletin Board under the symbol CYBG. On June 11, 2002, the Company’s Common Stock began trading on the American Stock Exchange under the ticker symbol “CFW”.
The Company is current in its reporting responsibilities pursuant to the Exchange Act.
There were approximately 3,763 holders of record of Common Stock as of June 30, 2002. The table below sets forth, for the quarters indicated, the high and low sales prices for the Company’s Common Stock as reported by NASDAQ and the American Stock Exchange.
| BID PRICES | ||||||
| HIGH |
LOW | |||||
| FISCAL YEAR 2000 |
||||||
| Quarter Ended September 30, 1999 |
$ |
1.75 |
$ |
1 | ||
| Quarter Ended December 31, 1999 |
|
6.25 |
|
1.75 | ||
| Quarter Ended March 31, 2000 |
|
15.88 |
|
4.25 | ||
| Quarter Ended June 30, 2000 |
|
10.12 |
|
5.37 | ||
| FISCAL YEAR 2001 |
||||||
| Quarter Ended September 30, 2000 |
$ |
6.12 |
$ |
3.41 | ||
| Quarter Ended December 31, 2000 |
|
4.25 |
|
.95 | ||
| Quarter Ended March 31, 2001 |
|
5.79 |
|
1.59 | ||
| Quarter Ended June 30, 2001 |
|
3.95 |
|
1.80 | ||
| FISCAL YEAR 2002 |
||||||
| Quarter Ended September 30, 2001 |
$ |
2.55 |
$ |
1.30 | ||
| Quarter Ended December 31, 2001 |
|
1.70 |
|
1.30 | ||
| Quarter Ended March 31, 2002 |
|
4.35 |
|
1.65 | ||
| Quarter Ended June 30, 2002 |
|
4.00 |
|
2.75 | ||
The Company has never paid dividends on its Common Stock. The Company intends to retain earnings, if any, to finance future operations and expansion and therefore, does not anticipate paying any cash dividends in the foreseeable future. Any future payment of dividends will depend upon the financial condition, capital requirements and earnings of the Company, as well as upon other factors that the Board of Directors may deem relevant.
19
Table of Contents
EQUITY COMPENSATION PLAN INFORMATION
| Plan Category |
Number of Securities to be |
Weighted-average exercise |
Number of securities (excluding securities | ||||
| (a) |
(b) |
(c) | |||||
| Equity compensation plans approved by security holders |
5,143 |
|
1.89 |
4,257 | |||
| Equity compensation plans not approved by security holders |
143 |
(1) |
1.75 |
— | |||
| Total |
5,286 |
|
1.89 |
4,257 | |||
| (1) | Represents a warrant to purchase 142,857 shares of the Company’s Common Stock granted to Scott Hammack, the Company’s Chief Executive Officer, on December 26, 2000 at the price of $1.75 per share. The warrant was granted to Mr. Hammack in connection with his purchase of shares of Common Stock at market value. The warrant expires on December 25, 2005. |
ITEM 6. SELECTED CONSOLIDATED FINANCIAL DATA
The following table sets forth selected consolidated financial data that is qualified in its entirety by, and should be read in conjunction with “Management’s Discussion and Analysis of Financial Conditions and Results of Operations” and the Company’s consolidated financial statements and notes thereto appearing elsewhere in this annual report. The financial data for the fiscal years ended June 30, 2002, 2001 and 2000 have been derived from the audited consolidated financial statements of the Company for such periods as audited by Grant Thornton LLP. The financial data for the fiscal years ended June 30, 1999, and June 30, 1998, have been derived from the audited consolidated financial statements of the Company for such periods as audited by PricewaterhouseCoopers, LLP.
20
Table of Contents
FIVE YEAR FINANCIAL SUMMARY
(in thousands, except per share data)
| Year ended June 30, |
||||||||||||||||||||
| 2002 |
2001 |
2000 |
1999 |
1998 |
||||||||||||||||
| Revenues |
$ |
22,340 |
|
$ |
24,406 |
|
$ |
18,859 |
|
$ |
13,873 |
|
$ |
15,552 |
| |||||
| Cost of Goods Sold |
|
6,469 |
|
|
7,216 |
|
|
5,956 |
|
|
5,313 |
|
|
7,076 |
| |||||
| Gross Profit |
|
15,871 |
|
|
17,190 |
|
|
12,903 |
|
|
8,560 |
|
|
8,476 |
| |||||
| Research & Development |
|
4,705 |
|
|
5,450 |
|
|
2,969 |
|
|
3,664 |
|
|
5,767 |
| |||||
| Selling, general & administrative |
|
12,007 |
|
|
14,680 |
|
|
9,752 |
|
|
14,724 |
|
|
18,869 |
| |||||
| Operating income/(loss) |
|
(841 |
) |
|
(2,940 |
) |
|
182 |
|
|
(9,828 |
) |
|
(16,160 |
) | |||||
| Interest income/(expense), net |
|
58 |
|
|
(751 |
) |
|
(1,066 |
) |
|
(186 |
) |
|
399 |
| |||||
| Other income/(expense) |
|
193 |
|
|
(90 |
) |
|
(92 |
) |
|
41 |
|
|
11 |
| |||||
| Loss on sale of securities available for sale |
|
— |
|
|
— |
|
|
— |
|
|
— |
|
|
(128 |
) | |||||
| Gain/(loss) on sale of assets |
|
(18 |
) |
|
(106 |
) |
|
— |
|
|
1,858 |
|
|
(2,386 |
) | |||||
| Loss before cumulative change in accounting principle |
$ |
(608 |
) |
$ |
(3,887 |
) |
$ |
(976 |
) |
$ |
(8,115 |
) |
$ |
(18,264 |
) | |||||
| Cumulative effect of change in accounting principle |
|
— |
|
|
(129 |
) |
|
— |
|
|
— |
|
|
— |
| |||||
| Net Loss |
$ |
(608 |
) |
$ |
(4,016 |
) |
$ |
(976 |
) |
$ |
(8,115 |
) |
$ |
(18,264 |
) | |||||
| Diluted loss per share |
$ |
(.03 |
) |
$ |
(0.30 |
) |
$ |
(0.10 |
) |
$ |
(0.90 |
) |
$ |
(2.17 |
) | |||||
| Balance Sheet Data: |
||||||||||||||||||||
| Current Assets |
$ |
12,605 |
|
$ |
11,024 |
|
$ |
8,325 |
|
$ |
6,428 |
|
$ |
10,100 |
| |||||
| Total assets |
$ |
14,130 |
|
$ |
13,099 |
|
$ |
10,996 |
|
$ |
8,277 |
|
$ |
13,076 |
| |||||
| Long term obligations |
|
— |
|
|
— |
|
$ |
5,095 |
|
$ |
885 |
|
|
— |
| |||||
| Stockholders Equity |
$ |
6,956 |
|
$ |
6,474 |
|
$ |
(1,952 |
) |
$ |
(2,685 |
) |
$ |
4,588 |
| |||||
21
Table of Contents
| ITEM 7. | MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS |
Overview
Certain statements within this item and throughout this annual report on Form 10K and the documents incorporated herein are “Forward Looking Statements” as described in the “Safe Harbor” provision of the Private Securities Litigation Reform Act of 1995. The statements involve a number of risks and uncertainties and actual results could differ materially from those projected. Please refer to the cautionary statement at the beginning of this annual report.
CyberGuard is a leading provider of Internet security solutions designed to protect enterprises that use the Internet for electronic commerce and secure communications. Our award winning products and services include firewalls and virtual private networks or virtual private networks for secure communications. Our core market includes Fortune 1000 companies, major financial institutions and government agencies worldwide.
The following information should be read in conjunction with the Consolidated Financial Statements and the related Notes to Consolidated Financial Statements. Except for historical information contained herein, the matters discussed herein are forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995.
Results of Operations
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
| Percentages of Total Revenue |
|||||||||
| 2002 |
2001 |
2000 |
|||||||
| Revenues: |
|||||||||
| Products |
68 |
% |
77 |
% |
79 |
% | |||
| Services |
32 |
% |
23 |
% |
21 |
% | |||
| Total Revenues |
100 |
% |
100 |
% |
100 |
% | |||
| Cost of Revenues: |
|||||||||
| Products |
20 |
% |
20 |
% |
20 |
% | |||
| Services |
9 |
% |
10 |
% |
12 |
% | |||
| Total cost of revenues |
29 |
% |
30 |
% |
32 |
% | |||
| Gross Profit |
71 |
% |
70 |
% |
68 |
% | |||
| Operating expenses: |
|||||||||
| Research and development |
21 |
% |
22 |
% |
16 |
% | |||
| Selling, general and administrative |
54 |
% |
60 |
% |
52 |
% | |||
| Total operating expenses |
75 |
% |
82 |
% |
67 |
% | |||
| Operating income (loss) |
-4 |
% |
-12 |
% |
1 |
% | |||
| Operating income (expense) |
|||||||||
| Interest income (expense), net |
0 |
% |
-3 |
% |
-6 |
% | |||
| Gain (loss) on sale of assets |
0 |
% |
-1 |
% |
0 |
% | |||
| Other income (expense) |
1 |
% |
0 |
% |
0 |
% | |||
| Total other income (expense) |
1 |
% |
-4 |
% |
-6 |
% | |||
| Loss before cumulative effect of change in accounting principle |
-3 |
% |
-16 |
% |
-5 |
% | |||
| Cumulative effect of change in accounting principle |
0 |
|
-1 |
% |
0 |
% | |||
| Net Loss |
-3 |
% |
-16 |
% |
-5 |
% | |||
22
Table of Contents
Fiscal Year Ended June 30, 2002 and 2001
Total revenues. Total revenues, which consist of product revenues and service revenues, decreased from $24,406,000 in 2001 to $22,340,000 in 2002, a decrease of 8%. The 8% decrease represents a decrease in product revenues of 19%, which was offset by an increase in services revenues of 25%. We believe the decrease in product revenue can be attributed to slowing economic conditions that resulted in a delay or deferral in customer spending, changes in our sales and marketing organization and realignment of our direct sales to a reseller/distributor model during the year. The changes in the sales and marketing organization includes complete turnover of the employees in those departments. Offsetting these events was the change in revenue recognition for eleven (11) resellers from cash to accrual based on a reasonable assurance of collectibility from evaluating their payment histories. The impact for fiscal 2002 was an increase in revenue of approximately $1,100,000. The increase in service revenues is due to the growing installed base and renewals of previous years maintenance contracts.
We categorize our revenues into three (3) geographic regions, North America; Europe, Middle East and Africa; and Asia Pacific and Latin America. Our revenues from these three regions as a percentage of total revenues were approximately 42%, 35% and 23%, respectively, in 2002 and 50%, 35% and 15% for 2001, respectively. Asia Pacific and Latin America revenue growth from fiscal year 2001 to fiscal year 2002 is attributed to the growth and maturity of its resellers in Japan, Singapore and Australia. Our total international revenues, which are revenues for customers outside the United States, represent approximately 58% of the total revenues in 2002 and 51% of revenues in 2001.
We anticipate the majority of our product revenues will be generated from large enterprise customers and government entities, in both domestic and international markets. During the fiscal year 2002 we established a federal division with a team of security engineers and sales professionals who focus solely on working with U.S. government agencies and the military. As a result of this focus we are experiencing an increase in government business activity, not only in the United States but around the world.
Service Revenues. Service revenues consist primarily of maintenance contracts for technical support of the CyberGuard firewall and virtual private network appliances. Service revenues also included training, consulting and installation revenue. The increase in service revenues is due primarily to annual maintenance/customer support which represented approximately 91% of the increase . This is due to the greater number of installed products in fiscal year 2002 resulting from the additional product sales as well as service renewals for product sold in previous years. We expect the lower product sales growth rate for fiscal year 2002 will result in a lower service revenue growth rate in 2003 than that which was achieved in fiscal year 2002. As a percentage of total revenue, service revenue increased to 32% in 2002 from 23% in 2001. The other components of service revenue, which includes training, professional services and installations, were not a significant factor in the growth from fiscal 2001 to fiscal 2002.
Cost of Revenue and Gross Margin. Total cost of revenues, which includes product and service cost, decreased from $7,216,000 in 2001 to $6,469,000 in 2002, a decrease of 10%. The decrease is primarily due to the reduced product sales discussed above. As a percentage of total revenues, costs of revenues was 29% for 2002 and 30% for 2001. Gross margin was 71% in 2002 and 70% in 2001. Gross margins are affected by a variety of factors including, competition, the mix in average selling prices of products we currently offer, new product introduction and enhancements, fluctuation in manufacturing volumes and incremental cost of supporting the increased installed custom base.
Gross Profit for network security products was $10,766,000 or 71% for fiscal year ended June 30, 2002 as compared to $13,756,000 or 74% in fiscal year 2001. The reduction in gross margin was a result of a competitive pressures resulting from the economic downturn during fiscal year 2002 as well as the introduction of a lower margin product during fiscal year 2002.
Gross product for security related services was $5,105,000 or 72% for fiscal year ended June 30 2002 as compared to $3,434,000 or 60% in fiscal year 2001. The increase in service related gross margin is a result of the increased installed customer base during fiscal year 2002 while maintaining strict cost controls for all service related cost.
Operating Expenses. For the year ended June 30, 2002, the Company reported total operating expenses of $16,712,000 compared to $20,130,000 for the year ended June 30, 2001, a reduction in operating
23
Table of Contents
expenses of $3,418,000. As a percentage of total revenue, operating expenses decreased from 82% in 2001 to 75% in 2002. The overall decrease in operating expenses can be explained in part by a reduction of the research and development expenses for the year ended June 30, 2002, of $745,000 and a reduction in selling general and administrative expenses of $2,673, 000.
Research and Development. Research and Development expenses include salaries, non-capitalized equipment, software tools, and depreciation from capital equipment. The decrease is in part the result of the reduction in headcount and the reduction in salaries specifically related to special options program discussed in Footnote 8 of the Consolidated Financial Statement. These items accounted for approximately $500,000 of the decrease. The initial estimated impact of the program was to reduce payroll cost by approximately $287,000 annually. The special option salary reduction will end in November 2002 and total salary expense for research and development will increase by approximately $10,500 per month. The balance of the decrease is due to reduction of outside contractors use by the development group. As a percentage of total revenue, research and development expense decreased to 21% in 2002 from 22% in 2001.
Selling, General and Administrative. Selling, general and administrative expenses include salaries, commissions, human resource, finance, administrative support functions, and legal and accounting professional services. Selling, general and administrative expenses decreased by $2,673,000 to $12,007,000 in 2002 from $14,680,000 during 2001. The decrease reflects the Company’s continued focus on streamlining its operations and making cost effective changes in the way we operate, a reduction in head count and a reduction in salary expense related to a special option program discussed in Footnote 8 of the Consolidated Financial Statement. The initial estimated impact was to reduce selling, general and administrative expense by $362,569 annually. The special option salary reduction will end in November 2002 and salary expense for selling, general and administrative expense will increase by approximately $14,075 per month. The majority of the decrease, 43% relates to a decrease in labor cost. Other decrease include marketing programs, 27% other income and expense, 21% and professional fees of 10%. As a percentage of total revenue selling, general and administrative expenses decreased by 6% to 54% for the year ended June 30, 2002 compared to 60% for the year ended June 30, 2001.
Net Interest (income/expenses). Net interest income was $58,000 for 2002, compared to net interest expense of $751,000 for 2001. The decrease in interest expense is attributable to the conversion of the convertible debt in January of 2001 and the pay off of the revolving line of credit facility in December 2001.
Other Income/Expenses. Other income was $193,000 for 2002 compared to expenses of $90,000 for 2001. The change in other income is a result of foreign currency translation gain of $203,000 in fiscal year 2002 compared to a loss of $159,000 for fiscal year 2001.
Net Loss. For the year ended June 30, 2002, the Company incurred a net loss of $608,000 versus a loss of $4,016,000 for the year ended June 30, 2001. The improvement in the bottom line is the direct result of cost cutting measures, including reduced head count, salary reduction, decrease interest and operating efficiency, achieved during 2002.
