mcfe-10k_20201226.htm

 

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

FORM 10-K

 

(Mark One)

ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended December 26, 2020

OR

TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 FOR THE TRANSITION PERIOD FROM                      TO                     

Commission File Number 001-39651

 

McAfee Corp.

(Exact name of Registrant as specified in its Charter)

 

 

Delaware

84-2467341

(State or other jurisdiction of

incorporation or organization)

(I.R.S. Employer

Identification No.)

6220 America Center Drive,

San Jose, CA

95002

(Address of principal executive offices)

(Zip Code)

Registrant’s telephone number, including area code: (866) 622-3911

 

Securities registered pursuant to Section 12(b) of the Act:

 

Title of each class

 

Trading

Symbol(s)

 

Name of each exchange on which registered

Class A Common Stock, $0.001 par value

 

MCFE

 

The Nasdaq Stock Market LLC

Securities registered pursuant to Section 12(g) of the Act: None

Indicate by check mark if the Registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. YES  NO 

Indicate by check mark if the Registrant is not required to file reports pursuant to Section 13 or 15(d) of the Act.  YES  NO 

Indicate by check mark whether the Registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.  YES  NO 

Indicate by check mark whether the Registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the Registrant was required to submit such files).  YES  NO 

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

 

Large accelerated filer

 

  

Accelerated filer

 

 

 

 

 

Non-accelerated filer

 

  

Smaller reporting company

 

 

 

 

 

 

 

 

Emerging growth company

 

 

 

 

 

 

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.  

Indicate by check mark whether the Registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).  YES  NO 

As of June 27, 2020, the last business day of the registrant’s most recently completed second quarter, there was no established public market for the registrant’s common stock. The registrant’s Class A common stock began trading on the NASDAQ Stock Market on October 22, 2020. The aggregate market value of the voting and non-voting common equity held by non-affiliates of the Registrant, based on the closing price of the shares of common stock on The NASDAQ Stock Market on December 26, 2020, was $1,577,717,468.

As of February 19, 2021 there were 162,331,379 shares of the Registrant’s Class A common stock, $0.001 par value per share, outstanding and 267,065,127 shares of the Registrant’s Class B common stock, par value $0.001 per share, outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

Portions of the registrant’s proxy statement related to its 2021 Annual Stockholders’ Meeting to be filed subsequently are incorporated by reference into Part II of this Form 10-K. Except as expressly incorporated by reference, the registrant’s proxy statement shall not be deemed to be part of this report.

 

 

 

 


Table of Contents

 

 

 

Page

PART I

 

 

Item 1.

Business

4

Item 1A.

Risk Factors

13

Item 1B.

Unresolved Staff Comments

52

Item 2.

Properties

52

Item 3.

Legal Proceedings

52

Item 4.

Mine Safety Disclosures

52

 

 

 

PART II

 

 

Item 5.

Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

53

Item 6.

Selected Financial Data

54

Item 7.

Management’s Discussion and Analysis of Financial Condition and Results of Operations

55

Item 7A.

Quantitative and Qualitative Disclosures About Market Risk

84

Item 8.

Financial Statements and Supplementary Data

85

Item 9.

Changes in and Disagreements With Accountants on Accounting and Financial Disclosure

124

Item 9A.

Controls and Procedures

124

Item 9B.

Other Information

124

 

 

 

PART III

 

 

Item 10.

Directors, Executive Officers and Corporate Governance

125

Item 11.

Executive Compensation

125

Item 12.

Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters

125

Item 13.

Certain Relationships and Related Transactions, and Director Independence

125

Item 14.

Principal Accounting Fees and Services

125

 

 

 

PART IV

 

 

Item 15.

Exhibits, Financial Statement Schedules

126

Item 16

Form 10-K Summary

126

 

 

i


Cautionary Note Regarding Forward-Looking Statements

The discussion below contains forward-looking statements, which are subject to safe harbors under the Securities Act of 1933, as amended (the Securities Act) and the Exchange Act of 1934, as amended (the “Exchange Act”). Forward-looking statements include references to our ability to utilize our deferred tax assets, as well as statements including words such as “expects,” “plans,” “anticipates,” “believes,” “estimates,” “predicts,” “goal,” “intent,” “momentum,” “projects,” and similar expressions. In addition, projections of our future financial performance; anticipated growth and trends in our businesses and in our industries; the anticipated impacts of acquisitions, restructurings, stock repurchases, and investment activities; the outcome or impact of pending litigation, claims or disputes; our intent to pay quarterly cash dividends in the future; plans for and anticipated benefits of our solutions; matters arising out of the ongoing U.S. Securities and Exchange Commission (the “SEC”) investigation; the impact of the Covid-19 pandemic on our business operations and target markets; and other characterizations of future events or circumstances are forward-looking statements. These statements are only predictions, based on our current expectations about future events and may not prove to be accurate. We do not undertake any obligation to update these forward-looking statements to reflect events occurring or circumstances arising after the date of this report. These forward-looking statements involve risks and uncertainties, and our actual results, performance, or achievements could differ materially from those expressed or implied by the forward-looking statements on the basis of several factors.

We may not actually achieve the plans, intentions, or expectations disclosed in our forward-looking statements, and you should not rely on our forward-looking statements in making your investment decision. Actual results or events could differ materially from the plans, intentions, and expectations disclosed in the forward-looking statements we make. Important factors that could cause actual results and events to differ materially from those indicated in the forward-looking statements include, among others, the following:

 

 

 

plans to develop and offer new products and services and enter new markets;

 

 

 

our expectations with respect to the continued stability and growth of our customer base;

 

 

 

anticipated trends, growth rates, and challenges in our business and in domestic and international markets;

 

 

 

our financial performance, including changes in and expectations with respect to revenues, and our ability to maintain profitability in the future;

 

 

 

investments or potential investments in new or enhanced technologies;

 

 

 

the performance and future operating trends of our Consumer and Enterprise segments;

 

 

 

market acceptance of our solutions;

 

 

 

the success of our business strategy, including the growth in the market for cloud-based security solutions, acceptance of our own cloud-based solutions, and changes in our business model and operations;

 

 

 

our ability to cross-sell and up-sell to our existing customers;

 

 

 

our ability to maintain and expand our relationships with partners and on commercially acceptable terms, including our channel and strategic partners;

 

 

 

the effectiveness of our sales force, distribution channel, and marketing activities;

 

 

 

the growth and development of our direct and indirect channels of distribution;

 

 

 

our response to emerging and future cybersecurity risks;

 

 

 

our ability to continue to innovate and enhance our solutions;

 

 

 

our ability to develop new solutions and bring them to market in a timely manner;

 

 

 

our ability to prevent serious errors, defects, or vulnerabilities in our solutions;

 

 

 

our ability to develop solutions that interoperate with our customers’ existing systems and devices;

 

 

 

our ability to maintain, protect, and enhance our brand and intellectual property;

 

 

 

our continued use of open source software;

 

 

 

our ability to compete against established and emerging cybersecurity companies;

 

 

 

risks associated with fluctuations in exchange rates of the foreign currencies in which we conduct business;

 

 

 

past and future acquisitions, investments, and other strategic initiatives and transactions;

 

1


 

 

our ability to remain in compliance with laws and regulations that currently apply or become applicable to our business both domestically and internationally;

 

 

 

the attraction, transition, and retention of management and other qualified personnel;

 

 

 

economic and industry trend analysis;

 

 

 

litigation, investigations, regulatory inquiries, and proceedings;

 

 

 

the increased expenses associated with being a public company;

 

 

 

our estimated total addressable market;

 

 

 

the future trading prices of our Class A common stock;

 

 

 

the impact of macroeconomic conditions on our business, including the impact of the COVID-19 on economic activity and financial markets;

 

 

 

our expectation regarding the impact of the COVID-19 pandemic, including its geographic spread and severity, and the related responses by governments and private industry on our business and financial condition, as well as the businesses and financial condition of our customers and partners;

 

 

 

the adequacy of our capital resources to fund operations and growth;

 

 

 

our anticipated use of the net proceeds from this offering;

 

 

 

investment funds affiliated with or advised by TPG Global, LLC (“TPG”) and Thoma Bravo, L.P. (“Thoma Bravo”) (collectively “Sponsors”) and Intel’s significant influence over us and our status as a “controlled company” under the rules of the Exchange;

 

 

 

risks relating to our corporate structure, tax rates, and tax receivable agreement; and

 

 

 

the other factors identified under the heading “Risk Factors”.

 

 

SUMMARY OF RISKS ASSOCIATED WITH OUR BUSINESS

 

Our business is subject to a number of risks, which are discussed more fully under the heading “Risk Factors” in this Annual Report on Form 10-K. These risks include the following:

 

 

The COVID-19 pandemic has affected how we are operating our business, and the duration and extent to which this will impact our future results of operations and overall financial performance remains uncertain.

 

The cybersecurity market is rapidly evolving and becoming increasingly competitive in response to continually evolving cybersecurity threats from a variety of increasingly sophisticated cyberattackers. If we fail to anticipate changing customer requirements or industry and market developments, or we fail to adapt our business model to keep pace with evolving market trends, our financial performance will suffer.

 

We operate in a highly competitive environment, and we expect competitive pressures to increase in the future, which could cause us to lose market share.

 

Our results of operations can be difficult to predict and may fluctuate significantly, which could result in a failure to meet investor expectations.

 

Forecasting our estimated annual effective tax rate is complex and subject to uncertainty, and there may be material differences between our forecasted and actual tax rates.

 

We face risks associated with past and future investments, acquisitions, and other strategic transactions.

 

Over the last several years, we have pursued a variety of strategic initiatives designed to optimize and reinforce our cybersecurity platform. If the benefits of these initiatives are less than we anticipate, or if the realization of such benefits is delayed, our business and results of operations may be harmed.

 

If our solutions have or are perceived to have defects, errors, or vulnerabilities, or if our solutions fail or are perceived to fail to detect, prevent, or block cyberattacks, including in circumstances where customers may fail to take action on attacks identified by our solutions, our reputation and our brand could suffer, which would adversely impact our business, financial condition, results of operations, and cash flows.

2


 

Failure to adapt our product and service offerings to changing customer demands, or lack of customer acceptance of new or enhanced solutions, could harm our business and financial results.

 

If the protection of our proprietary technology is inadequate, we may not be able to adequately protect our innovations and brand.

 

If we fail to maintain relationships with our channel partners, or if we must agree to significant adverse changes in the terms of our agreements with these partners, it may have an adverse effect on our ability to successfully and profitably market and sell our products and solutions.

 

If our security measures are breached or unauthorized access to our data is otherwise obtained, our brand, reputation, and business could be harmed, and we may incur significant liabilities.

 

We operate globally and are subject to significant business, economic, regulatory, social, political, and other risks in many jurisdictions.

 

We may become involved in litigation, investigations, and regulatory inquiries and proceedings that could negatively affect us and our reputation.

 

Our substantial leverage could adversely affect our ability to raise additional capital to fund our operations, limit our ability to react to changes in the economy or our market, expose us to interest rate risk, and prevent us from timely satisfying our obligations.

 

Restrictions imposed by our outstanding indebtedness and any future indebtedness may limit our ability to operate our business and to finance our future operations or capital needs or to engage in acquisitions or other business activities necessary to achieve growth.

 

Our principal asset is our interest in Foundation Technology Worldwide LLC, and we are dependent upon Foundation Technology Worldwide LLC and its consolidated subsidiaries for our results of operations, cash flows, and distributions.

 

We will be required to pay certain Continuing Owners and certain Management Owners for certain tax benefits we may realize or are deemed to realize in accordance with the tax receivable agreement between us and such Continuing Owners and Management Owners, and we expect that the payments we will be required to make will be substantial.

 

In certain circumstances, under its limited liability company agreement, Foundation Technology Worldwide LLC will be required to make tax distributions to us, the Continuing Owners and certain Management Owners and the distributions that Foundation Technology Worldwide LLC will be required to make may be substantial.

Our Sponsors and Intel have significant influence over us, including control over decisions that require the approval of stockholders, which could limit your ability to influence the outcome of matters submitted to stockholders for a vote.

 

3


 

PART I

Item 1. Business.

ORGANIZATION

McAfee Corp. (the “Corporation”) (or the “Company,” “we,” “us” or “our”) was incorporated in Delaware on July 19, 2019. The Corporation was formed for the purpose of completing an initial public offering (“IPO”) and related transactions in order to carry on the business of Foundation Technology Worldwide LLC (“FTW”) and its consolidated subsidiaries (the Corporation, FTW and its subsidiaries are collectively the “Company”). On October 21, 2020, the Corporation became the sole managing member and holder of 100% of the voting power of FTW due to the Reorganization Transactions. With respect to the Corporation and the Company, each entity owns only the respective entities below it in the corporate structure and each entity has no other material operations, assets, or liabilities. See Note 1 to the Consolidated Financial Statements in Part II, Item 8 for a detailed discussion of the Reorganization Transactions, as defined in that footnote, and the IPO.

OVERVIEW

McAfee has been a pioneer and leader in protecting consumers, enterprises, and governments from cyberattacks for more than 30 years with integrated security, privacy, and trust solutions. We built our platform through a deep, rich history of innovation and have established a leading global brand. Whether we are securing the digital experience of a consumer who is increasingly living life online, or defending many of the world’s largest enterprises and governments from sophisticated attacks and nation-state threats, McAfee is singularly committed to one mission: to protect all things that matter through leading-edge cybersecurity.

We live in a digital world. Consumers are increasingly mobile, interacting through multiple devices, networks and platforms, while leveraging technology as they work, socialize, consume and transact. Remote work and increasing work from home arrangements are driving a pronounced convergence of work and personal life. This lifestyle shift has been accompanied by a more challenging threat landscape and an increase in points of vulnerability, risking individuals’ privacy, identity, data and other vital resources. Similarly, enterprises embracing employee mobility, work from home strategies, bring your own device, and greater cloud adoption are facing a broader attack surface and dissolving network perimeter. These drivers have amplified the number of workloads across endpoints, making it challenging for enterprises to monitor and protect all of their workloads and applications. This challenge, coupled with an increase in cyberthreats, has heightened the importance of the consumer in making security decisions for their converged digital lives.

We secure the digital experience against cyberthreats, using threat intelligence capabilities developed through the scale and diversity of our sensor network. Our sensor network includes our customers’ endpoints, networks, gateways, and clouds which generate massive amounts of data that we translate into actionable, real-time insights. The platform is continuously enriched by artificial intelligence, machine learning and the telemetry gathered from over one billion sensors across our consumer, enterprise, and government customer base. Our vast and dynamic data set and advanced analytics capabilities enable us to provide defense for advanced zero-day threats by training machine learning models on the over 60 billion threat queries we receive each day. McAfee simplifies the complexity of threat detection and response by correlating events, detecting new threats, reducing false positives, automating and prioritizing incident response, and creating workflows that guide analysts through remediation. Protecting our customers has been the foundation of our success, enabling us to maintain an industry-leading reputation among our customers and partners.

For 30 years, consumers, enterprises and governments have turned to McAfee as a leader in cybersecurity services. Our Personal Protection Service provides holistic digital protection for an individual or family at home, on the go, and on the web. Our platform includes device security, privacy and safe Wi-Fi, online protection, and identity protection, creating a seamless and integrated digital moat. With a single interface, simple set up and ease of use, consumers obtain immediate time-to-value whether on a computer, smartphone or tablet, and across multiple operating systems. For enterprises and governments, we offer a comprehensive cybersecurity solution that protects our customers against adversarial threats across cloud, on-premise, hybrid environments and endpoint devices. Our cloud-native MVISION platform offers true device-to-cloud protection with threat detection and data protection for devices, secure access service edge (“SASE”) solutions for the multi-cloud, centralized policy orchestration, automated threat response, and threat insights generated by our predictive analytics engine.

4


 

Our consumer digitally-led omni channel go-to-market strategy has reached the consumer at crucial moments in their purchase lifecycle resulting in the protection of over 600 million devices as of December 26, 2020. We have longstanding exclusive partnerships with many of the leading PC original equipment manufacturers (“OEMs”) and increasingly with mobile and internet service providers (“ISPs”) as the demand for mobile security protection increases. Through many of these relationships, our consumer security software is pre-installed on devices on a trial basis until conversion to a paid subscription. Our consumer go-to-market channel also includes some of the largest electronics retailers globally. Our enterprise business protects many of the largest enterprises and governments around the world. These include 86%, 77%, and 60% of Fortune 100, Fortune 500, and Global 2000 firms, respectively, as of December 26, 2020. Our large-government accounts represent over 25% of our 250 largest Enterprise customers and over 45% of our top 250 Enterprise customer annualized contract value in fiscal year 2020, with an average tenure of nearly 20 years. We primarily engage our enterprise and government customers with our direct sales force, while mid-market customers generally conduct their business through our channel partners. We operate a global business, with 45% of our fiscal 2020 net revenue earned outside of the United States.

In 2017, investment funds affiliated with or advised by TPG Global, LLC (“TPG”) and Thoma Brovo, L.P. (“Thoma Bravo”) (collectively “Sponsors”) acquired a controlling interest in McAfee, accelerating our transformational journey to optimize and reinforce our cybersecurity platform. Over the years, we have invested in new routes to market and partnerships for the consumer business, and rationalized our enterprise portfolio by divesting our network firewall, email, and vulnerability management businesses to reorient our focus and resources to products that align with our device-to-cloud strategy. We launched MVISION, the cloud-native family of our platform that offers threat defense, management, automation, and orchestration across devices, networks, clouds (IaaS, PaaS, and SaaS), and on-premises environments. We have also made multiple operational changes designed to increase efficiency in our product delivery and go-to-market strategies. These efforts included the transformation of our performance marketing through a digital first approach focused on new customer acquisition, channel led conversion and overall customer retention, through our PC led product experience and consumer application development programs. Our investments in our platform and strategy have reinforced our market leadership, and we intend to continue innovating to protect our customers.

FINANCIAL SUMMARY

For the year ended December 26, 2020 compared to the year ended December 28, 2019 we delivered the following:

 

Net revenue increased by 10% to $2,906 million

 

Net loss increased by 22% to $289 million

 

Adjusted EBITDA increased 32% to $1,057 million

 

Net loss margin increased by 90 basis points to 10%

 

Adjusted EBITDA margin increased by 610 basis points to 36%

 

Net cash provided by operating activities increased by 53% to $760 million

See “Non-GAAP Financial Measures” for a description of adjusted EBITDA, and adjusted EBITDA margin, and a reconciliation of these measures to the nearest financial measure calculated in accordance with generally accepted accounting principles (“GAAP”).

INDUSTRY BACKGROUND

We live in an increasingly digitally interconnected and mobile world that is driving profound changes in both personal and business environments. This evolution is forcing consumers, enterprises and governments to react to the following trends:

Online adoption use is global and continues to grow. According to IDC, there were over 4 billion Internet users in 2020, of which the number of mobile-only Internet users is expected to grow at an approximate 8% compound annual growth rate (“CAGR”) from 2020 to 2024. Furthermore, Frost & Sullivan estimates there were over 6 billion Internet-connected devices worldwide in 2020. This significant growth in the mobile install base is driving the ubiquity of the Internet and online browsing.

The global consumer is completing more of their everyday routine online, expanding their digital footprint. Consumers are more comfortable engaging in critical transactions on mobile devices and their PCs. At the same time, they are rapidly expanding their social interactions and media consumption online, while shifting data storage to cloud-based solutions to store personal photos and large amounts of data that is accessible across any endpoint device. While unlocking consumers’ digital lives allows for convenience, using a greater number of digital platforms increases the surface area that cybercriminals can use to access personal data.

5


 

Increased attack surface results in high risk of being hacked and critical data used for profit. Cyberattacks have evolved from rudimentary malware into highly sophisticated, organized and large-scale attacks targeting consumers, governments, and a broad range of industries. According to RiskBased Security, during 2020, nearly 4,000 data breaches were reported, resulting in over 37 billion records being exposed. We have seen the number of threats from external actors targeting cloud services increase approximately 630% from January 2020 to April 2020. Enterprises need to protect themselves from increasing ransomware attacks which have generated billions of dollars in payments to cybercriminals and inflicted significant damage and expenses for consumers, businesses and governments.

Workplace digital transformation is driving increased use of cloud-based applications and personal devices, challenging traditional enterprise defenses. The development of cloud-based SaaS applications and bring-your-own-device adoption has enabled the enterprise employee to bring their professional lives online and into the home. Furthermore, the rapid adoption of cloud applications has increased organizations’ attack surface by moving both threats and sensitive data away from the traditional network perimeter, reducing the effectiveness of many existing security products. As a result, cyberattacks have shifted from not just targeting enterprise infrastructure but also people.

 

Complexity of the IT environment and dissolution of the enterprise perimeter. According to IDC, spending on cloud IT infrastructure including cloud software is expected to be approximately $272 billion in 2020, and grow at a CAGR of 19% from 2020 to 2024.

 

Loss of visibility and control. As devices proliferate and perimeters dissolve, organizations are losing visibility and control of data in their environment. Increasingly, enterprise environments are comprised of a mix of clouds, networks, and devices, forcing the enterprise to manage data security policies across heterogeneous, multi-cloud footprint in order to avoid breaches and demonstrate regulatory compliance.

 

Mobility of the workforce. IDC estimates the mobile worker population in the United States will exceed 93 million by 2024, representing 60% of the total U.S. workforce. This increases the number of malware incidents.

 

Third party access. Enterprises rely on third parties to help complete certain functions or processes. Providing enterprise network access and data to third parties further increases the potential for data breaches.

Data and IT infrastructure are increasingly interdependent and require comprehensive protection solutions. Primary adversarial threat vectors may consistently apply to either data or networks. Cybersecurity victims may find their data or networks held for ransom (ransomware), denied, exploited, or lost. As adversarial tactics and techniques converge to compromise data or networks, defensive technologies must also holistically apply to data protection and threat defense.

 

Data protection. Data is one of the most important corporate assets, making it a top target for cyber criminals. Enterprises need a centralized solution that automatically enforces and updates a consistent policy to protect data, in the cloud, corporate endpoints, networks, and unmanaged devices.

 

Threat defense. The volume and sophistication of cyberattacks continues to increase at a rapid pace. Enterprises need a consistent threat defense across endpoint, network, web, and cloud domains to defend against cyberattacks.

There is a need for integrated device-to-cloud cybersecurity solutions that secure consumers, enterprises and governments in a connected world by offering the following:

 

Comprehensive and convenient security solutions to protect consumers across their digital footprint. Consumers have an increasingly expanding digital presence as they access different online platforms and apps. These daily online interactions require solutions that are designed to meet consumers’ anti-malware, identity, and privacy protection needs at scale.

 

Consumer protection powered by seamless digital experience across device platforms. Consumers require holistic digital protection for themselves, their families, and their data across devices and platforms whether they are at home, at work, or on the go. This requires an interface that is simple to set up and use, and provides ongoing protection without hampering device performance and consumer’s digital experience.

 

Consumer products to address privacy needs. A growing online presence exposes more personal and financial data that is targeted by malicious hackers. According to Identity Theft Resource Center, more than 490 million individuals were affected by data breaches in 2019 at an estimated cost of $600 billion. Users are increasingly mobile, and thus at a higher risk of connecting to unsecured public Wi-Fi connection, requiring virtual private network (“VPN”) solutions to secure personally identifiable information over unsecured networks.

 

Data protection and threat defense for heterogeneous, multi-cloud IT and hybrid environments. With the growing reliance on cloud, new threat vectors have emerged, requiring enterprises and governments to have both device-to-cloud and on premise solutions that protect data and defend against threats across heterogeneous devices and clouds, rather than relying on traditional corporate network boundaries.

6


 

 

Comprehensive threat intelligence leveraging a unique global sensor network. Consumers, enterprises, and governments require comprehensive threat intelligence that can gather massive amounts of data from multiple domains and devices and translate that data into actionable, real-time insights to protect against the evolving tactics and techniques of cybercriminals. It is challenging for cybersecurity vendors to accomplish this without a systematic approach that integrates real-time data collection, machine learning model training and feedback across billions of sensors deployed with consumer, enterprise, and government customers and across multiple defense domains (endpoint, network, gateway, and cloud).

KEY BENEFITS OF OUR SOLUTIONS

We protect consumers, enterprises, and governments with our differentiated ability to detect, analyze, and manage responses to adversarial threats. Our customers trust us to protect and defend their families, data, network and online experience whether it is on a device or in the cloud, at home or on the go.

 

Our products are multi-faceted privacy protection solutions that provide consumers security in their everyday lives. Our Personal Protection Service is designed to provide a comprehensive suite of features that protect consumers and their families across their digital lives. Our products provide cross-device identity protection, online privacy, and Internet and device security against the latest virus, malware, spyware and ransomware attacks that are pervasive across all digital devices.

 

Our solutions provide a seamless and user friendly experience. With a single McAfee Total Protection subscription, our customers can protect multiples devices without impeding the consumer experience via cloud-based online and offline protection across devices to enjoy security at home and on the go. McAfee Total Protection comes with performance-enhancing features that allow for more productivity and entertainment by automatically assigning more dedicated processor power to the apps you are actively using. Our security, privacy and trust solutions provide a seamless and convenient experience, and an integrated digital moat. We are one of the few scaled cybersecurity companies with integrated data protection and threat defense capabilities built into technologies and solutions that span the digital ecosystem.

 

Our solutions with comprehensive features provide consumers peace of mind that their online experience is protected. Our Personal Protection Service is a holistic digital protection of consumers and their families. Personal Protection Service encompasses data and device security and identity protection through our suite of products while delivering an experience that is equally easy to use whether on a computer, a mobile smartphone or a tablet and across multiple operating system platforms.

 

Our solutions provide integrated threat defense and data protection, from device to cloud. Our unified cloud and endpoint security solutions provide comprehensive threat detection and data protection from device to cloud with unified policy control and centralized management and incident reporting. We provide customers the ability to easily extend on-premise data policies to multi-cloud environments to secure data wherever it travels or resides and prevent the risk of data loss. Our MVISION Cloud is designed to secure employees working on enterprise cloud services such as Office 365, Salesforce, Box, and Slack.

 

Our solutions are supported by our global threat intelligence network, which is bolstered by artificial intelligence, machine learning, and deep learning to increase efficacy and efficiency. Our portfolio leverages over one billion telemetry sensors across multiple domains (device, network, gateway, and cloud) that feed our threat intelligence and insights engines. McAfee’s Global Threat Intelligence (“GTI”) receives over 2.3 trillion threat queries each year. By leveraging artificial intelligence, machine learning, and deep learning, we use complex threat detection and response algorithms that collect data from our vast customer base to correlate events, detect new threats, reduce false positives, and guide analysts through remediation.

MARKET OPPORTUNITY

We estimate that our addressable market comprised of consumer and enterprise security is $30.4 billion in 2020 and is projected to grow at a four-year CAGR of 7.9% and reach $41.2 billion in 2024. According to Frost & Sullivan, the global consumer endpoint security market (comprised of endpoint protection and prevention and consumer privacy and identity protection) addressed by our solutions is expected to reach nearly $13.1 billion in 2020, growing to $18.7 billion in 2024. According to IDC, the addressable enterprise security market addressed by our solutions is expected to reach nearly $17.3 billion in 2020, growing at a CAGR of 6.9% through 2024. The “addressable enterprise security market” represents revenue from five markets (Web Security, SIEM, Network Security, Corporate Endpoint, and Data Loss Protection).

