1
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
------------------------
FORM 10-K
FOR ANNUAL AND TRANSITION REPORTS
PURSUANT TO SECTIONS 13 OR 15(d) OF THE
SECURITIES EXCHANGE ACT OF 1934
(MARK ONE)
[X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF
THE SECURITIES EXCHANGE ACT OF 1934
FOR THE FISCAL YEAR ENDED JUNE 30, 2000
OR
[ ] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF
THE SECURITIES EXCHANGE ACT OF 1934
FOR THE TRANSITION PERIOD FROM TO
---------- ----------
COMMISSION FILE NUMBER 0-24544
CYBERGUARD CORPORATION
------------------------------------------------------
(EXACT NAME OF REGISTRANT AS SPECIFIED IN ITS CHARTER)
FLORIDA 65-0510339
- ---------------------- ------------------------------
(STATE OR JURISDICTION (I.R.S. EMPLOYER INCORPORATION
OR ORGANIZATION) IDENTIFICATION NO.)
2000 WEST COMMERCIAL BOULEVARD, SUITE 200, FORT LAUDERDALE, FLORIDA 33309
- ------------------------------------------------------------------- ----------
(ADDRESS OF PRINCIPAL EXECUTIVE OFFICES) (ZIP CODE)
Registrant's telephone number, including area code: (954) 958-3900
Securities Registered Pursuant to Section 12(b) of the Act: NONE
Securities Registered Pursuant to Section 12(g) of the Act: COMMON
STOCK, PAR VALUE $.01 PER SHARE
Indicate by check mark whether the registrant (1) has filed all reports
required to be filed by Section 13 or 15(d) of the Securities Exchange Act of
1934 during the preceding twelve months (or such shorter period that the
registrant was required to file such reports), and (2) has been subject to such
filing requirements for the past 90 days. Yes [X] No [ ]
Indicate by check mark if disclosure of delinquent filers pursuant to
Item 405 of Regulation S-K is not contained herein, and will not be contained,
to the best of registrant's knowledge, in definitive proxy or information
statements incorporated by reference in Part III of this Form 10-K or any
amendment to this Form 10-K. [ ]
The aggregate market value of voting stock held by non-affiliates of
the Registrant was approximately $41,985,958.25 (computed by reference to the
last sales price of the Registrant's Common Stock on September 21, 2000).
As of September 21, 2000, 9,879,049 shares of the Registrant's $0.01
par value Common Stock were outstanding.
DOCUMENTS INCORPORATED BY REFERENCE
Portions of the Definitive Proxy Statement to be issued in connection
with the Company's 2000 Annual Meeting of Shareholders are
incorporated by reference in Part III.
2
CYBERGUARD CORPORATION
FORM 10-K
FOR THE FISCAL YEAR ENDED JUNE 30, 2000
TABLE OF CONTENTS
Forward-Looking Statements
Part I:
Item 1: Business
Item 2: Properties
Item 3: Legal Proceedings
Item 4: Submission of Matters to a Vote of Security Holders
Part II:
Item 5: Market for Registrant's Common Equity and Related Stockholder
Matters
Item 6: Selected Financial Data
Item 7: Management's Discussion and Analysis of Financial Condition
and Results of Operations
Item 8: Financial Statements and Supplementary Data
Item 9: Changes In and Disagreements with Accountants on Accounting
and Financial Disclosures
Part III:
Item 10: Directors and Executive Officers of the Registrant
Item 11: Executive Compensation
Item 12: Security Ownership of Certain Beneficial Owners and
Management
Item 13: Certain Relationships and Related Transactions
Part IV:
Item 14: Exhibits, Financial Statement Schedules and Reports on
Form 8-K
Signatures
2
3
FORWARD-LOOKING STATEMENTS
Statements regarding future products, future prospects, future
profitability, business plans and strategies, future revenues and revenue
sources, future liquidity and capital resources, computer network security
market directions, future acceptance of the Company's products, possible growth
in markets, as well as all other statements contained in this Report on Form
10-K that are not purely historical are forward-looking statements.
These statements are based upon assumptions and analyses made by the
Company in light of current conditions, future developments and other factors
the Company believes are appropriate in the circumstances, or information
obtained from third parties and are subject to a number of assumptions, risks
and uncertainties. Readers are cautioned that forward-looking statements are not
guarantees of future performance and that the actual results might differ
materially from those suggested or projected in the forward-looking statements.