Fiscal Year Ended June 30, 2001 and 2000
Net Revenues. Net Revenues for the year ended June 30, 2001 were $24,406,000 compared to $18,859,000 for the year ended June 30, 2000. This represents an increase of $5,547,000 or 29%. The increase in net revenues for 2001 is principally the result of increased sales of the Company’s firewall appliance products and the associated maintenance revenue.
International sales accounted for $12,326,000 or 51% of the total revenue in 2001 as compared to $6,993,000 or 37% of the total revenue in 2000. This represents an increase of $5,333,000 or 76%. North American sales accounted for $12,080,000 in 2001 as compared to $11,866,000 in 2000, a difference of $214,000 or 2%. The increase in international sales is mainly attributed to the acceptance of the Company’s products in the European and Asian markets.
CyberGuard provides its customer base with a service offering that includes the installation of its firewall, customer support, including product training and consulting. For the fiscal year ended June 30, 2001, the Company reported service revenue for its security products of $5,721,000, an increase of $1,850,000 or 48% compared to revenues of $3,871,000 for the year ended June 30, 2000. As a percentage of total security revenues, service revenues accounted for 23% in 2001 as compared to 21% in 2000. The increase in net
24
Table of Contents
revenues from services is attributable to a growing base of customers under maintenance agreements (and the greater number of installed products).
Gross Profit. CyberGuard’s costs of sales includes license fees to third parties, media, packaging costs, equipment costs, and maintenance costs. The Company’s overall gross profit increased by $4,287,000 or 33% from $12,903,000 for the year ended June 30, 2000, to $17,190,000 for the year ended June 30, 2001, as a direct result of the revenue growth.
Gross profit for network security products was $13,756,000 or 74% in 2001 as compared to $11,280,000 or 75% in 2000. The gross margin for security product has remained relatively constant year over year.
Gross profit for security-related services was $3,434,000 or 60% in 2001 compared to $1,623,000 or 42% in 2000, an increase of 18%. The increase in service-related gross profit margin is the result of a greater number of customers under firewall maintenance support contracts, while the costs of supporting those contracts has remained relatively constant on a per unit basis.
Operating Expenses. For the year ended June 30, 2001, the Company reported total operating expenses of $20,130,000 compared to $12,721,000 for the year ended June 30, 2000. The increase of $7,409,000 is attributable to a $2,481,000 increase in research and development costs and a $4,928,000 increase in selling, general and administrative costs. The increased research and development expense is attributed to an increase in headcount and salary rates and a decrease in the amount of capitalized software development costs year over year of approximately $845,000. The increase in selling, general and administrative costs is the result of several factors, including a significant increase in marketing costs, an increase in compensation and related employee costs, and one-time charges related to severance for former officers and a product branding campaign.
Interest Expense. For the year ended June 30, 2001, the Company reported net interest expense of $751,000 compared to $1,066,000 for the year ended June 30, 2000. The decrease of $315,000 is attributable to the conversion of convertible debt and warrants during January 2001 and lower interest expense related to the reduced balance on the revolving line of credit facility during the year.
Cumulative Effect of a Change in Accounting Principle. For the year ended June 30, 2001, the Company reported a cumulative effect of a change in accounting principle of $129,000. This represents the implementation of EITF 00-27, “Convertible Securities with Beneficial Conversion Features or Contingently Adjustable Conversion Ratios”, which required the Company to use an effective conversion price to determine the convertible debt’s beneficial conversion feature.
Net Loss. For the year ended June 30, 2001, the Company incurred a net loss of $4,016 compared to a net loss of $976,000 for the year ended June 30, 2000. The loss is a direct result of the increase in operating expenses.
CRITICAL ACCOUNTING POLICIES
Our discussion and analysis of financial conditions and results of operations is based on our consolidated financial statements, which have been prepared in accordance with generally accepted accounting principles in the United States. The preparation of financial statements in conformity with generally accepted accounting principles requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. On an on-going basis, we evaluate significant estimates used in preparing our financial statements, including revenue recognition, bad debt, software development cost, inventory valuation, and deferred taxes. We based our estimates on historical experience and various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying value of assets and liabilities that are not readily apparent from other sources. Actual results may differ from these estimates under different assumptions or conditions.
We believe the following critical accounting policies affect the more significant judgments and estimates used in preparing our consolidated financial statements:
25
Table of Contents
Revenue Recognition
Revenue recognition rules for software companies are very complex. CyberGuard follows very specific and detailed guidelines in measuring revenue; however, certain judgments affect the application of our revenue policy. The discretion involved in this process makes revenue results difficult to predict, and any shortfall in revenue or delay in recognizing revenue could cause our operating results to vary significantly from quarter to quarter and could result in future operating losses.
We generate revenues through:
| • | Sales of product and services subscriptions indirectly through our reseller network at a discount from list price; |
| • | Sales of products and services subscriptions directly to our end users. |
Service revenues primarily include the annual fee for maintenance, which is sold as part of our security solutions, and for subscription renewals from our existing customers and end users. These services provide our customers access to our worldwide support organization for product updates, general security information and technical support.
We recognize revenues for product sales only when a contract or agreement has been executed, delivery of the product has occurred, the fee is fixed and determinable and we believe collection is probable. While we generally recognize product revenue on product shipment, we defer revenues on product sales for value added resellers until the partners demonstrate consistency of payment within terms and no product returns for a three month period. Service revenues are recognized ratably on a monthly basis over the service contract term.
Bad Debts
We maintain allowances for doubtful accounts for estimated losses resulting from the inability of our customers to make required payments. Significant judgment is required when we assess the ultimate realization of receivables, including the probability of collection and the credit-worthiness of each customer. In estimating the allowance for doubtful accounts, we analyze our accounts receivable aging, historical bad debts, customer credit-worthiness, current economic trends and other factors. If the financial condition of our customers were to deteriorate, resulting in an impairment of their ability to make payments, additional allowance might be required.
Software Development Costs
The Company capitalizes costs related to the development of certain software products in accordance with Statement of Financial Accounting Standards No. 86, “Accounting For the Costs of Computer Software to be Sold, Leased, or Otherwise Marketed” (“SFAS No. 86”) which requires capitalization to begin when technological feasibility has been established and ends when the product is available for general release to customers. Software development costs incurred prior to technological feasibility, defined by implementation of a beta project, are considered research and development costs and are expensed as incurred. Capitalized costs are amortized on a straight-line method over two years.
Inventory Valuation
Inventories consist primarily of component parts and computer hardware and are carried at the lower of cost, determined by the First-In-First-Out (“FIFO”) method, or market. We write our inventories down to estimated market value based on assumptions of our future demand, based on projected product releases and market conditions. Variation in market trends, customer preferences, introduction of new products (replacing existing products) or technological advances could, however, significantly affect these estimates and result in additional inventory write-downs.
Deferred Taxes
We provide a valuation allowance for deferred tax assets, that cannot be currently recognized due to our cumulative losses and the uncertainty as to future recoverability. While we have considered future
26
Table of Contents
taxable income and ongoing prudent and feasible tax planning strategies in assessing the need for the valuation allowance, in the event we were to determine that we would be able to realize the deferred tax asset, in the future, an adjustment to the deferred tax asset would increase income in the period the determination was made.
Recent Accounting Pronouncements
In June 2001, the Financial Accounting Standards Board approved the issuance of SFAS No. 141, “Business Combinations” and SFAS 142, “Goodwill and Other Intangible Assets.” The new standards require that all business combinations initiated after June 30, 2001, must be accounted for under the purchase method. In addition, all intangible assets acquired that are obtained through contractual or legal right, or are capable of being separately sold, transferred, licensed, rented or exchanged shall be recognized as an asset apart from goodwill. Goodwill and intangibles with indefinite lives will no longer be subject to amortization, but will be subject to an annual assessment for impairment by applying a fair value based test. The Company does not expect that the application of the provisions of SFAS No. 141 and SFAS No. 142 will have an impact on the Company’s operations.
In July 2001, the Financial Accounting Standards Board issued SFAS No. 143, “Accounting for Asset Retirement Obligations,” effective for fiscal years beginning after June 15, 2002. SFAS No. 143 addresses the accounting and reporting for obligations associated with the retirement of tangible long-lived assets and the associated asset retirement costs. The Company does not expect that the application of the provisions of SFAS No. 143 will have an impact on the Company’s operations.
In August 2001, the Financial Accounting Standards Board issued SFAS No. 144, “Accounting for the Impairment or Disposal of Long-Lived Assets”. The provisions of the statement are effective for financial statements issued for fiscal years beginning after December 15, 2001, and are to be applied prospectively. SFAS No. 144 clarifies the accounting for impairment of long-lived assets to be disposed of, including the disposal of business segments and major lines of business. The Company does not expect that the application of the provisions of SFAS No. 144 will have an impact on the Company’s operations.
In November 2001, the Financial Accounting Standards Board’s Emerging Issues Task Force (“EITF”) issued EITF No. 01-9, “Accounting for Consideration Given by a Vendor to a Customer or a Reseller of the Vendor’s Products”. The EITF reconciled selected guidance provided in Issue Nos. 00-14, 00-22, and 00-25, addressing the income statement classification of certain promotional payments. The Company does not expect that the application of the provisions of EITF No. 01-9 will have a material impact on the Company’s operations.
In July 2002, the FASB issued Statement 146, Accounting for Exit or Disposal Activities. SFAS 146 nullifies EITF 94-3, Liability Recognition for Certain Employee Termination Benefits and Other Costs to Exit an Activity (including Certain Costs Incurred in a Restructuring). The statement provides guidance on the accounting and disclosure requirements for companies that incur costs to exit an activity. SFAS146 is effective for exit or disposal activities initiated after December 31, 2002. Early application is encouraged. Restatement of previously issued financial statements is prohibited.
Liquidity and Capital Resources
At June 30, 2002, our principal source of liquidity was $6,166,000 of cash, cash equivalents and short-term investments, which consists principally of commercial paper, and U.S. Government securities. For the year ended June 30, 2002, our cash, cash equivalents and short-term investments increased by $1,395,000 or 29% to $6,166,000 from $4,771,000 at June 30, 2001.
Cash provided by operating activities was $2,503,000 for the year ended June 30, 2002. For fiscal year 2001 operating activities used $2,240,000 of cash. The overall increase in cash provided by operating activities from 2001 to 2002 was $4,743,000. The increase in cash from operating activities is the result of the smaller net loss adjusted for non-cash items, offset by various changes in current asset and liability accounts.
Net cash used in investing activities was $975,000 in fiscal year 2002, primarily as a result of the purchase of property and equipment of $805,000 and capitalized software of $172,000. Net cash used in
27
Table of Contents
investing activities was $1,290,000 for fiscal year ended June 30, 2001, primarily the result of the purchase of property and equipment of $930,000 and capitalized software of $360,000.
Net cash used in financing activities was $133,000 for the year ended June 30, 2002, and net cash provided by financing activities for fiscal year 2001 was $5,804,000. In fiscal year 2002 the cash used in financing activities was primarily the net repayment under the revolving line of credit facility that was repaid at December 31, 2001. That was partially offset by proceeds from the sale of common stock of approximately $683,000 during fiscal year during 2002. Included in the net cash provided by financing activities for the year ended June 30, 2001 was the conversion in January 2001 of warrants to purchase approximately 2,400,000 shares of the Company’s common stock. The warrants were exercised at $2.00 per share for a total of approximately $4,800,000 in cash. Additionally, on January 24, 2001, approximately $5,700 of convertible debt and the interest accrued on that debt was converted into approximately 5,300,000 shares of common stock at prices between $1.00 and $1.51 per share, by Fernwood Partners II LLC, certain current and former directors and officers. That was partially offset by net repayment under the revolving credit facility of $1,203,000. In addition, proceeds from the sale of the Company’s common stock generated approximately $1,306,000 in fiscal year 2001. At June 30, 2002, there are still 2,245,361 warrants outstanding that are exercisable at prices ranging from $2.00 to $2.50, and expire in August 2004.
We believe our existing cash, cash equivalents and short-term investments will be sufficient to meet our cash requirements at least through the next twelve months. However, we may be required or could elect to seek additional funding prior to that time. Our future capital requirements will depend on many factors, including our rate of revenue growth, the timing and extent of spending on support, product development efforts and expansion of sales and marketing, the timing of introductions of new products and enhancement to existing products, and market acceptance of our products. Other recent and possible future events that could also materially impact the Company’s ability to successfully execute on its business plans are described in the forward-looking information: certain cautionary statements section of this Form 10K and Item 3 of this Form 10-K. We are not aware of any known demands, commitments, events or uncertainties that will result or that are reasonably likely to result in our liquidity increasing or decreasing in a material way.
We cannot assure you that the additional equity or that financing will be available on acceptable terms or at all. We have no other agreements or arrangements for third parties to provide us with sources of liquidity and capital resources beyond twelve (12) months.
28
Table of Contents
FORWARD-LOOKING INFORMATION: CERTAIN CAUTIONARY STATEMENTS
Certain statements contained in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and elsewhere in this report that are not related to historical results are forward-looking statements. Actual results may differ materially from those projected or implied in the forward-looking statements. Further, certain forward-looking statements are based upon assumptions of future events, which may not prove to be accurate. Subsequent written and oral forward-looking statements attributable to the Company or to persons acting on its behalf are expressly qualified in their entirety by the cautionary statements set forth below and elsewhere in this report and in other reports filed by the Company with the Securities and Exchange Commission.
We have incurred significant losses in the past and may not achieve or sustain consistent profitability, which could result in the decline in the value of our common stock.
We have difficulty predicting our future operating results or profitability due to volatility in the general economic conditions in the internet security market.
The overall weakness in the general economy and volatility on demand for our security products are two of the many factors underlying our inability to predict our revenues for a given period. We base our spending levels for product development, sales and marketing, and other operating expenses largely on expected future revenues. A large portion of our expenses are fixed for a particular quarter or a year, and therefore we may be unable to decrease our spending in time to compensate for any unexpected quarterly or annual shortfalls in revenues. As a result, any shortfall in revenue could adversely affect our operating results.
For the year ended June 30, 2002 we reported a net loss of $608,000, or approximately 3% of our revenues. We do not know if we will be able to achieve profitability in the future.
Average selling prices of our product may decrease, which may reduce our gross margins. The average selling price for our products may decline as a result of competitive pricing pressures, promotional programs and customers who negotiate price reductions in exchange for long-term purchase commitments. The pricing of products depends on specific features and functions of the product, purchase volumes and the level of sales and services support. We expect competition to increase in the future. As we experience pricing pressure, we anticipate that the average selling price and gross margin per product will decrease over product lifecycles. We cannot assure you that we will be successful in developing and introducing on a timely basis new products with enhanced features, or that these products, if introduced, will able us to maintain our average selling price and gross margins at current levels. Our gross margin has been and will continue to be affected by a variety of factors including competition, the mix in average selling price of products, new product introduction, enhancements and the cost of components and manufacturing labor. We must manage each of these factors competitively for our gross margins to remain at their current levels.
We outsource all of our hardware manufacturing and assembly primarily to one third-party manufacturer and assembly house, Omni Tech Corporation, and we do not have a long term manufacturing contract with this company. We have only recently established arrangements with an alternative manufacturer and assembly house and we may not be able to meet the demands for our products if we were to lose our relationship with our primary manufacturer and assembly house. Our operations could be disrupted for an extended period of time if we have to switch to a replacement vendor. A prolonged interruption in our hardware supply could result in a loss of customer orders and revenue and diminish the reputation of our brands.
We provide forecasts of our demand to our primary contract manufacturer up to three (3) months prior to scheduled delivery of product to our customers. If we overestimate our requirements, our primary contract manufacturer may have excess inventory which would increase our cost. If we underestimate our requirements, our primary contract manufacturer may have an inadequate component inventory, which could
29
Table of Contents
interrupt manufacturing of our products and result in delayed shipments and reduced revenues. In addition, lead times for materials and components that we order vary significantly and depend on factors such as the specific supplier, contract terms and demand for each component at a given time. We may also experience shortages of components from time to time, which also could delay the manufacturing of our products.