7


 

COMPETITIVE STRENGTHS

Our competitive strengths include:

 

Brand recognition in both Consumer and Enterprise segments. We have been a trusted provider of cybersecurity products for over 30 years. This trust was built on protecting hundreds of millions of consumers, governments and many of the world’s largest enterprises. Our brand recognition continues to drive customer stickiness and bolsters mutually-beneficial long-standing partner relationships.

 

Scale and diversity of threat intelligence network. The McAfee portfolio is continuously enriched by the intelligence gathered from over one billion sensors across diverse domains and multiple segments (consumers, enterprises, and governments) to inform our machine learning, deep learning, and artificial intelligence capabilities.

 

Experienced management team with deep cybersecurity expertise. Our world-class management team has extensive cybersecurity expertise and a proven track record of building innovative products and cultivating effective go-to-market strategies at scaled public and private software businesses.

Competitive strengths specific to our Consumer business include:

 

Holistic cybersecurity solutions seamlessly integrated across the consumers’ entire digital ecosystem. Our holistic personal protection service secures the digital experience and protects privacy of our consumers and their loved ones, across multitude of devices, online, and virtually anywhere. With a single interface, simple set up and ease of use, we provide a seamless and integrated digital moat.

 

Unique footprint across devices. Our consumer solutions protected over 600 million devices as of December 26, 2020. Our massive security footprint spans traditional devices including PCs, mobile devices including smartphones and tablets, home gateways and smart / Internet of Things (“IoT”) devices. The vast data from these endpoints helps inform our intelligence and insights engine.

 

Differentiated omnichannel go-to-market strategy. We have longstanding exclusive partnerships with many of the leading PC and mobile OEMs, communications and ISPs, retailers and ecommerce sites, and search providers. The varied routes to market let us reach the consumer at several crucial moments in their subscription lifecycle.

Competitive strengths specific to our Enterprise business include:

 

Comprehensive device-to-cloud platform spanning cloud, on-premise, and hybrid IT environments. Our endpoint protection platform (“EPP”) and our endpoint detection and response (“EDR”) together protect against advanced threats across heterogeneous device environments. EPP and EDR complements our Unified Cloud Edge (“UCE”) based MVISION Cloud, designed to protect data across a spectrum of cloud and hybrid environments. Along with protection for on-premise deployments, we provide true device-to-cloud cybersecurity.

 

Blue chip enterprise and exclusive government customer base with a long history of partnership. We defend the largest enterprises as well as governments globally. Our customer base included 86% of the Fortune 100, 77% of the Fortune 500, and 60% of the Global 2000, as of December 26, 2020. Our largest customers are typically our longest tenured customers and purchase the highest number of products from our portfolio to meet their business needs.

OUR GROWTH STRATEGY

Our strategy is to maintain and extend our technology leadership in cybersecurity solutions by driving frictionless and secure digital experiences. The following are key elements of our growth strategy:

 

Continue to leverage our strength as a trusted cybersecurity brand to increase sales from new and existing customers. We have one of the most trusted brands and comprehensive cybersecurity platforms in the market. We will invest in and leverage our brand to tap the significant growth opportunity within our core business, as our portfolio of solutions expands. We will continue to target and educate customers through our various sales & marketing motions.

 

Continue to pursue targeted acquisitions. We have successfully acquired and integrated businesses, including TunnelBear (a consumer VPN provider) and Skyhigh (a leader in cloud access security broker (“CASB”)). We will continue to pursue targeted acquisitions and believe we are well positioned to successfully execute on our acquisition strategy by leveraging our scale, global reach and routes to market, and data assets.

8


 

Key elements specific to our Consumer growth strategy include:

 

Invest in new and existing routes to market for consumer customers. We will continue to drive sales through our direct-to-customer channels by investing in digital and performance marketing motions. We also intend to strengthen our value proposition to our PC OEMs, and replicate that success with retail and ecommerce partners, communications service providers, and Internet providers. We intend to drive new customer growth by expanding our relationships with communications service providers and ISPs utilizing the cross-platform functionality of our solutions.

 

Enhance and tailor the subscriber conversion and renewal process. As we expand our routes to market and partnerships, we strive to evolve our conversion and renewal process through approaches such as performance marketing and educate partners to best support mutually beneficial consumer-centric initiatives.

 

Continue to innovate and enhance our consumer security platform and user experience. To protect our customer’s digital experience across devices, networks and online interactions we plan to continue to invest in new product and platform innovation to help protect data wherever it resides or travels and defend against threats across multiple domains.

Key elements specific to our Enterprise strategy include:

 

Invest in new and existing routes to market for enterprise and government customers. Our investment in our direct sales force has strengthened global reach and scale, and partnerships with public cloud service providers helps enable our cloud customers to streamline deployment of MVISION, the cloud-native family of our enterprise platform. Additionally, we will continue to support a partnership ecosystem comprised of distributors, managed security service providers (“MSSP”), and systems integrators.

 

Focus on winning in endpoint and cloud security to further enhance our device-to-cloud platform. We are a leader in the emerging cloud security and cloud-native endpoint security markets. Our growing CASB and secure web gateway (“SWG”) cloud security solutions complement our strong EPP and EDR based device protection solutions, and helps customers harness the power of our unified security platform.

SALES AND MARKETING

Consumer. Our consumer go-to-market engine consists of a digitally-led omnichannel approach to reach the consumer at crucial moments in their purchase lifecycle including direct to consumer online sales, acquisition through trial pre-loads on PC OEM devices, and other indirect modes via additional partners such as mobile providers, ISPs, electronics retailers, ecommerce sites, and search providers. Our omnichannel approach and strong partnerships work together to increase our presence at key moments of purchase and security engagement for consumers, allowing us to drive customer engagement and acquisition of new customers.

Enterprise. Our enterprise go-to-market strategy leverages direct and indirect routes to market to support customers based on the maturity of our relationship. Our most established accounts are serviced directly by our field sales teams. Emerging accounts and new customers are primarily serviced through a global inside sales engine that work with indirect routes to market. Our enterprise marketing strategy uses a mix of modern digital marketing and traditional marketing approaches. We also use brand awareness campaigns to increase our brand reputation and account-based marketing tactics to support demand generation for high-value customers and prospects.

COVID-19 PANDEMIC

In March 2020, the World Health Organization declared the outbreak of a disease caused by a novel strain of the coronavirus (COVID-19) to be a pandemic. The COVID-19 pandemic is having widespread, rapidly evolving, and unpredictable impacts on global society, economies, financial markets, and business practices. Federal, state and foreign governments have implemented measures to contain the virus, including social distancing, travel restrictions, border closures, limitations on public gatherings, work from home, and closure of non-essential businesses. To protect the health and well-being of our employees, partners, and third-party service providers, we have implemented work-from-home requirements, made substantial modifications to employee travel policies, and cancelled or shifted marketing and other corporate events to virtual-only formats for the foreseeable future.  

9


 

The ultimate duration and extent of the impact from the COVID-19 pandemic depends on future developments cannot be accurately forecasted at this time. These developments include the severity and transmission rate of the disease, the actions of governments, businesses and individuals in response to the pandemic, the extent and effectiveness of containment actions, the impact on economic activity and the impact of these and other factors.  We have experienced growth and increased demand for our solutions in recent quarters, particularly with respect to our Consumer business, which may be due in part to greater demand for devices or our solutions in response to the COVID-19 pandemic. We cannot determine what, if any, portion of our growth in net revenue, the number of our Direct to Consumer customers, or any other measures of our performance during the fiscal 2020 compared to the fiscal 2019 was the result of such responses to the COVID-19 pandemic. See Risk Factors for further discussion of the possible impact of the COVID-19 pandemic on our business.

INTELLECTUAL PROPERTY

Our intellectual property is an important and vital asset of the company that enables us to develop, market, and sell our products and services and enhance our competitive position. We rely on trademarks, patents, copyrights, trade secrets, license agreements, intellectual property assignment agreements, confidentiality procedures, non-disclosure agreements, and employee non-disclosure and invention assignment agreements to establish and protect our proprietary rights.

We maintain an internal patent program to identify inventions that provide the basis for new patent applications in areas of importance to our business. As of December 26, 2020, we had approximately 1,400 issued U.S. patents, in addition to approximately 700 issued foreign patents, which generally relate to inventive aspects of our products and technology. The duration of our issued patents is determined by the laws of the issuing country. Although we have patent applications pending, there can be no assurance that patents will issue from pending applications or that claims allowed on any future issued patents will be sufficiently broad to protect our technology. Also, these protections may not preclude competitors from independently developing products with functionality or features similar to our products.

In certain cases, we license intellectual property from third parties for use in our products and generally must rely on those third parties to protect the licensed rights. This can include open source software, which is subject to limited proprietary rights. While the ability to maintain and protect our intellectual property rights is important to our success, we believe our business is not materially dependent on any individual patent, copyright, trademark, trade secret, license, or other intellectual property right. For information on the risks associated with our intellectual property, please see “Risk Factors” in Item 1A.

THIRD-PARTY SERVICE PROVIDERS

We are heavily reliant on our technology and infrastructure to provide our products and services to our customers. For example, we host many of our products using third-party data center facilities, and we do not control the operation of these facilities. In addition, we rely on certain technology that we license from third parties, including third-party commercial software and open source software, which is used with certain of our solutions. For information on the risks associated with our dependence on such third-party service providers, please see “Risk Factors” in Item 1A.

GOVERNMENTAL REGULATION

We collect, use, store or disclose an increasingly high volume, variety, and velocity of personal information, including from employees and customers, in connection with the operation of our business, particularly, in relation to our identity and information protection offerings, which rely on large data repositories of personal information and consumer transactions. The personal information we process is subject to an increasing number of federal, state, local, and foreign laws regarding privacy and data security. For information on the risks associated with complying with privacy and data security laws, please see “Risk Factors” in Item 1A.

EMPLOYEE & HUMAN CAPITAL

Protecting all that matters demands constant innovation. Doing our job well requires building a workplace that embraces individuality, encourages different perspectives, and welcomes a range of experiences to boost real innovation, creativity, and strategic problem-solving. But it’s not just the right thing to do for business—it’s about every person’s innate right to be their true self and belong.

10


 

Building a more inclusive, sustainable world starts within our walls. We believe that when we mirror the varying perspectives of the outside world, we are stronger, more innovative, and better positioned to solve tomorrow’s toughest cybersecurity challenges. Our approach starts with our hiring and interview practices, but representation isn’t enough. Once people walk through our open door, we ensure all life experiences are not just valued, but accepted and encouraged. Only when people feel a deep sense of belonging can they thrive.

To solve tomorrow’s cybersecurity challenges, we know that our industry needs a more diverse, innovative workforce. To fulfill our mission to protect all that matters, we stand firm in our commitment to drive this change. But first, we must understand who we are today to define our journey ahead. As of December 26, 2020, McAfee employed 6,916 employees in 44 countries worldwide.

To contribute a more diverse workforce to the cybersecurity industry, we know that we will need to exercise genuine, authentic, and transparent recruiting and hiring practices aligned with our values. That’s why we support techniques and programs designed specifically to connect us with people of all backgrounds:

 

We write clear, searchable, and applicable job descriptions for candidates of all backgrounds. By leveraging the only augmented writing platform that addresses language as well as content, all candidates can find and understand our open roles.

 

We assemble a diverse hiring panel for every role, so each candidate is considered from varying perspectives.

 

To plant a firm cultural foundation and minimize any unconscious bias, we train all recruiters and hiring managers to use our values-based behavioral interview approach.

 

We provide a Return to Workplace program to tap into the experiences of women and men who may have paused their career to raise children, care for loved ones, or serve their country.

 

Our internship program serves as the training ground for top talent around the world, welcoming qualified, interested students of all backgrounds

Real collaboration, innovation, and impact happens in workplaces where you can express yourself authentically. That’s why we work hard to ensure life at McAfee is one where our employees can be authentic, engage with others, and reach the best versions of themselves, both at the office and away from it:

 

Because each person plays a role, McAfee employees included an inclusion goal as part of their individual goals.

 

We sponsor 6 McAfee Communities to support members and allies within each of our African Heritage, Veterans, Latino, Women, LGBTQ, and Differently Abled communities

11


 

 

We provide mentors for members of our WISE (Women in Security) community

 

We ensure fair and equal compensation based on contributions and impact to the company through our annual pay parity analysis

 

We provide a Diversity Impact analysis to ensure that at a minimum, any promotion or rewards are representative of each diverse group’s population within the organization

 

We focus our global benefits strategy on providing inclusive and family friendly benefits

To practice our value of transparency and open the door to honest conversations, we publicly disclose our most recent workforce summary data each year at https://www.mcafee.com/enterprise/en-us/about/inclusion-diversity.html.

AVAILABLE INFORMATION

Our internet website is www.mcafee.com. We make available on the Investor Relations section of our website, free of charge, our annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K, Proxy Statements, and Forms 3, 4 and 5, and amendments to those reports as soon as reasonably practicable after filing such documents with, or furnishing such documents to, the Securities and Exchange Commission (“SEC”). The SEC maintains a website (www.sec.gov) that contains reports, proxy and information statements and other information regarding issuers that file electronically with the SEC.

On the Investor Relations section of our website, we webcast our earnings calls and certain events we participate in or host with members of the investment community. Additionally, we provide notifications of news or announcements regarding our financial performance, including SEC filings, investor events, press and earnings releases. Further corporate governance information, including our board committee charters, and, code of ethics, is also available on our Investor Relations website under the heading "Corporate Governance—Documents & Charters."

Our internet website is included herein as an inactive textual reference only. The information contained on our website is not incorporated by reference herein and should not be considered part of this report.

12


 

Item 1A. Risk Factors.

Risks Related to the COVID-19 Pandemic

The COVID-19 pandemic has affected how we are operating our business, and the duration and extent to which this will impact our future results of operations and overall financial performance remains uncertain.

The COVID-19 pandemic is having widespread, rapidly evolving, and unpredictable impacts on global society, economies, financial markets, and business practices. Federal, state and foreign governments have implemented measures to contain the virus, including social distancing, travel restrictions, border closures, limitations on public gatherings, work from home, and closure of non-essential businesses. To protect the health and well-being of our employees, partners, and third-party service providers, we have implemented work-from-home requirements, made substantial modifications to employee travel policies, and cancelled or shifted marketing and other corporate events to virtual-only formats for the foreseeable future. While we continue to monitor the situation and may adjust our current policies as more information and public health guidance become available, such precautionary measures could negatively affect our customer success efforts, sales and marketing efforts, delay and lengthen our sales cycles, or create operational or other challenges, any of which could harm our business and results of operations. In addition, the COVID-19 pandemic has disrupted the operations of many of our enterprise customers and channel partners, and may continue to disrupt their operations, for an indefinite period of time, including as a result of travel restrictions and/or business shutdowns, uncertainty in the financial markets, or other harm to their businesses and financial results, resulting in delayed purchasing decisions, extended payment terms, and postponed or cancelled projects, all of which could negatively impact our business and results of operations, including our revenue and cash flows. Further, if the COVID-19 pandemic has a substantial impact on our employees’, partners’, or third-party service providers’ health, attendance, or productivity, our results of operations and overall financial performance may be adversely impacted.

Beginning in March 2020, the U.S. and global economies have reacted negatively in response to worldwide concerns due to the economic impacts of the COVID-19 pandemic. These factors also may adversely impact consumer, enterprise, and government spending on technology as well as customers’ ability to pay for our products and services on an ongoing basis. Although we have not currently experienced a material increase in customer cancellations or a material reduction in our retention rate in 2020, we may experience such an increase in cancellations or reduction in retention rates in the future, especially in the event of a prolonged economic downturn as a result of the COVID-19 pandemic. For example, some businesses in industries particularly impacted by the COVID-19 pandemic, such as travel, hospitality, retail, and oil and gas, have significantly cut or eliminated capital expenditures at this time. Certain enterprise and government customers may also seek to renegotiate the payment terms or scope of the existing subscription or services agreements, which could adversely impact our revenues in future periods and may result in delays in accounts receivable collection. A prolonged economic downturn could adversely affect technology spending, demand for our offerings, and retention and renewal rates, any of which could have a negative impact on our financial condition, results of operations and cash flows. Any resulting instability in the financial markets could also adversely affect the value of our Class A common stock, our ability to refinance our indebtedness, and our access to capital.

The ultimate duration and extent of the impact from the COVID-19 pandemic depends on future developments that cannot be accurately forecasted at this time, such as the severity and transmission rate of the disease, the actions of governments, businesses and individuals in response to the pandemic, the extent and effectiveness of containment actions, the impact on economic activity and the impact of these and other factors on our employees, partners, and third-party service providers. This uncertainty also affects management’s accounting estimates and assumptions, which could result in greater variability in a variety of areas that depend on these estimates and assumptions, including those related to investments, receivables, retention rates, renewals, pricing, and sales cycles. For example, we have experienced growth and increased demand for our solutions in recent quarters, particularly with respect to our Consumer business, which may be due in part to greater demand for devices or our solutions in response to the COVID-19 pandemic. We cannot determine what, if any, portion of our growth in net revenue, the number of our Direct to Consumer customers, or any other measures of our performance during the first half of fiscal 2020 compared to the first half of fiscal 2019 was the result of such responses to the COVID-19 pandemic. However, if we are unable to successfully drive renewals of new subscriptions and retention of new customers in future periods, including any such new subscriptions or new customers that may be related to the response to the COVID-19 pandemic, or if global conditions and macroeconomic forces, including those related to the COVID-19 pandemic, reduce demand for solutions in the future, we may be unsuccessful in sustaining our recent growth rates. In addition, the extent to which the COVID-19 pandemic will continue to drive demand for devices is uncertain, and if demand for devices decreases, we may experience slower growth in future periods. These uncertainties may increase variability in our future results of operations and adversely impact our ability to accurately forecast changes in our business performance and financial condition in future periods. If we are not able to respond to and manage the impact of such events effectively or if global economic conditions do not improve, or deteriorate further, our business, financial condition, results of operations, and cash flows could be adversely affected.

 

13


 

Risks Related to Competition and Industry Trends

The cybersecurity market is rapidly evolving and becoming increasingly competitive in response to continually evolving cybersecurity threats from a variety of increasingly sophisticated cyberattackers. If we fail to anticipate changing customer requirements or industry and market developments, or we fail to adapt our business model to keep pace with evolving market trends, our financial performance will suffer.

The cybersecurity market is characterized by continual changes in customer preferences and requirements, frequent and rapid technological developments and continually evolving market trends. We must continually address the challenges of dynamic, and accelerating market trends, such as the emergence of new cybersecurity threats, the continued decline in the sale of new personal computers, and the rise of mobility and cloud-based solutions, all of which make satisfying our customers’ diverse and evolving needs more challenging. In addition, many of our enterprise customers operate in industries characterized by rapidly changing technologies and business plans, which require them to adapt quickly to increasingly complex cybersecurity requirements.

The technology underlying our solutions is particularly complex because it must effectively and efficiently identify and respond to new and increasingly sophisticated threats while meeting other stringent technical requirements in areas of performance, usability, and availability. Although our customers expect new solutions and enhancements to be rapidly introduced to respond to new cybersecurity threats, product development requires significant investment, the efficacy of new technologies is inherently uncertain, and the timing for commercial release and availability of new solutions and enhancements is uncertain. We may be unable to develop new technologies to keep pace with evolving threats or experience unanticipated delays in the availability of new solutions, and therefore fail to meet customer expectations. If we fail to anticipate or address the evolving and rigorous needs of our customers, or we do not respond quickly to shifting customer expectations or demands by developing and releasing new solutions or enhancements that can respond effectively and efficiently to new cybersecurity threats on an ongoing and timely basis, our competitive position, business, and financial results will be harmed.

The introduction of new products or services by competitors, market acceptance of products or services based on emerging or alternative technologies, and the evolution of new standards, whether formalized or otherwise, could each render our existing solutions obsolete or make it easier for other products or services to compete with our solutions. In addition, modern cyberattackers are skilled at adapting to new technologies and developing new methods of breaching customers. For example, ransomware attacks have increased in frequency and complexity, and the costs associated with successful ransomware attacks have increased. We must continuously work to ensure our solutions protect against the increased volume and complexity of the cybersecurity threat landscape. Changes in the nature of advanced cybersecurity threats could result in a shift in cybersecurity spending and preferences away from solutions such as ours. In addition, any changes in compliance standards or audit requirements applicable to our enterprise and government customers that deemphasize the types of controls, monitoring, and analysis that our solutions provide would adversely impact demand for our solutions. If our solutions are not viewed by our customers as necessary or effective in addressing their cybersecurity needs, then our revenues may not grow as quickly as expected, or may decline, and our business could suffer.

We cannot be sure that we will accurately predict how the cybersecurity markets in which we compete or intend to compete will evolve. Failure on our part to anticipate changes in our markets and to develop solutions and enhancements that meet the demands of those markets will significantly impair our business, financial condition, results of operations, and cash flows.

We operate in a highly competitive environment, and we expect competitive pressures to increase in the future, which could cause us to lose market share.

The markets for our solutions are highly competitive, and we expect both the requirements and pricing competition to increase, particularly given the increasingly sophisticated attacks, changing customer preferences and requirements, current economic pressures, and market consolidation. Competitive pressures in these markets may result in price reductions, reduced margins, loss of market share and inability to gain market share, and a decline in sales, any one of which could seriously impact our business, financial condition, results of operations, and cash flows.

In the consumer cybersecurity market, we face competition from players, such as NortonLifelock, Avast/AVG, Kaspersky, Trend Micro, ESET, and Microsoft, which expanded from desktop anti-malware into mobile, security, VPN, and identity protection among others. At the same time we compete with point-tool providers, such as Cujo and Dojo in the home IoT space or AnchorFree, ExpressVPN, and ProtonVPN in the network security space, across our full consumer offering. In the enterprise cybersecurity market, we compete both with larger integration providers, such as Symantec (a division of Broadcom), Palo Alto Networks, Sophos, Microsoft, Trend Micro, and Sentinel One in the endpoint, networking, and CASB space, as well as with point solutions Cylance (a division of BlackBerry) focusing on a subset of the cybersecurity market. These competitors include Crowdstrike, Carbon Black (a division of VMware), and Tanium in the endpoint market, Netskope, and Bitglass in the CASB market, IBM and Cisco in network intrusion, Forcepoint, and Zscaler in the SWG market, and IBM, Splunk, Micro Focus, Dell, and LogRhythm in the security operations market.

14


 

In addition to competing with these and other vendors directly for sales to end-users of our products, we compete with several of them for the opportunity to have our products bundled with the product offerings of our strategic partners, including computer hardware OEMs, ISPs, MSSPs, and other distribution partners. Our competitors could gain market segment share from us if any of these strategic partners replace our solutions with those of our competitors or if these partners more actively promote our competitors’ offerings than ours. In addition, vendors who have bundled our products with theirs may choose to bundle their products with their own or other vendors’ software or may limit our access to standard product interfaces and inhibit our ability to develop products for their platform. We also face competition from many smaller companies that specialize in particular segments of the markets in which we compete, including Crowdstrike, VMware, Netskope, and Zscaler. In the future, further product development by these providers could cause our products and services to become redundant or lose market segment share, which could significantly impact our sales and financial results.

We face growing competition from network equipment, computer hardware manufacturers, large operating system providers, telecommunication companies, and other large or diversified technology companies. Examples of large, diversified competitors include Microsoft, International Business Machines Corporation, and Dell Technologies. Large vendors of hardware or operating system software increasingly incorporate cybersecurity functionality into their products and services, and enhance that functionality either through internal development or through strategic alliances or acquisitions. Similarly, telecommunications providers are increasingly investing in the enhancement of the cybersecurity functionality in the devices and services they offer. Additionally, large cloud platforms, such as Amazon Web Services (“AWS”), Google Cloud and Microsoft Azure, may expand or commence providing native cybersecurity functionality directly on the platform such that our current and potential customers forego purchasing cybersecurity solutions from us. Certain of our current and potential competitors may have competitive advantages such as longer operating histories, more extensive international operations, larger product development and strategic acquisition budgets, and greater financial, technical, sales, and marketing resources than we do. Such competitors also may have well-established relationships with our current and potential customers and extensive knowledge of our industry and the markets in which we compete and intend to compete. As a result, such competitors may be able to respond more quickly to new or emerging technologies and changes in customer requirements, or to devote greater resources to the development, marketing, sale, and support of their products. These competitors have made strategic acquisitions or established cooperative relationships among themselves or with other providers, thereby increasing their ability to provide a broader suite of products, and potentially causing customers to decrease purchases of, or defer purchasing decisions with respect to, our products and services. Additionally, some or all of our solutions may rely upon access to certain hardware or software interfaces. These competitors may limit our access to such interfaces or may provide greater or earlier access available to others. These actions could adversely affect the operations of our products relative to competitors or render our solutions inoperative.

Cybersecurity protection is also offered by certain of our competitors at prices lower than our prices or, in some cases, free of charge. Other companies bundle their own or our competitors’ lower-priced or free cybersecurity products with their own computer hardware or software product offerings in a manner that discourages users from purchasing our products and subscriptions. Our competitive position could be adversely affected to the extent that our current or potential customers perceive these cybersecurity products as replacing the need for our products or if they render our solutions unmarketable—even if these competitive products are inferior or more limited than our products and services. The expansion of these competitive trends could have a significant negative impact on our sales and financial results by causing, among other things, price reductions of our products, reduced profitability, and loss of market share.

To compete successfully, we must continue to develop new solutions and enhance existing solutions, effectively adapt to changes in the technology or rights held by our competitors, respond to competitive strategies, and effectively adapt to technological changes within the consumer and enterprise markets. If we are unsuccessful in responding to our competitors, our competitive position and our financial results could be adversely affected.

Our business depends substantially on our ability to retain customers and to expand sales of our solutions to them. If we are unable to retain our customers or to expand our product offerings, our future results of operations will be harmed.

For us to maintain or improve our results of operations in a market that is rapidly evolving and places a premium on market-leading solutions, it is important that we retain existing customers and that our customers expand their use of our solutions. Our customers have no obligation to renew their contracts with us upon their expiration. Even if they do renew with us, customers may not renew with a similar contract period or with the same or a greater amount of committed revenue to us. Retention rates may decline or fluctuate as a result of a number of factors, including but not limited to the level of our customers’ satisfaction or dissatisfaction with our solutions, our prices and the prices of competing products or services, mergers and acquisitions affecting our customers, mergers and acquisitions by our competitors, the effects of global economic conditions, new technologies, changes in our customers’ spending levels, and changes in how our customers perceive the cybersecurity threats. In addition, a significant portion of our renewals in our Consumer segment come from autorenewal arrangements incorporated within our solutions. Furthermore, any changes in the laws regarding autorenewal arrangements could adversely affect our ability to retain consumer customers and harm our financial condition and operating performance.

 

15


 

In addition, our ability to generate revenue and maintain or improve our results of operations partly depends on our ability to increase sales of and cross-sell our solutions to our existing customers. We expect our ability to successfully increase sales of and cross-sell our solutions will be one of the most significant factors influencing our growth. We may not be successful in cross-selling our solutions because our customers may find our additional solutions unnecessary or unattractive. Our failure to sell additional solutions to our existing and new customers could adversely affect our ability to grow our business.