Accordingly, there can be no assurance that the forward-looking statements will
occur, or that results will not vary significantly from those described in the
forward-looking statements. Some of the factors that might cause future actual
events to differ from those predicted or assumed include: future advances in
technologies and computer security; the Company's history of annual net
operating losses and the financing of these losses through the sale of assets
and newly issued Company securities; risks related to the early stage of the
Company's existence and its products' development; the Company's ability to
execute on its business plans; the Company's dependence on outside parties such
as its key customers and alliance partners; competition from major computer
hardware, software, and networking companies; risk and expense of government
regulation and effects on changes in regulation; the limited experience of the
Company in marketing its products; uncertainties associated with product
performance liability; risks associated with growth and expansion; risks
associated with obtaining patent and intellectual property right protection;
uncertainties in availability of expansion capital in the future and other risks
associated with capital markets. In addition, certain events that have occurred
also are factors that might cause future actual events to differ from those
predicted or assumed, including: the impact of the restatement of financial
results for the Company's fiscal year ended June 30, 1997 and quarters ended
September 30, 1997, December 31, 1997 and March 31, 1998; the completion of the
numerous organizational changes and the assembly of a new management team for
CyberGuard; the outcome of a purported class action lawsuit against the Company
and former CEO, Mr. Robert L. Carberry, relating to the restatement of financial
results for the fiscal periods noted above and an SEC investigation regarding
these matters; and the de-listing of the Company from the NASDAQ National
Market. In addition, the forward-looking statements herein involve assumptions,
risks and uncertainties, including, but not limited to economic, competitive,
operational, management, governmental, regulatory, litigation and technological
factors affecting the Company's operations, liquidity, capital resources,
markets, strategies, products, prices and other factors discussed elsewhere
herein and in the other documents filed by the Company with the Securities and
Exchange Commission. Many of the foregoing factors are beyond the Company's
control.
The Company's future success is based largely on its ability to develop
and sell increasingly technologically advanced network security solutions in
sufficient volume and at sufficient prices to become profitable on a consistent
basis. In addition, the network security market is characterized by extremely
rapid technological change, requiring rapid product development. The velocity of
technological change has accelerated and the Company believes that it is
important to its future that it keeps pace with these changes. The Company
believes that competition will continue to intensify in the rapidly evolving
markets in which the Company is involved, and that the continued development of
technologically advanced products will be necessary to keep its products
current. The Company believes that its ability to generate adequate cash flow
from operations will be critical to its future.
3
4
PART I
ITEM 1. BUSINESS
OVERVIEW
CyberGuard Corporation ("CyberGuard" or the "Company") is a leading
network security solutions provider to Fortune 1000 companies, major financial
institutions, and government agencies worldwide. The Company's CyberGuard(R)
Firewall provides a level of security, features and availability that the
Company believes is not matched in the industry. Through a combination of
proprietary and third-party technology (such as Virtual Private Network ("VPN"),
authentication, virus scanning, encryption, advanced reporting, high
availability and centralized management), the Company provides a full suite of
products and services that are designed to protect the integrity of electronic
data and customer applications from unauthorized individuals and digital
thieves.
The Company was incorporated in 1994 in connection with a spin-off from
Harris Corporation. The Company produced computers for the real-time computing
market as well as the CyberGuard Firewall for the secure computing market. The
Company changed its name from Harris Computer Systems Corporation in June 1996
following a sale of the Company's real-time computer business. The Company has
two subsidiaries, Cyberguard Europe Ltd. and CYBG Consultants, Inc.
Information in this report contains forward-looking statements that
involve risks and uncertainties. The Company's actual accomplishments and
results may differ significantly from those discussed in the forwardlooking
statements. Please refer to page three of this Form 10-K for further information
related to forward-looking statements.
SIGNIFICANT EVENTS
During the Company's fiscal year ended June 30, 2000, the Company made
the following changes.
o RETAINED GRANT THORNTON LLP. The Company's Board of Directors retained
Grant Thornton LLP ("GT") to serve as the Company's independent
auditors for its 2000 fiscal year.
o ADDED LIQUIDITY. During December 1998, the Company had obtained
$1,125,000 through the issuance of convertible debt. On August 26,
1999, the Company increased this convertible debt to approximately
$4,300,000 including repaying the initial debt transaction. This
increased amount is principally with the same debt holders as the
December 1998 transaction, with certain company officers, directors and
employees also participating. The interest rate is 11.5% per annum. The
debt may be converted into approximately 4,300,000 shares of common
stock at a conversion price equal to $1.00 per share. In addition, the
initial warrants from the December 1998 transaction were cancelled. The
amended transaction included having the Company issue approximately
4,300,000 warrants. See Item 7 of this report.