If we are unable to meet our future capital requirements, our business would be harmed.
Although we expect our cash on hand, cash equivalents and networking capital to meet our working capital requirements for at least the next twelve (12) months, we may decide at any time to raise additional capital to take advantage of available strategic opportunities or attractive financing terms. If we issue equity securities, shareholders may experience dilution or the new equity securities may have rights, preferences or privileges senior to those of existing holders of common stock. If we cannot raise funds, if needed, on acceptable terms, we may not be able to develop or enhance our products, take advantage of future opportunities or respond to competitive pressures or unanticipated requirements, which could have a material adverse effect on our business, operating results and financial conditions.
For the past 3 years we incurred net losses. As of June 30, 2002, we have an accumulated deficit of approximately $82 million. We may not achieve or sustain profitability in future periods. Moreover, we currently expect to increase our operating expenses in connection with:
| • | Expanding into new geographical markets |
| • | Expanding into new product markets |
| • | Continuing to develop our technology |
| • | Hiring additional personnel |
| • | Upgrading our information and internal control systems |
If we are not able to achieve or sustain profitability in future quarters, the trading price of our common stock could decline.
Our operating results fluctuate and can fall below expectations of analysts and investors, resulting in a decline of our stock price.
We base our spending levels for Product Development, Sales & Marketing and other operating expenses largely on our expected future revenues. Because our expenses are largely fixed for a particular quarter or year we may be unable to adjust our spending in time to compensate for any unexpected quarterly or annual shortfall in revenues. A failure to adjust our spending in time also could cause operating results to fall below the expectations of our investors and result in declining stock prices.
Because many potential customers remain unaware of the need for Internet security or may perceive it as costly and difficult to implement, our products and services may not achieve market acceptance.
We believe that many potential customers are not fully aware of the need for Internet security products and services. Historically, only enterprises having substantial resources have developed or purchased Internet security solutions. Also, there is a perception that Internet security is costly and difficult to implement. We will therefore not succeed unless the market understands the need for Internet security and we can convince our potential customers of our ability to provide this security in a cost effective manner. Although we have spent and will continue to spend considerable resources educating potential customers about the need for Internet security and the benefits of our products and services, our efforts may be unsuccessful.
Seasonality and concentration of revenues at the end of the quarter could cause our revenues to fall below the expectation of analysts and investors, resulting in a decline of our stock price.
The growth rate of our domestic and international sales has been and may continue to be slower in the summer months, when businesses often defer purchasing decisions. Also, as a result of customer buying patterns and the efforts of our sales force to meet or exceed quarterly and year-end quotas, historically we have earned a substantial portion of a quarter’s revenue during its last month and more recently in the latter half of the last month. If expected revenues at the end of any quarter are delayed, our revenues for that quarter could fall below the expectations of the analysts and investors.
If third party channel partners fail to perform, our ability to sell our products and services will be limited.
30
Table of Contents
We expect to sell most of our products and services through our channel network partners and we expect our success to depend in large part on their performance. Some of our channel partners have the ability to sell products and services that are competitive with ours, to devote more resources to those competitive products than we devote to ours and to cease selling our products and services all together. If our third party channel partners fail to perform, our ability to expand our business and increase sales will be limited.
If we are unable to compete successfully in the highly competitive market for Internet security products and services, our business will fail.
The market for Internet security products is intensely competitive and we expect competition to intensify in the future. An increase in competitive pressures in our market or failure to compete effectively may result in price reduction, reduced gross margin and loss of market share. Currently the primary competitors in our industry include CISCO Systems, Checkpoint Software and Netscreen Technologies. Other competitors offering security products include hardware and software vendors, such as Hewlett-Packard and Network Associates Inc., operating systems vendors, such as Microsoft Corporation, Sun Microsystems Inc. and a number of smaller companies. Many of our competitors have longer operating histories, greater name recognition and larger customer bases and a significantly greater financial, technical, marketing and other resources than we do.
In addition, our current and potential competitors may establish cooperative relationships among themselves or with third parties that may further enhance their resources. As a result they may be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sales of their products and services, initiate or withstand substantial price competition, take advantage of acquisitions or other opportunities more readily or develop and expand their product and services offerings more quickly. In addition, our competitors may bundle products competitive with ours along with other products that they may sell to our current or potential customers. These customers may accept these bundled products rather than separately purchase our products. To date, we have not seen any trends relating to competitive pricing pressures within the security space that we operate.
Failure to address strain on our resources caused by growth will result in our inability to effectively manage our business.
Our current systems, management and resources will be inadequate if we begin to grow at a significant rate. A rapid expansion of our business will place a significant strain on our administrative, operational and financial resources and will result in ever increasing responsibilities of our management personnel. We will be unable to effectively manage our business if we are unable to timely and successfully alleviate the strain on our business caused by rapid growth.
We may be unable to adequately expand our operational systems to accommodate growth, which can harm our ability to deliver our products and services.
Our operational systems have not been tested at customer volumes that may be required in the future. We may encounter performance difficulty when operating with a substantially greater number of customers. An inability to add additional operating systems and personnel to handle increased demands may cause unanticipated disruptions in our current process, slower response times and poor customer service, including problems filling customer orders.
Rapid changes in technology and industry standards could render our products and services unmarketable or obsolete and we may be unable to introduce new products and services timely and successfully.
To succeed we must continually change and improve our products in response to rapid technological developments and changes in operating systems, Internet access and communications, application and network software, computer and communication hardware, programming tools, computer language technology and hacker techniques. We may be unable to successfully and timely develop these new products and services or achieve and maintain market acceptance. The development of new technology, advance products and services is a complex and uncertain process requiring innovation and the ability to anticipate technological and market trends. Because Internet security technology is complex it can require long development and testing periods. Releasing new products and services prematurely may result in quality problems, and releasing them late may result in loss of customer confidence and market share. In the past we have on occasion experienced delays in the scheduled introduction of new and enhanced products and services, and we may experience delays in the future. When we do introduce new or enhanced products and services, we may be unable to manage the
31
Table of Contents
transition from the older products and services to minimize disruptions to the customers’ ordering patterns, avoid excess inventory of older products and deliver enough products and services to meet customer demand.
We may be required to defend lawsuits or pay damages in connection with the alleged or factual failure of our products and services.
Because our products provide Internet security and may protect valuable information, we may face claims for product liability, tort or breach of warranty relating to our products and services. Anyone that circumvents our products’ security measures could misappropriate the confidential information or other property of end-users using our products and services or interrupt their operations. If that happens, affected end-users or channel partners may sue us. In addition, we may face breaches caused by faulty installations and implementations of our products by end-users or channel partners. Although we attempt to reduce the risk of loss from claims through contractual or warranty disclaimers and liability limitation provisions, these provisions may be unenforceable. Some courts, for example, have found contractual limitations of liability in standard software licenses to be unenforceable because the licensee does not sign them. Defending a suit regardless of its merit could be costly and could divert management’s attention. Although we currently maintain business liability insurance, this coverage may be inadequate or be unavailable in the future on acceptable terms, if at all.
A breach in security could harm public perception of our products.
We will not succeed unless the market place is confident that we provide effective Internet security protection. Even networks protected by our products may be vulnerable to electronic break-ins and computer viruses. If an actual or perceived breach of Internet security occurs in an end-user system, regardless of whether the breach is attributable to us, the market perception of the efficiency of our products and services could be harmed. This could cause us or our channel partners to lose current and potential customers or cause us to lose potential channel partners. Because the technology used by computer hackers to access or sabotage networks changes frequently and generally is not recognized until launched against the target, we may be unable to anticipate these techniques.
If we are unable to prevent attacks on our internal network security system by computer hackers, public perception of our products and services will be harmed.
Because we provide Internet security, we are a significant target of computer hackers. We have experienced attacks by computer hackers in the past and expect the attacks to continue. If attacks on our internal network systems are successful, public perceptions of our products and services will be harmed.
We may be unable to deliver our products and services if we cannot continue to license third party technology that is important for the functionality of our products.
Our success will depend in part on our continued ability to license technology that is important for the functionality of our products. A significant interruption in the supply of third party technology could delay our development and sales until we can find, license and integrate equivalent technology. This could damage our brand and result in loss of current and potential customers. Although we believe we can find other sources for the technology we license, alternative technology may be unavailable on acceptable terms, if at all. We depend on our third party licenses to deliver reliable quality, high quality products, develop new products on a timely and cost effective basis and respond to evolving technology and changes in the industry standards. We also depend on the continued compatibility of third party software with future versions of our product.
We will be unable to deliver our products and services if component manufacturers fail to supply component parts with acceptable quality, quantity and cost.
We obtain the component parts for our hardware from a variety of manufacturers. While our component vendors have produced parts for us in acceptable quantities and with acceptable quality and cost in the past, they may be unable to do so in the future. Companies in the electronic industry regularly experience lower than required component allocations and this industry is subject to frequent component shortfalls. Although we believe we can find additional or replacement sources for our hardware components, our operation could be disrupted if we have to add or switch to a replacement vendor or if our components supply is interrupted for an extended period. This could result in a loss of customer orders and revenue.
Declines in Demand for Products and Services.
32
Table of Contents
If overall market demand for computers, servers and other computing devices declines significantly, and consumer and corporate spending for such products declines, our revenue growth will be adversely affected. Additionally, the Company’s revenues would be unfavorably impacted if customers reduce their purchases of new software products or upgrades to existing products if such new offerings are not perceived to add significant new functionality or other value to prospective purchasers.
A reduction in the growth of internet usage and a softening demand for our products and services caused by the ongoing economic downturn may result in decreased revenue, earnings or growth rates and problems with our ability to manage inventory levels and realize customer receivables. The global economy has weakened and market conditions continue to be challenging. As a result, individuals and companies are delaying or reducing expenditures, including those for information technology. In addition, if our customers experience financial difficulties, we could suffer losses associated with the outstanding portion of accounts receivable. We have observed the effects of the global economic downturn in many areas of our business. The downturn has contributed to the decline of revenue by 8% during fiscal year 2002. Further delays or reductions in information technology spending could have a material adverse effect on demand for our products and services and consequently our results of operations, prospects and stock price.
New Product Development Schedule.
The development of software products is a complex and time-consuming process. New products and enhancements to existing products can require long development and testing periods. Significant delays in new product releases or significant problems in creating new products could negatively impact the Company’s revenues.
Business Conditions in Specific Industries.
We depend on the government, telecommunications, financial services, computing and manufacturing industries for a significant portion of our revenues. Significant reduction in technology capital spending in these industries caused by adverse economic conditions, such as we experienced during fiscal year 2002, may continue to result in decreased revenues and earnings. Our revenues are dependent on the level of technology capital spending in the United States and international economies. A number of companies announced significant reductions and deferrals in capital spending. If capital spending continues to decline in these industries over an extended period of time, our business will continue to be adversely affected.
The stock prices of technology companies such as ours are highly volatile and could drop unexpectedly.
The public markets have experienced volatility that has particularly affected the market prices of securities of many technology companies for reasons that have often been unrelated to operating results. During the course of the preceding twelve months ended June 30, 2002, the market price of our common stock traded within a range of $1.30 to $4.00 per share. This volatility may adversely affect the market price of our common stock and our visibility and credibility in the markets. We may need additional capital and our ability to secure additional funding is uncertain.
Our future revenue may be insufficient to support the expense of our operations and the expansion of our business. We may therefore need additional equity or debt capital. We may seek additional funding through:
| • | Public or private equity financing, which could result in significant dilution for shareholders. |
| • | Public or private debt financing and capital lease transactions. |
| • | Capital lease transactions. |
We believe that existing cash and equivalent balances will be sufficient to meet our capital requirements for at least the next twelve months. Our capital requirements will depend on several factors, however, including:
| • | The rate of market acceptance of products and services. |
| • | Our ability to expand our customer base. |
| • | The growth of our sales & marketing capabilities. |
| • | The cost of any acquisitions we may complete. |
| • | Financing may be unavailable to us when needed or on acceptable terms. |
33
Table of Contents
If we do not retain our key employees, our ability to execute our business plan strategy will be impaired.
Our future success will depend on the efforts and ability of our senior management and our key development, technical, operation, information systems, customer support, and sales and marketing personnel, and on our ability to retain them. These employees are not obligated to continue their employment with us and may leave us at any time.
If we do not extend our international operations, the growth of our business will be limited.
Our ability to grow depends in part on the expansion of our International sales and operations, which are expected to continue to account for a significant portion of our revenues. Sales to customers outside the United States accounted for approximately 38% of our revenues in fiscal year 2000, 51% in fiscal year 2001 and 58% in fiscal year 2002. The failure of our channel partners to sell our products internationally will limit our ability to increase our revenues. In addition, our international sales are subject to the risks inherent in international business activity, including:
| • | Cost of customizing products for foreign countries. |
| • | Export and import restrictions such as those affecting encryption commodities and software. |
| • | Difficulties in acquiring and authenticating customers’ information. |
| • | Reduced protection of intellectual property rights and increased liability exposure. |
| • | Regional economic and political conditions. |
A significant portion of our international sales currently are U.S. dollar denominated. As a result, an increase in the value of the U.S. dollar relative to foreign currencies may make our products less competitive in the international markets.
We may be unable to adequately protect our proprietary rights, which may limit our ability to compete effectively.
Despite our efforts to protect our proprietary rights, unauthorized parties may misappropriate or infringe on our trade secrets, copyrights, trademarks, service marks and similar proprietary rights. We face additional risk when conducting business in countries which have poorly developed or inadequately enforced intellectual property laws. While we are unable to determine the extent to which piracy of our software products exists we expect piracy to be a continuing concern, particularly in international markets and as a result of the growing use of the Internet.
Intellectual property claims and litigation could subject us to significant liabilities for damages and invalidation of our proprietary rights.
In the future we may have to resort to litigation to protect our intellectual property rights, to protect our trade secrets or to develop the validity and scope of our proprietary rights of others. Any litigation, regardless of its success, would be costly and require significant time and attention of our key management and technical personnel. The litigation could also force us to:
| • | Stop or delay selling, incorporating or using products that incorporate the challenged intellectual property; |
| • | Pay damages; |
| • | Enter into licensing or royalty agreements, which may be unavailable under acceptable terms; |
| • | Redesign products and services that incorporate infringing technology. |
Although we have not been sued for intellectual property infringement, we may face infringement claims from third parties in the future. The software industry has seen frequent litigation over intellectual property rights, and we expect that participants in the Internet security industry will be increasingly subject to infringement claims as the number of products, services, and competitors grow and functionality of the products and services overlap. We cannot assure you that the steps taken by us will be adequate to deter misappropriation of our proprietary rights or that third parties will not independently develop substantially similar products, services and technology. Furthermore, there can be no assurance that our products will not infringe upon the intellectual property rights of third parties. We may not be able to avoid infringement of third party intellectual property rights and may have to obtain a license, defend an infringement action, or
34
Table of Contents
challenge the validity of the intellectual property rights in court. Failure to obtain or maintain intellectual property rights in our products, for any reason, could have a material adverse effect on us.
Undetected product errors or defects could result in loss of revenues, market acceptance and claims against us.
Our products and services may contain undetected errors or defects, especially when first released. Despite extensive testing, some errors are discovered only after a product has been installed and used by customers. Any errors discovered after commercial release could result in loss of revenue or claims against us or our channel partners.
Shareholder Litigation
The Company is currently defending a class action lawsuit relating to a restatement of the Company’s financial results. There can be no assurance that the Company will ultimately be successful in defending the lawsuit, or that if the Company is unsuccessful, that there will be sufficient insurance coverage to cover any judgment rendered against the Company. If the Company is unsuccessful and insurance coverage is unavailable or insufficient, the resolution of the lawsuit could have a material adverse impact on the Company.
Governmental controls over the export or import of encryption technology could cause us to lose sales.