We may need to change our pricing models to compete successfully.

The intense competition we face in the cybersecurity market, in addition to general economic and business conditions (including the economic downturn resulting from the COVID-19 pandemic), can result in downward pressure on the prices of our solutions. If our competitors offer significant discounts on competing products or services, or develop products or services that our customers believe are more valuable or cost-effective, we may be required to decrease our prices or offer other sales incentives in order to compete successfully. Additionally, if we increase prices for our solutions, demand for our solutions could decline as customers adopt less expensive competing products and our market share could suffer. If we do not adapt our pricing models to reflect changes in customer use of our products or changes in customer demand, our revenues could decrease.

Additionally, our business may be affected by changes in the macroeconomic environment. In addition, a weakening of economic conditions or significant uncertainty regarding the stability of financial markets could adversely impact our business, financial condition, results of operations, and cash flows, especially in the event of a prolonged economic downturn or a worsening of current conditions as a result of the COVID-19 pandemic. Impacts could include longer sales cycles, pressure to lower prices for our solutions or to delay or reduce any future price increase, extended billing or payment terms, decreased renewal rates, a reduction in the rate of adoption of our solutions by new customers, and a lower rate of current customers purchasing upgrades. Customers also may change the way in which they pay for solutions, such as buying solutions based upon consumption, which could require us to change our pricing model for some or all of our solutions, thereby reducing or delaying revenue. Finally, the increasing prevalence of cloud-based solutions and emerging security delivery models may unfavorably impact pricing in both our solutions that are not deployed via the cloud, which could reduce our revenues and profitability.

Any broad-based change to our pricing strategy could cause our revenues to decline or could delay future sales as our sales force implements and our customers adjust to the new pricing terms. We or our competitors may bundle products for promotional purposes or as a long-term go-to-market or pricing strategy or provide price guarantees to certain customers as part of our overall sales strategy. These practices could, over time, significantly limit our flexibility to change prices for existing solutions and to establish prices for new or enhanced products and services. Any such changes could reduce our margins and adversely affect our results of operations.

We face risks related to enterprise customer outsourcing to system integrators and similar service providers.

Some of our enterprise customers have outsourced some or all of the management of their information technology departments to large system integrators. Some customers have also outsourced portions of their cybersecurity operations to MSSPs. If this trend continues, our established customer relationships could be disrupted, and our solutions could be displaced by alternatives offered by system integrators and MSSPs that do not include or use our solutions. These displacements could negatively impact our financial results and have an adverse effect on our business.

If cybersecurity industry analysts publish unfavorable or inaccurate research reports about our business, our financial performance could be harmed.

An increasing number of independent industry analysts and researchers regularly evaluate, compare, and publish reviews regarding the performance, efficiency, and functionality of cybersecurity products and services, including our own solutions. The market’s perception of our solutions may be significantly influenced by these reviews. We do not have any control over the content of these independent industry analysts and research reports, or the methodology they use to evaluate our solutions, which may be flawed or incomplete. Demand for our solutions could be harmed if these industry analysts publish negative reviews of our solutions or do not view us as a market leader. If we are unable to maintain a strong reputation, sales to new and existing customers and renewals could be adversely affected, and our financial performance could be harmed.

 

16


 

Risks Related to Our Financial and Operating Performance

Our results of operations can be difficult to predict and may fluctuate significantly, which could result in a failure to meet investor expectations.

Our results of operations have in the past varied, and may in the future vary, significantly from period to period due to a number of factors, many of which are outside of our control, including the macroeconomic environment. These factors limit our ability to accurately predict our results of operations and include factors discussed throughout this “Risk Factors” section, including the following:

 

the level of competition in our markets, including the effect of new entrants, consolidation, and technological innovation;

 

macroeconomic conditions in our markets, both domestic and international, as well as the level of discretionary technology spending;

 

fluctuations in demand for our solutions;

 

disruptions in our business operations or target markets caused by, among other things, terrorism or other intentional acts, pandemics, such as the COVID-19 pandemic, riots, protests or political unrest, or earthquakes, floods, or other natural disasters;

 

variability and unpredictability in the rate of growth in the markets in which we compete;

 

technological changes in our markets;

 

our ability to renew existing customers, acquire new customers, and sell additional solutions;

 

execution of our business strategy and operating plan, and the effectiveness of our sales and marketing programs;

 

our sales cycles, which may lengthen as the complexity of solutions and competition in our markets increases;

 

the timing, size, and mix of orders from, and shipments to, enterprise customers;

 

enterprise customers’ tendency to negotiate licenses and other agreements near the end of each quarter;

 

product announcements, introductions, transitions, and enhancements by us or our competitors, which could result in deferrals of customer orders;

 

the impact of future acquisitions or divestitures;

 

changes in accounting rules and policies that impact our future results of operations compared to prior periods; and

 

the need to recognize certain revenue ratably over a defined period or to defer recognition of revenue to a later period, which may impact the comparability of our results of operations across those periods.

 

Furthermore, a high percentage of our expenses, including those related to overhead, research and development, sales and marketing, and general and administrative functions are generally fixed in nature in the short term. As a result, if our net revenue is less than forecasted, we may not be able to effectively reduce such expenses to compensate for the revenue shortfall and our results of operations will be adversely affected. In addition, our ability to maintain or expand our operating margins may be limited given economic and competitive conditions, and we therefore could be reliant upon our ability to continually identify and implement operational improvements in order to maintain or reduce expense levels. There can be no assurance that we will be able to maintain or expand our current operating margins in the future.

17


 

We derive revenue from the sale of security products, subscriptions, support and maintenance, professional services, or a combination of these items, which may decline. Certain of this revenue is recognized either over the technology-constrained life or over the term of the relevant service period. Therefore, downturns or upturns in these sales will not be immediately reflected in full in our results of operations.

Our sales may decline and fluctuate as a result of a number of factors, including our customers’ level of satisfaction with our products and services, the prices of our products and services, the prices of products and services offered by our competitors, reductions in our customers’ spending levels, and other factors beyond our control. If our sales decline, our revenue and revenue growth may decline, and our business will suffer. We recognize revenue as control of the goods and services is transferred to our customer. For certain of our software licenses or hardware, this control is transferred over time with revenue recognized over the term of the technology constrained customer life, generally four to five years, or over the applicable contract term. These contracts typically have terms of one to three years. As a result, a majority of revenue we report each quarter is the recognition of deferred revenue from contracts entered into during previous quarters. Consequently, a decline in sales in any single quarter will not be fully or immediately reflected in revenue in that quarter but will continue to negatively affect our revenue in future quarters. Accordingly, the effect of significant downturns in sales is not reflected in full in our results of operations until future periods. Furthermore, it is difficult for us to rapidly increase our revenue through additional sales in any period, as revenue from the majority of contracts must be recognized over the applicable future time period. Finally, any increase in the average term of these contracts or technology constrained life of our customers would result in revenue for such contracts being recognized over longer periods of time.

The sudden and significant economic downturn or volatility in the economy in the United States and our other major markets could have a material adverse impact on our business, financial condition, results of operations, or cash flows.

We operate globally and as a result our business and revenues are impacted by global macroeconomic conditions. In recent periods, investor and customer concerns about the global economic outlook, which have significantly increased as a result of the COVID-19 pandemic, have adversely affected market and business conditions in general. In addition, a weakening of economic conditions could lead to reductions in demand for our solutions. Weakened economic conditions or a recession could reduce the amounts that customers are willing or able to spend on our products and solutions, particularly the customers of our Consumer segment, and could make it more difficult for us to compete against less expensive and free products for new customers. In addition, our business could be negatively impacted by increased competitive pricing pressure and a decline in our customers’ creditworthiness, which could result in us incurring increased bad debt expense. Additionally, in the United States and other parts of the world, volatile or uncertain economic conditions could lead customers to not expand, terminate, or not renew existing contracts with us, or not enter into new contracts with us. Furthermore, a high percentage of our expenses, including those related to overhead, research and development, sales and marketing, and general and administrative functions are generally fixed in nature in the short term. If we are not able to timely and appropriately adapt to changes resulting from a weak economic environment, it could have an adverse impact on our business, financial condition, results of operations, and cash flows.

We have experienced net losses in recent periods and may not maintain profitability in the future.

We experienced net losses of $236 million and $289 million for fiscal 2019 and 2020, respectively. While we have experienced revenue growth over these same periods, we may not be able to sustain or increase our growth or maintain profitability in the future or on a consistent basis. In recent years, we have changed our portfolio of products and invested in research and development to develop new products and enhance current solutions.

We also expect to continue to invest for future growth. We expect that to achieve profitability we will be required to increase revenues, manage our cost structure, and avoid significant liabilities. Revenue growth may slow, revenue may decline, or we may incur significant losses in the future for a number of possible reasons, increasing competition, a decrease in the growth of the markets in which we operate, or if we fail for any reason to continue to capitalize on growth opportunities. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays, and other unknown factors that may result in losses in future periods. If these losses exceed our expectations or our revenue growth expectations are not met in future periods, our financial performance may be harmed.

18


 

Changes in tax laws or in their implementation may adversely affect our business and financial condition.

Changes in tax law may adversely affect our business or financial condition. As part of Congress’s response to the COVID-19 pandemic, the Families First Coronavirus Response Act, commonly referred to as the FFCR Act, was enacted on March 18, 2020, the Coronavirus Aid, Relief, and Economic Security Act, commonly referred to as the CARES Act, was enacted on March 27, 2020, and the act commonly known as the Consolidated Appropriations Act, 2021 was enacted on December 27, 2020. Each contains numerous tax provisions. In particular, the CARES Act retroactively and temporarily (for taxable years beginning before January 1, 2021) suspended application of the 80%-of-taxable-income limitation on the use of NOLs, which was enacted as part of the TCJA. It also provided that NOLs arising in any taxable year beginning after December 31, 2017 and before January 1, 2021 are generally eligible to be carried back up to five years. The CARES Act also temporarily (for taxable years beginning in 2019 or 2020) relaxed the limitation of the tax deductibility for net interest expense by increasing the limitation from 30% to 50% of adjusted taxable income.

Regulatory guidance under the Tax Cuts and Job Act(“TCJA”), the FFCR Act, the CARES Act, and the Consolidated Appropriations Act, 2021 is and continues to be forthcoming, and such guidance could ultimately increase or lessen impact of these laws on our business and financial condition. It is also likely that Congress will enact additional legislation in connection with the COVID-19 pandemic, some of which could have an impact on our Company. In addition, it is uncertain if and to what extent various states will conform to the TCJA, the FFCR Act, the CARES Act, or the Consolidated Appropriations Act, 2021.

Forecasting our estimated annual effective tax rate is complex and subject to uncertainty, and there may be material differences between our forecasted and actual tax rates.

Forecasts of our income tax position and effective tax rate are complex and subject to uncertainty because our income tax position for each year combines the effects of a mix of profits and losses earned by us and our subsidiaries in various tax jurisdictions with a broad range of income tax rates, as well as changes in the valuation of deferred tax assets and liabilities, the impact of various accounting rules and changes to these rules and tax laws, such as the U.S. federal income tax laws, including impacts of the TCJA, FFCR Act, CARES Act, and Consolidated Appropriations Act, 2021, arising from future interpretations of such legislation, the results of examinations by various tax authorities and the impact of any acquisition, business combination, or other reorganization or financing transaction. To forecast our global tax rate, we estimate our pre-tax profits and losses by jurisdiction and forecast our tax expense by jurisdiction. If our mix of profits and losses, our ability to use tax credits, or effective tax rates by jurisdiction is different than those estimated, our actual tax rate could be different than forecasted, which could have a material impact on our financial condition and results of operations.

As a multinational corporation, we conduct our business in many countries and are subject to taxation in many jurisdictions. The taxation of our business is subject to the application of multiple and conflicting tax laws and regulations as well as multinational tax conventions. Our effective tax rate is highly dependent upon the geographic distribution of our worldwide earnings or losses, the tax regulations in each geographic region, the availability of tax credits and carryforwards, and the effectiveness of our tax planning strategies. The application of tax laws and regulations is subject to legal and factual interpretation, judgment, and uncertainty. Tax laws themselves are subject to change as a result of changes in fiscal policy, changes in legislation, and the evolution of regulations and court rulings. Consequently, taxing authorities may impose tax assessments or judgments against us that could materially impact our tax liability and/or our effective income tax rate.

In addition, we are subject to examination of our income tax returns by the Internal Revenue Service (“IRS”) and other tax authorities. If tax authorities challenge the relative mix of our U.S. and international income, our future effective income tax rates could be adversely affected, including for future periods and retroactively. While we regularly assess the likelihood of adverse outcomes from such examinations and the adequacy of our provision for income taxes, there can be no assurance that such provision is sufficient and that a determination by a tax authority will not have an adverse effect on our business, financial condition, results of operations, and cash flows.

 

Our global operations may expose us to increased tax risks.

We are generally required to account for taxes in each jurisdiction in which we operate. This process may require us to make assumptions, interpretations, and judgments with respect to the meaning and application of promulgated tax laws and related administrative and judicial interpretations. The positions that we take and our interpretations of the tax laws may differ from the positions and interpretations of the tax authorities in the jurisdictions in which we operate. An adverse outcome in any examination could have a significant negative impact on our cash position and net income. Although we have established reserves for examination contingencies in accordance with published guidance, there can be no assurance that the reserves will be sufficient to cover our ultimate liabilities.

19


 

Our provision for income taxes is subject to volatility and can be adversely affected by a variety of factors, including but not limited to: unanticipated decreases in the amount of revenue or earnings in countries with low statutory tax rates, changes in tax laws and the related regulations and interpretations (including various proposals currently under consideration), changes in accounting principles (including accounting for uncertain tax positions), and changes in the valuation of our deferred tax assets. Significant judgment is required to determine the recognition and measurement attributes prescribed in certain accounting guidance. This guidance applies to all income tax positions, including the potential recovery of previously paid taxes, which if settled unfavorably could adversely impact our provision for income taxes.

Our ability to use certain net operating loss carryforwards and certain other tax attributes may be limited.

Under Sections 382 and 383 of the Code, if a corporation undergoes an “ownership change,” the corporation’s ability to use its pre-change net operating loss carryforwards and other pre-change tax attributes to offset its post-change income and taxes may be limited. In general, an “ownership change” occurs if there is a cumulative change in ownership of the relevant corporation by “5% shareholders” (as defined under U.S. income tax laws) that exceeds 50 percentage points over a rolling three-year period. Similar rules apply under state tax laws. If our corporate subsidiaries experience one or more ownership changes in connection with  transactions in our stock, then we may be limited in our ability to use our corporate subsidiaries’ net operating loss carryforwards and other tax assets to reduce taxes owed on the net taxable income that such subsidiaries earn. Any such limitations on the ability to use net operating loss carryforwards and other tax assets could adversely impact our business, financial condition, results of operations, and cash flows.

We face risks associated with past and future investments, acquisitions, and other strategic transactions.

We may buy or make investments in complementary or competitive companies, products, and technologies, sell strategic businesses or other assets, or engage in other strategic transactions. For example, in fiscal 2018 we bolstered our consumer VPN offering through our acquisition of TunnelBear and expanded our investment in our cloud-based solutions through our acquisition of Skyhigh Networks. In fiscal 2019, we acquired Nanosec and Uplevel, and in the first half of fiscal 2020, we acquired Light Point Security, all to enhance certain of our enterprise product offerings. The consideration exchanged for an acquisition may be greater than the value we realize from the transaction. In addition, we and our Sponsors periodically evaluate our capital structure and strategic alternatives with advisors and other third parties in an effort to maximize value for our stockholders. We cannot be certain when or if any of the discussions we have will lead to a proposal that we may find attractive, including with respect to the refinancing or repricing of some or all of our indebtedness, the sale of some or a significant portion of our assets, or other similar significant transactions. Whether in connection with such events or otherwise, we may also take other actions that impact our balance sheet and capital structure, including the payment of special dividends, the increase or decrease of regular dividends, repayment of debt, repurchases of our equity through privately negotiated transactions, as part of a tender offer, in the open market and/or through a share repurchase plan, including an accelerated share repurchase plan, or any other means permitted by law. In some cases these transactions could be with, or disproportionately benefit, one or more of our significant stockholders.

Future transactions could result in significant transactions-related charges, acceleration of some or all payments under our tax receivable agreement, disparate tax treatment for our stockholders, distraction for our management team, and potential dilution to our equity holders. In addition, we face a number of risks relating to such transactions, including the following, any of which could harm our ability to achieve the anticipated benefits of our past or future strategic transactions.

Technology and market risk. Cybersecurity technology is particularly complex because it must effectively and efficiently identify and respond to new and increasingly sophisticated threats while meeting other stringent technical requirements in areas of performance, usability, availability, and others. Our investments and acquisitions carry inherent uncertainty as to the efficacy of our technology roadmap. The decisions we make regarding customer requirements, market trends, market segments, and technologies may not be correct and we may not achieve the anticipated benefits of these transactions.

Integration or separation. Integration of an acquired company or technology is a complex, time consuming, and expensive process. The successful integration of an acquisition requires, among other things, that we integrate and retain key management, sales, research and development, and other personnel; integrate or separate the acquired products into or from our product offerings from both an engineering and sales and marketing perspective; integrate and support, or separate from, existing suppliers, distribution, and customer relationships; coordinate research and development efforts; and potentially consolidate, or prepare standalone, facilities and functions and back-office accounting, order processing, and other functions. If we do not successfully integrate an acquired company or technology, we may not achieve the anticipated benefits.

20


 

The geographic distance between sites, the complexity of the technologies and operations being integrated or separated, and disparate corporate cultures, may increase the difficulties of such integration or separation. Management’s focus on such operations may distract attention from our day-to-day business and may disrupt key research and development, marketing, or sales efforts. In addition, it is common in the technology industry for aggressive competitors to attract customers and recruit key employees away from companies during the integration phase of an acquisition.

 

Internal controls, policies, and procedures. Acquired companies or businesses are likely to have different standards, controls, contracts, procedures, and policies, making it more difficult to implement and harmonize company-wide financial, accounting, billing, information, and other systems. Acquisitions of privately held and/or non-U.S. companies are particularly challenging because their prior practices in these areas may not meet the requirements of GAAP and U.S. export regulations. Furthermore, we may assume liabilities associated with past practices and the Company’s compliance with legal and regulatory requirements in the jurisdictions in which they or we operate. Any acquisitions may require that we spend significant management time and attention establishing these standards, controls, contracts, procedures, and policies.

Key employees may be difficult to retain and assimilate. The success of many strategic transactions depends to a great extent on our ability to retain and motivate key employees. This can be challenging, particularly in the highly competitive market for technical personnel. Retaining key executives for the long term can also be difficult due to other opportunities available to them. Disputes that may arise out of earn-outs, escrows, and other arrangements related to an acquisition of a company in which a key employee was a principal may negatively affect the morale of the employee and make retaining the employee more difficult. It could be difficult, time consuming, and expensive to replace any key management members or other critical personnel that do not accept employment with the Company following any transaction or whose employment is subsequently terminated. In addition to retaining key employees, we must integrate them into our Company, or potentially re-direct their efforts, both of which can be difficult, time consuming, and costly. Changes in management or other critical personnel may be disruptive to our business and might also result in our loss of some unique skills and the departure of existing employees, customers, partners, vendors, and others.

 

Risks Related to Our Solutions and Sales to Our Customers

Over the last several years, we have pursued a variety of strategic initiatives designed to optimize and reinforce our cybersecurity platform. If the benefits of these initiatives are less than we anticipate, or if the realization of such benefits is delayed, our business and results of operations may be harmed.

Over the last several years, we have pursued a variety of strategic initiatives designed to optimize and reinforce our cybersecurity platform, including investing in new routes to market and partnerships, refining our go-to-market strategies for our Consumer and Enterprise businesses, rationalizing our Enterprise portfolio to reorient our focus and resources to products that align with our device-to-cloud strategy, and adding new capabilities and products through several strategic acquisitions. The anticipated benefits of these initiatives may not be fully realized, if at all, until future periods. For example, as we continue to execute on the reorientation of our Enterprise business and refine our Enterprise go-to-market strategy, we currently expect our Enterprise net revenue to continue to decline in the near term, and we expect the performance of our Consumer segment to continue to have a greater impact on our consolidated Company performance. However, if we do not achieve the anticipated benefits from these and our other strategic initiatives, or if the achievement of such anticipated benefits is delayed, the performance of our Enterprise and Consumer segments could be harmed, and our financial condition, results of operations, and cash flows may be adversely affected.

Our investments in new or enhanced solutions may not yield the benefits we anticipate.

The success of our business depends on our ability to develop new technologies and solutions, to anticipate future customer requirements and applicable industry standards, and to respond to the changing needs of our customers, competitive technological developments, and industry changes. Within our consumer business, we are presently investing in cybersecurity solutions to protect consumers’ PC and mobile devices, identity, privacy, family safety, web browsing, IoT, and smart home devices. For our enterprise customers, we are investing in developing a cybersecurity platform that addresses the entire threat defense life cycle, with solutions spanning endpoint security, cloud security, network security, and data and content protection, with unified management, threat intelligence, analytics and automation. We intend to continue to invest in these cybersecurity solutions by adding personnel and other resources to our business. We will likely recognize costs associated with these investments earlier than the anticipated benefits. If we do not achieve the anticipated benefits from these investments, or if the achievement of these benefits is delayed, our business, financial condition, results of operations, and cash flows may be adversely affected.

21


 

The process of developing new technologies is time consuming, complex, and uncertain, and requires the commitment of significant resources well in advance of being able to fully determine market requirements and industry standards. Furthermore, we may not be able to timely execute new technical product or solution initiatives for a variety of reasons such as errors in planning or timing, technical difficulties that we cannot timely resolve, or a lack of appropriate resources. Complex solutions like ours may contain undetected errors or compatibility problems, particularly when first released, which could delay or adversely impact market acceptance. We may also experience delays or unforeseen costs related to integrating products we acquire with products we develop, because we may be unfamiliar with errors or compatibility issues of products we did not develop ourselves. Any of these development challenges, or the failure to appropriately adjust our go-to-market strategy to accommodate new offerings, may result in delays in the commercial release of new solutions or may cause us to terminate development of new solutions prior to commercial release. Any such challenges could result in competitors bringing products or services to market before we do and a related decrease in our market segment share and net revenue. Our inability to introduce new solutions and enhancements in a timely and cost-effective manner, or the failure of these new solutions or enhancements to achieve market acceptance and comply with industry standards and governmental regulation, could seriously harm our business, financial condition, results of operations, and cash flows.

If our solutions have or are perceived to have defects, errors, or vulnerabilities, or if our solutions fail or are perceived to fail to detect, prevent, or block cyberattacks, including in circumstances where customers may fail to take action on attacks identified by our solutions, our reputation and our brand could suffer, which would adversely impact our business, financial condition, results of operations, and cash flows.

Many of our solutions are complex and may contain design defects, vulnerabilities, or errors that are not detected before their commercial release. Our solutions also provide our customers with the ability to customize a multitude of settings, and it is possible that a customer could misconfigure our solutions or otherwise fail to configure our solutions in an optimal manner. Such defects, errors, and misconfigurations of our solutions could cause our solutions to be vulnerable to cybersecurity attacks, cause them to fail to perform the intended operation, or temporarily interrupt the operations of our customers. In addition, since the techniques used by adversaries change frequently and generally are not recognized until widely applied, there is a risk that our solutions would not be able to address certain attacks. Moreover, our solutions and infrastructure technology systems could be targeted by bad actors and attacks specifically designed to disrupt our business and undermine the perception that our solutions are capable of providing their intended benefits, which, in turn, could have a serious impact on our reputation. The risk of a cybersecurity attack has increased during the current COVID-19 pandemic as more individuals are working from home and utilizing home networks for the transmission of sensitive information. Any cybersecurity vulnerability or perceived cybersecurity vulnerability of our solutions or systems could adversely affect our business, financial condition, results of operations, and cash flows.

Changing, updating, enhancing, and creating new versions of our solutions may cause errors or performance problems in our products and solutions, despite testing and quality control. We cannot be certain that defects, errors, or vulnerabilities will not be found in any such changes, updates, enhancements, or new versions, especially when first introduced. Even if new or modified solutions do not have such problems, the solutions may have difficulties in installing, we may have difficulty providing any necessary training and support to customers, and our customers may not follow our guidance on appropriate training, support, and implementation for such new or modified solutions. In addition, changes in our technology may not provide the additional functionality or other benefits that were expected. Implementation of changes in our technology also may cost more or take longer than originally expected and may require more testing than initially anticipated. While new solutions are generally tested before they are used in production, we cannot be sure that the testing will uncover all problems that may occur in actual use.

If any of our customers are affected by a cybersecurity attack (such as becoming infected with malware) while using our solutions, such customers could be disappointed with our solutions or perceive that our solutions failed to perform their intended purpose, regardless of whether our solutions operated correctly, blocked, or detected the attack or would have blocked or detected the attack if configured properly. If any of our customers experience a security breach, such customers and the general public may believe that our solutions failed. Furthermore, if any customer publicly known to use any of our solutions is the subject of a cyberattack that becomes publicized, our other current or potential customers may choose to purchase alternative solutions from our competitors, or supplement our solution with our competitors’ products. Real or perceived security breaches of our customers could cause disruption or damage or other negative consequences and could result in negative publicity about us, reduced sales, damage to our reputation and competitive position, increased expenses, and customer relations problems.

22


 

Furthermore, our solutions may fail to detect or prevent malware, viruses, worms, or similar threats for any number of reasons, including our failure to enhance and expand our solutions to reflect market trends and new attack methods, new technologies and new operating environments, the complexity of our customers’ environment and the sophistication and coordination of threat actors launching malware, ransomware, viruses, intrusion devices, and other threats. In addition, from time to time, firms test our solutions against other security products and services. Our solutions may fail to detect or prevent threats in any particular test for a number of reasons, including misconfiguration. To the extent potential customers, industry analysts, or testing firms believe that the occurrence of a failure of our solutions to detect or prevent any particular threat is a flaw or indicates that our solutions do not provide significant value or are inferior to competing solutions, our reputation and business could be harmed. Failure to keep pace with technological changes in the cybersecurity industry and changes in the threat landscape could also adversely affect our ability to protect against security breaches and could cause us to lose customers.

We may also incur significant costs and operational consequences of investigating, remediating, eliminating, and putting in place additional tools and devices designed to prevent actual or perceived security breaches and other incidents, as well as the costs to comply with any notification obligations resulting from any security incidents.

Failure to adapt our product and service offerings to changing customer demands, or lack of customer acceptance of new or enhanced solutions, could harm our business and financial results.

Our success depends on developing new solutions and enhancing existing solutions to reflect market trends, new technologies, and new operating environments, and the rapidly evolving needs of our customers. For example, we must continue to expand our cybersecurity solutions to address the increasingly broad range of mobile devices, continuing growth in remote access to enterprises, and the proliferation of IP-connected embedded systems and devices, the “Internet of Things,” and the continued growth of hybrid, virtual and cloud-based environments. We also must continue to develop new and enhanced solutions capable of protecting against emerging technologies as they are being released and adopted by our customers. Our failure to continually innovate and produce new and refreshed solutions to satisfy customers changing preferences, maintain compatibility with evolving operating systems, and effectively compete with other market offerings in a timely and cost-effective manner may harm our ability to renew contracts with existing customers and to create or increase demand for our solutions, which may adversely impact our results of operations. We must also continuously work to ensure that our products and services meet changing industry certifications and standards. We may invest in complementary or competitive businesses, products, or technologies to help us keep pace with market changes, but these investments may not result in products that are important to our customers or we may not realize the benefits of these investments.