INDUSTRY BACKGROUND
CyberGuard competes in the network security and electronic commerce
markets. Network security has historically been the focus of those businesses in
security-sensitive industries such as healthcare, financial services, insurance,
telecommunications, governments and others. Businesses in these industries
historically maintained a secure network environment by isolating their networks
from others and allowing only authorized users to connect to their privately
managed networks.
In recent years, organizations have increasingly begun using the TCP/IP
protocol for their enterprise networks or using the Internet as an inexpensive
alternative to establishing their own wide-area networks. An enterprise network
that uses the TCP/IP protocol is called an "intranet". An intranet can extend
4
5
internal information systems and enterprise applications to geographically
dispersed facilities, remote offices and mobile employees using personal
computers running on incompatible operating systems. Using any "web browser," an
employee can view electronic information notwithstanding the incompatible
operating systems utilized by the employee and the information source. In many
cases, different departments within the same organization can create "home
pages" used to share information among coworkers. The increasing ability to
interconnect with disparate enterprise units has increased the use of mobile or
"nomadic" computing by which users connect to enterprise networks from remote
offices and while traveling. The increasing use of the non-proprietary TCP/IP
network protocol for internal network communications is due, in large part, to
(i) the widely distributed nature of such protocol, (ii) the fact that TCP/IP
network protocol support is available on nearly all types of computer systems
currently manufactured, and (iii) cost considerations.
As popularity and use of the Internet and intranets for business
applications has increased, companies have become increasingly concerned that
data collected and stored electronically by organizations might be vulnerable to
access by unauthorized users, including certain of a company's own employees.
This concern is due in part to the fact that the TCP/IP protocol is particularly
susceptible to penetration, and, as a result, interest in and purchases of
firewall software to protect enterprise networks have increased.
The following elements are principal means for protecting organizations
from digital mischief. These elements require substantial integration and
interoperability to smoothly implement an organization's security policy.
SECURITY POLICY. Security products are not effective unless they follow
a well-thought out enterprise security policy. Creating a policy requires
cooperation between information technology staffers, business unit managers and
senior executives. Generally, a policy should follow one of two philosophies.
The first is, "That which is not expressly prohibited is permitted." The second
is, "That which is not expressly permitted is prohibited." The former is less
intrusive but will not provide maximum protection. The latter requires
discussion and support from management because it affects the workflow of the
entire organization - all the way down to rules for locking offices and filing
cabinets, and discarding waste paper. The use of security technology such as a
firewall, generally is associated with the second philosophy.
LAN SECURITY. Popular local-area network ("LAN") operating system
software provides many security options - many of which are seldom used. Network
managers can immediately improve protection by implementing security features
such as log-in restrictions on specific workstations, days of the week and hours
of the day. More stringent password policies also create extra barriers, such as
increasing the minimum password length and forcing regular password changes.
Rigorous application of LAN security features can bolster protection from
internal breaches.
FIREWALLS. Firewalls provide access control. They usually are aimed at
preventing external security breaches, but can also provide additional internal
security for corporate intranets. Firewalls are a combination of software and
hardware, usually consisting of a fast workstation located outside the LAN but
inside the router link to the Internet. To be effective, all network traffic
must pass through the firewall, whether going to the outside world or entering
the LAN. The firewall permits only authorized traffic to pass either way, and
must be impervious to unauthorized penetration.
Premium firewalls run on special versions of the UNIX operating system,
although Windows NT-based versions are also popular for less-rigorous security
environments. Some firewalls also support ancillary special features, such as
Web URL filtering. Firewall features and the underlying operating system of the
firewall generally determine the level of security that a firewall provides.
Presented below is the security spectrum of firewall products available today.
5
6
- -------------------------------------------------------------------------------
FULL ROUTER- PROXY HYBRID FIREWALL NO
ACCESS BASED APPLICATION FIREWALL WITH ACCESS
FILTERING FIREWALL SECURE OS
LEAST SECURE MOST SECURE
- -------------------------------------------------------------------------------
Generally, these technologies build on each other so that the most secure
technologies can also perform the functions of the less secure ones and,
depending on price and other factors, can serve markets for such products.