Any additional governmental regulations of imports or exports, or failure to obtain required approval for our encryption technologies could adversely affect our international and domestic sales. The United States and various other countries have imposed controls, export license requirements and restrictions on the import or export of some technologies, especially encryption technology. In addition, from time to time governmental agencies have proposed additional regulation over encryption technology, such as requiring the escrow and governmental recovery of private encryption keys. Additional regulation of encryption technology could delay or prevent the acceptance and use of encryption products in public networks for secure communications. This in turn could result in decreased demand for our products and services. In addition, some foreign competitors are subject to less stringent controls on exporting their encryption technologies. As a result, they may be able to compete more effectively than we can in the U.S. and international security markets.
Our business will suffer if we fail to comply with recent federal legislation and proposed rules and regulations of the Securities and Exchange Commission relating to corporate governance reform.
As a public company, we are subject to certain legislation and the rules and regulations of the Securities and Exchange Commission or the “Commission.” On July 30, 2002, President George W. Bush signed into law the Sarbanes-Oxley Act of 2002, effecting tighter accounting controls, more stringent corporate governance standards, and stricter penalties for securities fraud and other violations of the securities laws. To implement this legislation, the Commission has adopted and will continue to adopt new rules pertaining to, among other things, audit committee requirements and additional disclosure and reporting requirements. Our business and financial results could be materially harmed by any failure by us to comply with any current or future rules or regulations relating to the Sarbanes-Oxley Act or to any other federal corporate reform measures.
ITEM 7A. QUANTITATIVE AND QUALITATIVE DISCLOSURE ABOUT MARKET RISK
Interest rate risk. We do not hold derivative financial instruments or derivative equity securities. Financial investments, which potentially subject the Company to a concentration of credit risk, principally consist of cash, cash equivalents and trade receivables. The Company holds any excess cash in short-term investments consisting of commercial paper. Concentration of credit risk with respect to receivables is limited due to the Company’s customer base and historical collection rates.
Foreign currency risk. The majority of our sales and the majority of our expenses are currently denominated in US dollars. As a result, we have not experienced significant foreign exchange gains and losses except those disclosed on F8 in the accompanying audited consolidated financial statements. While we conducted some transactions in foreign currencies during 2001 and 2002 and expect to do so in the future, we do not anticipate the foreign currency gains or losses will be material to CyberGuard. Although we have not engaged in foreign currency hedging to date, we may do so in the future.
35
Table of Contents
ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA
The following items are attached and incorporated into this Item 8.
| Report of Independent Certified Public Accountants |
F-1 | |
| Consolidated Balance Sheets as of June 30, 2002 and June 30, 2001 |
F-2 | |
| Consolidated Statements of Operations for years ended June 30, 2002, June 30, 2001, and June 30, 2000 |
F-3 | |
| Consolidated Statements of Cash Flows for years ended June 30, 2002, June 30, 2001, and June 30, 2000 |
F-4 | |
| Consolidated Statements of Changes in Shareholders’ Equity (Deficit) and Comprehensive Income for years ended June 30, 2002, June 30, 2001, and June 30, 2000 |
F-5 | |
| Notes to Consolidated Financial Statements |
F-6 |
36
Table of Contents
REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS
The Board of Directors and Shareholders of
CyberGuard Corporation and Subsidiaries
We have audited the accompanying consolidated balance sheets of CyberGuard Corporation and Subsidiaries as of June 30, 2002 and 2001, and the related consolidated statements of operations, stockholders’ equity and comprehensive income, and cash flows for each of the three years ended June 30, 2002. These financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on these financial statements based on our audits.
We conducted our audits in accordance with auditing standards generally accepted in the United States of America. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion.
In our opinion, the financial statements referred to above present fairly, in all material respects, the financial position of CyberGuard Corporation and Subsidiaries as of June 30, 2002 and 2001, and the consolidated results of their operations and their consolidated cash flows for each of the three years ended June 30, 2002 in conformity with accounting principles generally accepted in the United States of America.
Grant Thornton LLP
Ft. Lauderdale, Florida
August 16, 2002
F-1
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(Amounts in thousands)
| June 30, 2002 |
June 30, 2001 |
|||||||
| ASSETS |
||||||||
| Cash and cash equivalents |
$ |
6,166 |
|
$ |
4,771 |
| ||
| Restricted cash |
|
44 |
|
|
780 |
| ||
| Accounts receivable, less allowance for uncollectible accounts of $109 at June 30, 2002 and $36 at June 30, 2001 |
|
5,152 |
|
|
4,147 |
| ||
| Inventories, net |
|
442 |
|
|
261 |
| ||
| Other current assets |
|
801 |
|
|
1,065 |
| ||
| Total current assets |
|
12,605 |
|
|
11,024 |
| ||
| Property and equipment at cost, less accumulated depreciation of $2,335 at June 30, 2002 and $1,869 at June 30, 2001 |
|
1,212 |
|
|
1,244 |
| ||
| Capitalized software, net |
|
219 |
|
|
741 |
| ||
| Other assets |
|
94 |
|
|
90 |
| ||
| Total assets |
$ |
14,130 |
|
$ |
13,099 |
| ||
| LIABILITIES AND SHAREHOLDERS’ EQUITY |
||||||||
| Line of credit & notes payable |
|
140 |
|
|
919 |
| ||
| Accounts payable |
|
778 |
|
|
967 |
| ||
| Convertible debenture, net |
|
— |
|
|
62 |
| ||
| Deferred revenue |
|
3,951 |
|
|
2,308 |
| ||
| Accrued expenses and other liabilities |
|
2,305 |
|
|
2,369 |
| ||
| Total liabilities |
$ |
7,174 |
|
$ |
6,625 |
| ||
| Commitments and Contingencies |
|
— |
|
|
— |
| ||
| Shareholders’ equity |
||||||||
| Common stock par value $0.01; authorized 50,000 shares; issued and outstanding 19,100 at June 30, 2002 and 18,429 at June 30, 2001 |
|
191 |
|
|
184 |
| ||
| Additional paid-in capital |
|
88,673 |
|
|
87,557 |
| ||
| Accumulated deficit |
|
(82,075 |
) |
|
(81,467 |
) | ||
| Accumulated other comprehensive income |
|
167 |
|
|
200 |
| ||
| Total shareholders’ equity |
|
6,956 |
|
|
6,474 |
| ||
| Total liabilities and shareholders’ equity |
$ |
14,130 |
|
$ |
13,099 |
| ||
See accompanying notes to consolidated financial statements
F-2
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(Amounts in thousands, except per share data)
| Three Months Ended |
Twelve Months Ended |
|||||||||||||||||||
| June 30, 2002 |
June 30, 2001 |
June 30, 2002 |
June 30, 2001 |
June 30, 2000 |
||||||||||||||||
| Revenues: |
||||||||||||||||||||
| Products |
$ |
3,690 |
|
$ |
4,734 |
|
$ |
15,215 |
|
$ |
18,685 |
|
$ |
14,988 |
| |||||
| Services |
|
2,031 |
|
|
1,640 |
|
|
7,125 |
|
|
5,721 |
|
|
3,871 |
| |||||
| Total revenues |
|
5,721 |
|
|
6,374 |
|
|
22,340 |
|
|
24,406 |
|
|
18,859 |
| |||||
| Cost of revenues: |
||||||||||||||||||||
| Products |
|
1,207 |
|
|
1,353 |
|
|
4,449 |
|
|
4,929 |
|
|
3,708 |
| |||||
| Services |
|
564 |
|
|
491 |
|
|
2,020 |
|
|
2,287 |
|
|
2,248 |
| |||||
| Total cost of revenues |
|
1,771 |
|
|
1,844 |
|
|
6,469 |
|
|
7,216 |
|
|
5,956 |
| |||||
| Gross profit |
|
3,950 |
|
|
4,530 |
|
|
15,871 |
|
|
17,190 |
|
|
12,903 |
| |||||
| Operating expenses: |
||||||||||||||||||||
| Research and development |
|
1,107 |
|
|
1,341 |
|
|
4,705 |
|
|
5,450 |
|
|
2,969 |
| |||||
| Selling, general and administrative |
|
2,973 |
|
|
3,723 |
|
|
12,007 |
|
|
14,680 |
|
|
9,752 |
| |||||
| Total operating expenses |
|
4,080 |
|
|
5,064 |
|
|
16,712 |
|
|
20,130 |
|
|
12,721 |
| |||||
| Operating income (loss) |
|
(130 |
) |
|
(534 |
) |
|
(841 |
) |
|
(2,940 |
) |
|
182 |
| |||||
| Other income (expense) |
||||||||||||||||||||
| Interest income/(expense), net |
|
19 |
|
|
(2 |
) |
|
58 |
|
|
(751 |
) |
|
(1,066 |
) | |||||
| Loss on sale of assets |
|
(2 |
) |
|
(118 |
) |
|
(18 |
) |
|
(106 |
) |
|
— |
| |||||
| Other income (expense) |
|
222 |
|
|
(1 |
) |
|
193 |
|
|
(90 |
) |
|
(92 |
) | |||||
| Total other income (expense) |
|
239 |
|
|
(121 |
) |
|
233 |
|
|
(947 |
) |
|
(1,158 |
) | |||||
| Income / (Loss) before cumulative effect of change in accounting principle |
|
109 |
|
|
(655 |
) |
|
(608 |
) |
|
(3,887 |
) |
|
(976 |
) | |||||
| Cumulative effect of change in accounting principle |
|
0 |
|
|
0 |
|
|
0 |
|
|
(129 |
) |
|
0 |
| |||||
| Net Income / (Loss) |
$ |
109 |
|
$ |
(655 |
) |
|
(608 |
) |
$ |
(4,016 |
) |
$ |
(976 |
) | |||||
| Basic earnings / loss per common share: |
||||||||||||||||||||
| Before cumulative effect of change in accounting principle |
$ |
0.01 |
|
$ |
(0.04 |
) |
$ |
(0.03 |
) |
$ |
(0.29 |
) |
$ |
(0.10 |
) | |||||
| Cumulative effect of change in accounting principle |
$ |
— |
|
$ |
— |
|
$ |
— |
|
$ |
(0.01 |
) |
$ |
— |
| |||||
| Basic earnings / loss per common share |
$ |
0.01 |
|
$ |
(0.04 |
) |
$ |
(0.03 |
) |
$ |
(0.30 |
) |
$ |
(0.10 |
) | |||||
| Weighted average number of common shares outstanding |
|
19,019 |
|
|
18,196 |
|
|
18,779 |
|
|
13,188 |
|
|
9,318 |
| |||||
| Diluted earnings / loss per common share: |
||||||||||||||||||||
| Before cumulative effect of change in accounting principle |
$ |
0.00 |
|
$ |
(0.04 |
) |
$ |
(0.03 |
) |
$ |
(0.29 |
) |
$ |
(0.10 |
) | |||||
| Cumulative effect of change in accounting principle |
$ |
— |
|
$ |
— |
|
$ |
— |
|
$ |
(0.01 |
) |
$ |
— |
| |||||
| Diluted earnings / loss per common share |
$ |
0.00 |
|
$ |
(0.04 |
) |
$ |
(0.03 |
) |
$ |
(0.30 |
) |
$ |
(0.10 |
) | |||||
| Weighted average number of common shares outstanding |
|
22,317 |
|
|
18,196 |
|
|
18,779 |
|
|
13,188 |
|
|
9,318 |
| |||||
See accompanying notes to consolidated financial statements
F-3
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(Amounts in thousands)
| Twelve Months Ended |
||||||||||||
| June 30, 2002 |
June 30, 2001 |
June 30, 2000 |
||||||||||
| Cash flows from operating activities |
||||||||||||
| Net loss |
$ |
(608 |
) |
|
(4,016 |
) |
|
(976 |
) | |||
| Adjustments to reconcile net loss to net cash used in operating activities: |
||||||||||||
| Depreciation |
|
817 |
|
|
670 |
|
|
494 |
| |||
| Amortization |
|
694 |
|
|
1,101 |
|
|
531 |
| |||
| Loss on disposal of fixed assets |
|
18 |
|
|
134 |
|
|
21 |
| |||
| Interest expense related to convertible debt |
|
— |
|
|
534 |
|
|
803 |
| |||
| Provision for uncollectible accounts receivable |
|
73 |
|
|
(15 |
) |
|
(355 |
) | |||
| Provision for inventory reserve |
|
(68 |
) |
|
(5 |
) |
|
35 |
| |||
| Compensation expense related to modification of stock options |
|
156 |
|
|
195 |
|
|
— |
| |||
| Non cash expense for company 401(k) match |
|
259 |
|
|
— |
|
|
— |
| |||
| Cumulative effect of change in accounting principle |
|
— |
|
|
129 |
|
|
— |
| |||
| Translation adjustment |
|
(33 |
) |
|
89 |
|
|
89 |
| |||
| Changes in assets and liabilities: |
||||||||||||
| Restricted cash |
|
736 |
|
|
20 |
|
|
108 |
| |||
| Accounts receivable |
|
(1,078 |
) |
|
(517 |
) |
|
(1,239 |
) | |||
| Other current assets |
|
264 |
|
|
130 |
|
|
(776 |
) | |||
| Inventories |
|
(113 |
) |
|
(130 |
) |
|
17 |
| |||
| Accounts payable |
|
(189 |
) |
|
(457 |
) |
|
(1,342 |
) | |||
| Accrued expenses and other liabilities |
|
(65 |
) |
|
428 |
|
|
(988 |
) | |||
| Deferred revenue |
|
1,643 |
|
|
(604 |
) |
|
867 |
| |||
| Other, net |
|
(4 |
) |
|
74 |
|
|
(29 |
) | |||
| Net cash provided by (used in) operating activities |
|
2,503 |
|
|
(2,240 |
) |
|
(2,740 |
) | |||
| Cash flows used in investing activities |
||||||||||||
| Capitalized software costs |
|
(172 |
) |
|
(360 |
) |
|
(1,205 |
) | |||
| Purchases of property & equipment |
|
(805 |
) |
|
(930 |
) |
|
(448 |
) | |||
| Proceeds from sale of property & equipment |
|
2 |
|
|
— |
|
|
— |
| |||
| Net cash used in investing activities |
|
(975 |
) |
|
(1,290 |
) |
|
(1,652 |
) | |||
| Cash flows provided by (used in) financing activities: |
||||||||||||
| Issuance of convertible debt |
|
— |
|
|
1,000 |
|
|
4,313 |
| |||
| Retirement of convertible debt |
|
(37 |
) |
|
— |
|
|
(1,125 |
) | |||
| Proceeds from exercise of warrants |
|
— |
|
|
4,804 |
|
|
— |
| |||
| Borrowings under notes payable |
|
— |
|
|
310 |
|
|
741 |
| |||
| Repayment of notes payable |
|
(16 |
) |
|
(413 |
) |
|
(761 |
) | |||
| Net repayment under revolving line of credit |
|
(763 |
) |
|
(1,203 |
) |
|
(89 |
) | |||
| Proceeds from stock options exercised |
|
523 |
|
|
532 |
|
|
888 |
| |||
| Proceeds from private placement of common stock |
|
— |
|
|
500 |
|
|
— |
| |||
| Proceeds from sale of common stock |
|
160 |
|
|
274 |
|
|
301 |
| |||
| Net cash provided by (used in) financing activities |
|
(133 |
) |
|
5,804 |
|
|
4,267 |
| |||
| Net increase (decrease) in cash |
|
1,395 |
|
|
2,274 |
|
|
(125 |
) | |||
| Cash and cash equivalents at beginning of period |
|
4,771 |
|
|
2,497 |
|
|
2,622 |
| |||
| Cash and cash equivalents at end of period |
$ |
6,166 |
|
$ |
4,771 |
|
$ |
2,497 |
| |||
| Supplemental disclosure of cash flow information |
||||||||||||
| Cash paid for interest |
|
62 |
|
|
511 |
|
|
608 |
| |||
| Cash paid for income taxes |
|
— |
|
|
— |
|
|
— |
| |||
Supplemental disclosure of non-cash information
During fiscal year 2002, the Company’s CEO, Scott Hammack, participated in a special option program which required the Company to record compensation expense of $91.