Our future financial results will depend in part on whether our new or updated products and solutions receive sufficient customer acceptance. Achieving market acceptance for new or updated solutions is likely to require substantial marketing efforts and expenditure of significant funds to create awareness and demand by customers. In addition, deployment of new or updated solutions may require the use of additional resources for training our existing direct sales force and customer service personnel and for hiring and training additional salespersons and customer service personnel. Failure to achieve broad penetration in target markets with respect to new or updated solutions could have an adverse impact on our business, results of operations, or financial condition.

If we are unable to increase sales of our solutions to new customers, our future results of operations may be harmed.

An important part of our growth strategy involves continued investment in direct marketing efforts, channel partner relationships, our sales force, and infrastructure to add new customers. The number and rate at which new customers may purchase our products and services depends on a number of factors, including those outside of our control, such as customers’ perceived need for our solutions, competition, general economic conditions, market transitions, product obsolescence, technological change, shifts in buying patterns, the timing and duration of hardware refresh cycles, financial difficulties and budget constraints of our current and potential customers, public awareness of security threats to IT systems, and other factors. These new customers, if any, may renew their contracts with us and purchase additional solutions at lower rates than we have experienced in the past, which could affect our financial results.

23


 

If our continued investment in the development and expansion of our cloud-based solutions is not successful, or if the cloud security market does not evolve as we anticipate, our ability to grow our business and results of operations may be harmed.

Consumers and enterprise customers increasingly demand cloud-based solutions for their cybersecurity needs. As the market for cloud-based offerings grows, pricing and delivery models are evolving, and our competitors are rapidly developing and deploying cloud-based products and services to address these demands. We are investing significant resources in the development, acquisition, and expansion of our portfolio of cloud-based solutions, such as our MVISION Cloud, Cloud Workload Security, and Virtual Network Security Platform offerings. We expect to continue this investment, which may include increased internal research and development, strategic acquisitions, equipment purchases, and long-term leases or service agreements associated with acquiring space for the data centers that support such cloud-based solutions. We cannot be certain that we will be successful in growing sales of our cloud-based solutions or generate sufficient revenue to recoup these investments.

Moreover, growing our cloud-based solutions may require us to make operational and strategic shifts to our business model and expend significant resources in building the operational infrastructure necessary to support our cloud-based offerings. We may also be required to make adjustments to our sales infrastructure and compensation models and our go-to-market strategies in order to successfully compete in this market. Certain competitors that focus primarily or exclusively on cloud-based offerings, including smaller or emerging companies, may have a competitive advantage in the cloud-based security market due to their ability to devote resources to these products without the need to continue to support a broader suite of cybersecurity solutions. We cannot be certain that we will be able to compete successfully with competitors in the cloud security market.

The success of our investments in our cloud-based solutions will also depend to a significant extent on the continued growth in the market for cloud-based products and services that address consumer and enterprise security needs. The market for cloud-based security solutions is at an early stage, and it is difficult to predict important market trends, including the potential growth, if any, of the market for these solutions. To date, some organizations have been reluctant to use cloud-based solutions because they have concerns regarding the risks associated with the reliability or security of the delivery model associated with these solutions. If other cloud-based service providers experience or are perceived to have experienced security incidents, loss of customer data, disruptions in service delivery, or other problems, the market for cloud-based solutions as a whole, including our cloud-based offerings, may be negatively impacted. If the demand for our cloud-based offerings does not continue to grow for any of the reasons discussed above, our business, results of operations, and financial condition may be harmed.

Our ability to maintain customer satisfaction depends in part on the quality of our technical support services, and increased demands on those services may adversely affect our relationships with our customers and negatively impact our financial results.

We offer technical support services with many of our solutions. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. We also may be unable to modify the format of our support services to compete with changes in support services provided by competitors or to successfully integrate support for our customers. Further customer demand for these services, without corresponding revenue, could increase costs and adversely affect our results of operations.

We have outsourced a substantial portion of our worldwide consumer support functions to third-party service providers. If these companies encounter financial difficulties, experience service disruptions, do not maintain sufficiently skilled workers and resources to satisfy our contracts or otherwise fail to perform at an acceptable level under these contracts, the level of support services to our customers may be significantly disrupted, which could materially harm our relationships with these customers.

If our solutions do not interoperate with our customers’ existing systems and devices in a manner which our customers expect, sales of our solutions could be adversely affected.

Our solutions must interoperate with our customers’ existing information technology systems, which often incorporate numerous products from third-party vendors. For example, our solutions must be compatible with new or otherwise evolving operating systems, Internet browsers, and hardware, while remaining compatible with existing and established operating systems, browsers, and hardware. Our products must interoperate with many or all of the products within our customers’ systems and devices in order to meet our customers’ requirements. This interoperability requires us to devote significant resources to ongoing product development and testing to maintain and improve the compatibility of our solutions and their performance within our customers’ systems.

24


 

Many of our enterprise customers’ systems also contain multiple generations of products that have been added over time as these systems have grown and evolved. These customers also have unique specifications, rapidly evolve, and utilize multiple protocol standards. They may also implement proprietary encryption protocols that our products are initially unable to recognize, decrypt, or otherwise manage. If we are unable to successfully manage and interpret new protocol standards and versions, if we encounter problematic network configurations or settings, or if we encounter proprietary encryption protocols, we may have to modify our solutions so that they interoperate with the information technology systems of our customers and can operate effectively. It may be necessary for us to obtain a license to implement proprietary encryption or other protocols, and there can be no assurance that we will be able to obtain such a license.

In addition, certain of our competitors may take steps to limit the interoperability of our solutions with their own products and services. Operating system, Internet browser, and other adjacent IT providers may also develop or incorporate competitive security offerings into their products and may seek to limit our own solutions interoperability with those products. Consequently, we may suffer delays in the development of our solutions or our solutions may be unable to operate effectively. This could result in decreased demand for our solutions, decreased revenue, harm our reputation, and adversely affect our business, financial condition, results of operations, and cash flows.

Our solutions operate in a wide range of complex customer systems, networks, and configurations, which could result in product errors or bugs.

Due to the complexity of our solutions, and of the customer environments in which they are installed and operated, undetected errors, failures, or bugs may occur. This risk is heightened when products are first deployed or when new or updated versions are released. Our solutions are installed and used in computing environments with different operating systems, system management software, and equipment and networking configurations, which make pre-release testing of new or updated solutions for programming or compatibility errors challenging.

Errors, failures, or bugs may not be found in new or updated products until after they are released into the market. In the past, we have discovered errors, failures, and bugs in certain of our product offerings after their release and, in some cases, have experienced delayed or lost revenues as a result of these errors. For example, certain product updates have contained errors that caused them to falsely detect viruses or computer threats that did not actually exist or cause compatibility issues with certain customer networks. These defects can damage or impair the affected customer and may cause affected devices and systems to temporarily slow or even shut down. Any such errors, failures, or bugs in products released by us could result in negative publicity, damage to our brand, loss of or delay in market acceptance of our solutions, loss of competitive position, or litigation or other claims initiated by customers or others. Addressing any such problems in the future could require significant expenditures and could cause interruptions or delays in the operation or availability of our solutions, which could cause us to lose existing or potential customers and could adversely affect our results of operations.

We rely on large amounts of data from a variety of sources to support our solutions and the loss of access to or the rights to use such data could reduce the efficacy of our solutions and harm our business.

Like many of our industry peers, we leverage large amounts of data related to threats, vulnerabilities, cyberattacks, and other cybersecurity intelligence to develop and maintain a number of our products and services. We collect, develop and store portions of this data using third parties and our own technology. We cannot be assured that such third parties or our technology that support the collection, development or storage of such data, and the sources of such data itself, will continue to be effective or available and the loss or reduction in quality of such data may adversely impact the efficacy of our solutions. Changes in laws or regulations in the United States or foreign jurisdictions or the actions of governmental or quasi-governmental entities may increase the costs to collect, develop or store such data, partially or completely prohibit use of such, or could result in disclosure of such data to the public or other third parties, which may reduce its value to us or as part of our solutions and thereby harm our business.

 

25


 

A portion of our revenue is generated by sales to government entities, which are subject to a number of uncertainties, challenges, and risks.

We currently sell many of our solutions to various government entities, and we may in the future increase sales to government entities. Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that we will complete a sale. In the event that we are successful in being awarded a government contract, such award may be subject to appeals, disputes, or litigation, including, but not limited to, bid protests by unsuccessful bidders. Government demand and payment for our solutions may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions. The majority of our sales to government agencies are completed through our network of channel partners, and government entities may have statutory, contractual, or other legal rights to terminate contracts with our channel partners for convenience or due to a default. For purchases by the U.S. federal government, the government may require certain products to be manufactured in the United States and other high cost manufacturing locations, and we may not manufacture all products in locations that meet government requirements, and as a result, our business and results of operations may suffer. Contracts with governmental entities may also include preferential pricing terms, including, but not limited to, “most favored customer” pricing. Additionally, we may be required to obtain special certifications to sell some or all of our solutions to government or quasi-government entities. Such certification requirements for our solutions may change, thereby restricting our ability to sell into the federal government sector until we have attained the revised certification. If our products and subscriptions are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our products and subscriptions to such governmental entities, or be at a competitive disadvantage, which would harm our business, results of operations, and financial condition. There are no assurances that we will find the terms for obtaining such certifications to be acceptable or that we will be successful in obtaining or maintaining the certifications.

As a government contractor or subcontractor, we must comply with laws, regulations, and contractual provisions relating to the formation, administration, and performance of government contracts and inclusion on government contract vehicles, which affect how we and our partners do business with government agencies. As a result of actual or perceived noncompliance with government contracting laws, regulations, or contractual provisions, we may be subject to non-ordinary course audits and internal investigations which may prove costly to our business financially, divert management time, or limit our ability to continue selling our products and services to our government customers. These laws and regulations may impose other added costs on our business, and failure to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to claims for damages from our channel partners, downward contract price adjustments or refund obligations, civil or criminal penalties, and termination of contracts and suspension or debarment from government contracting for a period of time with government agencies. Any such damages, penalties, disruption, or limitation in our ability to do business with a government would adversely impact, and could have a material adverse effect on, our business, results of operations, financial condition, public perception, and growth prospects.

Our business could be adversely affected if our employees cannot obtain and maintain required security clearances or we cannot maintain a required facility security clearance, or we do not comply with legal and regulatory obligations regarding the safeguarding of classified information.

A significant percentage of our U.S. government contract revenue is derived from contracts that require our employees to maintain various levels of security clearances, and may require us to maintain a facility security clearance, to comply with Department of Defense (“DoD”) requirements. The DoD has strict security clearance requirements for personnel who perform work in support of classified programs. In general, access to classified information, technology, facilities, or programs are subject to additional contract oversight and potential liability. In the event of a security incident involving classified information, technology, facilities, programs, or personnel holding clearances, we may be subject to legal, financial, operational, and reputational harm. We are limited in our ability to provide specific information about these classified programs, their risks, or any disputes or claims relating to such programs. As a result, investors have less insight into our classified programs than our other businesses and therefore less ability to fully evaluate the risks related to our classified business or our business overall.

Obtaining and maintaining security clearances for employees involves a lengthy process, and it is difficult to identify, recruit, and retain employees who already hold security clearances. If our employees are unable to obtain security clearances in a timely manner, or at all, or if our employees who hold security clearances are unable to maintain their clearances or terminate employment with us, then a customer requiring classified work could terminate an existing contract or decide not to renew the contract upon its expiration. To the extent we are not able to obtain or maintain a facility security clearance, we may not be able to bid on or win new classified contracts, and existing contracts requiring a facility security clearance could be terminated.

26


 

If our sales force is unable to maintain its sales productivity, sales of our solutions, and the growth of our business and financial performance could be adversely affected.

We are substantially dependent on our sales force to obtain new enterprise customers, increase sales to existing enterprise customers, and retain current enterprise customers. There is significant competition for sales personnel with the skills and technical knowledge that we require. The growth of our business will depend on our success in recruiting, training, and retaining sufficient numbers of sales personnel to support our growth. Any failure to hire, train, and adequately incentivize our sales personnel to reach target productivity levels could negatively impact our growth and operating margins. In addition, new hires require significant training and may require a lengthy onboarding process before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. If we are unable to recruit, train, and retain a sufficient number of productive sales personnel, sales of our solutions, and the growth of our business could be harmed.

We have lengthy sales cycles for some of our solutions for enterprises and governments, including renewal sales, which may result in delays in, or an inability to generate, revenues from these solutions.

Some of our solutions for enterprises and governments have long sales cycles, which could range from a few months to multiple years from initial contact with the customer to completion of implementation. How and when to implement, replace, or expand a cybersecurity system, or modify or add business processes, are important decisions for our customers, and some may be reluctant to change or modify existing procedures. Sales may be subject to delays due to customers’ internal procedures for deploying new technologies and processes, and implementation may be subject to delays based on the availability of internal customer resources or external support professionals needed. We may be unable to control many of the factors that will influence the timing of the buying decisions of customers and potential customers or the pace at which installation and training may occur, including any decision by our customers to delay or cancel implementation. If we experience longer sales, installation, and implementation cycles for our solutions, we may experience delays in generating, or a decreased ability to generate, revenue from these solutions, and may experience reduced renewals, which could adversely impact on our financial results.

 

Risks Related to Our Brand and Intellectual Property

If the protection of our proprietary technology is inadequate, we may not be able to adequately protect our innovations and brand.

Our success is dependent on our ability to create proprietary technology and to protect and enforce our intellectual property rights in that technology, as well as our ability to defend against adverse claims of third parties with respect to our technology and intellectual property rights. To protect our proprietary technology, we rely primarily on a combination of patent, copyright, trademark, and trade secret laws, as well as contractual provisions and operational and procedural confidentiality protections. The agreements that we enter into with our employees, contractors, partners, vendors, and end-users may not prevent unauthorized use or disclosure of our proprietary technology or infringement of our intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or infringement of our intellectual property rights, which may substantially harm our business. Furthermore, we cannot be assured that such agreements will be fully enforceable, or that they will not be breached by the counterparties, or that we will be able to detect, deter, or adequately address any such breach or threatened breach. As a provider of cybersecurity solutions, we may be an attractive target for computer hackers or other bad actors and may have a greater risk of unauthorized access to, and misappropriation of, our systems, technology, and proprietary information. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or obtain and use information that we regard as proprietary. Policing unauthorized use of our products and infringement of our rights is difficult. In addition, the laws of some foreign countries, including countries where we sell solutions or have operations, do not protect proprietary rights to as great an extent as do the laws of the United States. Our means of protecting our proprietary rights may not be adequate and third parties, including current and future competitors, may independently develop similar or superior technology, duplicate or reverse engineer aspects of our products, or design around our patented technology or otherwise infringe or circumvent our intellectual property rights.

27


 

As of December 26, 2020, we had approximately 1,400 issued U.S. patents, in addition to approximately 700 issued foreign patents. There can be no assurance that any of our pending patent applications will issue or that the patent examination process will not result in our narrowing the claims applied for in our patent applications or that any current or future issued patents will not be later challenged, limited, or invalidated. Furthermore, there can be no assurance that we will be able to detect any infringement of our existing or future intellectual property rights or, if infringement is detected, that we will be successful in asserting claims or counterclaims, that our intellectual property rights will be enforceable, that any damages awarded to us will be sufficient to adequately compensate us for the infringement, that we will be able to obtain injunctive relief to prevent ongoing infringement, or that the costs of seeking enforcement will not outweigh any benefits.

There can be no assurance or guarantee that any products, services, or technologies that we are presently developing, or will develop in the future, will result in intellectual property that is subject to legal protection under the laws of the United States or a foreign jurisdiction or that produces a competitive advantage for us.

We may be sued by third parties for alleged infringement, misappropriation, or other violation of their proprietary rights, and it may be necessary for us to sue third parties to enforce and protect our proprietary rights, resulting in potential lengthy and expensive litigation.

From time to time, third parties may claim that we have infringed, misappropriated, or otherwise violated their intellectual property rights, including claims regarding patents, copyrights, trademarks, and trade secrets. Because of constant technological change in the segments in which we compete, the extensive patent coverage of existing technologies, and the rapid rate of issuance of new patents, we expect the trend of third-party claims to continue and that we will be required to defend against actual or threatened litigation of this type. The litigation process is subject to inherent uncertainties, so we may not prevail in litigation matters regardless of the merits of our position. Our participation in any litigation could cause us to incur substantial costs and could distract our management from the day-to-day operations of our business. In addition to the expense and distraction associated with litigation, adverse determinations could cause us to lose our proprietary rights, prevent us from manufacturing or selling our products, require us to obtain licenses to patents or other intellectual property rights that our products are alleged to infringe, misappropriate, or otherwise violate (which licenses may not be available on commercially reasonable terms or at all), or re-design or re-engineer our products to address actual or claimed infringement, misappropriation, or other violation and subject us to significant liabilities.

If we acquire technology to include in our products from third parties, our exposure to actions alleging infringement, misappropriation, or other violation may increase because we must rely upon these third parties to verify the origin and ownership of such technology. Our agreements with such third parties may not provide adequate protections or remedies, and we may not be able to compel such third parties to provide any available remedies in the case of such actions. Similarly, we face exposure to actions alleging infringement, misappropriation, or other violation if we hire or engage software engineers or other personnel who were previously engaged by competitors or other third parties and those personnel inadvertently or deliberately incorporate proprietary technology of third parties into our products despite efforts to prevent such infringement, misappropriation, or other violation.

From time to time, the U.S. Supreme Court, other U.S. federal courts and the U.S. Patent and Trademark Appeals Board, and their foreign counterparts, have made and may continue to make changes to the interpretation of patent, copyright, trademark, or other intellectual property laws in their respective jurisdictions. We cannot predict future changes to the interpretation of such existing laws or whether U.S. or foreign legislative bodies will amend such laws in the future. Any such changes may lead to uncertainties or increased costs and risks surrounding the prosecution, validity, ownership, enforcement, and defense of our issued patents and patent applications and other intellectual property, the outcome of third-party claims of infringement, misappropriation, or other violation of intellectual property brought against us and the actual or enhanced damages (including treble damages) that may be awarded in connection with any such current or future claims, and could have a material adverse effect on our business, financial condition, results of operations, and cash flows.

28


 

We rely on certain technology that we license from third parties, including software that is integrated with internally developed software and used with our products. Any loss of those licenses or any quality issues with third-party technology integrated with our products could have an adverse impact on our reputation and business.

We rely on certain technology that we license from third parties, including third-party commercial software and open source software, which is integrated into or used with many of our solutions. This third-party technology may currently or could, in the future, infringe the intellectual property rights of third parties or the licensors may not have sufficient rights to the technology they license us in all jurisdictions in which we may sell our solutions. The licensors of the third-party technology we use may discontinue their offerings or change the prices for and other terms under which their technology is licensed. If we are unable to continue to license any of this technology on terms we find acceptable, or if there are quality, security, or other substantive issues with any of this technology, we may face delays in releases of our solutions or we may be required to find alternative vendors or remove functionality from our solutions. In addition, our inability to obtain certain licenses or other rights might require us to engage in potentially costly and time-consuming dispute resolution or litigation regarding these matters. Any of the foregoing could have a material adverse effect on our business, financial condition, results of operations, and cash flows.

Our use of open source software could negatively affect our ability to sell our solutions and subject us to possible litigation.

We use open source software in our solutions and our development and operating environments and expect to continue to use open source software in the future. Open source software is typically provided without assurances of any kind and could contain errors, bugs, or vulnerabilities or infringe the intellectual property rights of third parties. Because the source code of open source software components included in our solutions is publicly available, in instances where our usage is publicly disclosed or known, it may be easier to identify exploits or vulnerabilities in such open source software components, making our solutions using such open source software components more vulnerable to third parties seeking to compromise, undermine, or circumvent our solutions. If open source software programmers do not continue to develop and enhance open source technologies, our development expenses could increase and our schedules could be delayed. In addition, we may face claims from others seeking to enforce the terms of open source licenses, including by demanding release of derivative works or our proprietary source code that was developed using or otherwise used in connection with such open source software. The terms of many open source licenses have not been interpreted by U.S. or foreign courts, and these licenses could be construed in a way that could impose other unanticipated costs, conditions, or restrictions on our ability to commercialize our products. These claims could also result in litigation, require us to purchase a costly license, require us to devote additional research and development resources to change our solutions, or stop or delay shipment of such solutions, any of which could have a negative effect on our business, financial condition, results of operations, and cash flows. In addition, if the license terms for the open source software that we utilize change, we may be forced to reengineer our solutions or incur additional costs. Although we have policies designed to manage the use, incorporation, and updating of open source software into our products, we cannot be certain that we have in all cases incorporated open source software in our products in a manner that is consistent with the applicable open source license terms and inclusive of all available updates or security patches, and as a result we may be subject to claims for breach of contract or infringement by the applicable licensor, claims for breach of contract or indemnity by our partners or customers, or other third parties, or we or our partners or customers could be required to release our proprietary source code, pay damages, royalties, or license fees or other amounts, seek licenses, or experience quality control or security risks, any of which could require us to re-engineer our solutions, discontinue sales in the event re-engineering cannot be accomplished on a timely basis, or take other remedial action that may divert resources away from our development efforts, any of which could adversely affect our business.

If we fail to successfully promote or protect our brand, our business, and competitive position may be harmed.

Due to the intensely competitive nature of our markets, we believe that building and maintaining our brand and reputation is critical to our success, and that the importance of positive brand recognition will increase as competition in our market further intensifies. Over our 30-year history, we have invested and expect to continue to invest substantial resources to promote and maintain our brand as a trusted cybersecurity provider, but there is no guarantee that our brand development strategies will enhance the recognition of our brand or lead to increased sales of our solutions.

29


 

In recent years, there has been a marked increase in the use of social media platforms, including blogs, chat platforms, social media websites, and other forms of internet-based communications that allow individuals access to a broad audience of consumers and other persons. The rising popularity of social media and other consumer-oriented technologies has increased the speed and accessibility of information dissemination and given users the ability to more effectively organize collective actions such as boycotts. Negative publicity, whether or not justified, can spread rapidly through social media. The dissemination of information via social media could harm our brand or our business, regardless of the information’s accuracy. To the extent that we are unable to respond timely and appropriately to negative publicity, our reputation and brand could be harmed. This could include negative publicity related to our products or services or negative publicity related to actions by our executives, team members or other unaffiliated individuals or entities that may be perceived as being associated with us. Moreover, even if we are able to respond in a timely and appropriate manner, we cannot predict how negative publicity may affect our reputation and business. In addition, we and our employees use social media and other internet-based communications methods to communicate with our end-users, customers, partners, and the public in general. There is risk that the social media communications of us or our employees could be received negatively. Failure to use social media or other internet-based communication methods effectively could lead to a decline in our reputation. Further, laws and regulations, including associated enforcement priorities, rapidly evolve to govern social media platforms and other internet-based communications, any failure by us or third parties acting at our direction to abide by applicable laws and regulations in the use of social media or internet-based communications could adversely impact our reputation, financial performance or subject us to fines or other penalties. Other risks associated with the use of social media and internet based-communication include improper disclosure of proprietary information, negative comments about our brand, products, or services, exposure of personally identifiable information, fraud, hoaxes, or malicious dissemination of false information.

 

Risks Related to Third Party Relationships

We rely significantly on third-party partners to facilitate the sale of our products and solutions.

We sell a significant portion of our solutions through third-party intermediaries such as affiliates, retailers, ecommerce, PC OEMs, and other distribution channel partners (we refer to them collectively as “channel partners”). Our largest channel partner is Ingram Micro Inc. and it accounted for 15%, 15%, and 14% of our net revenue for the years ended December 29, 2018, December 28, 2019, and December 26, 2020, respectively. Our agreements with these channel partners typically provide that each partner agrees to sell and distribute our products within certain territories for one year. These agreements are nonexclusive and are non-transferable by our partners, and they typically automatically renew unless terminated by either party after providing prior written notice. If we lost a significant channel partner or if a significant channel partner becomes insolvent, our results of operations could be harmed. Although we provide support to these channel partners through our direct sales and marketing activities, we depend upon these channel partners to generate sales opportunities and to independently manage the sales process for opportunities with which they are involved. In order to increase our revenue, we expect we will need to maintain our existing channel partners and continue to train and support them, as well as add new channel partners and effectively train, support, and integrate them with our sales process. Additionally, the introduction of new solutions and our entry into any new markets may require us to develop appropriate channel partners and to train them to sell effectively. If we are unsuccessful in these efforts, our ability to grow our business will be limited and our business, financial condition, results of operations, and cash flows will be adversely affected.

Sales by our channel partners may vary significantly from period to period. Our channel partners operations may also be negatively impacted by other effects the COVID-19 pandemic is having on the global economy, such as increased credit risk of end customers and the uncertain credit markets. Our agreements with our channel partners are generally nonexclusive and may be terminated at any time without cause. Furthermore, our channel partners frequently market and distribute competing products and may, from time to time, place greater emphasis on the sale of these products due to pricing, promotions, and other terms offered by our competitors. Some of our channel partners may also experience financial difficulties, which could adversely impact our collection of the related accounts receivable. These factors can make it difficult for us to forecast our financial results accurately and can cause our financial results to fluctuate unpredictably.

While we require that our channel partners comply with applicable laws and regulations, they could engage in behavior or practices that expose us to legal or reputational risk. We could be subject to claims and liability as a result of the activities, products, or services of our channel partners. Even if these claims do not result in liability to us, investigating and defending these claims could be expensive, time consuming, and result in adverse publicity that could negatively affect our business, results of operations or financial condition.

If we fail to manage our growing distribution channels successfully, these channels may fail to perform as we anticipate, which could reduce our sales, increase our expenses, and weaken our reputation and competitive position.

30


 

If we fail to maintain relationships with our channel partners, or if we must agree to significant adverse changes in the terms of our agreements with these partners, it may have an adverse effect on our ability to successfully and profitably market and sell our products and solutions.

We have entered into contracts with our channel partners to market and sell our products and solutions. Most of these contracts are on a non-exclusive basis. However, under contracts with some of our channel partners, we may be bound by provisions that restrict our ability to market and sell our solutions to potential customers. Our arrangements with some of these channel partners involve negotiated payments to them based on percentages of revenues that they generate. If the payments prove to be too high, we may be unable to realize acceptable margins, but if the payments prove to be too low, the channel partners may not be motivated to market and sell our solutions and, thus, produce a sufficient volume of revenues for us. The success of these contractual arrangements will depend in part upon the channel partners’ own competitive, marketing, and strategic considerations, including the relative advantages of using alternative solutions being developed and marketed by them or our competitors. If any of these channel partners are unsuccessful in marketing our solutions or seeks to amend the financial or other terms of the contracts that we have with them, we will need to broaden our marketing efforts to increase focus on the solutions such channel partners sell and alter our distribution strategy, which may divert our planned efforts and resources from, and cause delays regarding, other projects. In addition, as part of the packages these channel partners market and sell, they may offer a choice to their customers between solutions that we supply and similar solutions offered by our competitors or by the channel partners directly. If our solutions are not chosen for inclusion in these packages, the revenues we earn from our channel partner relationships may decrease.