CyberGuard has developed its products to emphasize stringent security and thus
fall to the far right of this diagram.
o ENCRYPTION. Encryption is a data-scrambling technique that prevents
information from being read by unauthorized people. It is used to
protect data packets during transmission from one point to another.
Encryption can be implemented in two ways: from the PC that originates
the data, or from the server or Internet connection device that passes
the data outside the LAN. Protected data is decrypted by a
reciprocating destination LAN server or PC. Digital key technology is a
common means of implementing encryption. A digital key bearing a secret
value is used to encrypt data. Decryption can occur only by someone who
possesses the appropriate decryption key-- much like secret agents
passing coded messages from behind enemy lines. Systems using the same
key for encryption and decryption are referred to as symmetric key
encryption systems, whereas those that use a different key for
decryption than encryption are referred to as asymmetric or public-key
encryption systems. Encryption is a common security technique used to
protect Virtual Private Networks ("VPN") and standard intranets.
o ANTI-VIRUS. A computer virus modifies programs and data, sometimes in
an innocuous manner and sometimes with malicious intent. Some viruses
can erase applications and data from systems or merely act as
electronic graffiti. Any form of computer virus, regardless of its
intent, increase costs and decreases productivity, and therefore cannot
be tolerated. Anti-virus protection software can be run from individual
workstations or from a network server or firewall. This software scans
incoming files and attachments to E-mail messages to protect servers,
PCs and LANs from infection.
o IDENTIFICATION AND AUTHENTICATION. On the Internet, no one can truly
see who is using the system. Digital identification technology is used
to identify who you are before you start using an information system.
Authentication is the means for proving to the system that you actually
are the person you claim to be. This is similar to the process of
signing a check, then showing a driver's license and a major credit
card to a store clerk. Digital identification and authentication
employs passwords, keys, physical tokens, badges and smart cards - even
fingerprints, retinal scans or voiceprints (biometric identification)
in advanced systems. Digital identification and authentication are
particularly important for securing electronic commerce, which mostly
operates outside the protection of a corporate intranet's security
infrastructure.
o CERTIFICATE AUTHORITY. Applications requiring absolute user
identification employ digital signatures managed by a trusted
organization called a certificate authority. Digital signatures are
locked and unlocked with electronic keys, and filed in a directory of
certificates that identify users owning the keys. A trusted
organization called a certificate authority manages and distributes
these certificates with their corresponding keys. A certificate
authority can be an in-house department or a third-party service
provider. It is responsible for the complex process of registering new
6
7
users, securing Web servers, distributing and updating private keys and
certificates, recovering lost or forgotten keys and maintaining audit
trails.
THE CYBERGUARD SOLUTION
The Company produces two different firewall products: one based on a
Unix operating system obtained from Caldera, formerly Santa Cruz Operations,
Inc., and one based on the Microsoft Windows NT operating system. CyberGuard has
modified the Caldera UnixWare operating system to remove penetration
vulnerabilities that are common in Unix platforms. On the Windows NT operating
system, CyberGuard has developed a capability called SecureGuard that closes
virtually all of the security holes in that operating system.
The Company's secure operating system and secure networking software
technologies allow CyberGuard to position its product suite to address the broad
range of customer requirements in the commercial network security market.
Generically speaking, a firewall consists of a firewall application, an
operating system and networking software, each playing an important role in the
receipt and processing of data through the firewall. In competitive network
security products, only the firewall application has been designed to resist
penetration by an attacker, leaving the operating system and network software
unsecure. Therefore, an attacker can penetrate a competitive firewall through
the unsecure operating system or networking software. The Company's
CyberGuard(R) Firewall uses a secure operating system and secure networking
software to prevent network penetration by requiring network communication to
pass through the firewall application.
The graphic presentation below depicts the three major components of a
firewall system and demonstrates the fundamental security deficiency of an
application-only solution as compared to the CyberGuard(R) Firewall.
[GRAPH]
CyberGuard's secure operating system and secure networking software are
based on multi-level security ("MLS"), that is, they restrict access to
information based on the sensitivity of the information and the access
authorization of system users. In an MLS system, a user cannot read data that
7
8
has been labeled at a level more sensitive than the security level that person
has been given, and cannot create or modify data having a different security
label. The operating system and programs reside at a protected level that cannot
be read or modified by network users.
The Company's secure operating system and networking software are
designed to meet the National Computer Security Center ("NCSC") at a B1 level.