During fiscal year 2002, approximately $25 in convertible debt and interest on the debt was converted into approximately 25 shares of the Company’s common stock.
During fiscal year 2001, the expiration dates of approximately 141 options to purchase shares of the Company’s common stock were extended, which required the Company to record $141 in compensation expense. In addition, approximately 310 options to purchase shares of the Company’s common stock were issued at a below market price, which required the Company to record approximately $65 in compensation expense during fiscal year 2002 and $54 in compensation expense in fiscal year 2001.
During fiscal year 2001, the Company recorded $129 as a cumulative effect of a change in accounting principle associated with the recognition of the effective conversion price related to the convertible debt issued in August 1999.
During fiscal year 2001, approximately $5,892 in convertible debt and interest on the debt was converted into approximately 5,492 shares of the Company’s common stock.
During fiscal year 2001, the Company issued a $1,000 convertible debenture and issued 334 warrants valued at $40.
During fiscal year 2000, the Company issued a $4,300 convertible debenture and issued 4,300 warrants valued at $431.
See accompanying notes to consolidated financial statements
F-4
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CHANGES IN SHAREHOLDERS’ EQUITY (DEFICIT)
AND COMPREHENSIVE INCOME
(Amounts in thousands, except share data)
| Common Stock Shares |
Common Stock Par Value |
Additional Paid in Capital |
Accumulated Deficit |
Accumulated Other Comprehensive Income |
Total |
|||||||||||||||
| Balance June 30, 1999 |
9,064,756 |
$ |
91 |
$ |
73,677 |
$ |
(76,475 |
) |
$ |
22 |
|
$ |
(2,685 |
) | ||||||
| Net loss |
|
(976 |
) |
|
(976 |
) | ||||||||||||||
| Translation adjustment |
|
89 |
|
|
89 |
| ||||||||||||||
| Issuance of common stock |
734,565 |
|
7 |
|
1,182 |
|
1,189 |
| ||||||||||||
| Discount on warrants |
|
431 |
|
431 |
| |||||||||||||||
| Balance June 30, 2000 |
9,799,321 |
$ |
98 |
$ |
75,290 |
$ |
(77,451 |
) |
$ |
111 |
|
$ |
(1,952 |
) | ||||||
| Net loss |
|
(4,016 |
) |
|
(4,016 |
) | ||||||||||||||
| Translation adjustment |
|
89 |
|
|
89 |
| ||||||||||||||
| Issuance of warrants related to debt conversion |
|
73 |
|
73 |
| |||||||||||||||
| Modification of stock options |
|
195 |
|
195 |
| |||||||||||||||
| Cumulative change in accounting principle |
|
129 |
|
129 |
| |||||||||||||||
| Issuance of common stock related to debt conversion |
5,506,905 |
|
55 |
|
5,791 |
|
5,846 |
| ||||||||||||
| Issuance of common stock related to exercise of warrants |
2,402,000 |
|
24 |
|
4,780 |
|
4,804 |
| ||||||||||||
| Issuance of common stock related to the exercise of options |
385,938 |
|
4 |
|
528 |
|
532 |
| ||||||||||||
| Issuance of common stock |
334,408 |
|
3 |
|
771 |
|
775 |
| ||||||||||||
| Balance June 30, 2001 |
18,428,572 |
$ |
184 |
$ |
87,557 |
$ |
(81,467 |
) |
$ |
200 |
|
$ |
6,474 |
| ||||||
| Net loss |
|
(608 |
) |
|
(608 |
) | ||||||||||||||
| Translation adjustment |
|
(33 |
) |
|
(33 |
) | ||||||||||||||
| Modification of stock options |
|
156 |
|
156 |
| |||||||||||||||
| Issuance of common stock related to debt conversion |
24,835 |
|
0 |
|
25 |
|
25 |
| ||||||||||||
| Issuance of common stock related to the exercise of options |
418,400 |
|
4 |
|
519 |
|
523 |
| ||||||||||||
| Issuance of common stock |
227,875 |
|
3 |
|
416 |
|
419 |
| ||||||||||||
| Balance June 30, 2002 |
19,099,682 |
|
191 |
|
88,673 |
|
(82,075 |
) |
|
167 |
|
|
6,956 |
| ||||||
See accompanying notes to consolidated financial statements
F-5
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
(1) DESCRIPTION OF BUSINESS
CyberGuard Corporation (“CyberGuard” or the “Company”) is a leading provider of network security solutions designed to protect enterprises that use the Internet for electronic commerce and secure communication (customers include Fortune 1000 companies, major financial institutions, and government agencies worldwide). The Company’s CyberGuard® appliance, which includes firewall and VPN (Virtual Private Network), provides a level of security, features and availability that the Company believes is not matched in the industry. Through a combination of proprietary and third-party technology, the Company provides a full suite of products and services that are designed to protect the integrity of electronic data and customer applications from unauthorized individuals and digital thieves.
The appliance is sold to end users directly and indirectly by direct sales and resellers worldwide in over thirty countries.
(2) SUMMARY OF SIGNIFICANT ACCOUNTING POLICIES
Basis of Consolidation. The consolidated financial statements of CyberGuard Corporation and its subsidiaries (CyberGuard Europe Ltd. and CYBG Consultants, Inc. (the “Company”)) include the accounts of the Company and its subsidiaries over which it maintains control. All significant inter-company balances and transactions have been eliminated.
Use of Estimates. The preparation of financial statements in conformity with generally accepted accounting principles requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. On an on-going basis, we evaluate significant estimates used in preparing our financial statements, including revenue recognition, bad debt, software development cost, inventory valuation, and deferred taxes. We based our estimates on historical experience and various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying value of assets and liabilities that are not readily apparent from other sources. Actual results may differ from these estimates under different assumptions or conditions.
The Company’s operations and ability to grow may be affected by numerous factors, including changes in customer requirements, new laws and governmental regulations and policies, technological advances, entry of new competitors and changes in the willingness of financial institutions and other lenders to finance acquisitions and operations. The Company cannot predict which, if any, of these or other factors might have a significant impact on the Company’s industry in the future, nor can it predict what impact, if any, the occurrence of these or other events might have on the Company’s operations.
Cash Equivalents and Restricted Cash. The Company considers all investments purchased with an original maturity of three months or less at the time of purchase to be cash equivalents. Restricted cash is unavailable to the Company until certain contractual terms and conditions are met. At June 30, 2002, the Company has $1,019 of cash in a UK bank.
Restricted cash as of June 30, consists of the following:
| 2002 |
2001 | |||||
| Cash held on behalf of employees for purchase of company stock |
$ |
33 |
$ |
103 | ||
| Cash held on behalf of employees for flexible reimbursement plan |
|
11 |
|
2 | ||
| Certificate of deposit as collateral on a lease |
|
— |
|
25 | ||
| Escrow on line of credit facility |
|
— |
|
650 | ||
| $ |
44 |
$ |
780 | |||
F-6
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
Inventories. Inventories consist primarily of component parts and computer hardware and are carried at the lower of cost, determined by the First-In-First-Out (“FIFO”) method, or market. We write our inventories down to estimated market value based on assumptions of our future demand, based on projected product releases and market conditions. Variation in market trends, customer preferences, introduction of new products (replacing existing products) or technological advances could, however, significantly affect these estimates and result in additional inventory write-downs.
Bad Debts. We maintain allowances for doubtful accounts for estimated losses resulting from the inability of our customers to make required payments. Significant judgment is required when we assess the ultimate realization of receivables, including the probability of collection and the credit-worthiness of each customer. In estimating the allowance for doubtful accounts, we analyze our accounts receivable aging, historical bad debts, customer credit-worthiness, current economic trends and other factors. If the financial condition of our customers were to deteriorate, resulting in an impairment of their ability to make payments, additional allowance might be required.
Property and Equipment. Property and equipment are stated at cost, less accumulated depreciation. Depreciation is computed by the straight-line method using the estimated useful lives of the assets, which range from 2 to 5 years. Maintenance and repairs are charged to expense as incurred. Upon sale, retirement or other disposition of these assets, the cost and the related accumulated depreciation are removed from the respective accounts and any gain or loss on the disposition is included in the consolidated statement of operations.
Impairment of Long Lived Assets. The Company evaluates the recoverability of all its long-lived assets, including intangibles. If the sum of the undiscounted future cash flows is less than the carrying amount of the asset, an impairment loss is recognized as the amount by which the carrying amount of the asset exceeds its fair value. Effective July 1, 2002, impairment of goodwill and other long-lived assets will be assessed according to new accounting guidelines (see footnote 13).
Software Development Costs. The Company capitalizes costs related to the development of certain software products in accordance with Statement of Financial Accounting Standards No. 86, “Accounting For the Costs of Computer Software to be Sold, Leased, or Otherwise Marketed” (“SFAS No. 86”) which requires capitalization to begin when technological feasibility has been established and ends when the product is available for general release to customers. Software development costs incurred prior to technological feasibility, defined by implementation of a beta project, are considered research and development costs and are expensed as incurred. Capitalized costs are amortized on a straight-line method over two years.
During fiscal year 2002, the Company capitalized software development costs of $172 and associated amortization of $694. During 2001, the Company capitalized software development costs of $360 and associated amortization of $761. During 2000, the Company capitalized software development costs of $1,205 and associated amortization of $247.
Revenue Recognition. Revenues from product sales are recognized only when a contract or agreement has been executed, delivery of the product has occurred, the fee is fixed and determinable and we believe collection is probable. While we generally recognize product revenue on product shipment, we defer revenues on product sales for value added resellers until the partners demonstrate consistency of payment within terms and no product returns for a three month period. Service revenues are recognized ratably on a monthly basis over the service contract term. Service revenues primarily include the annual fee for maintenance, which is sold as part of our security solutions, and for subscription renewals from our existing customers and end users. These services provide our customers access to our worldwide support organization for product updates, general security information and technical support.
During fiscal year 2002, the revenue recognition for four resellers in Asia and seven resellers in Europe, was changed from cash basis to accrual, based on a reasonable assurance of collectibility from
F-7
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
evaluating their payment histories. The impact was to increase revenue by approximately $1,100 in fiscal year 2002. Revenue on post-contract customer support is deferred and amortized by the straight-line method over the term of the contracts. The Company also provides professional support services, which are available under service agreements and charged for separately. These services are generally provided under time and materials contracts and revenue is recognized as the service is provided.
Deferred Revenue. Deferred revenue represents amounts billed or payments received in advance of maintenance services to be rendered over a certain period of time, and are recognized ratably over the service term.
Reclassifications. Certain prior period amounts have been reclassified to conform to the current year presentation.
Advertising Expense. The Company expenses advertising and promotional costs as incurred. Advertising expense for the years ended June 30, 2002, 2001 and 2000 was $872, $1,475 and $569, respectively
Income Taxes. The provision for income taxes and corresponding balance sheet accounts are determined in accordance with Statement of Financial Accounting Standards No. 109, “Accounting for Income Taxes” (“SFAS No. 109”). Under SFAS No. 109, deferred tax liabilities and assets are determined based on the temporary differences between the bases of certain assets and liabilities for income tax and financial reporting purposes. The deferred tax assets and liabilities are classified according to the financial statement classification of the assets and liabilities generating the differences. The Company provides a valuation allowance for deferred tax assets, which cannot be currently recognized due to the Company’s cumulative losses and the uncertainty as to future recoverability. The Company has considered future taxable income and ongoing prudent and feasible tax planning strategies in assessing the need for the valuation allowance. In the event the Company was to determine that it would be able to realize the deferred tax asset in the future, an adjustment to the deferred tax asset would increase income in the period the determination was made.
Foreign Currency Translation. The Company’s foreign operations utilize the local foreign currency as the functional currency. The results of operations and cash flows for the foreign operations are translated at an average exchange rate for the period, and the assets and liabilities of the foreign operations are translated at the exchange rate at the end of the period. Translation adjustments are included in stockholders’ equity (deficit). Transaction gains or losses are included in determining net income / (loss) for the period. During fiscal year 2002, 2001, and 2000, the Company recognized a transaction gain of $203, a transaction loss of $159, and a transaction loss of $172 respectively, reported as other income / (expense).
Accounting for Stock Options. Options granted under the Company’s Stock Option Plans are accounted for under APB 25, “Accounting for Stock Issued to Employees,” and related interpretations. The Company also makes additional pro-forma disclosures in accordance with Statement of Financial Accounting Standards (SFAS) 123.
Net Loss Per Share. Basic income (loss) per share excludes dilution and is computed by dividing income (loss) available to common shareholders by the weighted-average number of common shares outstanding for the period. Diluted net income (loss) per share reflects the potential dilution that could occur if securities, stock options, warrants or other contracts to issue common stock were exercised or converted into common stock or resulted in the issuance of common stock that then shared in the earnings of the entity. Potential common stock in the form of options totaling 5,143,000 and warrants totaling 2,388,000 that have an effect on diluted net loss per share calculations, due to their anti-dilutive effects, are excluded.
F-8
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
(3) PROPERTY AND EQUIPMENT
Property and equipment consists of the following:
| June 30, |
June 30, |
|||||||
| Property and equipment |
$ |
3,126 |
|
$ |
2,706 |
| ||
| Purchased software for internal use |
|
387 |
|
|
373 |
| ||
| Leasehold improvement |
|
34 |
|
|
34 |
| ||
| Subtotal |
|
3,547 |
|
|
3,113 |
| ||
| Less: accumulated depreciation |
|
(2,335 |
) |
|
(1,869 |
) | ||
| Property and equipment, net |
$ |
1,212 |
|
$ |
1,244 |
| ||
(4) ACCRUED EXPENSES AND OTHER LIABILITIES
Accrued expenses and other liabilities consists of the following:
| June 30, 2002 |
June 30, | |||||
| Salaries, wages and other compensation |
$ |
1,355 |
$ |
1,570 | ||
| Other payables |
|
950 |
|
799 | ||
| $ |
2,305 |
$ |
2,369 | |||
(5) LINE OF CREDIT AND NOTES PAYABLE
On December 30, 1997, the Company entered into an asset-based revolving line of credit of approximately $3,350 and a $650 Term Note Agreement with a financing company. Interest was charged at the prime rate plus 2%. At June 30, 2001, the interest rate on the revolving line of credit was 9%. The credit facility was collateralized by all of the tangible assets and intellectual property of the Company. Availability under the revolving credit facility was limited to 80% of eligible accounts receivable and 30% of qualified inventory up to a maximum availability of $300 on eligible inventory. The amount of availability on the revolving line of credit at June 30, 2001 was $988. The original term note was for a period of three years and payable in thirty-nine monthly installments. In December 1999, the Company re-negotiated the terms of the credit facility, which extended the term of the note until December 30, 2001. At June 30, 2001, the Company presented the $650 cash compensating balance equal to the amount of the term loan as restricted cash. As of June 30, 2001, there was approximately $113 outstanding under the revolving line of credit agreement. The loan and revolving line of credit were repaid on December 31, 2001.
The Company has entered into an insurance premium financing agreement. At June 30, 2002 the total amount outstanding was $140 and the interest rate was 5.26%. At June 30, 2001, the amount outstanding was $156 and the interest rate was 8.11%.
(6) CONVERTIBLE DEBENTURE
On December 17, 1998, the Company executed an agreement to issue $1,125 of Convertible Debt (“Debt”) with an investment company. The Debt was interest bearing at a rate of prime plus 2% and was payable quarterly. The Debt was convertible into 750,000 shares of common stock at a conversion price equal to $1.50 per share. The Debt was convertible, at the debt holders’ option, after February 1, 2000. In addition, the Company issued the debt holders warrants to purchase 500,000 shares of the Company’s common stock at $2.00 per share. The warrants were exercisable at any time before June 2001. The terms of the Debt and warrant agreement that permitted the conversion of the Debt and warrants to common stock at a discount to market, was considered a beneficial conversion feature. The beneficial conversion feature at the date of issuance of the Debt was recognized as interest expense
F-9
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
over the shortest possible conversion period. The convertible debt was secured by a second lien on the Company’s assets and properties and was subordinated to the Company’s senior debt.