A significant portion of our Consumer segment revenue is derived from sales through our PC OEM partners that bundle our products with their products. Our reliance on this sales channel is significantly affected by our partners’ sales of new products into which our products or services are bundled. Our revenue from sales through our PC OEM partners is affected primarily by the number of personal computers on which our products are bundled, the geographic mix of their sales, and the rate at which consumers purchase or subscribe to the bundled products. Our PC OEM partners are also in a position to exert competitive pricing pressure. The rate at which consumers purchase or subscribe to the bundled products is affected by other factors, including other terms with the OEM. The continued decline in the PC market as the market shifts towards mobility has increased competition for PC OEMs’ business and gives PC OEMs leverage to demand financial concessions from us in order to secure their business. These agreements require a significant commitment of resources and capital. There is no guarantee we will have sufficient resources to maintain these agreements or secure new PC OEM partners. Even if we negotiate what we believe are favorable terms when we first establish a relationship with a PC OEM, at the time of the renewal of the agreement, we may be required to renegotiate our agreement with them on less favorable terms. Lower net prices for our products or other financial concessions would adversely impact our financial results. Further, acquiring high numbers of Consumer customers through our PC OEM partner channel may adversely impact our profitability, as we may see lower average prices from higher mix of new customers and under the PC OEM agreements we may see higher partner related spending during the period of high PC demand and high customer acquisition, until such customers renew with us upon subscription expiration. Any adverse changes in our relationship with our channel partners could have an adverse effect on our business and financial results.

We rely on third-party manufacturers to manufacture and produce our hardware products and to package certain of our software products, which subjects us to risks of product delivery delays and other supply risks.

We rely on a limited number of third parties to manufacture our hardware-based products and to replicate and package our boxed software products. Many of our products are manufactured and supplied by a single, although not the same, source. This reliance on third parties involves a number of risks that could have a negative impact on our business and financial results. Our reliance on these third-party manufacturers reduces our control over the manufacturing process and exposes us to risks, including reduced control over quality assurance, product costs, product supply, timing, and transportation risk. From time to time, we may be required to add new manufacturing partners to accommodate growth in orders or the addition of new products. It is time consuming and costly to qualify and implement new manufacturing partner relationships, and such additions increase the complexity of our supply chain management. If we lose, terminate, or fail to effectively manage our manufacturing partner relationships, or if any of our manufacturing partners experience production interruptions or shut-downs, including those caused by a natural disaster, epidemic, pandemic (such as the COVID-19 pandemic), capacity shortage, or quality-control problem, it would negatively affect sales of our product lines manufactured by that manufacturing partner and adversely affect our business and results of operations.

31


 

We rely on third parties to support our information technology infrastructure and any service interruptions or other failures of our third-party providers or of our information technology infrastructure could result in disruption to our operations or adversely impact our business.

We engage third parties to provide variety of information technology products and services to support our information technology infrastructure. Any failure on the part of our third-party providers or of our information technology infrastructure to operate effectively, stemming from maintenance problems, upgrading or transitioning to new platforms, a breach in security or other unanticipated problems could result in interruptions to or delays in our operations or our products or services. Our third-party provider may also discontinue providing the information technology products or services we use and we may be required to replace such products or services, which could result in unanticipated expenses and disruptions to our information technology infrastructure.

In addition, we make significant investments in new information technology infrastructure, but the implementation of such investments could exceed estimated budgets and we may experience challenges that prevent new strategies or technologies from being realized according to anticipated schedules. If we are unable to effectively maintain our current information technology and processes or encounter delays, or fail to exploit new technologies, then the execution of our business plans may be disrupted. Our employees and other personnel require effective tools and techniques supported by our information technology infrastructure to perform functions integral to our business. Any failure to successfully provide such tools and systems, or ensure that our personnel have properly adopted them, could materially and adversely impact our ability to achieve positive business outcomes.

Some of our systems or data that we may maintain or process may not be adequately backed up, and our disaster recovery planning cannot account for all eventualities. The occurrence of a natural disaster, intentional sabotage, or other unanticipated problems could result in significant interruptions to our operations or the permanent loss of valuable data, which could harm our reputation and reduce the efficacy and value of products and services. In addition, the implementation of changes and upgrades to our information technology infrastructure and any errors, vulnerabilities, damage, or failure of our information technology infrastructure, could result in interruptions to our operations or products or services and non-compliance with certain laws or regulations, which may lead us to face fines or penalties, give rise to indemnification or other contractual claims against us by our customers or other third parties, and otherwise adversely impact our business.

Our third-party strategic alliances expose us to a range of business risks and uncertainties that are outside of our control and that could have a material adverse impact on our business and financial results.

We have entered, and intend to continue to enter, into strategic alliances with third parties to support our future growth plans. These relationships involve technology licensing, product integration, and co-marketing and co-promotion activities. For example, we have arrangements with operating system vendors that provide us with sufficient technological access to new and updated versions of their operating systems to enable us to develop and deploy interoperable products that are deeply integrated with their operating systems on our customers’ networks and devices. We also partner with certain Internet search providers to promote their offerings to our customers. We invest significant time, money, and resources to establish and maintain these strategic relationships, but we have no assurance that any particular relationship will continue for any specific period of time.

Furthermore, certain of these strategic partners currently offer, and may in the future offer, products, and services that compete with our own solutions in certain markets, and in the future these partners may impose limitations on, or terminate, our partnerships in order to improve their own competitive position. Generally, our agreements with these partners are terminable without cause with no or minimal notice or penalties. Any adverse change in our relationships with a significant strategic partner could limit or delay our ability to offer certain new or competitive solutions, increase our development costs, and reduce our revenue, any of which could have an adverse impact on our competitive position and our financial performance. In addition, we could be required to incur significant expenses to develop a new strategic partnership or to develop and implement an alternative plan to pursue the opportunity that we targeted with the former partner, which could adversely affect our business, financial condition, results of operations, and cash flows.

 

32


 

Risks Related to our Technology Systems and Privacy

If our security measures are breached or unauthorized access to our data is otherwise obtained, our brand, reputation, and business could be harmed, and we may incur significant liabilities.

As a cybersecurity leader, we are a high-profile target for data breaches, cyberattacks, and other intentional disruptions of our systems and our solutions. Our networks and solutions may have vulnerabilities that may be targeted by hackers and could be targeted by attacks specifically designed to disrupt our business, access our network, source code or other data, and harm our reputation. Similarly, experienced computer programmers or other sophisticated individuals or entities, including malicious hackers, state-sponsored organizations, criminal networks, and insider threats including actions by employees and third-party service providers, may attempt to penetrate our network security or the security of our systems and websites, and misappropriate proprietary information or cause interruptions of our solutions, including the operation of the global civilian cyber intelligence threat network. This risk has increased during the current COVID-19 pandemic as more individuals are working from home and utilizing home networks for the transmission of sensitive information. The techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently, often are not recognized until launched against a target, and may originate from less regulated or remote areas around the world. As a result, we may be unable to proactively prevent these techniques, implement adequate preventative or reactionary measures, react to or address any attack or incident in a timely manner or enforce the laws and regulations that govern such activities. Such attacks may go undetected for a period of time complicating our ability to respond effectively. In addition, it is possible that hardware failures, human errors (including being subject to phishing attacks, social engineering techniques, or similar methods) or errors in our systems could result in data loss or corruption, or cause the information that we collect to be incomplete or contain inaccuracies. We may not be able to correct any security flaws or vulnerabilities promptly, or at all. A breach of our network security and systems or other events that cause the loss or public disclosure of, or access by third parties to, our systems or data that we maintain or process, or the perception that any of these have occurred, could have serious negative consequences for our business, including possible fines, penalties and damages, reduced demand for our solutions, an unwillingness of our customers to use our solutions, harm to our brand and reputation, and time consuming and expensive litigation. In addition, such a security breach could impair our ability to operate our business, including our ability to provide subscription and support services to our customers. Additionally, our service providers may suffer or be perceived to suffer, data security breaches or other incidents that may compromise data stored or processed for us that may give rise to any of the foregoing. Any of these negative outcomes could adversely impact our business and results of operations.

Furthermore, while our errors and omissions insurance policies include liability coverage for certain of these matters, if we experience a widespread security breach or other incident, we could be subject to indemnity claims or other damages that exceed our insurance coverage. We also cannot be certain that our insurance coverage will be adequate for data handling or data security liabilities actually incurred, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, results of operations, and reputation.

We rely on payment cards to receive payments and are subject to payment-related risks.

We accept a variety of payment methods, including credit cards and debit cards, as payment for certain of our consumer solutions. Accordingly, we are, and will continue to be, subject to significant and evolving regulations and compliance requirements relating to payment card processing. This includes laws governing the collection, processing and storage of sensitive consumer information, as well as industry requirements such as the Payment Card Industry Data Security Standard (“PCI-DSS”). These laws and obligations may require us to implement enhanced authentication and payment processes that could result in increased costs and liability, and reduce the ease of use of certain payment methods. For certain payment methods, including credit and debit cards, we pay interchange and other fees, which may increase over time. We are also subject to payment card association operating rules and agreements, including PCI-DSS, certification requirements, and rules governing electronic funds transfers, which could change or be reinterpreted to make it difficult or impossible for us to comply. If we fail to comply with these rules or requirements, or if our data security systems are breached or compromised, we may be liable for losses incurred by card issuing banks or consumers, subject to fines and higher transaction fees, lose our ability to accept credit or debit card payments from our consumers, or process electronic fund transfers or facilitate other types of payments. Any failure to comply with these requirements could significantly harm our brand, reputation, business, and results of operations.

33


 

Our failure to adequately maintain and protect personal information of our customers or our employees in compliance with evolving legal requirements could have a material adverse effect on our business.

We collect, use, store, disclose, or transfer (collectively, “process”) personal information, including from employees and customers, in connection with the operation of our business. A wide variety of local and international laws and regulations apply to the processing of personal information. Data protection and privacy laws and regulations are evolving and being tested in courts and may result in increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. For example, in 2016, the E.U. adopted the General Data Protection Regulation (“GDPR”), which took effect on May 25, 2018. The GDPR imposes requirements that may limit how we are permitted to process data on behalf of ourselves and our clients, and we may be required to incur significant additional costs to comply with these requirements. Applicable laws, regulations and court decisions in the E.U. relating to privacy and data protection could also impact our ability to transfer personal data internationally. The GDPR specifies substantial maximum fines for failure to comply. Continued compliance with the GDPR and national laws in the E.U. may require significant changes to our products and practices to ensure compliance with applicable law.

A variety of data protection legislation also apply in the United States at both the federal and state level, including new laws that may impact our operations. For example, in June 2018, the State of California enacted the California Consumer Privacy Act of 2018 (“CCPA”), which went into effect on January 1, 2020, with enforcement by the state attorney general beginning July 1, 2020. The CCPA defines “personal information” in a broad manner and generally requires companies that process personal information of California residents to make new disclosures about their data collection, use, and sharing practices, allows consumers to opt-out of certain data sharing with third parties or sale of personal information, and provides a new cause of action for data breaches. Moreover, a new privacy law, the California Privacy Rights Act (“CPRA”) was recently certified by the California Secretary of State to appear on the ballot for the upcoming election on November 3, 2020. If this initiative is approved by California voters, the CPRA would significantly modify the CCPA, potentially resulting in further uncertainty and requiring us to incur additional expenditures to comply. Additionally, the Federal Trade Commission, and many state attorneys general are interpreting federal and state consumer protection laws to impose standards for the online collection, use, dissemination, and security of data. The burdens imposed by the CCPA and other similar laws that have been or may be enacted at the federal and state level may require us to modify our data processing practices and policies and to incur substantial expenditures in order to comply.

Global privacy and data protection legislation, enforcement, and policy activity are rapidly expanding and evolving, and may be inconsistent from jurisdiction to jurisdiction. On July 16 2020, the Court of Justice of the European Union, Europe’s highest court, held in the Schrems II case that the E.U.-U.S. Privacy Shield, a mechanism for the transfer of personal data from the E.U. to the U.S., was invalid, and imposed additional obligations in connection with the use of standard contractual clauses approved by the European Commission. The impact of this decision on the ability to lawfully transfer personal data from the E.U. to the U.S. is being assessed and guidance from European regulators and advisory bodies is awaited. It is possible that the decision will restrict the ability to transfer personal data from the E.U. to the U.S. and we may, in addition to other impacts, experience additional costs associated with increased compliance burdens, and we and our customers face the potential for regulators in the European Economic Area (“EEA”) to apply different standards to the transfer of personal data from the EEA to the U.S., and to block, or require ad hoc verification of measures taken with respect to, certain data flows from the EEA to the U.S. We may experience reluctance or refusal by current or prospective European customers to use our products, and we may find it necessary or desirable to make further changes to our handling of personal data of EEA residents. The regulatory environment applicable to the handling of EEA residents’ personal data, and our actions taken in response, may cause us to assume additional liabilities or incur additional costs and could result in our business, operating results and financial condition being harmed. We and our customers may face a risk of enforcement actions by data protection authorities in the EEA relating to personal data transfers to us and by us from the EEA. Any such enforcement actions could result in substantial costs and diversion of resources, distract management and technical personnel and negatively affect our business, operating results and financial condition. Additionally, we may be or become subject to data localization laws mandating that data collected in a foreign country be processed only within that country. If any country in which we have customers were to adopt a data localization law, we could be required to expand our data storage facilities there or build new ones in order to comply. The expenditure this would require, as well as costs of compliance generally, could harm our financial condition.

Further, in June 2016, the U.K. voted to leave the E.U., which resulted in the U.K. exiting the E.U. on January 31, 2020, subject to a transition period that ended on December 31, 2020. Brexit could lead to further legislative and regulatory changes. The U.K. has implemented a Data Protection Act that substantially implements the GDPR, but it remains to be seen whether the U.K.’s withdrawal from the E.U. pursuant to Brexit will substantially impact the manner in which U.K. data protection laws or regulations will develop in the medium to longer term and how data transfers to and from the U.K. will be regulated.

34


 

Our actual or alleged failure to comply with any applicable laws and regulations or privacy-related contractual obligations, or to protect such data that we process, could result in litigation, regulatory investigations, and enforcement actions against us, including fines, orders, public censure, claims for damages by employees, customers, and other affected individuals, public statements against us by consumer advocacy groups, damage to our reputation and competitive position, and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our business, financial condition, results of operations, and cash flows. Evolving and changing definitions of personal information, personal data, and similar concepts within the E.U., the United States, and elsewhere, especially relating to classification of IP addresses, device identifiers, location data, household data, and other information we may collect, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. Additionally, if third parties that we work with, such as vendors or developers, violate applicable laws or our policies, such violations may also place personal information at risk and have an adverse effect on our business. Even the perception of privacy concerns, whether or not valid, may harm our reputation, subject us to regulatory scrutiny and investigations, and inhibit adoption of our products by existing and potential customers.

 

Risks Related to Our International Operations

We operate globally and are subject to significant business, economic, regulatory, social, political, and other risks in many jurisdictions.

Global or regional conditions may harm our financial results. We have operations in many countries and our business activities are concentrated in certain geographic areas including without limitation the Asia Pacific (“APAC”), Europe, Middle-East, and Africa (“EMEA”), and Latin American Region (“LAR”) regions. We derived 44.8% of our net revenue from international customers for fiscal 2020. As a result, our domestic and international operations and our financial results may be adversely affected by a number of factors outside of our control, including:

 

global and local economic conditions;

 

differing employment practices and labor issues;

 

formal or informal imposition of new or revised export and/or import and doing-business regulations, including trade sanctions, taxes, and tariffs, which could be changed without notice;

 

regulations or restrictions on the use, import, or export of encryption technologies that could delay or prevent the acceptance and use of encryption products and public networks for secure communications;

 

 

compliance with evolving foreign laws, regulations, and other government controls addressing privacy, data protection, data localization, and data security;

 

ineffective legal protection of our intellectual property rights in certain countries;

 

increased uncertainties regarding social, political, immigration, and trade policies in the United States and abroad, such as those caused by recent U.S. legislation and the withdrawal of the United Kingdom (the “U.K.”) from the European Union (the “E.U.”), which is commonly referred to as “Brexit;”

 

geopolitical and security issues, such as armed conflict and civil or military unrest, crime, political instability, human rights concerns, and terrorist activity;

 

natural disasters, public health issues, pandemics (such as the COVID-19 pandemic), and other catastrophic events;

 

inefficient infrastructure and other disruptions, such as supply chain interruptions and large-scale outages or unreliable provision of services from utilities, transportation, data hosting, or telecommunications providers;

 

other government restrictions on, or nationalization of, our operations in any country, or restrictions on our ability to repatriate earnings from a particular country;

 

seasonal reductions in business activity in the summer months in Europe and in other periods in other countries;

 

costs and delays associated with developing software and providing support in multiple languages;

 

greater difficulty in identifying, attracting, and retaining local qualified personnel, and the costs and expenses associated with such activities;

 

longer payment cycles and greater difficulties in collecting accounts receivable; and

 

local business and cultural factors that differ from our normal standards and practices, including business practices that we are prohibited from engaging in by U.S. Foreign Corrupt Practices Act of 1977 (“FCPA”) and other anti-corruption laws and regulations.

35


 

Research and development risks. We employ engineers in a number of jurisdictions outside the United States. In many of these jurisdictions the laws relating to the protection of rights in technology and intellectual property are less strict than the laws in the United States or not enforced to the same extent as they are enforced in the United States. As a result, in some foreign jurisdictions we may be subject to heightened attempts to gain unauthorized access to our information technology systems or surreptitiously introduce software into our products. These attempts may be the result of hackers or others seeking to harm us, our products, or our customers. We have implemented various measures to manage our risks related to these disruptions, but these measures may be insufficient, and a system failure or security breach could negatively impact our business, financial condition, results of operations, and cash flows. The theft or unauthorized use or publication of our trade secrets and other confidential or proprietary business information as a result of such an incident could negatively impact our competitive position. In addition, we may incur additional costs to remedy the damages caused by these disruptions or security breaches.

Other operating risks. Additional risks of international business operations include the increased costs of establishing, managing, and coordinating the activities of geographically dispersed and culturally diverse operations (particularly sales and support and shared service centers) located on multiple continents in a wide range of time zones.

Our business operations and the use of our technology are subject to evolving legal requirements regarding privacy throughout the world.

We currently operate our business in jurisdictions where we are subject to evolving data protection or privacy laws and regulations. Certain of our products and services involve the transmission data between jurisdictions. While we are continuously evaluating our products’ and services’ compliance with current regulatory and security requirements in the jurisdictions in which we offer these products and services, there can be no assurance that such requirements will not change or that we will not otherwise be subject to legal or regulatory actions. In addition, our products, when configured by our customers, may intercept and examine data in a manner that may subject their use to privacy and data protection laws and regulations in those jurisdictions in which our customers operate.

Any failure or perceived failure by us or by our products or services to comply with these laws and regulations may subject us to legal or regulatory actions, damage our reputation, or adversely affect our ability to sell our products or services. Moreover, if these laws and regulations change, or are interpreted and applied in a manner that is inconsistent with our data practices or the operation of our products and services, we may need to expend resources in order to change our business operations, data practices, or the manner in which our products or services operate. This could adversely affect our business, financial condition, results of operations, and cash flows.

 

Risks Related to Regulation

We are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in international markets.

Our solutions are subject to U.S. export controls, specifically the Export Administration Regulations and economic sanctions enforced by the Office of Foreign Assets Control. We incorporate standard encryption algorithms into certain of our solutions, which, along with the underlying technology, may be exported outside of the United States only with the required export authorizations, including by license, license exception, or other appropriate government authorizations, which may require the filing of a classification request or report. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain products and services to countries, governments, and persons targeted by U.S. sanctions, including embargoes. Even though we take precautions to ensure that we and our channel partners comply with all relevant regulations, any failure by us or our channel partners to comply with U.S. export requirements, U.S. customs regulations, U.S. economic sanctions, or other laws could have negative consequences, including reputational harm, government investigations, and substantial civil and criminal penalties (e.g., fines, incarceration for responsible employees and managers, and the possible loss of export or import privileges).

In addition, changes in our solutions or changes in export and import regulations may create delays in the introduction of our solutions into international markets, including as a consequence of new licensing requirements, prevent certain personnel from developing or maintaining our products, prevent our end-customers with international operations from deploying our products globally or, in some cases, prevent or delay the export or import of our solutions to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons, or technologies targeted by such regulations, could result in decreased use of our solutions by, or in our decreased ability to develop, export to, or sell our solutions to, existing or potential end-customers with international operations. Any decreased use of our solutions or limitation on our ability to develop, export to, or sell our solutions in international markets would likely adversely affect our business, financial condition, results of operations, and cash flows.

 

36


 

There is also significant uncertainty about the future relationship between the United States and various other countries, most significantly China, with respect to trade policies, treaties, government regulations, and tariffs. The current United States presidential administration is pursuing substantial changes to United States foreign trade policy with respect to China, Mexico, and other countries, including the possibility of imposing greater restrictions on international trade, restrictions on sales and technology transfers to certain Chinese corporations, and significant increases of tariffs on goods imported into the United States. Given the relatively fluid regulatory environment in China and the United States and uncertainty regarding how the United States or foreign governments will act with respect to tariffs, international trade agreements and policies, a trade war, further governmental action related to tariffs or international trade policies, or additional tax or other regulatory changes in the future could occur and could directly and adversely impact our financial results and results of operations.

Failure to comply with the U.S. Foreign Corrupt Practices Act, other applicable anti-corruption and anti-bribery laws, and applicable anti-money-laundering laws could subject us to penalties and other adverse consequences.

We currently conduct a substantial portion of our operations and sell our products and services in numerous countries outside of the United States, including in the APAC, EMEA, and LAR regions. Our global operations are subject to the FCPA, the U.K. Bribery Act 2010, and other anti-corruption, anti-bribery, anti-money laundering, and similar laws in the United States and other countries in which we conduct activities. The FCPA prohibits covered parties from offering, promising, authorizing, or giving anything of value, directly or indirectly, to a “foreign government official” with the intent of improperly influencing the official’s act or decision, inducing the official to act or refrain from acting in violation of lawful duty or obtaining or retaining an improper business advantage. In addition, other applicable anti-corruption laws prohibit bribery of domestic government officials as well as commercial bribery, which involves the giving or receiving improper payments to or from non-government parties.

While we have implemented policies, internal controls, and other measures reasonably designed to promote compliance with applicable anti-corruption, anti-bribery, and anti-money-laundering laws and regulations, our employees, agents, and strategic partners may engage in improper conduct for which we might be held responsible. Any violations of these anti-corruption, anti-bribery laws and anti-money laundering laws and regulations, or even allegations of such violations, can lead to an investigation and/or enforcement action, which could disrupt our operations, involve significant management distraction, and lead to significant costs and expenses, including legal fees. If we, or our employees, agents, or strategic partners acting on our behalf, are found to have engaged in practices that violate these laws and regulations, we could suffer severe fines and penalties, profit disgorgement, injunctions on future conduct, securities litigation, bans on transacting government business, and other consequences that may have a material adverse effect on our business, financial condition, results of operations, and cash flows.

In addition, our brand and reputation, our sales activities, or the value of our business could be adversely affected if we become the subject of any negative publicity related to actual or potential violations of anti-corruption, anti-bribery, or anti-money-laundering laws and regulations.

If we fail to comply with environmental requirements, our business, financial condition, results of operations, cash flows, and reputation could be adversely affected.

Our operations and the sale of our solutions are subject to various federal, state, local, and foreign environmental and safety regulations, including laws adopted by the E.U., such as the Waste Electrical and Electronic Equipment Directive (“WEEE Directive”), and the Restriction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment Directive (“E.U. RoHS Directive”), of certain metals from global hot spots. The WEEE Directive requires electronic goods producers to be responsible for marking, collection, recycling, and treatment of such products. Changes in the WEEE Directive of the interpretation thereof may cause us to incur additional costs or meet additional regulatory requirements, which could be material. Similar laws and regulations have been passed or are pending in China, South Korea, Norway, and Japan and may be enacted in other regions, including in the United States, and we are, or may in the future be, subject to these laws and regulations.

The E.U. RoHS Directive and similar laws of other jurisdictions limit the content of certain hazardous materials such as lead, mercury, and cadmium in the manufacture of electrical equipment, including our products. Currently, our products comply with the E.U. RoHS Directive requirements. However, if there are changes to this or other laws, or to their interpretation, or if new similar laws are passed in other jurisdictions, we may be required to reengineer our products or to use different components to comply with these regulations. This reengineering or component substitution could result in substantial costs to us or disrupt our operations or logistics.

37


 

We are also subject to environmental laws and regulations governing the management of hazardous materials, which we use in small quantities in our engineering labs. Our failure to comply with past, present, and future environmental and safety laws could result in increased costs, reduced sales of our products, substantial product inventory write-offs, reputational damage, penalties, third-party property damage, remediation costs, and other sanctions, any of which could harm our business, financial condition, results of operations, and cash flows. To date, our expenditures for environmental compliance have not had a material impact on our results of operations or cash flows, and although we cannot predict the future impact of such laws or regulations, they will likely result in additional costs and may increase penalties associated with violations or require us to change the content of our products or how they are manufactured, which could have a material adverse effect on our business, financial condition, results of operations, and cash flows. We also expect that our business will be affected by new environmental laws and regulations on an ongoing basis, which may be more stringent, imposing greater compliance costs and increasing risks and penalties associated with violations which could harm our business.

 

General Business Risks

If we are unable to attract, train, motivate, and retain senior management and other qualified personnel, our business could suffer.

Our success depends in large part on our ability to attract and retain senior management personnel, as well as technically qualified and highly skilled sales, consulting, technical, finance, and marketing personnel. It could be difficult, time consuming, and expensive to identify, recruit, and onboard any key management member or other critical personnel. Competition for highly skilled personnel is often intense, particularly in the markets in which we operate including Silicon Valley. If we are unable to attract and retain qualified individuals, our ability to compete in the markets for our products could be adversely affected, which would have a negative impact on our business and financial results. Our competitors may be successful in recruiting and hiring members of our management team or other key employees, including key employees obtained through our acquisitions, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms or at all.

Changes in management or other critical personnel may be disruptive to our business and might also result in our loss of unique skills, loss of knowledge about our business, and may result in the departure of other existing employees, customers or partners. We have experienced recent turnover in our senior management team, and further turnover in the future could adversely affect our business.

We operate in an industry with an overall shortage of skilled and experienced talent that generally experiences high employee attrition. We have experienced significant turnover over the last few years and expect that may continue. The loss of one or more of our key employees could seriously harm our business. If we are unable to attract, integrate, or retain the qualified and highly skilled personnel required to fulfill our current or future needs, our business, financial condition, results of operations, and cash flows could be harmed.

Effective succession planning is also important to the long-term success of our business. If we fail to ensure effective transfer of knowledge and smooth transitions involving key employees could hinder our strategic planning and execution. The loss of senior management or any ineffective transitions in management, especially in our sales organization, could significantly delay or prevent the achievement of our development and strategic objectives, which could adversely affect our business, financial condition, results of operations, and cash flows.