On August 26, 1999, the Company increased the convertible debt to approximately $4,300 including repaying the December 1998 issuance. This increased amount was principally with the same debt holders as the December 1998 transaction, with certain company officers, directors and employees also participating. The debt was interest bearing at a rate of 11.5% per annum with a maturity of June 30, 2002. Interest was payable quarterly, except for interest accruing from the date of issuance through July 1, 2000, which was added to the principal amount of the note. The number of shares of common stock into which the debt may be converted was equal to the principal amount of the note, plus the accrued interest, divided by the conversion price of $1.00 per share. In addition, the warrants from the December 17, 1998 transaction were cancelled, and the Company issued approximately 4,300,000 warrants to purchase the Company’s common stock at $2.00 per share and have a term of five years. The warrants were valued at $431 and this amount was recognized as interest expense over the debt conversion period. Certain debt holders, holding $25 in convertible debt, elected to convert the debt during fiscal 2002 into 24,835 shares of common stock. Holders of the remaining $38 convertible debt were repaid during fiscal 2002.
As of September 30, 1999, the Company had recorded a beneficial conversion feature attributable to the convertible debt of $1,078. This feature was being amortized over the term of the debt. A report subsequently issued by a national valuation firm indicated the fair value of the Company’s common stock was below the conversion price at the date of the transaction and therefore, no such beneficial conversion feature existed. The Company reversed the charge of $317 in the fourth quarter of fiscal year 2000 that had been charged as interest expense. The effect on the prior quarterly results was immaterial.
On December 29, 2000, the Company completed an additional $1 million financing transaction as an add-on to the August 1999 financing agreement. The additional note was convertible into the Company’s common stock at $1.51 per share and carried a warrant to purchase an additional 333,877 shares of the Company’s common stock at $2.51 per share.
At the November 2000 meeting, The Emerging Issues Task Force (“EITF”) reached a consensus opinion on Issue 00-27 regarding the “Application of EITF Issue 98-5, “Convertible Securities with Beneficial Conversion Features or Contingently Adjustable Conversion Ratios,” to Certain Convertible Instruments”. The consensus opinion required the Company to use an effective conversion price to determine a convertible instrument’s beneficial conversion feature. The change was effective retroactively to transactions for which a commitment date occurred prior to November 16, 2000. As a result, in December 2000, the Company recognized approximately $129 as a cumulative effect of a change in accounting principle associated with the convertible debt issued in August 1999. During December 2000, the Company also recognized $33 in interest expense associated with the convertible debt issued in December 2000.
On January 24, 2001, approximately $5,700 of convertible debt and the interest accrued on that debt was converted into approximately 5,300,000 shares of common stock at prices between $1.00 and $1.51 per share, by the investment company, current directors and certain former officers. Approximately $130 of the value of the warrants associated with this debt conversion was amortized into interest expense.
During January 2001, warrants for the purchase of approximately 2,400,000 shares of the Company’s common stock were exercised at $2.00 per share for a total of approximately $4,800 in cash. The value of the warrants decreased by $127 as a result of this exercise.
On May 31, 2001, approximately $192 of convertible debt and the interest accrued on that debt was converted into approximately 192,000 shares of common stock at $1.00 per share. Approximately $7 of the value of the warrants associated with this debt conversion was amortized into interest expense.
The number of warrants outstanding on the convertible debt as of June 30, 2002 and 2001 was 2,245,361 and are exercisable at prices ranging from $2.00 to $2.50, and expire in August 2004. The
F-10
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
book value of the warrants as of June 30, 2002 and 2001 was $0 and $2, respectively. During 2002 and 2001, $2 and $209 of the book value of the warrants was amortized to interest expense. As of June 30, 2002 all convertible debt has either been repaid or converted into common stock of the Company.
(7) INCOME TAXES
The significant components of the Company’s net deferred income tax assets (liabilities) are as follows:
Deferred tax assets and liabilities
| June 30, 2002 |
June 30, 2001 |
June 30, 2000 |
||||||||||
| Accrued expenses |
$ |
443 |
|
$ |
339 |
|
$ |
243 |
| |||
| Depreciation and amortization |
|
545 |
|
|
313 |
|
|
(290 |
) | |||
| Net operating loss carryforwards |
|
25,029 |
|
|
24,210 |
|
|
22,843 |
| |||
| Capital loss carryforwards |
|
2,855 |
|
|
2,024 |
|
|
2,024 |
| |||
| Other deferred tax assets |
|
39 |
|
|
517 |
|
|
522 |
| |||
| Valuation allowance |
|
(28,911 |
) |
|
(27,403 |
) |
|
(25,342 |
) | |||
| Net deferred income tax liability |
|
— |
|
|
— |
|
|
— |
| |||
A reconciliation of the effective income tax rate and the statutory United States income tax rate follows:
| Year ended |
Year ended |
|||||
| Statutory U.S. income tax rate |
(34.0 |
)% |
(34.0 |
)% | ||
| State taxes |
(3.0 |
)% |
(3.0 |
)% | ||
| Other |
(2.5 |
)% |
0.0 |
% | ||
| Interest on convertible debt |
21.7 |
% |
4.4 |
% | ||
| Valuation Allowance |
17.8 |
% |
32.6 |
% | ||
| Effective income tax rate |
0.0 |
% |
0.0 |
% | ||
As of June 30, 2002, the Company had U.S. net operating loss carryforwards for federal income tax purposes of approximately $67,438. The Company’s net operating loss carryforwards begin to expire in 2010. Under the Tax Reform Act of 1986, the amounts of, and the benefits from, net operating loss carryforwards may be impaired or limited due to a change of ownership control as defined by the Internal Revenue Code. In addition, the Company has U.S. net capital loss carryforwards of approximately $5,394. The Company may utilize the U.S. capital loss carryforwards only to the extent it generates future capital gains. As of June 30, 2002, the Company had U.K. net operating loss carryforwards of $250, which do not expire under U.K. tax laws. As of June 30, 2002 and 2001, a valuation allowance has been established against the net deferred tax asset since the Company believes it is more likely than not that the tax asset will not be realized.
(8) SHAREHOLDERS’ EQUITY
Common Stock—The Company has authorized 50,000,000 shares of CyberGuard common stock, each share having a par value of $0.01 per share.
Preferred Stock—The Company has authorized 5,000 shares of CyberGuard preferred stock, each share having a par value of $0.01 per share. No preferred shares are outstanding.
Stockholder Protection Rights Agreement—In September 1994, the Company approved a Stockholder Protection Rights Agreement. The agreement states that each share of the Company’s common stock has attached to it one right. Each right entitles its registered holder to purchase from the Company after the “Separation Time”, as hereinafter defined, one-hundredth of a share of Participating Preferred Stock, par value $0.01 per share, for an amount calculated in accordance with the Preferred
F-11
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
Stock Agreement. The rights will not trade separately from the common stock unless and until the Separation Time. The Separation Time is defined as the earlier of the tenth business day after the date on which any person commences a tender or exchange offer which, if consummated, would result in an acquisition, and the first date of public announcement by the Company of such offering. In the event of any voluntary or involuntary liquidation of the Company, the holders of the Preferred Stock shall be paid an amount as calculated in accordance with the Preferred Stock Agreement.
Stock Option Plans—Effective October 8, 1994, the Company adopted an Incentive Stock Option Plan. On February 4, 1996, the Board of Directors approved an amendment to the plan to reserve 2,025,000 shares of common stock for grant, and effective October 28, 1997 increased the reserve to 2,400,000 shares. Effective September 4, 1998, the Company adopted an Employee Stock Option Plan. The Board of Directors approved an initial reserve of 1,400,000 shares of common stock for grant, and effective August 10, 1999 increased the reserve to 2,500,000 shares. On March 9, 2001, the Company registered an additional 2,000,000 shares and on November 21, 2001, an additional 2,500,000 shares, totaling 7,000,000 shares under the 1998 plan. The options vest over a three-year period and have a term of five years.
Both plans permit the issuance of stock options; stock appreciation rights, performance awards, restricted stock and/or other stock based awards to directors and salaried employees. The option price shall be determined by the Board of Directors effective on the Grant Date. The option price shall not be less than 100% of the Fair Market Value of a share of common stock on the Grant Date. If Incentive Stock Options are granted to a participant who on the Grant Date is a ten-percent holder, such price shall not be less than one hundred and ten percent of the Fair Market Value of a share of common stock on the Grant Date. Vesting of these options occurs based on years of service. Generally it begins at 33% after one year, 66% after two years, and 100% after the third year of service. All options become immediately exercisable upon the occurrence of a Change in Control of the Company.
During October 2001, certain officers and employees elected to participate in a special stock option program offered by the Company through a Stock Option Plan. Officers could elect a base salary reduction ranging from 10.01% to 100% and employees could elect a base salary reduction ranging from .01% to 100%. This base salary reduction entitled them to receive a specified number of stock options, as defined in the program agreement, to purchase shares of the Company’s common stock at the then current market price of $1.30 per share. Approximately 1,751,000 stock options, with a one-year vesting period that will expire in 10 years from the grant date were issued related to this program. The Company’s CEO participated in this special option program where he elected to accept options in lieu of salary for a twelve months period. The company was required to record compensation expense of $91 through June 30, 2002.
In September 1998, the Company elected to have non-qualified stock options for key executives as part of their compensation plan. The Board of Directors has the authority to determine who may be granted options, the period of exercise, the option price at the date of grant, and any other restrictions, if applicable. For the fiscal years ended June 30, 2002 and 2001, the Company granted 274,000 and 1,929,000 options, respectively, under this election, which vest over a three-year period.
The Black-Scholes option valuation model was developed for use in estimating the fair value of traded options, which have no vesting restrictions and are fully transferable. In addition, option valuation models require the input of highly subjective assumptions including the expected stock volatility. Because the Company’s employee stock options have characteristics significantly different from those of traded options, and because changes in subjective input assumptions can materially affect the fair value estimate, in management’s opinion, the existing models do not necessarily provide a reliable single measure of the fair value of its employee stock options.
F-12
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
The adoption of SFAS No. 123 under the fair value based method would have increased compensation expense by $2,506, $2,560, and $3,397 for the years ended June 30, 2002, 2001, and 2000, respectively. The effect of SFAS No. 123 under the fair value based method would have affected net loss and loss per share as follows:
| Year ended June 30, 2002 |
Year Ended June 30, 2001 |
Year Ended June 30, 2000 |
||||||||||
| Net loss |
$ |
(608 |
) |
$ |
(4,016 |
) |
$ |
(976 |
) | |||
| Pro-Forma |
$ |
(3,114 |
) |
$ |
(6,576 |
) |
$ |
(4,373 |
) | |||
| Loss per common share as reported |
$ |
(0.03 |
) |
$ |
(0.30 |
) |
$ |
(0.10 |
) | |||
| Pro-Forma |
$ |
(0.17 |
) |
$ |
(0.50 |
) |
$ |
(0.47 |
) | |||
The fair value method for these options was estimated at the date of grant using the Black-Scholes option pricing model with the following weighted average assumptions for 2002, 2001, and 2000, respectively: risk-free interest rates were 5.31%, 6.0%, and 5.11%, expected dividend yield of 0%, volatility factors of the expected market price of the Company’s common stock were 115.0%, 121.0%, and 116.3%, and a weighted average expected life of the option of 3, 3, and 3 years, respectively.
The above pro-forma disclosures may not be representative of the effects on reported net earnings for future years as certain options vest over several years and the Company may continue to grant options to employees.
Information relating to the Company’s stock option plans is as follows:
| Number of Shares |
Weighted Average Exercise Price | |||||
| Options at June 30, 1999 |
3,061,000 |
|
$ |
1.91 | ||
| Granted |
1,094,000 |
|
$ |
3.94 | ||
| Exercised |
(640,000 |
) |
$ |
1.41 | ||
| Forfeited |
(539,000 |
) |
$ |
1.79 | ||
| Shares under option at June 30, 2000 |
2,977,000 |
|
$ |
2.65 | ||
| Shares exercisable at June 30, 2000 |
1,703,000 |
|
$ |
2.05 | ||
| Options at June 30, 2000 |
2,977,000 |
|
$ |
2.70 | ||
| Granted |
1,929,000 |
|
$ |
1.98 | ||
| Exercised |
(386,000 |
) |
$ |
1.38 | ||
| Forfeited |
(654,000 |
) |
$ |
4.66 | ||
| Shares under option at June 30, 2001 |
3,866,000 |
|
$ |
2.15 | ||
| Option shares exercisable at June 30, 2001 |
1,993,000 |
|
$ |
1.83 | ||
F-13
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
| Options at June 30, 2001 |
3,866,000 |
|
$ |
2.15 | ||
| Granted |
2,025,000 |
|
$ |
1.41 | ||
| Exercised |
(418,000 |
) |
$ |
1.25 | ||
| Forfeited |
(330,000 |
) |
$ |
2.77 | ||
| Shares under option at June 30, 2002 |
5,143,000 |
|
$ |
1.89 | ||
| Option shares exercisable at June 30, 2002 |
3,327,000 |
|
$ |
1.84 | ||
The following information applies to options outstanding as of June 30, 2002:
| Options Outstanding |
Options Exercisable | |||||||||||
| Actual Range |
Number Outstanding |
Weighted- |
Weighted- |
Number |
Weighted- | |||||||
| $0.75 - 1.13 |
374,000 |
1.4 |
$ |
1.02 |
374,000 |
$ |
1.02 | |||||
| $1.25 - 1.70 |
3,802,000 |
6.4 |
$ |
1.37 |
2,396,000 |
$ |
1.35 | |||||
| $2.00 - 3.00 |
223,000 |
7.3 |
$ |
2.61 |
137,000 |
$ |
2.51 | |||||
| $3.09 - 4.35 |
452,000 |
5.6 |
$ |
3.71 |
211,000 |
$ |
3.80 | |||||
| $5.00 - 7.38 |
292,000 |
4.6 |
$ |
6.40 |
209,000 |
$ |
6.41 | |||||
| $0.75 - 7.38 |
5,143,000 |
5.9 |
$ |
1.89 |
3,327,000 |
$ |
1.84 | |||||
In November 2000, the Company resolved that the former Chief Executive Officer (“CEO”) and then current Chairman of the Board’s stock options would vest in full upon his retirement date, and the options would remain exercisable through February 28, 2003 or the options’ expiration date, whichever comes first. The former CEO waived the extended exercise period and therefore, the Company recorded no compensation expense related to this modification.
In November 2000, the Company extended the expiration dates of approximately 129,000 options to purchase shares of the Company’s common stock. As a result of this modification, the Company recorded approximately $68 in compensation expense.
In January 2001, the Company resolved that the former Chief Financial Officer’s (“CFO”) stock options would vest in full upon his retirement date, and the options would remain exercisable through June 30, 2003 or the options’ expiration date, whichever comes first. As a result of this modification, the Company recorded approximately $73 in compensation expense.
During the third quarter of 2001, under market priced options were issued to the Company’s President, which resulted in compensation expense of $43. The Company also issued under market priced options to two employees, which resulted in compensation expense of $65 in fiscal 2002 and $11 in fiscal 2001.
On March 9, 2001, the Company filed a Registration Statement on Form S-8 with the Securities and Exchange Commission to register 2 million additional shares of the Company’s common stock for issuance pursuant to the exercise of options to be granted under the Company’s Amended and Restated Employee Stock Option Plan.
On October 24, 2001, the Board of Directors of the Company resolved that upon Mr. David Proctor’s resignation as Chairman of the Board effective November 15, 2001, additional vesting of 16,667 options to purchase the Company’s common stock granted on April 26, 2000, with the options remaining exercisable
F-14
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
through May 15, 2002. There was no accounting effect as a result of this resolution.
On November 21, 2001, the Company filed a Registration Statement on Form S-8 with the Securities and Exchange Commission to register 2,500,000 additional shares of the Company’s common stock for issuance pursuant to the Company’s Second Amended and Restated Employee Stock Option Plan.