38


 

We may become involved in litigation, investigations, and regulatory inquiries and proceedings that could negatively affect us and our reputation.

From time to time, we are involved in various legal, administrative, and regulatory proceedings, claims, demands, and investigations relating to our business, which may include claims with respect to commercial, product liability, intellectual property, data privacy, consumer protection, breach of contract, employment, class action, whistleblower, and other matters. In the ordinary course of business, we also receive inquiries from and have discussions with government entities regarding the compliance of our contracting and sales practices with laws and regulations. Such matters can be costly and time consuming and divert the attention of our management and key personnel from our business operations. We have been and are currently, and expect to continue to be, subject to third-party intellectual property infringement claims by entities that do not have operating businesses of their own and therefore limit our ability to seek counterclaims for damages and injunctive relief. Plaintiffs may seek, and we may become subject to, preliminary or provisional rulings in the course of any such litigation, including potential preliminary injunctions requiring us to cease some or all of our operations. Similarly, if any litigation to which we are a party is resolved adversely, we may be subject to an unfavorable judgment that may not be reversed upon appeal. Any claims or litigation could cause us to incur significant expenses and, if successfully asserted against us, could require that we pay substantial damages (including, for example, treble damages if we are found to have willfully infringed patents and increased statutory damages if we are found to have willfully infringed copyrights), pay ongoing royalty payments, delay or prevent us from offering our products or services, or require that we comply with other unfavorable terms. In addition, we might be required to seek a license for the use of such intellectual property, which may not be available on commercially reasonable terms or at all. We may also decide to settle such matters on terms that are unfavorable to us.

Our business is subject to the risks of product defects, warranty claims, product returns, and product liability.

Our solutions are highly complex and may contain design defects or errors that are not detected before their commercial release, particularly when first introduced or as new versions or upgrades are released. Despite testing by us and by current and potential customers, design defects or errors may not be found until after commencement of commercial shipments, resulting in customer dissatisfaction and loss of or delay in market acceptance and sales opportunities. These errors and quality problems could also cause us to incur significant repair or replacement costs, divert the attention of our engineering personnel from our product development efforts, and cause significant customer relations problems. We may also incur significant costs in connection with a product recall and any related indemnification obligations. We have experienced errors or quality problems in the past in connection with solutions and enhancements and expect that errors or quality problems will be found from time to time in the future. Any of these errors or other quality problems could adversely affect our results of operations.

 

Historically, the amount of warranty claims we have received has not been significant, but there is no guarantee that claims will not be significant in the future. Any errors, defects, or other problems with our products could negatively impact our customers and result in financial or other losses. While we typically seek by contract to limit our exposure to damages, liability limitation provisions in our standard terms and conditions of sale, and those of our channel partners, may not be enforceable under some circumstances or may not fully or effectively protect us from customer claims and related liabilities and costs, including indemnification obligations under our agreements with channel partners or customers. The sale and support of our solutions also entail the risk of product liability claims. In addition, even claims that ultimately are unsuccessful could require us to incur costs in connection with litigation and divert management’s time and other resources, and could seriously harm the reputation of our business and solutions.

We may be unable to raise additional capital on acceptable terms, or at all.

We believe that our available cash and cash equivalents generated from our operating activities and unused availability under our Revolving Credit Facility, will be sufficient to meet our near term working and other capital requirements. However, if cash is required for unanticipated needs, including in connection with a proposed acquisition of a company or technology, we may need additional capital. The development and marketing of new solutions and our investment in sales and marketing efforts require a significant commitment of resources. If the markets for our solutions develop at a slower pace than anticipated, we could be required to raise additional capital. We cannot guarantee that, should it be required, sufficient debt or equity capital will be available to us under acceptable terms, if at all. If we were unable to raise additional capital when required, our business, financial condition, results of operations, and cash flows could be seriously harmed.

39


 

Our business, financial condition, results of operations, or cash flows could be significantly hindered by the occurrence of a natural disaster, terrorist attack, pandemic, or other catastrophic event.

Our business operations are susceptible to outages due to fire, floods, unusual weather conditions, power loss, telecommunications failures, terrorist attacks, pandemics, such as the COVID-19 pandemic, and other events beyond our control, and our sales opportunities may also be affected by such events. Natural disasters including tornados, hurricanes, floods and earthquakes may damage the facilities of our customers or those of their suppliers or retailers or their other operations, which could lead to reduced revenue for our customers and thus reduced sales. In addition, a substantial portion of our facilities, including our headquarters, are located in Northern California, an area susceptible to earthquakes. We do not carry earthquake insurance for earthquake-related losses. Despite our implementation of network security measures, our servers are vulnerable to computer viruses, break-ins, and similar disruptions from unauthorized tampering with our computer systems. We may not carry sufficient business interruption insurance to compensate us for losses that may occur as a result of any of these events.

Additionally, our customers may face a number of potential business interruption risks that are beyond our respective control. For example, our customers depend on the continuous availability of our cloud-based offerings. Our cloud-based offerings are vulnerable to damage or interruption from a variety of sources, including damage or interruption caused by telecommunications or computer systems failure, fire, earthquake, power loss, cyberattack, human error, terrorist acts, and war. We use a variety of third-party data centers and do not control their operation. These facilities and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing customer base, any of which could temporarily or permanently expose our customers’ networks, leaving their networks unprotected against the latest security threats, or, in the case of technical failures and downtime of a customer’s security operation center, all security threats. Depending upon how customers have configured their use of our products and services, network downtime within our data centers may also prevent certain customers from being able to access the Internet during the period of such network downtime.

To the extent that such events disrupt our business or the business of our current or prospective customers, or adversely impact our reputation, such events could adversely affect our business, financial condition, results of operations, and cash flows.

Risks Related to Our Indebtedness

Our substantial leverage could adversely affect our ability to raise additional capital to fund our operations, limit our ability to react to changes in the economy or our market, expose us to interest rate risk, and prevent us from timely satisfying our obligations.

As of December 26, 2020, our total debt outstanding under our Senior Secured Credit Facilities was approximately $4,038 million and additional unused borrowing capacity under our Revolving Credit Facility was approximately $660 million. If we cannot generate sufficient cash flow from operations to service our debt, we may need to refinance our debt, dispose of assets, or issue equity to obtain necessary funds; we do not know whether we will be able to take any of such actions on a timely basis or on terms satisfactory to us or at all.

Our high degree of leverage could have important consequences, including:

 

making it more difficult for us to make payments on the Senior Secured Credit Facilities and our other obligations;

 

increasing our vulnerability to general economic and market conditions and to changes in the industries in which we compete;

 

requiring a substantial portion of cash flow from operations to be dedicated to the payment of principal and interest on our indebtedness, thereby reducing our ability to use our cash flow to fund our operations, future working capital, capital expenditures, investments or acquisitions, future strategic business opportunities, or other general corporate requirements;

 

restricting us from making acquisitions or causing us to make divestitures or similar transactions;

 

limiting our ability to obtain additional financing for working capital, capital expenditures, debt service requirements, investments, acquisitions, and general corporate or other purposes;

 

limiting our ability to adjust to changing market conditions and placing us at a competitive disadvantage compared to our competitors who are less highly leveraged; and

 

increasing our cost of borrowing.

 

Borrowings under our Senior Secured Credit Facilities are at variable rates of interest and expose us to interest rate risk. If interest rates increase, our debt service obligations may increase even though the amount borrowed remains the same, and our net income and cash flows, including cash available for servicing our indebtedness, will correspondingly decrease.

40


 

Restrictions imposed by our outstanding indebtedness and any future indebtedness may limit our ability to operate our business and to finance our future operations or capital needs or to engage in acquisitions or other business activities necessary to achieve growth.

The terms of our outstanding indebtedness restrict us from engaging in specified types of transactions. These covenants restrict our ability to, among other things:

 

incur additional indebtedness;

 

create or incur liens;

 

engage in consolidations, amalgamations, mergers, liquidations, dissolutions, or dispositions;

 

pay dividends and distributions on, or purchase, redeem, defease, or otherwise acquire or retire for value, our capital stock;

 

make acquisitions, investments, loans (including guarantees), advances, or capital contributions;

 

create negative pledges or restrictions on the payment of dividends or payment of other amounts owed from subsidiaries;

 

sell, transfer, or otherwise dispose of assets, including capital stock of subsidiaries;

 

make prepayments or repurchases of debt that is contractually subordinated with respect to right of payment or security;

 

engage in certain transactions with affiliates;

 

modify certain documents governing debt that is subordinated with respect to right of payment;

 

change our fiscal year; and

 

change our material lines of business.

In addition, our First Lien Credit Agreement includes a financial covenant which requires that, at the end of each fiscal quarter, for so long as the aggregate principal amount of borrowings under the Revolving Credit Facility exceeds 35% of the aggregate commitments under the Revolving Credit Facility, our first lien net leverage ratio cannot exceed 6.30 to 1.00. Our ability to comply with this financial covenant can be affected by events beyond our control, and we may not be able to satisfy it. See “Description of Certain Indebtedness.” As a result of these restrictions, we may be:

 

limited in how we conduct our business;

 

unable to raise additional debt or equity financing to operate during general economic or business downturns;

 

unable to compete effectively or to take advantage of new business opportunities; and/or

 

limited in our ability to grow in accordance with, or otherwise pursue, our business strategy.

Our Senior Secured Credit Facilities also contain numerous affirmative covenants that will remain in effect as long as our Senior Secured Credit Facilities remain outstanding. We are also required to make mandatory prepayments of the obligations under our Senior Secured Credit Facilities in certain circumstances, including upon certain asset sales or receipt of certain insurance proceeds or condemnation awards, upon certain issuances of debt, and, annually, with a portion of our excess cash flow.

 

We cannot guarantee that we will be able to maintain compliance with these covenants or, if we fail to do so, that we will be able to obtain waivers from the lenders or investors and/or amend the covenants. Even if we comply with all of the applicable covenants, the restrictions on the conduct of our business could adversely affect our business by, among other things, limiting our ability to take advantage of financings, mergers, acquisitions, investments, and other corporate opportunities that may be beneficial to our business. Even if our Senior Secured Credit Facilities are terminated, any additional debt that we incur in the future could subject us to similar or additional covenants. See “Description of Certain Indebtedness.”

41


 

A breach of any of the covenants in the credit agreements governing our Senior Secured Credit Facilities could result in an event of default, which, if not cured or waived, could trigger acceleration of our indebtedness and an increase in the interest rates applicable to such indebtedness, and may result in the acceleration of or default under any other debt we may incur in the future to which a cross-acceleration or cross-default provision applies. The acceleration of the indebtedness under our Senior Secured Credit Facilities or under any other indebtedness could have a material adverse effect on our business, results of operations, and financial condition. In the event of any default under our existing or future credit facilities, the applicable lenders could elect to terminate borrowing commitments and declare all borrowings and loans outstanding, together with accrued and unpaid interest and any fees and other obligations, to be due and payable. In addition, we have granted a security interest in a significant portion of our assets to secure our obligations under our Senior Secured Credit Facilities. During the existence of an event of default under our Senior Secured Credit Facilities, the applicable lenders could exercise their rights and remedies thereunder, including by way of initiating foreclosure proceedings against any assets constituting collateral for our obligations under the Senior Secured Credit Facilities.

We may be unable to generate sufficient cash flow to satisfy our significant debt service obligations, which could have a material adverse effect on our business, financial condition, results of operations, and cash flows.

Our ability to make scheduled payments on or to refinance our debt obligations depends on our financial condition and operating performance, which are subject to prevailing economic and competitive conditions and to certain financial, business, legislative, regulatory, and other factors beyond our control. We may not be able to maintain a level of cash flows from operating activities sufficient to permit us to pay the principal, premium, if any, and/or interest on our indebtedness. If our cash flows and capital resources are insufficient to fund our debt service obligations, we may be forced to reduce or delay investments, acquisitions, capital expenditures, and payments on account of other obligations, seek additional capital, restructure or refinance our indebtedness, or sell assets. These alternative measures may not be successful and may not permit us to meet our scheduled debt service obligations. Our ability to restructure or refinance our debt will depend on the condition of the capital markets and our financial condition at such time. Any refinancing of our debt could be at higher interest rates and could require us to comply with more onerous covenants, which could further restrict our business operations. In addition, we cannot assure you that we will be able to refinance any of our indebtedness on commercially reasonable terms, or at all.

If we are at any point unable to repay or otherwise refinance our indebtedness when due, or if any other event of default is not cured or waived, the applicable lenders could accelerate our outstanding obligations or proceed against the collateral granted to them to secure that indebtedness, which could force us into bankruptcy or liquidation. In the event the applicable lenders accelerate the repayment of our borrowings, we and our subsidiaries may not have sufficient assets to repay that indebtedness. Any acceleration of amounts due under the agreements governing our Senior Secured Credit Facilities or the exercise by the applicable lenders of their rights under the security documents would likely have a material adverse effect on our business.

 

We will require a significant amount of cash to service our indebtedness. The ability to generate cash or refinance our indebtedness as it becomes due depends on many factors, some of which are beyond our control.

We are a holding company, and as such have no independent operations or material assets other than our ownership of equity interests in our subsidiaries, and our subsidiaries’ contractual arrangements with customers, and we will depend on our subsidiaries to distribute funds to us so that we may pay our obligations and expenses. Our ability to make scheduled payments on, or to refinance our respective obligations under, our indebtedness and to fund planned capital expenditures and other corporate expenses will depend on the ability of our subsidiaries to make distributions, dividends or advances to us, which in turn will depend on our subsidiaries’ future operating performance, on economic, financial, competitive, legislative, regulatory, and other factors, and any legal and regulatory restrictions on the payment of distributions and dividends to which they may be subject. Many of these factors are beyond our control. We can provide no assurance that our business will generate sufficient cash flow from operations, that currently anticipated cost savings and operating improvements will be realized or that future borrowings will be available to us in an amount sufficient to enable us to satisfy our respective obligations under our indebtedness or to fund our other needs. In order for us to satisfy our obligations under our indebtedness and fund planned capital expenditures, we must continue to execute our business strategy. If we are unable to do so, we may need to reduce or delay our planned capital expenditures or refinance all or a portion of our indebtedness on or before maturity. Significant delays in our planned capital expenditures may materially and adversely affect our future revenue prospects. In addition, we can provide no assurance that we will be able to refinance any of our indebtedness on commercially reasonable terms or at all.

42


 

Despite our level of indebtedness, we and our subsidiaries may still be able to incur substantially more debt, including off-balance sheet financing, contractual obligations, and general and commercial liabilities. This could further exacerbate the risks to our financial condition described above.

We and our subsidiaries may be able to incur significant additional indebtedness in the future, including additional tranches of term loans and/or term loan increases, increases to our revolving commitments and/or additional revolving credit facilities as well as off-balance sheet financings, contractual obligations, and general and commercial liabilities. Although the terms of Senior Secured Credit Facilities contain restrictions on the incurrence of additional indebtedness, such restrictions are subject to a number of significant exceptions and qualifications and any additional indebtedness incurred in compliance with such restrictions could be substantial. These restrictions also will not prevent us from incurring obligations that do not constitute indebtedness. If we and our subsidiaries incur significant additional indebtedness or other obligations, the related risks that we face could increase.

If the financial institutions that are part of the syndicate of our Revolving Credit Facility fail to extend credit under our facility, our liquidity and results of operations may be adversely affected.

We have access to capital through our Revolving Credit Facility, which is governed by the First Lien Credit Agreement. Each financial institution which is part of the syndicate for our Revolving Credit Facility is responsible on a several, but not joint, basis for providing a portion of the loans to be made under our Revolving Credit Facility. If any participant or group of participants with a significant portion of the commitments in our Revolving Credit Facility fails to satisfy its or their respective obligations to extend credit under the facility and we are unable to find a replacement for such participant or participants on a timely basis (if at all), our liquidity may be adversely affected.

We may be adversely affected by the phase-out of, or changes in the method of determining, the London Interbank Offered Rate (“LIBOR”) or the Euro Interbank Offered Rate (“EURIBOR”), or the replacement of LIBOR and/or EURIBOR with different reference rates.

LIBOR is the basic rate of interest used in lending between banks on the London interbank market and is widely used as a reference for setting the interest rate on U.S. dollar-denominated loans globally. EURIBOR is a basic rate of interest used in lending between Eurozone banks and is widely used as a reference for setting the interest rate on Euro-denominated loans globally. Our Senior Secured Credit Facilities use LIBOR and EURIBOR as reference rates such that the interest due to our creditors under those facilities is calculated using LIBOR or EURIBOR, as applicable.

On July 27, 2017, the U.K.’s Financial Conduct Authority (the authority that administers LIBOR) announced that it intends to phase out LIBOR by the end of 2021, and subsequently extended the phase-out period until June 2023. It is unclear whether new methods of calculating LIBOR will be established such that it continues to exist after 2023, or if alternative rates or benchmarks will be adopted. Changes in the method of calculating LIBOR, or the replacement of LIBOR with an alternative rate or benchmark, may adversely affect interest rates and result in higher borrowing costs. This could materially and adversely affect our results of operations, cash flows, and liquidity. We cannot predict the effect of the potential changes to LIBOR or the establishment and use of alternative rates or benchmarks. We may need to renegotiate our Senior Secured Credit Facilities or incur other indebtedness, and changes in the method of calculating LIBOR, or the use of an alternative rate or benchmark, may negatively impact the terms of such renegotiated Senior Secured Credit Facilities or such other indebtedness. If changes are made to the method of calculating LIBOR or LIBOR ceases to exist, we may need to amend certain contracts and cannot predict what alternative rate or benchmark would be negotiated. This may result in an increase to our interest expense.

The European Money Markets Institute (the authority that administers EURIBOR) has undertaken a number of reforms in response to the EU Benchmark Regulation, which was first published in June 2016 and requires only benchmarks published by “authorized administrators” to be used in new financial contracts beginning on January 1, 2022. It is unclear whether new methods of calculating EURIBOR will be established such that it continues to exist after 2021, or if alternative rates or benchmarks will be adopted. Changes in the method of calculating EURIBOR, or the replacement of EURIBOR with an alternative rate or benchmark, may adversely affect interest rates and result in higher borrowing costs. This could materially and adversely affect our results of operations, cash flows, and liquidity. We cannot predict the effect of the potential changes to EURIBOR or the establishment and use of alternative rates or benchmarks. We may need to renegotiate our First Lien Credit Agreement or incur other indebtedness, and changes in the method of calculating EURIBOR, or the use of an alternative rate or benchmark, may negatively impact the terms of such renegotiated First Lien Credit Agreement or such other indebtedness. If changes are made to the method of calculating EURIBOR or EURIBOR ceases to exist, we may need to amend certain contracts and cannot predict what alternative rate or benchmark would be negotiated. This may result in an increase to our interest expense.

43


 

We utilize derivative financial instruments to reduce our exposure to market risks from changes in interest rates on our variable rate indebtedness, including our Senior Secured Credit Facilities, and we will be exposed to risks related to counterparty credit worthiness or non-performance of these instruments.

We have entered into interest rate swap instruments to limit our exposure to changes in variable interest rates. While our hedging strategy is designed to minimize the impact of increases in interest rates applicable to our variable rate debt, including our Senior Secured Credit Facilities, there can be no guarantee that our hedging strategy will be effective, and we may experience credit-related losses in some circumstances. See Note 15 to our audited consolidated financial statements included elsewhere in this document.

Risks Related to Our Organizational Structure

Our principal asset is our interest in Foundation Technology Worldwide LLC, and we are dependent upon Foundation Technology Worldwide LLC and its consolidated subsidiaries for our results of operations, cash flows, and distributions.

We are a holding company and have no material assets other than our direct and indirect ownership of the LLC Units. As such, we have no independent means of generating revenue or cash flow, and our ability to pay our taxes and operating expenses, including to satisfy our obligations under the tax receivable agreement, or declare and pay dividends in the future, if any, depend upon the results of operations and cash flows of Foundation Technology Worldwide LLC and its consolidated subsidiaries and distributions we receive from Foundation Technology Worldwide LLC. There can be no assurance that our subsidiaries will generate sufficient cash flow to distribute funds to us or that applicable state law and contractual restrictions will permit such distributions.

We anticipate that Foundation Technology Worldwide LLC will continue to be treated as a partnership (and not as a “publicly traded partnership,” within the meaning of Section 7704(b) of the Code, subject to tax as a corporation) for U.S. federal income tax purposes and, as such, generally will not be subject to any entity-level U.S. federal income tax. Instead, taxable income will be allocated to holders of Foundation Technology Worldwide LLC Units. Accordingly, we and our subsidiaries will be required to pay income taxes on our allocable share of any net taxable income of Foundation Technology Worldwide LLC. Further, Foundation Technology Worldwide LLC and its subsidiaries may, absent an election to the contrary, be subject to material liabilities pursuant to partnership audit rules enacted pursuant to the Bipartisan Budget Act of 2015 and related guidance if, for example, its calculations of taxable income are incorrect. Further, we are responsible for the unpaid tax liabilities of the corporate entities we acquired as part of the Reorganization Transactions (as defined herein), including for the taxable year (or portion thereof) of such entities ending on the date of our initial public offering (the “IPO”). To the extent that we need funds and Foundation Technology Worldwide LLC and its subsidiaries are restricted from making such distributions, under applicable law or regulation, or as a result of covenants in the credit agreements of Foundation Technology Worldwide LLC and its subsidiaries, we may not be able to obtain such funds on terms acceptable to us or at all and as a result could suffer an adverse effect on our liquidity and financial condition.

We will be required to pay certain Continuing Owners and certain Management Owners for certain tax benefits we may realize or are deemed to realize in accordance with the tax receivable agreement between us and such Continuing Owners and Management Owners, and we expect that the payments we will be required to make will be substantial.

The contribution by certain Continuing Owners and certain Management Owners (each as defined in Note 1 to the consolidated financial statements for the year ended December 26, 2020) to McAfee Corp. of certain corporate entities in connection with the Reorganization Transactions and future exchanges of LLC Units for cash or, at our option, for shares of our Class A common stock are expected to produce or otherwise deliver to us favorable tax attributes that can reduce our taxable income. We are a party to a tax receivable agreement, under which generally we will be required to pay to certain of our Continuing Owners and certain Management Owners (collectively, the “TRA Beneficiaries”) 85% of the applicable cash savings, if any, in U.S. federal, state, and local income tax that we actually realize or, in certain circumstances, are deemed to realize as a result of (i) all or a portion of McAfee Corp.’s allocable share of existing tax basis in the assets of Foundation Technology Worldwide LLC (and its subsidiaries) acquired in connection with the Reorganization Transactions, (ii) increases in McAfee Corp.’s allocable share of existing tax basis in the assets of Foundation Technology Worldwide LLC (and its subsidiaries) and tax basis adjustments in the assets of Foundation Technology Worldwide LLC (and its subsidiaries) as a result of sales or exchanges of LLC Units, (iii) certain tax attributes of the corporations McAfee Corp. acquired in connection with the Reorganization Transactions (including their allocable share of existing tax basis in the assets of Foundation Technology Worldwide LLC (and its subsidiaries)), and (iv) certain other tax benefits related to entering into the tax receivable agreement, including tax benefits attributable to payments under the tax receivable agreement. We generally will retain the benefit of the remaining 15% of the applicable tax savings.

44


 

The payment obligations under the tax receivable agreement are obligations of McAfee Corp., and we expect that the payments we will be required to make under the tax receivable agreement will be substantial. Potential future reductions in tax payments for us and tax receivable agreement payments by us will be determined in part by reference to the market value of our Class A common stock at the time of the sale and the prevailing tax rates applicable to us over the life of the tax receivable agreement and will be dependent on us generating sufficient future taxable income to realize the benefit. Payments under the tax receivable agreement are not conditioned on the TRA Beneficiaries’ ownership of our shares.

The actual increase in tax basis, as well as the amount and timing of any payments under the tax receivable agreement, will vary depending upon a number of factors, including the timing of sales by the Continuing Owners and participating Management Owners, the price of our Class A common stock at the time of the sales, whether such sales are taxable, the amount and timing of the taxable income we generate in the future, the tax rates then applicable to us, and the portions of our payments under the tax receivable agreement constituting imputed interest. Payments under the tax receivable agreement are expected to give rise to certain additional tax benefits attributable to either further increases in basis or in the form of deductions for imputed interest. Any such benefits that we are deemed to realize under the terms of the tax receivable agreement are covered by the tax receivable agreement and will increase the amounts due thereunder. The tax receivable agreement provides that interest, at a rate equal to one-year LIBOR (or if LIBOR ceases to be published, a replacement rate with similar characteristics) plus 1%, will accrue from the due date (without extensions) of the tax return to which the applicable tax benefits relate to the date of payment specified by the tax receivable agreement. In addition, where we fail to make payment by the date so specified, the tax receivable agreement generally provides for interest to accrue on the unpaid amount from the date so specified until the date of actual payment, at a rate equal to one-year LIBOR (or if LIBOR ceases to be published, a replacement rate with similar characteristics) plus 5%, except under certain circumstances specified in the tax receivable agreement where we are unable to make payment by such date, in which case interest will accrue at a rate equal to one-year LIBOR (or if LIBOR ceases to be published, a replacement rate with similar characteristics) plus 1%.

Payments under the tax receivable agreement will be based in part on our tax reporting positions. We will not be reimbursed for any payments previously made under the tax receivable agreement if such basis increases or other attributes or benefits are subsequently disallowed by a taxing authority. As a result, in certain circumstances, the payments we are required to make under the tax receivable agreement could exceed the benefits that we actually realize in respect of the attributes in respect of which the tax receivable agreement required us to make payment.

In addition, the tax receivable agreement provides that in the case of a change of control of McAfee Corp. (as defined therein) or a material breach of our obligations (that is not timely cured) under the tax receivable agreement, or if, at any time, we elect an early termination of the tax receivable agreement, our payment obligations under the tax receivable agreement will accelerate and may significantly exceed the actual benefits we realize in respect of the tax attributes subject to the tax receivable agreement. We will be required to make a payment to the TRA Beneficiaries covered by such termination in an amount equal to the present value of future payments (calculated using a discount rate equal to the lesser of (i) 6.5% per annum and (ii) one-year LIBOR (or if LIBOR ceases to be published, a replacement rate with similar characteristics) plus 1%, which may differ from our, or a potential acquirer’s, then-current cost of capital) under the tax receivable agreement, which payment would be based on certain assumptions, including those relating to our future taxable income. In certain cases, a sale or other disposition of a substantial portion of assets of Foundation Technology Worldwide LLC will be treated as a change of control transaction. In these situations, our obligations under the tax receivable agreement could have a substantial negative impact on our, or a potential acquirer’s, liquidity and could have the effect of delaying, deferring, modifying, or preventing certain mergers, asset sales, other forms of business combinations, or other changes of control. These provisions of the tax receivable agreement may result in situations where the TRA Beneficiaries have interests that differ from or are in addition to those of our other stockholders. In addition, we could be required to make payments under the tax receivable agreement that are substantial, significantly in advance of any potential actual realization of such further tax benefits, and in excess of our, or a potential acquirer’s, actual cash savings in income tax.