On July 19, 2002, the Company filed an amendment to its Registration Statement on Form S-8 with the Securities and Exchange Commission to reflect the amendment and restatement of the Harris Computer Systems Corporation Employee Savings Plan as the CyberGuard Corporation Retirement Savings Plan.
Related Party Equity Transactions—During January 2001, the Company’s CEO invested $500 to purchase at the market value approximately 143,000 shares of common stock at $1.75 share and approximately 62,000 shares of common stock at $4.00 per share. In conjunction with the purchase of the approximately 143,000 shares of common stock, the CEO was granted an equal number of warrants to purchase the Company’s common stock at $1.75 per share. The warrants are exercisable any time before December 25, 2005.
(9) COMMITMENTS AND CONTINGENCIES
Employment Agreements. The Company has entered into employment agreements with certain key employees. These agreements provided for severance and other benefits if the Company for any reason other than cause terminates these employees.
Lease Commitments. Rent expense was approximately $643 for the year ended June 30, 2002, $631 for the year ended June 30, 2001, and approximately $697 for the year ended June 30, 2000.
Total future minimum rental commitments under non-cancelable operating leases, primarily for buildings and equipment, for the years following June 30, 2002 are as follows:
| Year |
Amount | ||
| 2003 |
$ |
514 | |
| 2004 |
|
508 | |
| 2005 |
|
42 | |
| Total |
$ |
1,064 | |
Litigation. On August 24, 1998, the Company announced, among other things, that due to a review of its revenue recognition practices relating to distributors and resellers, it would restate prior financial results. After the August 24, 1998 announcement, twenty-five purported class action lawsuits were filed by alleged shareholders against the Company and certain former officers and directors. Pursuant to an order issued by the Court, these actions have been consolidated into one action, styled Stephen Cheney, et al. v. CyberGuard Corporation, et al., Case No. 98-6879-CIV-Gold, in the United States District Court, Southern District of Florida. On August 23, 1999, the plaintiffs filed a Consolidated and Amended Class Action Complaint. This action seeks damages purportedly on behalf of all persons who purchased or otherwise acquired the Company’s common stock during various periods from November 7, 1996 through August 24, 1998. The complaint alleges, among other things, that as a result of accounting irregularities relating to the Company’s revenue recognition policies, the Company’s previously issued financial statements were materially false and misleading and that the defendants knowingly or recklessly published these financial statements which caused the Company’s common stock prices to rise artificially. The action alleges violations of Section 10(b) of the Securities Exchange Act of 1934 (“Exchange Act”) and SEC Rule 10b-5 promulgated thereunder and Section 20(a) of the Exchange Act. Subsequently, the defendants, including the Company, filed their respective motions to dismiss the Consolidated and Amended Class Action Complaint. On July 31, 2000, the Court issued a
F-15
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
ruling denying the Company’s and Robert L. Carberry’s (the Company’s CEO from June 1996 through August 1998) motions to dismiss. The court granted the motions to dismiss with prejudice for defendants William D. Murray (the Company’s CFO from November 1997 through August 1998), Patrick O. Wheeler (the Company’s CFO from April 1996 through October 1997), C. Shelton James (the Company’s former Audit Committee Chairman), and KPMG Peat Marwick LLP (“KPMG”). On August 14, 2000, the plaintiffs filed a motion for reconsideration of that order. The Company filed an answer to the plaintiffs’ Consolidated and Amended Class Action Complaint on August 24, 2000. On March 20, 2001, the Court ruled on the plaintiffs’ motion for reconsideration that the previously dismissed defendants William D. Murray, Patrick O. Wheeler and C. Shelton James should not have been dismissed from the action and shall be defendants in this action under the control person liability claims under Section 20(a) of the Exchange Act, and that the plaintiffs may amend the Consolidated and Amended Class Action Complaint to bring claims against C. Shelton James under Section 10(b) of the Exchange Act and Rule 10b-5 promulgated thereunder. On April 5, 2001, the plaintiffs filed their Second Consolidated and Amended Class Action Complaint to include amended claims against C. Shelton James. On May 10, 2001, the Company filed an answer and affirmative defenses to plaintiffs Second Consolidated and Amended Class Action Complaint. On August 14, 2002, the Court granted the plaintiffs’ Motion for Class Certification and certified the class to include all investors who acquired the Company’s common stock between November 7, 1996 and August 24, 1998 and were damaged by the purchase of such stock. The trial is scheduled for March 2004.
The Company’s obligation to indemnify its officers and directors under the aforementioned lawsuit is insured to the extent of the limits of the applicable insurance policies. The Company has notified its insurance carrier of the existence of the lawsuit, and the carrier has sent the Company a reservation of rights letter. The Company intends to vigorously defend this action, and believes that in the event that it is unsuccessful, insurance coverage will be available to defray a portion, or substantially all, of the expense of defending and settling the lawsuit or paying a judgment. However, the Company is unable to predict the ultimate outcome of the litigation. There can be no assurance that the Company will be successful in defending the lawsuit or, if unsuccessful, that insurance will be available to pay all or any portion of the expense of the lawsuit. If the Company is unsuccessful in defending the lawsuit and the insurance coverage is unavailable or insufficient, the resolution of the lawsuit could have a material adverse effect on the Company’s consolidated financial position, results of operations, and cash flows. The Company’s consolidated financial statements do not include any adjustments related to these matters.
The Company is aware that on January 30, 2002 the SEC filed an enforcement action in the United States District Court, Southern District of Florida against CyberGuard’s former Chief Executive Officer and Chairman of CyberGuard’s Board of Directors, Robert L. Carberry; CyberGuard’s former Chief Financial Officer and Vice President of North American Sales and current Vice President of Business Development, Patrick O. Wheeler; and CyberGuard’s former Controller, Steven S. Gallers, alleging violations of the anti-fraud provisions of the Exchange Act and seeking permanent injunctions, civil monetary penalties and bars against serving as officers and directors of a public company. SEC vs. Wheeler et al., Case No. 02-60131-CIV-Graham. Mr. Carberry and Mr. Gallers entered into settlements with the SEC whereby, without admitting or denying the allegations of the complaint, they agreed to be permanently enjoined from future violations of the Exchange Act, pay a $50,000 civil penalty each and, in the case of Mr. Gallers, be barred from serving as officer or director of a public company. Mr. Wheeler continues to defend against the lawsuit. The Company is unable to determine at this time what impact the SEC proceedings against Mr. Wheeler will have on the Company.
On September 16, 1999, the Company filed a lawsuit against KPMG and August A. Smith, the KPMG engagement partner. The lawsuit is pending in the Circuit Court of the 17th Judicial Circuit in and for Broward County, Case No. 00-004102-CACE-14. On May 1, 2000, the Company filed the First Amended Complaint, alleging that KPMG failed to properly audit the Company’s financial statements and provided inaccurate advice on accounting matters for fiscal years 1996, 1997 and 1998. The action alleges
F-16
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
professional malpractice, breach of fiduciary duty, breach of contract and breach of implied duty of good faith, and seeks damages in excess of $10 million. KPMG and Mr. Smith filed motions to dismiss, which were denied. In August 2000, KPMG and Mr. Smith filed their answers and KPMG filed counterclaims against the Company, alleging the Company’s breach of contract, negligent misrepresentation and abuse of process, and seeking an unspecified amount of damages consisting of unpaid service fees and legal fees and costs. The Company filed an answer to KPMG’s counterclaims and moved to dismiss KPMG’s abuse of process counterclaim. On April 9, 2001, the Court dismissed the abuse of process counterclaim with prejudice. The parties are currently conducting discovery.
On November 2, 2001, the Company filed a lawsuit against a former customer in the United States District Court of the Southern District of Florida, alleging breach of contract, and seeking, among other remedies, damages of approximately $4.2 million. On November 26, 2001, the customer filed an answer and affirmative defenses. On or about January 15, 2002, the customer filed a motion challenging the jurisdiction of the U.S. District Court, Southern District of Florida. On or about March 27, 2002, the U.S. District Court for the Southern District of Florida dismissed the action on jurisdictional grounds. The Company continues to consider its alternatives with respect to this litigation, including whether to re-file the action in a different jurisdiction.
The Company is involved from time to time in other litigation on various matters relating to the conduct of its business. The Company believes that these other litigation matters will not have a material adverse effect on its consolidated financial position, results of operations or cash flows.
(10) FINANCIAL INSTRUMENTS AND CONCENTRATIONS OF CREDIT RISK
Financial instruments, which potentially subject the Company to a concentration of credit risk principally, consist of cash, cash equivalents and trade receivables. The Company holds any excess cash in short-term investments consisting of commercial paper. The carrying value of these financial instruments approximates fair value.
The Company does not require collateral or other security on its trade receivables. During 2002, one customer represented 11% of consolidated revenues. During 2001, one customer represented 16% and one distributor represented 12% of consolidated revenues. During 2000, one customer represented 28% of consolidated revenues.
During 2002, 2001 and 2000, one supplier who is our hardware manufacturer and assembly provider, represented 21%, 20% and 17% respectively of consolidated purchases. At June 30, 2002, 2001 and 2000, this supplier represented 39%, 43% and 21% respectively of consolidated accounts payable.
(11) EMPLOYEE BENEFIT PLANS
The Company has a 401(k) Savings Plan (“the Plan”) which covers the eligible employees of the Company. An employee is eligible to participate in the Plan on the date of hire. The amount of profit-sharing contributions made by the Company into the Plan is discretionary. Each participant may contribute up to 19% of compensation into the Plan. The Company makes a matching contribution on behalf of each participant for the first 6% of their individual contribution. These contributions are made in the form of cash and common stock of the Company. Participants’ profit sharing and matching contribution vests over a three-year period. For the years ended June 30, 2002,2001, and 2000, the Company recorded compensation expense of $259, $222, and $72 respectively, for the Company matches to the Plan.
The Company has an Employee Stock Purchase Plan (“ESPP”), which covers the eligible employees of the Company. The ESPP allows an employee to purchase common stock of the Company at a 15% discount on the lower of the beginning or ending offering date. An employee is eligible to participate in the ESPP beginning on the offering date (defined as January 1 and July 1) following their hire date. Each participant may contribute the lesser of 10% of eligible compensation or $25,000 per calendar year. During 2002 and 2001, 114,000 and 54,000 shares respectively, were issued in connection with this plan.
F-17
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
(12) GEOGRAPHIC INFORMATION
A summary of the Company’s revenues* by geographic area is summarized below:
| Year Ended June 30, | |||||||||
| 2002 |
2001 |
2000 | |||||||
| North America |
$ |
9,339 |
$ |
12,080 |
$ |
11,866 | |||
| Europe |
|
7,761 |
|
8,553 |
|
4,974 | |||
| Asia |
|
4,976 |
|
3,773 |
|
2,019 | |||
| Latin America |
|
264 |
|
— |
|
— | |||
| $ |
22,340 |
$ |
24,406 |
$ |
18,859 | ||||
| * | Revenues are attributed to countries based on location of customer. |
A summary of the Company’s long-lived assets is summarized below:
| Year Ended June 30, | |||||||||
| 2002 |
2000 |
2000 | |||||||
| United States |
$ |
1,121 |
$ |
1,190 |
$ |
1,048 | |||
| Europe |
|
91 |
|
54 |
|
38 | |||
| Asia |
|
— |
|
— |
|
— | |||
| $ |
1,212 |
$ |
1,244 |
$ |
1,086 | ||||
(13) NEW ACCOUNTING PRONOUNCEMENTS
In June 2001, the Financial Accounting Standards Board approved the issuance of SFAS No. 141, “Business Combinations” and SFAS 142, “Goodwill and Other Intangible Assets.” The new standards require that all business combinations initiated after June 30, 2001 must be accounted for under the purchase method. In addition, all intangible assets acquired that are obtained through contractual or legal right, or are capable of being separately sold, transferred, licensed, rented or exchanged shall be recognized as an asset apart from goodwill. Goodwill and intangibles with indefinite lives will no longer be subject to amortization, but will be subject to an annual assessment for impairment by applying a fair value based test. As the Company has no goodwill or other intangibles generated as a result of a business combination, the adoption of these Standards is not expected to have an impact on the Company’s operations.
In July 2001, the Financial Accounting Standards Board issued SFAS No. 143, “Accounting for Asset Retirement Obligations,” effective for fiscal years beginning after June 15, 2002. SFAS No. 143 addresses the accounting and reporting for obligations associated with the retirement of tangible long-lived assets and the associated asset retirement costs. The Company does not expect that the application of the provisions of SFAS No. 143 will have an impact on the Company’s operations.
In August 2001, the Financial Accounting Standards Board issued SFAS No. 144, “Accounting for the Impairment or Disposal of Long-Lived Assets.” The provisions of the statement are effective for financial statements issued for fiscal years beginning after December 15, 2001 and are to be applied prospectively. SFAS No. 144 clarifies the accounting for impairment of long-lived assets to be disposed of, including the
F-18
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
disposal of business segments and major lines of business. The Company does not expect that the application of the provisions of SFAS No. 144 will have an impact on the Company’s operations.
In November 2001, the Financial Accounting Standards Board’s Emerging Issues Task Force (“EITF”) issued EITF No. 01-9, Accounting for Consideration Given by a Vendor to a Customer or a Reseller of the Vendor’s Products. The EITF reconciled selected guidance provided in Issue Nos. 00-14, 00-22, and 00-25, addressing the income statement classification of certain promotional payments. Primarily effective in 2002, the Company does not expect that the application of the provisions of EITF No. 01-9 will have a material impact on the Company’s operations.
In July 2002, the FASB issued Statement 146, Accounting for Exit or Disposal Activities. SFAS 146 nullifies EITF 94-3, Liability Recognition for Certain Employee Termination Benefits and Other Costs to Exit an Activity (including Certain Costs Incurred in a Restructuring). The statement provides guidance on the accounting and disclosure requirements for companies that incur costs to exit an activity. SFAS146 is effective for exit or disposal activities initiated after December 31, 2002. Early application is encouraged. Restatement of previously issued financial statements is prohibited.
(14) QUARTERLY FINANCIAL INFORMATION (UNAUDITED)
Selected unaudited quarterly results for the fiscal year ended June 30, 2002 and 2001 were as follows:
Fiscal Year 2002
| Total |
Jun 30, |
Mar 31, |
Dec 31, |
Sep 30, 2001 |
||||||||||||||
| Revenues |
$ |
22,340 |
|
$ |
5,720 |
|
$ |
6,291 |
$ |
5,753 |
$ |
4,576 |
| |||||
| Gross profit |
|
15,871 |
|
|
3,949 |
|
|
4,403 |
|
4,130 |
|
3,389 |
| |||||
| Operating (loss) / income |
|
(841 |
) |
|
(131 |
) |
|
85 |
|
141 |
|
(936 |
) | |||||
| Net (loss) / income |
$ |
(608 |
) |
$ |
109 |
|
$ |
81 |
$ |
110 |
$ |
(908 |
) | |||||
| Basic and diluted (loss) / income per share |
$ |
(0.03 |
) |
$ |
0.00 |
|
$ |
0.00 |
$ |
0.01 |
$ |
(0.05 |
) | |||||
F-19
Table of Contents
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Amounts in thousands, except share and per share data)
Fiscal Year 2001
| Total |
Jun 30, |
Mar 31, |
Dec 31, |
Sep 30, 2000 |
||||||||||||||||
| Revenues |
$ |
24,406 |
|
$ |
6,374 |
|
$ |
7,635 |
|
$ |
6,349 |
|
$ |
4,048 |
| |||||
| Gross profit |
|
17,190 |
|
|
4,530 |
|
|
5,333 |
|
|
4,459 |
|
|
2,868 |
| |||||
| Operating loss |
|
(2,940 |
) |
|
(534 |
) |
|
(548 |
) |
|
(183 |
) |
|
(1,675 |
) | |||||
| Loss before cumulative effect of change in accounting principle |
$ |
(3,887 |
) |
$ |
(655 |
) |
$ |
(888 |
) |
$ |
(485 |
) |
$ |
(1,859 |
) | |||||
| Cumulative effect of change in accounting principle |
|
(129 |
) |
|
— |
|
|
— |
|
|
(129 |
) |
|
— |
| |||||
| Net loss |
$ |
(4,016 |
) |
$ |
(655 |
) |
$ |
(888 |
) |
$ |
(614 |
) |
$ |
(1,859 |
) | |||||
| Basic loss per share before cumulative effect of change in accounting principle |
$ |
(0.29 |
) |
$ |
(0.04 |
) |
$ |
(0.06 |
) |
$ |
(0.05 |
) |
$ |
(0.19 |
) | |||||
| Cumulative effect of change in accounting principle |
$ |
(0.01 |
) |
$ |
(0.00 |
) |
$ |
(0.00 |
) |
$ |
(0.01 |
) |
$ |
(0.00 |
) | |||||
| Diluted loss per share |
$ |
(0.30 |
) |
$ |
(0.04 |
) |
$ |
(0.06 |
) |
$ |
(0.06 |
) |
$ |
(0.19 |
) | |||||
F-20
Table of Contents
| ITEM 9. | CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND FINANCIAL DISCLOSURES |
None
PART III
ITEM 10. DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT
The information required by this Item is incorporated herein by reference to the Company’s Proxy Statement for the 2002 Annual Meeting of Shareholders to be filed within 120 days from June 30, 2002, the end of the Company’s fiscal year.
ITEM 11. EXECUTIVE COMPENSATION
The information required by this Item is incorporated herein by reference to the Company’s Proxy Statement for the 2002 Annual Meeting of Shareholders to be filed within 120 days from June 30, 2002, the end of the Company’s fiscal year.
ITEM 12. SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT
The information required by this Item is incorporated herein by reference to the Company’s Proxy Statement for the 2002 Annual Meeting of Shareholders to be filed within 120 days from June 30, 2002, the end of the Company’s fiscal year.
ITEM 13. CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS
The information required by this Item is incorporated herein by reference to the Company’s Proxy Statement for the 2002 Annual Meeting of Shareholders to be filed within 120 days from June 30, 2002, the end of the Company’s fiscal year.
37
Table of Contents
PART IV
ITEM 14. EXHIBITS, FINANCIAL STATEMENT SCHEDULES AND REPORTS ON FORM 8-K
| (a) | Financial Statements. The Financial Statements filed as part of this Report are listed separately in the Index to Financial Statements beginning on page F-1 of this Report. |
| (b) | Reports on Form 8-K. During the fourth quarter of the fiscal year 2002 the Company filed a report on Form 8-K on June 7, 2002 regarding the listing of the Company’s securities on the American Stock Exchange (AMEX). |
| (c) | Exhibits. The following exhibits are included in this Report: |
| Exhibit |
Exhibit Description | |||
| 2.01 |
— |
Restated Purchase and Sale Agreement between Concurrent Computer Corporation and the Company dated May 23, 1996(1) | ||
| 3.01 |
— |
Articles of Incorporation of the Company, as amended June 26, 1996(8) | ||
| 3.02 |
— |
Articles of Amendment to the Amended and Restated Articles of Incorporation of the Company(13) | ||
| 3.03 |
— |
Restated Bylaws of the Company(3) | ||
| 4.01 |
— |
Form of Common Stock Certificate(4) | ||
| 4.02 |
— |
Form of Stockholder Rights Plan(2) | ||
| 4.03 |
— |
Form of Share Holding Agreement between Concurrent Computer Corporation and the Company(4) | ||
| 10.01 |
— |
Employee Stock Incentive Plan(6) | ||
| 10.02 |
— |
Amendment to Employee Stock Incentive Plan(7) | ||
| 10.03 |
— |
Amendment to Employee Stock Incentive Plan dated March 20, 1998(15) | ||
| 10.04 |
— |
Amended and Restated Employee Stock Option Plan dated September 4, 1998, as amended through March 2, 2001(16) | ||
| 10.05 |
— |
Forms of Stock Option Agreements(15) | ||
| 10.06 |
— |
Retirement Savings Plan, as amended and restated on July 1, 2002(5) | ||
| 10.07 |
— |
Employment Agreement Amendment dated October 1, 2001 between the Company and Scott Hammack(12) | ||
| 10.08 |
— |
Employment Agreement Amendment dated October 1, 2001 between the Company and Patrick Clawson(12) | ||
| 10.09 |
— |
Employment Agreement Amendment dated October 1, 2001 between the Company and Michael Matte(12) | ||
| 10.10 |
— |
Employment Agreement Amendment dated October 1, 2001 between the Company and Michael Wittig(12) | ||
| 10.11 |
— |
Employment Agreement Amendment dated October 1, 2001 between the Company and Adriana Kovalovska(12) | ||
| 10.12 |
— |
Second Amended and Restated Employee Stock Option Plan dated September 4, 1998, as amended through October 16, 2001(14) | ||
| 10.13 |
— |
Employment Agreement dated September 30, 1998 between the Company and Michael Wittig(15) | ||
| 10.14 |
— |
Amendment to Employment Agreement between the Company and Mike Wittig, dated December 13, 2000(17) | ||
| 10.15 |
— |
Agreement between the Company and Scott J. Hammack, dated December 26, 2000(17) | ||
| 10.16 |
— |
Employment Agreement between the Company and Scott J. Hammack, dated January 2, 2001(17) | ||
| 10.17 |
— |
Agreement between the Company and Scott J. Hammack, dated January 17, 2001(17) | ||
| 10.18 |
— |
Employment Agreement between the Company and Patrick J. Clawson, dated January |
38
Table of Contents
| 18,2001(17) | ||||
| 10.19 |
— |
Employment Agreement dated February 13, 2001 between the Company and Michael Matte(18) | ||
| 10.20 |
— |
Employment Agreement dated April 18, 2001 between the Company and Adriana Kovalovska(9) | ||
| 10.21 |
— |
Loan and Security Agreement dated December 29, 1997 between the Company, TradeWave Corporation and Coast Business Credit(11) | ||
| 10.22 |
— |
Amendment Nr. 1 to Loan and Security Agreement dated December 29, 1997 between the Company, TradeWave Corporation and Coast Business Credit(11) | ||
| 10.23 |
— |
Amendment Nr. 2 to Loan and Security Agreement dated October 6, 1999 between the Company and Coast Business Credit(3) | ||
| 10.24 |
— |
Loan Documents dated December 17, 1998 between the Company and Fernwood Partners, LLC(15) | ||
| 10.25 |
— |
Loan Agreements dated August 26, 1999, between (i) the Company and Fernwood Partners II, LLC; (ii) the Company and certain officers, directors and employees of the Company; and (iii) the Company and David R. Proctor(3) | ||
| 10.26 |
— |
Amendment No. 1 to Loan Agreement, dated December 29, 2000 between the Company and Fernwood Partners II, LLC(17) | ||
| 10.27 |
— |
Agreements dated January 24, 2001 relating to the conversion of promissory notes and exercise of warrants issued under (i) the Loan Agreement, as amended, between the Company and Fernwood Partners II, LLC, and (ii) the Loan Agreement between the Company and certain officers, directors and employees of the Company(17) | ||
| 10.28 |
— |
Private Securities Subscription Agreement dated May 15, 1997 between the Company and Capital Ventures International(10) | ||
| 10.29 |
— |
Registration Rights Agreement dated May 15, 1997 between the Company and Capital Ventures International(10) | ||
| 10.30 |
— |
Manufacturer’s Representative Agreement between Marketlink Technologies, LLC and the Company, as amended through July 11, 2001(9) | ||
| 21.01 |
— |
List of subsidiaries of the Company(9) | ||
| 23.01 |
— |
Consent of Grant Thornton LLP, Independent Certified Public Accountants | ||
| 99.01 |
— |
Certification by Scott Hammack, Chief Executive Officer, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. | ||
| 99.02 |
— |
Certification by Michael D. Matte, Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. |
| (1) | Incorporated herein by reference to Annex A of the Registrant’s Definitive Proxy Statement as filed on May 24, 1996. |
| (2) | Incorporated herein by reference to Post-Effective Amendment No. 1 to the Company’s Registration Statement on Form 10, dated September 29, 1994, File No. 0-24544. |
| (3) | Incorporated herein by reference to the Company’s Quarterly Report on Form 10-Q filed on November 12, 1999. |
| (4) | Incorporated herein by reference to the Company’s Registration Statement on Form S-3 dated May 23, 1996 (File No. 333-04407). |
| (5) | Incorporated herein by reference to the Company’s Registration Statement on Form S-8 (Commission File Number 333-58262), filed on July 19, 2002. |
| (6) | Incorporated herein by reference from Exhibit 4.1 to the Company’s Registration Statement on Form S-8 (Commission File Number 33-88448) filed on January 13, 1995. |
| (7) | Incorporated herein by reference to Annex E of the Registrant’s Definitive Proxy Statement as filed on May 24, 1996. |
| (8) | Incorporated herein by reference to the Company’s Annual Report on Form 10-K for fiscal year ended June 30, 1996. |
| (9) | Incorporated herein by reference to the Company’s Annual Report on 10-K for fiscal year ended June 30, 2001. |
| (10) | Incorporated herein by reference to the Company’s Registration Statement on Form S-3 (Commission File Number 333-28693) filed on June 12, 1997. |
39
Table of Contents
| (11) | Incorporated herein by reference to the Company’s Quarterly Report on Form 10-Q filed on February 13, 1998. |
| (12) | Incorporated herein by reference to the Company’s Quarterly Report on Form 10-Q filed on February 5, 2002. |
| (13) | Incorporated herein by reference to the Company’s Annual Report on 10-K for fiscal year ended June 30, 2000. |
| (14) | Incorporated herein by reference to the Company’s Registration Statement on Form S-8 (Commission File Number 333-73852), filed on November 21, 2001. |
| (15) | Incorporated herein by reference to the Company’s Annual Report on 10-K for fiscal year ended June 30, 1999. |
| (16) | Incorporated herein by reference to the Company’s Registration Statement on Form S-8 (Commission File Number 333-56768), filed on March 9, 2001. |
| (17) | Incorporated herein by reference to the Company’s Quarterly Report on Form 10-Q filed on February 14, 2001. |
| (18) | Incorporated herein by reference to the Company’s Quarterly Report on Form 10-Q filed on May 14, 2001. |
40
Table of Contents
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized.
| May 27, 2003 |
CYBERGUARD CORPORATION | |||||||
| By: |
/s/ SCOTT J. HAMMACK | |||||||
| Scott Hammack Chairman and Chief Executive Officer | ||||||||
KNOW ALL MEN BY THESE PRESENTS, that each person whose signature appears below constitutes and appoints Scott J. Hammack and Michael D. Matte and each of them, his true and lawful attorney-in-fact and agent, with full power of substitution and revocation, for him and in his name, place and stead, in any and all capacities, to sign any and all amendments (including post-effective amendments) to this report on Form 10-K, and to file the same with all exhibits thereto, and other documents in connection therewith, with the Securities and Exchange Commission, granting unto said attorney-in-fact and agent full power and authority to do and perform each and every act and thing requisite and necessary to be done as fully to all intents and purposes as he might or could do in person, hereby ratifying and confirming all that said attorney-in-fact and agent, or his substitute or substitutes, may lawfully do or cause to be done by virtue hereof.
Pursuant to the requirements of the Securities Exchange Act of 1934, this report has been signed below by the following persons on behalf of the registrant and in the capacities and on the dates indicated.
| Signature |
Title |
Date | ||
| /s/ SCOTT J. HAMMACK Scott Hammack |
Chairman and Chief Executive Officer (Principal Executive Officer) |
May 27, 2003 | ||
| /s/ MICHAEL D. MATTE Michael D. Matte |
Chief Financial Officer (Principal Financial and Principal Accounting Officer) |
May 27, 2003 | ||
| /s/ PATRICK CLAWSON Patrick Clawson |
President (Principal Executive Officer) |
May 27, 2003 | ||
| /s/ DANIEL J. MOEN Daniel J. Moen |
Director |
May 27, 2003 | ||
| /s/ DAVID L. MANNING David L. Manning |
Director |
May 27, 2003 | ||
| /s/ WILLIAM G. SCOTT William G. Scott |
Director |
May 27, 2003 | ||
| /s/ JOHN V. TIBERI, JR. John V. Tiberi, Jr. |
Director |
May 27, 2003 | ||
| /s/ WILLIAM D. RUBIN William D. Rubin |
Director |
May 27, 2003 | ||
| /s/ KENNETH C. JENNE, II Kenneth C. Jenne, II |
Director |
May 27, 2003 |
41
Table of Contents
CERTIFICATIONS
I, Scott J. Hammack, certify that:
| 1. | I have reviewed this annual report on Form 10-K/A for CyberGuard Corporation; |
| 2. | Based on my knowledge, this annual report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this annual report; |
| 3. | Based on my knowledge, the financial statements, and other financial information included in this annual report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this annual report; |
| 4. | The registrant’s other certifying officers and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-14 and 15d-14) for the registrant and we have: |
| a) | Designed such disclosure controls and procedures to ensure the material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this annual report is being prepared; |
| b) | Evaluated the effectiveness of the registrant’s disclosure controls and procedures as of a date within 90 days prior to the filing date of this annual report (the “Evaluation Date”); and |
| c) | Presented in this annual report our conclusions about the effectiveness of the disclosure controls and procedures based on our evaluation as of the Evaluation Date; |
| 5. | The registrant’s other certifying officers and I have disclosed, based on our most recent evaluation, to the registrant’s auditors and the audit committee of registrant’s board of directors (or persons performing the equivalent function): |
| a) | All significant deficiencies in the design or operation of internal controls which could adversely affect the registrant’s ability to record, process, summarize and report financial data and have identified for the registrant’s auditors any material weaknesses in internal controls; and |
| b) | Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal controls; and |
| 6. | The registrant’s other certifying officers and I have indicated in this annual report whether or not there were significant changes in internal controls or in other factors that could significantly affect internal controls subsequent to the date of our most recent evaluation, including any corrective actions with regard to significant deficiencies and material weaknesses. |
Date: May 27, 2003
| /S/ SCOTT J. HAMMACK |
| Scott J. Hammack Chief Executive Officer |
42
Table of Contents
I, Michael D. Matte, certify that:
| 1. | I have reviewed this annual report on Form 10-K/A for CyberGuard Corporation; |
| 2. | Based on my knowledge, this annual report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this annual report; |
| 3. | Based on my knowledge, the financial statements, and other financial information included in this annual report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this annual report; |
| 4. | The registrant’s other certifying officers and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-14 and 15d-14) for the registrant and we have: |
| a) | Designed such disclosure controls and procedures to ensure the material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this annual report is being prepared; |
| b) | Evaluated the effectiveness of the registrant’s disclosure controls and procedures as of a date within 90 days prior to the filing date of this annual report (the “Evaluation Date”); and |
| c) | Presented in this annual report our conclusions about the effectiveness of the disclosure controls and procedures based on our evaluation as of the Evaluation Date; |
| 5. | The registrant’s other certifying officers and I have disclosed, based on our most recent evaluation, to the registrant’s auditors and the audit committee of registrant’s board of directors (or persons performing the equivalent function): |
| a) | All significant deficiencies in the design or operation of internal controls which could adversely affect the registrant’s ability to record, process, summarize and report financial data and have identified for the registrant’s auditors any material weaknesses in internal controls; and |
| b) | Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal controls; and |
| 6. | The registrant’s other certifying officers and I have indicated in this annual report whether or not there were significant changes in internal controls or in other factors that could significantly affect internal controls subsequent to the date of our most recent evaluation, including any corrective actions with regard to significant deficiencies and material weaknesses. |
Date: May 27, 2003
| /S/ MICHAEL D. MATTE |
| Michael D. Matte Chief Financial Officer |
43
Table of Contents
Index to Exhibits
| Exhibit Number |
Exhibit Description | |
| 99.01 |
Certification by Scott Hammack, Chief Executive Officer, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. | |
| 99.02 |
Certification by Michael D. Matte, Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002. |