Finally, because we are a holding company with no operations of our own, our ability to make payments under the tax receivable agreement is dependent on the ability of our subsidiaries to make distributions to us. The First Lien Credit Agreement and Second Lien Credit Agreement restrict the ability of our subsidiaries to make distributions to us, which could affect our ability to make payments under the tax receivable agreement. To the extent that we are unable to make payments under the tax receivable agreement as a result of restrictions in the First Lien Credit Agreement and Second Lien Credit Agreement, such payments will be deferred and will accrue interest until paid, which could negatively impact our results of operations and could also affect our liquidity in periods in which such payments are made.

45


 

In certain circumstances, under its limited liability company agreement, Foundation Technology Worldwide LLC will be required to make tax distributions to us, the Continuing Owners and certain Management Owners and the distributions that Foundation Technology Worldwide LLC will be required to make may be substantial.

Funds used by Foundation Technology Worldwide LLC to satisfy its tax distribution obligations to the Continuing Owners and certain Management Owners will not be available for reinvestment in our business. Moreover, the tax distributions that Foundation Technology Worldwide LLC will be required to make may be substantial, and will likely exceed (as a percentage of Foundation Technology Worldwide LLC’s net income) the overall effective tax rate applicable to a similarly situated corporate taxpayer.

As a result of potential differences in the amount of net taxable income allocable to us and to the Continuing Owners and certain Management Owners, as well as the use of an assumed tax rate in calculating Foundation Technology Worldwide LLC’s tax distribution obligations to the Continuing Owners and the Management Owners, we may receive distributions significantly in excess of our tax liabilities and obligations to make payments under the tax receivable agreement. To the extent, as currently expected, we do not distribute such cash balances as dividends on shares of our Class A common stock and instead, for example, hold such cash balances or lend them to Foundation Technology Worldwide LLC, the Continuing Owners would benefit from any value attributable to such accumulated cash balances as a result of their ownership of Class A common stock following an exchange of their LLC Units for such Class A common stock. Our board of directors, in its sole discretion, will make any determination from time to time with respect to the use of any such excess cash so accumulated, which may include, among other uses, to acquire additional newly issued LLC Units from Foundation Technology Worldwide LLC at a per unit price determined by reference to the market value of the Class A common stock; to pay dividends, which may include special dividends, on its Class A common stock; to fund repurchases of its Class A common stock; to make payments under the tax receivable agreement; or any combination of the foregoing. We will have no obligation to distribute such cash (or other available cash other than any declared dividend) to our stockholders.

Our organizational structure, including the tax receivable agreement, confers certain benefits upon certain Continuing Owners and certain Management Owners, which benefits are not conferred on Class A common stockholders generally.

Our organizational structure, including the tax receivable agreement, confers certain benefits upon certain Continuing Owners and certain Management Owners, which benefits are not conferred on the holders of shares of our Class A common stock generally. In particular, we entered into the tax receivable agreement with Foundation Technology Worldwide LLC and the TRA Beneficiaries, which provides for the payment by us to the TRA Beneficiaries of 85% of the amount of tax benefits, if any, that we actually realize, or in some circumstances are deemed to realize, as a result of (i) all or a portion of McAfee Corp.’s allocable share of existing tax basis in the assets of Foundation Technology Worldwide LLC (and its subsidiaries) acquired in connection with the Reorganization Transactions, (ii) increases in McAfee Corp.’s allocable share of existing tax basis in the assets of Foundation Technology Worldwide LLC (and its subsidiaries) and tax basis adjustments in the assets of Foundation Technology Worldwide LLC (and its subsidiaries) as a result of sales or exchanges of LLC Units, (iii) certain tax attributes of the corporations McAfee Corp. acquired in connection with the Reorganization Transactions (including their allocable share of existing tax basis in the assets of Foundation Technology Worldwide LLC (and its subsidiaries)), and (iv) certain other tax benefits related to entering into the tax receivable agreement, including tax benefits attributable to payments under the tax receivable agreement. Although we will generally retain 15% of the amount of such tax benefits, this and other aspects of our organizational structure may adversely impact the future trading market for the Class A common stock.

We will not be reimbursed for any payments made to the TRA Beneficiaries under the tax receivable agreement in the event that any purported tax benefits are subsequently disallowed by the IRS.

If the IRS or a state or local taxing authority challenges the tax basis adjustments and/or deductions that give rise to payments under the tax receivable agreement and the tax basis adjustments and/or deductions are subsequently disallowed, the recipients of payments under the agreements will not reimburse us for any payments we previously made to them. Any such disallowance would be taken into account in determining future payments under the tax receivable agreement and may, therefore, reduce the amount of any such future payments. Nevertheless, if the claimed tax benefits from the tax basis adjustments and/or deductions are disallowed, our payments under the tax receivable agreement could exceed our actual tax savings, and we may not be able to recoup payments under the tax receivable agreement that were calculated on the assumption that the disallowed tax savings were available.

Unanticipated changes in effective tax rates or adverse outcomes resulting from examination of our income or other tax returns could adversely affect our financial condition and results of operations.

We will be subject to income taxes in the United States, and our domestic and foreign tax liabilities will be subject to the allocation of expenses in differing jurisdictions. Our future effective tax rates could be subject to volatility or adversely affected by a number of factors, including:

 

changes in the valuation of our deferred tax assets and liabilities;

46


 

 

expected timing and amount of the release of any tax valuation allowances;

 

tax effects of equity-based compensation;

 

costs related to intercompany restructurings;

 

changes in tax laws, regulations, or interpretations thereof; or

 

lower than anticipated future earnings in jurisdictions where we have lower statutory tax rates and higher than anticipated future earnings in jurisdictions where we have higher statutory tax rates.

In addition, we may be subject to audits of our income, sales and other transaction taxes by U.S. federal, state, and local and foreign authorities. Outcomes from these audits could have an adverse effect on our financial condition and results of operations.

 

Risks Related to Our Class A Common Stock

Our Sponsors and Intel will continue to have significant influence over us, including control over decisions that require the approval of stockholders, which could limit your ability to influence the outcome of matters submitted to stockholders for a vote.

We are currently controlled by our Sponsors and Intel. As long as our Sponsors and Intel collectively own or control at least a majority of our outstanding voting power, they will have the ability to exercise substantial control and significant influence over our management and affairs and all corporate actions requiring stockholder approval, irrespective of how our other stockholders may vote, including the election and removal of directors and the size of our board of directors, any amendment of our certificate of incorporation or bylaws, or the approval of any merger or other significant corporate transaction, including a sale of substantially all of our assets. The concentration of voting power limits your ability to influence corporate matters and, as a result, we may take actions that you do not view as beneficial. As a result, the market price of our Class A common stock could be adversely affected. Even if their collective ownership falls below 50%, our Sponsors and Intel will continue to be able to strongly influence or effectively control our decisions.

Additionally, the interests of our Sponsors and Intel may not align with the interests of our other stockholders. Our Sponsors and Intel may, in the ordinary course of their respective businesses, acquire and hold interests in businesses that compete directly or indirectly with us. Our Sponsors and Intel each may also pursue acquisition opportunities that may be complementary to our business, and, as a result, those acquisition opportunities may not be available to us.

Certain of our directors have relationships with our Sponsors and Intel, which may cause conflicts of interest with respect to our business.

Three of our seven directors are affiliated with our Sponsors and Intel. Our directors who are affiliated with our Sponsors or Intel have fiduciary duties to us and, in addition, have duties to our Sponsors and Intel. As a result, these directors may face real or apparent conflicts of interest with respect to matters affecting both us and our Sponsors, whose interests may be adverse to ours in some circumstances.

We previously identified a material weakness in our internal control over financial reporting in recent periods, which we concluded as of the end of the first quarter of fiscal 2020 had been fully remediated, and if we fail to maintain proper and effective internal control over financial reporting in accordance with Section 404 of the Sarbanes-Oxley Act in the future, our ability to produce accurate and timely consolidated financial statements could be impaired, which could harm our results of operations, our ability to operate our business, and investor confidence.

In connection with the audit of our consolidated financial statements for fiscal 2018 and fiscal 2019, we and our independent registered public accounting firm identified a number of errors in our revenue recognition process that were immaterial to our consolidated financial statements, which led us to conclude we had a material weakness in our internal control over financial reporting. A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of our consolidated financial statements will not be prevented or detected on a timely basis. We did not maintain effective controls specifically over the accuracy of our revenue accounting and reporting, due to the lack of effective review necessary to ensure accurate reporting of revenue and deferred revenue. Additionally, this material weakness could have resulted in a misstatement of the aforementioned account balances or disclosures for the periods during which the material weakness was ongoing that would have resulted in a material misstatement to the annual or interim consolidated financial statements for such periods that would not have been prevented or detected.

47


 

We have taken numerous steps designed to address the underlying causes of the material weakness, primarily through the hiring of additional accounting and finance personnel with responsibility for revenue accounting and reporting with relevant accounting and financial reporting experience, reorganizing reporting and supervisory roles among our finance and accounting personnel, enhancing our training programs within our accounting and finance department, and enhancing our internal review procedures. As of the end of the first quarter of fiscal 2020, we concluded that the aforementioned material weakness had been fully remediated. However, our current efforts to maintain an effective control environment may not be sufficient to prevent future material weaknesses or significant deficiencies from occurring or to promptly remediate any such future material weaknesses or significant deficiencies.

Upon becoming a public company, we will be required to comply with the SEC’s rules implementing Sections 302 and 404 of the Sarbanes-Oxley Act of 2002 (“Sarbanes-Oxley Act”), which will require management to certify financial and other information in our quarterly and annual reports and provide an annual management report on the effectiveness of our controls over financial reporting. Although we will be required to disclose material changes made in our internal controls and procedures on at least a quarterly basis, we will not be required to make our first annual assessment of our internal controls over financial reporting pursuant to Section 404 of the Sarbanes-Oxley Act (including an auditor attestation on management’s internal controls report) until our annual report on Form 10-K for the fiscal year ending December 25, 2021.

To comply with the internal controls requirements of being a public company, we may need to undertake various actions as our business or applicable rules and regulations evolve, such as implementing new internal controls and procedures and hiring additional accounting or internal audit staff that have the requisite knowledge of U.S. GAAP. Testing and maintaining internal controls can be costly, challenging, and potentially divert our management’s attention from other matters that are important to the operation of our business.

If we identify future material weaknesses in our internal control over financial reporting, or if we are unable to comply with the demands that will be placed upon us as a public company, including the requirements of Section 404 of the Sarbanes-Oxley Act, in a timely manner, we may be unable to accurately report our consolidated financial results, or report them within the timeframes required by the SEC. We also could become subject to sanctions or investigations by the SEC or other regulatory authorities. In addition, if we are unable to assert that our internal control over financial reporting is effective, or if our independent registered public accounting firm is unable to express an opinion as to the effectiveness of our internal control over financial reporting, when required, investors may lose confidence in the accuracy and completeness of our financial reports, we may face restricted access to the capital markets, and our stock price may be adversely affected.

Moreover, no matter how well designed, internal control over financial reporting has inherent limitations. Therefore, internal control over financial reporting determined to be effective can provide only reasonable assurance with respect to financial statement preparation and may not prevent or detect all misstatements. Due to the inherent limitations in all control systems, no evaluation of controls can provide absolute assurance that all control issues and instances of fraud, if any, have been detected. These inherent limitations include the realities that judgments in decision-making can be incorrect, and that breakdowns can occur because of error or mistake. Further, controls can be circumvented by the individual acts of some persons, by collusion of two or more people or by management override of the internal controls. Additionally, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate due to changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate. As such, we could lose investor confidence in the accuracy and completeness of our financial reports, which may have a material adverse effect on our reputation and stock price.

 

We are a “controlled company” under the Exchange’s rules and, as a result, qualify for certain exemptions from certain corporate governance requirements; you will therefore not have the same protections afforded to stockholders of companies that are subject to these governance requirements.

Because our Sponsors and Intel collectively control a majority of the voting power of our outstanding Class A common stock and Class B common stock on a combined basis, we will be a “controlled company” within the meaning of the Exchange’s corporate governance standards. Under these rules, a company of which more than 50% of the voting power for the election of directors is held by an individual, group, or another company is a “controlled company” and may elect not to comply with certain corporate governance requirements, including the requirements that, within one year of the date of the listing of our Class A common stock, we have:

 

a board of directors that is composed of a majority of “independent directors,” as defined under rules;

 

a compensation committee that is composed entirely of independent directors; and

 

a nominating and corporate governance committee that is composed entirely of independent directors.

Our board of directors is composed of a majority of independent directors. However, we may utilize some or all of the other exemptions applicable to “controlled companies.” Accordingly, for so long as we are a “controlled company,” you will not have the same protections afforded to stockholders of companies that are subject to all of the Exchange’s corporate governance requirements. Our status as a controlled company could make our Class A common stock less attractive to some investors or otherwise harm our stock price.

48


 

Our results of operations and the market price of our Class A Common Stock may be volatile.

Our quarterly results of operations are likely to fluctuate in the future. In addition, securities markets worldwide have experienced, and are likely to continue to experience, significant price and volume fluctuations. This market volatility, as well as general economic, market, or political conditions, could subject the market price of our shares to wide price fluctuations regardless of our operating performance. Our results of operations and the trading price of our shares may fluctuate in response to various factors, including:

 

actual or anticipated changes or fluctuations in our results of operations and whether our results of operations meet the expectations of securities analysts or investors;

 

actual or anticipated changes in securities analysts’ estimates and expectations of our financial performance;

 

announcements of new solutions, commercial relationships, acquisitions, or other events by us or our competitors;

 

general market conditions, including volatility in the market price and trading volume of technology companies in general and of companies in the IT security industry in particular;

 

changes in how current and potential customers perceive the effectiveness of our platform in protecting against advanced cyberattacks or other reputational harm;

 

 

network outages or disruptions of our solutions or their availability, or actual or perceived privacy, data protection, or network information breaches;

 

investors’ perceptions of our prospects and the prospects of the businesses in which we participate;

 

sales of large blocks of our Class A common stock, including sales by our executive officers, directors, and significant stockholders;

 

announced departures of any of our key personnel;

 

lawsuits threatened or filed against us or involving our industry, or both;

 

changing legal or regulatory developments in the United States and other countries;

 

any default or anticipated default under agreements governing our indebtedness;

 

adverse publicity about us, our products and solutions, or our industry;

 

effects of public health crises, such as the COVID-19 pandemic;

 

general economic conditions and trends; and

 

other events or factors, including those resulting from major catastrophic events, war, acts of terrorism, or responses to these events.

These and other factors, many of which are beyond our control, may cause our results of operations and the market price and demand for our shares to fluctuate substantially. While we believe that results of operations for any particular quarter are not necessarily a meaningful indication of future results, fluctuations in our quarterly results of operations could limit or prevent investors from readily selling their shares and may otherwise negatively affect the market price and liquidity of our shares. In addition, in the past, when the market price of a stock has been volatile, holders of that stock have sometimes instituted securities class action litigation against the company that issued the stock. If any of our stockholders brought a lawsuit against us, we could incur substantial costs defending the lawsuit. Such a lawsuit could also divert the time and attention of our management from our business, which could significantly harm our profitability and reputation.

The Continuing Owners have the right to have their LLC Units exchanged for cash or (at our option) shares of Class A common stock and any disclosure of such exchange or the subsequent sale (or any disclosure of an intent to enter into such an exchange or subsequent sale) of such shares of Class A common stock may cause volatility in our stock price.

As of December 26, 2020, 271.6 million shares of Class A common stock are issuable upon exchange of LLC Units and MIUs that are held by the Continuing Owners. Under the amended and restated limited liability company agreement of Foundation Technology Worldwide LLC (the “LLC Agreement”), subject to certain restrictions set forth therein, the Continuing Owners are entitled to have their LLC Units exchanged for cash or (at our option) shares of our Class A common stock. The holders of MIUs also have the right, from time to time and subject to certain restrictions, to exchange their MIUs for LLC Units, which will then be immediately redeemed for cash or shares of Class A Common Stock, at the option of the Company, based on the value of such MIUs relative to their applicable distribution threshold.

49


 

We cannot predict the timing, size, or disclosure of any future issuances of our Class A common stock resulting from the exchange of LLC Units or the effect, if any, that future issuances, disclosure, if any, or sales of shares of our Class A common stock may have on the market price of our Class A common stock. Sales or distributions of substantial amounts of our Class A common stock, or the perception that such sales or distributions could occur, may cause the market price of our Class A common stock to decline.

We cannot guarantee the timing, amount, or payment of dividends on our Class A common stock.

We intend to fund any future dividends from distributions made by Foundation Technology Worldwide LLC from its available cash generated from operations. If McAfee Corp. decides to pay any other dividend on shares of our Class A common stock in the future, it would likely need to cause Foundation Technology Worldwide LLC to make distributions to McAfee Corp. and its wholly-owned subsidiaries in an amount sufficient to cover such dividend. If Foundation Technology Worldwide LLC makes such distributions to McAfee Corp. and its wholly-owned subsidiaries, the other holders of LLC Units will be entitled to receive pro rata distributions, as well as, in certain cases, the holders of MIUs. The timing, declaration, amount of, and payment of any such dividends will be made at the discretion of McAfee Corp.’s board of directors, subject to applicable laws, and will depend upon many factors, including the amount of the distribution received by McAfee Corp. from Foundation Technology Worldwide LLC, our financial condition, results of operations, capital requirements, contractual restrictions, general business conditions, and other factors that McAfee Corp.’s board of directors may deem relevant. Currently, the provisions of our Senior Secured Credit Facilities place certain limitations on the amount of cash dividends we can pay. Moreover, if as expected McAfee Corp. determines to initially pay a dividend following any quarterly distributions from Foundation Technology Worldwide LLC, there can be no assurance that McAfee Corp. will continue to pay dividends in the same amounts or at all thereafter. As a result, we cannot guarantee the timing, amount or payment of dividends on our Class A common stock.

A credit ratings downgrade or other negative action by a credit rating organization could adversely affect the trading price of the shares of our Class A common stock.

Credit rating agencies continually revise their ratings for companies they follow. The condition of the financial and credit markets and prevailing interest rates have fluctuated in the past and are likely to fluctuate in the future. In addition, developments in our business and operations could lead to a ratings downgrade for us or our subsidiaries. Any such fluctuation in the rating of us or our subsidiaries may impact our ability to access debt markets in the future or increase our cost of future debt which could have a material adverse effect on our operations, and financial condition, which in return may adversely affect the trading price of shares of our Class A common stock.

Provisions of our corporate governance documents could make an acquisition of our Company more difficult and may prevent attempts by our stockholders to replace or remove our current management, even if beneficial to our stockholders.

In addition to our Sponsors’ and Intel’s beneficial ownership of a controlling percentage of our common stock, our certificate of incorporation and bylaws, and the Delaware General Corporation Law (the “DGCL”) contain provisions that could make it more difficult for a third party to acquire us, even if doing so might be beneficial to our stockholders. These provisions include a classified board of directors and the ability of our board of directors to issue preferred stock without stockholder approval that could be used to dilute a potential acquiror. In addition, these provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors. Because our board of directors is responsible for appointing the members of our management team, these provisions could in turn affect any attempt to replace current members of our management team. As a result, you may lose your ability to sell your stock for a price in excess of the prevailing market price due to these protective measures, and efforts by stockholders to change the direction or management of the Company may be unsuccessful.

 

Our certificate of incorporation designates courts in the State of Delaware as the sole and exclusive forum for certain types of actions and proceedings that may be initiated by our stockholders, and also provides that the federal district courts will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act, each of which could limit our stockholders’ ability to choose the judicial forum for disputes with us or our directors, officers, stockholders, or employees.

Our certificate of incorporation provides that, subject to limited exceptions, the Court of Chancery of the State of Delaware will be the sole and exclusive forum for:

 

any derivative action or proceeding brought on our behalf;

 

any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers or other employees to us or our stockholders;

50


 

 

any action asserting a claim against us arising pursuant to any provision of the General Corporation Law of the State of Delaware, our certificate of incorporation or our bylaws;

 

any action to interpret, apply, enforce or determine the validity of our certificate of incorporation or bylaws; and

 

any other action asserting a claim against us that is governed by the internal affairs doctrine (each, a “Covered Proceeding”).

Our certificate of incorporation also provides that the federal district courts of the United States of America will be the exclusive forum for the resolution of any complaint asserting a cause of action against us or any of our directors, officers, employees or agents and arising under the Securities Act. However, Section 22 of the Securities Act provides that federal and state courts have concurrent jurisdiction over lawsuits brought the Securities Act or the rules and regulations thereunder. To the extent the exclusive forum provision restricts the courts in which claims arising under the Securities Act may be brought, there is uncertainty as to whether a court would enforce such a provision. We note that investors cannot waive compliance with the federal securities laws and the rules and regulations thereunder. This provision does not apply to claims brought under the Exchange Act.

Any person or entity purchasing or otherwise acquiring any interest in shares of our capital stock shall be deemed to have notice of and to have consented to these provisions. These provisions may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees, which may discourage such lawsuits against us and our directors, officers and employees. Alternatively, if a court were to find these provisions of our certificate of incorporation inapplicable to, or unenforceable in respect of, one or more of the specified types of actions or proceedings, we may incur additional costs associated with resolving such matters in other jurisdictions, which could adversely affect our business and financial condition.

Our certificate of incorporation contains a provision renouncing our interest and expectancy in certain corporate opportunities, which could adversely impact our business.

Each of TPG, Intel Americas, Inc. and its affiliates, and Thoma Bravo, and the members of our board of directors who are affiliated with them, by the terms of our certificate of incorporation, will not be required to offer us any corporate opportunity of which they become aware and can take any such corporate opportunity for themselves or offer it to other companies in which they have an investment. We, by the terms of our certificate of incorporation, have expressly renounced any interest or expectancy in any such corporate opportunity to the extent permitted under applicable law, even if the opportunity is one that we or our subsidiaries might reasonably have pursued or had the ability or desire to pursue if granted the opportunity to do so. Our certificate of incorporation is not able to be amended to eliminate our renunciation of any such corporate opportunity arising prior to the date of any such amendment.

 

TPG and Thoma Bravo are in the business of making investments in companies and any of TPG, Intel and Thoma Bravo may from time to time acquire and hold interests in businesses that compete directly or indirectly with us. These potential conflicts of interest could have a material adverse effect on our business, financial condition, results of operations or prospects if TPG, Intel Americas, Inc. and its affiliates, or Thoma Bravo allocate attractive corporate opportunities to themselves or their affiliates instead of to us.

51


 

 

Item 1B. Unresolved Staff Comments.

None.

Item 2. Properties.

Our principal office is located in San Jose, California where we lease approximately 85,000 square feet of space under one lease agreement that expires in December 2030. We also lease space for personnel in North America, South America, Europe, and Asia. Refer to Note 4, Leases in Part II, Item 8 of this Annual Report on Form 10-K for more information on our operating leases. Additionally, we own our office in Plano, Texas with approximately 170,000 square feet of space along with approximately 21 acres of land under and adjacent to our office in Plano, Texas, which we intend to develop to accommodate future expansion if the need arises.

We believe that our current facilities are adequate and that we will be able to find suitable space to accommodate any potential future expansion. We expect to incur additional expenses in connection with any such new or expanded facilities.

Item 3. Legal Proceedings.

From time to time, we are subject to various legal proceedings and claims, either asserted or unasserted, which arise in the ordinary course of business. While the outcome of these matters cannot be predicted with certainty, we do not believe that the outcome of any of these matters, individually or in the aggregate, will have a material adverse effect on our consolidated financial condition, results of operations, or cash flows.

Item 4. Mine Safety Disclosures.

None.

52


 

PART II

Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities.

Market Information and Holders of Record

On October 22, 2020, our Class A common stock, $0.001 par value per share, began trading on the NASDAQ Stock Market under the symbol "MCFE." Prior to that time, there was no public market for our stock. As of December 26, 2020, there were approximately 562 holders of record of our Class A common stock, which does not include persons whose stock is held in nominee or “street name” accounts through brokers, banks and intermediaries. Our Class B common stock is neither listed nor traded on any stock exchange, nor is there an established public trading market for this class of common stock.

Dividend

Foundation Technology Worldwide LLC (“FTW”) intends to pay a cash distribution to its members on a quarterly basis at an aggregate annual rate of approximately $200 million for fiscal 2021. McAfee Corp. is expected to receive a portion of any such distribution through the LLC Units it holds directly or indirectly through its wholly-owned subsidiaries on the record date for any such distribution declared by FTW, which is expected to equal the number of shares of Class A common stock outstanding on such date. McAfee Corp. expects to use the proceeds it receives from such quarterly distribution to declare a cash dividend on its shares of Class A common stock. The shares of Class B common stock have no rights to dividends or distributions, whether in cash or stock, but entitle the holder to one vote per share on matters presented to stockholders of McAfee Corp.

In December 2020, FTW declared a distribution of $37.5 million of which McAfee Corp. used its share of the proceeds to declare the first quarterly dividend to Class A common shareholders:

Declaration Date

 

Record Date

 

Payment Date

 

Dividend per Share

 

 

Amount

(in millions)

 

December 9, 2020

 

December 24, 2020

 

January 7, 2021

 

$

0.087

 

 

$

14

 

 

Stock Performance Graph

The graph below compares the cumulative total stockholder return on our Class A common stock with the cumulative total return on the S&P 500 Composite Index and the S&P Information Technology Sector Index for the year ended December 26, 2020 assuming the initial investment of $100 in our Class A common stock and in each of the other indices on October 22, 2020 (the date our Class A common stock commenced trading on the Nasdaq Stock Market) and the reinvestment of all dividends. The comparisons in the graph below are based on historical data and are not indicative of, nor intended to forecast the possible future performance of our common stock.

 

53


 

COMPARISON OF THREE-MONTH CUMULATIVE TOTAL RETURN

Among McAfee Corp., the S&P 500 Index

and the S&P Information Technology Sector Index

 

This performance graph shall not be deemed “filed” for purposes of Section 18 of the Exchange Act or otherwise subject to the liabilities under that Section and shall not be deemed to be incorporated by reference into any filing of McAfee Corp. under the Securities Act or the Exchange Act.

Item 6. Selected Financial Data.

None.

 

54


 

Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations.

Organization

McAfee Corp. (the “Corporation”) was incorporated in Delaware on July 19, 2019. The Corporation was formed for the purpose of completing an initial public offering (the “IPO”) and related transactions in order to carry on the business of FTW and its subsidiaries. On October 21, 2020, the Corporation became the sole managing member and holder of 100% of the voting power of FTW due to the reorganization transactions described below. With respect to the Corporation and the Company, each entity owns nothing other than the respective entities below it in the corporate structure and each entity has no other material operations, assets, or liabilities. The Reorganization Transactions were accounted for as a reorganization of entities under common control. As a result, the financial statements for periods prior to the IPO and the Reorganization Transactions are the financial statements of FTW as the predecessor to the Corporation for accounting and reporting purposes. See Note 1 to the Consolidated Financial Statements in Item 8 for a detailed discussion of the Reorganization Transactions, as defined in that note, and the IPO.

Organization of Information

In Item 7, we discuss the year ended December 26, 2020 results and compare the year ended December 26, 2020 results to the year ended December 28, 2019 results. Discussions of the year ended December 28, 2019 results and comparisons of the year ended December 28, 2019 results to the year ended December 29, 2018 results can be found in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in the Corporation’s Prospectus dated October 21, 2020 and filed with the SEC on October 23, 2020 pursuant to Rule 424(b)(4) of the Securities Act.

Overview

As a global leader and trusted brand in cybersecurity for over 30 years, McAfee protects millions of consumers and many of the world’s largest government and enterprise clients with one of the industry’s most comprehensive cybersecurity portfolios. Our award-winning products offer individuals and families protection for their digital lives. We meet the cyber security needs of consumers wherever they are, with solutions for device security, privacy and safe WiFi, online protection, and identity protection, among others. Virtually anywhere consumers purchase connected devices or related services, such as mobile or internet, McAfee is available. For enterprises and governments, we protect data and defend against threats from device to cloud in complex, heterogeneous IT environments, supporting advanced cybersecurity infrastructures with threat insights gathered from over one billion sensors across McAfee’s global footprint in multiple domains (device, network, gateway and cloud). Our mission is to protect all things that matter through leading-edge cybersecurity.

Our consumer-focused products protect over 600 million devices. Our Personal Protection Service provides holistic digital protection of the individual and family wherever they go under our Total Protection and LiveSafe brands. We achieve this by integrating the following solutions and capabilities within our Personal Protection Service:

 

Device Security, which includes our Anti-Malware Software and Secure Home Platform products, keeps over 600 million consumer devices, including mobile and home-use, protected from viruses, ransomware, malware, spyware, and phishing.

 

Online Privacy and Comprehensive Internet Security, which includes our Safe Connect VPN, TunnelBear, and WebAdvisor products, help make Wi-Fi connections safe with our bank-grade AES 256-bit encryption, keeping personal data protected while keeping IP addresses and physical locations private.

 

Identity Protection, which includes our Identity Protection Services and password management capabilities, are designed to protect customers’ personal data from increasingly prevalent identity theft and fraud, where consumers have lost $3.3 billion in 2020 alone (according to the Federal Trade Commissions’ Consumer Sentinel 2020), by alerting customers if their information is found as part of data breaches, and helping them take early action and remediate.

Our go-to-market engine consists of a digitally-led omnichannel approach to reach the consumer at crucial moments in their purchase lifecycle including direct to consumer online sales, acquisition through trial pre-loads on PC OEM devices, and other indirect modes via additional partners such as mobile providers, ISPs, electronics retailers, ecommerce sites, and search providers. We have longstanding exclusive partnerships with many of the leading PC OEMs and continue to expand our presence with mobile service providers and ISPs as the demand for mobile security protection increases. Through these relationships, our consumer security software is pre-installed on devices on either a trial basis until conversion to a paid subscription, which is enabled by a thoughtfully tailored renewal process that fits the customer’s journey, or through a live version that can be purchased directly through the OEMs’ website. Our consumer go-to-market channel also consists of partners including some of the largest electronics retailers, eCommerce sites, and mobile and broadband service providers globally.

55


 

For enterprises and governments, we offer one of the industry’s broadest and deepest cybersecurity portfolios. MVISION Device, our next generation endpoint solutions offer comprehensive threat detection and data protection for both modern and legacy devices, such as traditional endpoints, mobile and fixed-function systems. Our MVISION cloud solutions protect data from device to cloud, prevent web-based and cloud-native threats, and help customers to accelerate their application delivery while improving governance, compliance and security. Our MVISION Security Services offers a suite of products aimed at data loss prevention, policy management orchestration, threat prevention, analytics and intelligence.  

Our Enterprise products protect many of the largest governments and enterprises around the world. Our internal sales teams work with our channel partners to position our solutions and secure a stronger foothold in customer accounts. Our key accounts are serviced directly by our field sales teams. These teams are focused on driving customer outcomes to increase the perceived value of our solutions and secure cross-sell and upsell opportunities from existing customers. Mid-market accounts are primarily serviced through a global inside sales engine.

Our Consumer and Enterprise net revenues are derived from the sale of software subscriptions, perpetual licenses, hardware, support and maintenance, professional services, royalty agreements or a combination of these items. Consumer net revenues are derived primarily through direct relationships with end consumer or indirectly through relationships with our channel partners across our digitally-led omni-channel approach. In Enterprise our net revenues are derived primarily through our indirect relationships with our partners or direct relationships with end customers through our own sales force.

Our Operating Segments

We manage our business in two operating segments, Consumer and Enterprise. A significant portion of our operating segments’ operating expenses are allocated from shared resources based on the estimated utilization of services provided to or benefits received by the operating segments.

The table below summarizes our results of operations by segment for the year ended December 26, 2020 compared to the year ended December 28, 2019. We believe adjusted EBITDA is useful in evaluating our business, but it should not be considered in isolation or as a substitute for generally accepted accounting principles (“GAAP”). See “Non-GAAP Financial Measures” for explanations of how we calculate these measures and for reconciliation to the most directly comparable financial measure stated in accordance with GAAP.

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Net revenue - Consumer

 

$

1,558

 

 

$

1,303

 

Net revenue - Enterprise

 

 

1,348

 

 

 

1,332

 

Net revenue

 

$

2,906

 

 

$

2,635

 

Operating income - Consumer

 

$

333

 

 

$

277

 

Operating loss - Enterprise

 

 

(180

)

 

 

(151

)

Operating income

 

$

153

 

 

$

126

 

Adjusted EBITDA - Consumer

 

$

722

 

 

$

580

 

Adjusted EBITDA - Enterprise

 

 

335

 

 

 

219

 

Adjusted EBITDA

 

$

1,057

 

 

$

799

 

Net revenue for our Consumer segment has grown at a greater rate than net revenue for our Enterprise segment in recent periods and, after excluding the impact of purchase accounting adjustments required under GAAP, Enterprise net revenue declined in the year ended December 26, 2020 compared to the year ended December 28, 2019. As we continue to execute on the reorientation of our Enterprise business, we expect our Enterprise net revenue to continue to decline in the near term, and we expect the performance of our Consumer segment to continue to have a greater impact on our consolidated performance, including our consolidated net revenue.

Financial Highlights

For the year ended December 26, 2020 compared to the year ended December 28, 2019 we delivered the following:

 

Net revenue – Consumer increased by 20% to $1.6 billion

 

Operating income – Consumer increased by 20% to $333 million

 

Adjusted EBITDA – Consumer increased 24% to $722 million

 

Net Revenue – Enterprise increased by 1% to $1.3 billion

 

Operating loss – Enterprise increased by 19% to $180 million

 

Adjusted EBITDA – Enterprise increased 53% to $335 million

56


 

 

Net cash provided by operating activities increased by 53% to $760 million

See “Non-GAAP Financial Measures” for a description of adjusted EBITDA, and adjusted EBITDA margin, and a reconciliation of these measures to the nearest financial measure calculated in accordance with GAAP.

Operational Developments:

Consumer KPIs:

 

McAfee ended FY20 with 18.0 million Core DTC subscribers, adding approximately 2.8 million net new subscribers compared to the fourth quarter of 2019 and 668,000 net new subscribers during the past quarter alone.

 

The market leading growth in McAfee’s Consumer business is being driven by accelerating business fundamentals, with 18% year-over-year subscriber growth in Core DTC subscribers.

 

The fourth quarter of 2020 marked the 13th consecutive quarter of positive quarter over quarter and year over year Core DTC subscriber growth.

 

Consumer trailing twelve-month dollar retention rate was 100% for the fourth quarter, versus 97% in the comparable period last year.

Workforce Reduction:

 

In December 2020, we initiated a workforce reduction and other restructuring activities designed to continue to improve operating margins in connection with the reorientation of our Enterprise business and realignment of staffing in other departments, which was announced in February 2021 following the notification of affected employees. We expect to complete these activities in the first half of fiscal year 2021. As part of the initiative, we recognized $16 million in restructuring expenses during the fourth quarter of fiscal 2020 in connection with the workforce reduction and other restructuring activities, consisting primarily of one-time termination benefits to the impacted employees, including severance payments and healthcare and other accrued benefits.. We expect to recognize additional restructuring expense ranging between $30 million and $35 million in the first half of fiscal year 2021. We expect substantially all of the costs associated with these activities to result in cash expenditures. We may also incur other charges or cash expenditures not currently contemplated due to events that may occur as a result of, or associated with, the workforce reduction.

Acquisition:

 

Acquired Light Point Security, LLC, an award-winning pioneer of remote browser isolation, which protect users against web-based threats as malicious code is contained in an isolated environment and cannot reach the endpoint. We integrated its innovative technology into the cloud-native McAfee Secure Web Gateway and MVISION Unified Cloud Edge (“UCE”) offerings.

Key Factors Affecting Our Performance

New customer acquisition and go-to-market strategy:

 

We maintain a diverse go-to-market strategy in our Consumer business and leverage strong partnerships across various channels. We have a vast consumer distribution network with multiple routes across direct to consumer online sales, PC-OEMs, retail and ecommerce, communications service providers, ISPs, and search providers, making our solutions available at multiple points of need. The combination of these partnerships and our direct-to-consumer digital marketing efforts give us multiple touch points to acquire new customers looking to meet their cyber security needs from a trusted brand.

 

We also leverage our significant scale and breadth in enterprise offerings to create go-to-market advantages resulting in new customer wins. We market our brand, business solutions and offerings directly to enterprise and government customers through traditional demand generation programs and events, as well as indirectly through resellers and distributors. Our mid-market customers generally conduct their business through our channel partners.

If we are unable to obtain new customers and maintain our strategic channel partnerships, our financial condition and operating performance could be harmed.

Customer retention and expansion:

57


 

 

Our Consumer business is primarily a subscription-based model with greater than 85% recurring revenues for the last two fiscal years. We derive more than 85% of our annual subscription recurring revenue on average from our Core Direct to Customers, which has benefited from our improvements in retention and direct-to-consumer channel marketing. Our ability to upsell drives expansion within our existing consumer customer base.

 

Our Enterprise business is primarily a recurring revenue model with greater than 75% recurring revenues for the last two fiscal years. For fiscal 2020 and 2019, we derived 80% or greater of our total Enterprise net revenue from our existing customers with an annual contract value of greater than $100,000, which we refer to as our Core Enterprise Customers. We focus on this segment of our Enterprise customers to help improve retention of the customers driving the most significant portion of our Enterprise revenue, while also driving incremental cross-sell and upsell opportunities.

Our customers have no obligation to renew their contracts with us upon their expiration. Any decline in our ability to retain customers may harm our financial condition and operating performance.

Product innovation:

 

We continue to invest organically in our consumer product platform and innovation in performance marketing to increase customer engagement. Most importantly, our research helps us better protect our customers. In addition to developing new offerings and solutions, our development staff focuses on performance marketing to increase customer conversion and customer retention.

 

We also invest in research and development to support high growth markets in Enterprise. This investment refines our security risk management processes, improves our product design and usability, and keeps us at the forefront of threat research. Future upgrades and updates may include additional functionality to respond to market needs, while also assuring compatibility with new systems and technologies.

Market adoption of cloud solutions. We believe our future success depends in part on the growth in the market for cloud-based security solutions. To ensure comprehensive threat protection, we believe organizations need to adopt cybersecurity solutions designed to secure the cloud while integrating seamlessly with endpoint and other security solutions. We have made significant investments in cloud-based products through product development and acquisitions, including our MVISION UCE and MVISION EDR, and expect the proportion of our revenue derived from these offerings to grow over time. The continued adoption of cloud-based solutions generally, and market acceptance of our cloud solutions in particular, will be key components of our ability to grow in the future.

Acquisition strategy and integration. As part of our growth strategy, we have made and expect to continue to make targeted acquisitions of, or investments in, complementary businesses, products and technologies. We intend to continue making targeted acquisitions and believe we are uniquely positioned to successfully execute on our acquisition strategy by leveraging our scale, global reach and routes to market, brand recognition, and data assets. Our ability to acquire complementary technologies for our portfolio and integrate these acquisitions into our business will be important to our success and may affect comparability of our results of operations from period to period.

COVID-19 Pandemic

In March 2020, the World Health Organization declared the outbreak of a disease caused by a novel strain of the coronavirus (COVID-19) to be a pandemic. The COVID-19 pandemic is having widespread, rapidly evolving, and unpredictable impacts on global society, economies, financial markets, and business practices. Federal, state and foreign governments have implemented measures to contain the virus, including social distancing, travel restrictions, border closures, limitations on public gatherings, work from home, and closure of non-essential businesses. To protect the health and well-being of our employees, partners, and third-party service providers, we have implemented work-from-home requirements, made substantial modifications to employee travel policies, and cancelled or shifted marketing and other corporate events to virtual-only formats for the foreseeable future. 

58


 

The ultimate duration and extent of the impact from the COVID-19 pandemic depends on future developments cannot be accurately forecasted at this time. These developments include the severity and transmission rate of the disease, the actions of governments, businesses and individuals in response to the pandemic, the extent and effectiveness of containment actions, the impact on economic activity and the impact of these and other factors.  We have experienced growth and increased demand for our solutions in recent quarters, particularly with respect to our Consumer business, which may be due in part to greater demand for devices or our solutions in response to the COVID-19 pandemic. We cannot determine what, if any, portion of our growth in net revenue, the number of our Direct to Consumer customers, or any other measures of our performance during the fiscal 2020 compared to the fiscal 2019 was the result of such responses to the COVID-19 pandemic. See Risk Factors for further discussion of the possible impact of the COVID-19 pandemic on our business.

Fiscal Calendar

We maintain a 52- or 53-week fiscal year that ends on the last Saturday in December. The year ended December 29, 2018 is a 52-week year starting on December 31, 2017 and ending on December 29, 2018. The year ended December 28, 2019 is a 52-week year starting on December 30, 2018 and ending on December 28, 2019. The year ended December 26, 2020 is a 52-week year starting on December 29, 2019 and ending on December 26, 2020.

Key Operating Metrics

We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, measure our performance, formulate business plans, and make strategic decisions. We believe the following metrics are useful in evaluating our business, but should not be considered in isolation or as a substitute for GAAP. Certain judgments and estimates are inherent in our processes to calculate these metrics.

Consumer Segment

We define Core Direct to Consumer Customers as active subscribers whose transaction for a subscription is directly with McAfee. These customers include those who (i) transact with us directly through McAfee web properties, (ii) are converted during or after the trial period of the McAfee product preinstalled on their new PC purchase, or (iii) are channel led subscribers who are converted to Core Direct to Consumer Customers after expiration of their subscription of our product initially purchased through our retail/ecommerce partners or who purchased a McAfee subscription from us through our retail or PC-OEM partners.

We define Monthly Average Revenue Per Customer (“ARPC”) as monthly subscription net revenue from transactions directly between McAfee and Core Direct to Consumer Customers, divided by average Core to Direct Consumer Customers from the same period. ARPC can be impacted by price, mix of products, mix of geographic sales, and change between periods in Core Direct to Consumer Customer count. We believe that ARPC allows us to understand the value of our solutions to the portion of our customer base transacting directly with us.

We define Trailing Twelve Months (“TTM”) Dollar Based Retention – Core Direct to Consumer Customers as the annual contract value of Core Direct to Consumer Customer subscriptions that were renewed in the trailing twelve months divided by the annual contract value for Core Direct to Consumer Customers subscriptions that were up for renewal in the same period. We monitor TTM Dollar Based Retention for the Consumer segment as an important measure of the value we retain of our existing Core Direct to Consumer Customer base and as a measure of the effectiveness of the strategies we deploy to improve those rates over time.

 

 

 

Year Ended

 

 

 

December 26, 2020

 

 

December 28, 2019

 

Core Direct to Consumer Customers (in millions)

 

 

18.0

 

 

 

15.2

 

Monthly ARPC

 

$

6.01

 

 

$

5.96

 

TTM Dollar Based Retention - Core Direct to Consumer Customers

 

 

100

%

 

 

97

%

 

Enterprise Segment

We define Core Enterprise Customers as any customer with an annualized contract value greater than $100,000 that has an active entitlement at any point during the last quarter of the period. For purposes of defining Core Enterprise Customers, annualized contract value excludes any customers who only purchased end of life products, which are products that have been discontinued after the relevant contract was entered. Core Enterprise Customers generally account for approximately 80% or greater of our total Enterprise revenues.

 

59


 

 

 

December 26, 2020

 

 

December 28, 2019

 

Core Enterprise Customers

 

 

1,498

 

 

 

1,564

 

 

Non-GAAP Financial Measures

We have included both financial measures compiled in accordance with GAAP and certain non-GAAP financial measures in this Annual Report on Form 10-K, including billings, adjusted operating income, adjusted operating income margin, adjusted EBITDA, adjusted EBITDA margin, adjusted net income, adjusted net income margin, adjusted net income excluding impact of foreign exchange, adjusted net income excluding impact of foreign exchange margin and free cash flow and ratios based on these financial measures.

Billings

We define billings as net revenue plus the change in deferred revenue from the beginning to the end of the period, excluding the impact of deferred revenue assumed through acquisitions during the period. Billings includes changes in our deferred revenue during the period, which is an indicator of future trends and is a significant percentage of future revenue.

Total Company

The following table presents a reconciliation of our billings to our net revenue for the periods presented:

 

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Net revenue

 

$

2,906

 

 

$

2,635

 

Add: Deferred revenue, end of period

 

 

2,399

 

 

 

2,292

 

Less: Deferred revenue, beginning of period

 

 

(2,292

)

 

 

(2,107

)

Billings

 

$

3,013

 

 

$

2,820

 

 

Consumer Segment

The following table presents a reconciliation of our Consumer billings to our Consumer net revenue for the periods presented:

 

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Net revenue — Consumer

 

$

1,558

 

 

$

1,303

 

Add: Deferred revenue, end of period

 

 

903

 

 

 

778

 

Less: Deferred revenue, beginning of period

 

 

(778

)

 

 

(688

)

Billings — Consumer

 

$

1,683

 

 

$

1,393

 

 

Enterprise Segment

The following table presents a reconciliation of our Enterprise billings to our Enterprise net revenue for the periods presented:

 

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Net revenue — Enterprise

 

$

1,348

 

 

$

1,332

 

Add: Deferred revenue, end of period

 

 

1,496

 

 

 

1,514

 

Less: Deferred revenue, beginning of period

 

 

(1,514

)

 

 

(1,419

)

Billings — Enterprise

 

$

1,330

 

 

$

1,427

 

 

60


 

Adjusted Operating Income, Adjusted Operating Income Margin, Adjusted EBITDA and Adjusted EBITDA Margin

We regularly monitor adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin to assess our operating performance. We define adjusted operating income for the total Company as net income (loss), excluding the impact of amortization of intangible assets, equity-based compensation expense, interest expense and other, net, provision for income tax expense, foreign exchange (gain) loss, net, and other costs that we do not believe are reflective of our ongoing operations. We define adjusted operating income for our Consumer and Enterprise segments as segment operating income (loss), excluding the impact of amortization of intangible assets, equity-based compensation expense and other costs attributable to the segment that we do not believe are reflective of the segment’s ongoing operations. We present this reconciliation of adjusted operating income (loss) to operating income for Consumer and Enterprise segments because operating income (loss) is the primary measure of profitability used to assess segment performance and is therefore the most directly comparable GAAP financial measure for our operating segments. Adjusted operating income margin is calculated as adjusted operating income divided by net revenue. We define adjusted EBITDA as adjusted operating income, excluding the impact of depreciation expense and other non-operating costs. Adjusted EBITDA margin is calculated as adjusted EBITDA divided by net revenue. We believe presenting adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin provides management and investors consistency and comparability with our past financial performance and facilitates period to period comparisons of operations, as it eliminates the effects of certain variations unrelated to our overall performance. Adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin have limitations as analytical tools, and you should not consider it in isolation or as a substitute for analysis of our results as reported under GAAP. Some of these limitations are:

 

although depreciation and amortization are non-cash charges, the assets being depreciated and amortized may have to be replaced in the future, and adjusted EBITDA does not reflect cash capital expenditure requirements for such replacements or for new capital expenditure requirements;

 

adjusted operating income and adjusted EBITDA do not reflect changes in, or cash requirements for, our working capital needs;

 

adjusted operating income and adjusted EBITDA do not reflect the significant interest expense, or the cash requirements necessary to service interest or principal payments, on our debt;

 

adjusted operating income and adjusted EBITDA do not reflect income tax payments that may represent a reduction in cash available to us; and

 

other companies, including companies in our industry, may calculate adjusted operating income and adjusted EBITDA differently, which reduce their usefulness as comparative measures.

Because of these limitations, you should consider adjusted operating income and adjusted EBITDA alongside other financial performance measures, including operating income (loss), net income (loss) and our other GAAP results. In evaluating adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin, you should be aware that in the future we may incur expenses that are the same as or similar to some of the adjustments in this presentation. Our presentation of adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin should not be construed as an inference that our future results will be unaffected by the types of items excluded from the calculation of adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin. Adjusted operating income, adjusted operating income margin, adjusted EBITDA, and adjusted EBITDA margin are not presentations made in accordance with GAAP and the use of these terms vary from other companies in our industry.

61


 

Total Company

The following table presents a reconciliation of our adjusted operating income and adjusted EBITDA to our net loss for the periods presented:

 

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Net loss

 

$

(289

)

 

$

(236

)

Add: Amortization

 

 

436

 

 

 

470

 

Add: Equity-based compensation

 

 

313

 

 

 

25

 

Add: Cash in lieu of equity awards(1)

 

 

8

 

 

 

19

 

Add: Acquisition and integration costs(2)

 

 

8

 

 

 

23

 

Add: Restructuring and transition(3)

 

 

25

 

 

 

22

 

Add: Management fees(4)

 

 

28

 

 

 

8

 

Add: Implementation costs of adopting ASC Topic 606

 

 

 

 

 

4

 

Add: Transformation initiatives(5)

 

 

28

 

 

 

33

 

Add: Executive severance(6)

 

 

5

 

 

 

3

 

Add: Interest expense and other, net

 

 

308

 

 

 

295

 

Add: Provision for income tax expense

 

 

30

 

 

 

87

 

Add: Foreign exchange loss (gain), net

 

 

104

 

 

 

(20

)

Adjusted operating income

 

 

1,004

 

 

 

733

 

Add: Depreciation

 

 

55

 

 

 

66

 

Less: Other expense

 

 

(2

)

 

 

 

Adjusted EBITDA

 

$

1,057

 

 

$

799

 

Net revenue

 

$

2,906

 

 

$

2,635

 

Net loss margin

 

 

(9.9

)%

 

 

(9.0

)%

Adjusted operating income margin

 

 

34.5

%

 

 

27.8

%

Adjusted EBITDA margin

 

 

36.4

%

 

 

30.3

%

 

(1)

As a result of our Sponsor’s purchase from Intel of a majority interest in FTW in April 2017 (“Sponsor Acquisition”), cash awards were provided to certain employees who held Intel equity awards in lieu of equity in Foundation Technology Worldwide LLC (“FTW”). In addition, as a result of the Skyhigh acquisition, cash awards were provided to certain employees who held Skyhigh equity awards in lieu of equity in FTW and vest over multiple periods based on employee service requirements. As these rollover awards reflect one-time grants to former employees of Intel and Skyhigh Networks in connection with these transactions, we believe this expense is not reflective of our ongoing results.

(2)

Represents both direct and incremental costs in connection with business acquisitions, including acquisition consideration structured as cash retention, third party professional fees, and other integration costs.

(3)

Represents both direct and incremental costs associated with our separation from Intel, including implementing our stand alone back office and costs to execute strategic restructuring events, including third-party professional fees and services, transition services provided by Intel, severance, and facility restructuring costs.

(4)

Represents management fees paid to certain affiliates of our Sponsors and Intel pursuant to the Management Services Agreement. The Management Services Agreement has been terminated subsequent to the IPO and we paid a one-time fee of $22 million to such parties in October 2020.

(5)

Represents costs incurred in connection with transformation of the business post-Intel separation. Also includes the cost of workforce restructurings involving both eliminations of positions and relocations to lower cost locations in connection our transformational initiatives, strategic initiatives to improve customer retention, activation to pay and cost synergies, inclusive of duplicative run rate costs related to facilities and data center rationalization and other one-time costs.

(6)

Represents severance for executive terminations not associated with a strategic restructuring event.

62


 

Consumer Segment

The following table presents a reconciliation of our Consumer adjusted operating income and Consumer adjusted EBITDA to our Consumer operating income for the periods presented:

 

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Operating income Consumer

 

$

333

 

 

$

277

 

Add: Amortization

 

 

252

 

 

 

253

 

Add: Equity-based compensation

 

 

84

 

 

 

4

 

Add: Cash in lieu of equity awards(1)

 

 

 

 

 

2

 

Add: Acquisition and integration costs(2)

 

 

8

 

 

 

8

 

Add: Restructuring and transition(3)

 

 

2

 

 

 

2

 

Add: Management fees(4)

 

 

13

 

 

 

1

 

Add: Implementation costs of adopting ASC Topic 606

 

 

 

 

 

1

 

Add: Transformation initiatives(5)

 

 

10

 

 

 

6

 

Add: Executive severance(6)

 

 

 

 

 

1

 

Adjusted operating income — Consumer

 

 

702

 

 

 

555

 

Add: Depreciation

 

 

20

 

 

 

25

 

Adjusted EBITDA — Consumer

 

$

722

 

 

$

580

 

Net revenue — Consumer

 

$

1,558

 

 

$

1,303

 

Operating income margin — Consumer

 

 

21.4

%

 

 

21.3

%

Adjusted operating income margin — Consumer

 

 

45.1

%

 

 

42.6

%

Adjusted EBITDA margin — Consumer

 

 

46.3

%

 

 

44.5

%

 

(1)

As a result of the Sponsor Acquisition, cash awards were provided to certain employees who held Intel equity awards in lieu of equity in FTW. As these rollover awards reflect one-time grants to former employees of the Intel in connection with the Sponsor Acqusition, we believe this expense is not reflective of our ongoing results.

(2)

Represents both direct and incremental costs in connection with business acquisitions, including acquisition consideration structured as cash retention, third party professional fees, and other integration costs.

(3)

Represents both direct and incremental costs associated with our separation from Intel, including implementing our stand alone back office and costs to execute strategic restructuring events, including third-party professional fees and services, transition services provided by Intel, severance, and facility restructuring costs.

(4)

Represents management fees paid to certain affiliates of our Sponsors and Intel pursuant to the Management Services Agreement. The Management Services Agreement has been terminated subsequent to the IPO and we paid a total one-time fee of $22 million to such parties in October 2020.

(5)

Represents costs incurred in connection with transformation of the business post-Intel separation. Also includes the cost of workforce restructurings involving both eliminations of positions and relocations to lower cost locations in connection with our transformational initiatives, strategic initiatives to improve customer retention, activation to pay and cost synergies, inclusive of duplicative run rate costs related to facilities and data center rationalization and other one-time costs.

(6)

Represents severance for executive terminations not associated with a strategic restructuring event.

63


 

Enterprise Segment

The following table presents a reconciliation of our Enterprise adjusted operating income and Enterprise adjusted EBITDA to our Enterprise operating loss for the periods presented:

 

 

 

Year Ended

 

(in millions)

 

December 26, 2020

 

 

December 28, 2019

 

Operating loss Enterprise

 

$

(180

)

 

$

(151

)

Add: Amortization

 

 

184

 

 

 

217

 

Add: Equity-based compensation

 

 

229