The NCSC ratings range from D (systems with minimal security) to A1 (systems
with assured security). Certain agencies of the United States government have
incorporated the NCSC ratings into their procurement requirements, and
commercial users, while not having specific NCSC-rating requirements, often look
to an NCSC rating as an indication of the product's proven reliability. The
Company believes that the CyberGuard(R) Firewall is the only commercially
available firewall built on an integrated operating system and networking
software with a rating as high as B1. These components have also been
successfully evaluated by the Centre d'Electronique de l'Armement ("CELAR") in
France and have been awarded an E3 rating in the United Kingdom and Australia
against the Information Technology Security Evaluation Criteria ("ITSEC"). The
Company is currently pursuing Common Criteria, EAL4 certification for its
appliance firewall family. The certification process is expected to be complete
before the end of the year.
Through a strategic partnership, the Company's CyberGuard(R) Firewall
also meets the compliance standards of the Internet Protocol Security Standard
(IPSec). IPSec is a framework of open standards for ensuring private
communications over public networks like the Internet. Based on standards
developed by the Internet Engineering Task Force (IETF) IP Security Working
Group, IPSec is an industry-driven standard that ensures confidentiality,
integrity, and authenticity on an IP network. IPSec is a key component of this
standards-based, flexible solution for deploying a network-wide security policy.
In addition to enhanced operating system and network security,
CyberGuard's firewalls have been built on the Company's legacy of providing
high-performance, real-time computing systems. Therefore, the Company's
CyberGuard(R) Firewall also addresses the high performance end of the commercial
network security market because the underlying operating system and networking
software were designed for demanding security environments. The Company's secure
operating system is designed to function as a high performance, real-time
operating system able to process high levels of throughput without
time-consuming failures. This same operating system technology underlies the
Company's secure networking software and firewall technology.
The CyberGuard(R) Firewall product is the basis for the Company's
ability to offer a complete suite of enterprise-wide security products including
mobile security applications, secure database applications, and network access
control filters.
The Company's UNIX-based firewall is currently using Caldera version
2.1.3. The Company is currently transitioning its firewall technology to be
multi-platform capable. This will enhance the Company's ability to take
advantage of advancements in operating system technology, as well as third party
products.
PRODUCTS AND SERVICES
PRODUCTS
The Company's products are used to secure access to distributed
electronic data and to safeguard the integrity of electronic commerce
applications. The products offered by the Company include the CyberGuard(R)
Firewall in several forms and related third-party products offered by the
Company with its strategic partners. Additional information regarding each of
these products is presented below.
CYBERGUARD(R) FIREWAll. CyberGuard offers firewall solutions to fit a
range of requirements. CyberGuard's UnixWare Firewall is designed to execute on
an Intel Pentium class platform and is an acknowledged leader in firewall
security. Customers who have very complex, high volume and rigid security
8
9
requirements utilize the UnixWare Firewall. Customers who demand this type of
security include financial institutions, brokerage houses, medical institutions,
government agencies, ISPs, ASPs, and others. The CyberGuard(R) Firewall for
Windows(R) NT is targeted at the small business environment and users who prefer
the Windows NT operating environment. This product effectively meets the needs
of this specific market segment.
In January 2000, CyberGuard introduced the KnightSTAR(TM) appliance
firewall in response to customer demand for an integrated firewall solution. The
KnightSTAR appliance is a high performance Intel Pentium class platform combined
with CyberGuard's UnixWare Firewall. The strong security features, along with
ease of installation and single source support, have made the KnightSTAR product
a success. In May 2000, CyberGuard introduced the KnightSTAR PLUS appliance
firewall. KnightSTAR PLUS offers increased speed, redundancy and scalability
over the KnightSTAR product.
CyberGuard's products may include the following features and
attributes:
o PACKET FILTERING. The CyberGuard(R) Firewall implements packet
filtering technology designed to allow the firewall to expressly permit
or deny connections using criteria based upon source and destination
host, or network and the type of network service being requested and
the time of day or day of week.
o SECURITY AUDITING AND ALARMS. The CyberGuard(R) Firewall incorporates
built-in auditing and alarm functions that are designed to permit
administrators to review a chronological record of system activities
and allow the reconstruction of security sensitive activities. The
CyberGuard(R) Firewall can be configured to dynamically process the
security auditing information and, in real-time, take explicit actions
in response to actions deemed security sensitive or possible attempts
to attack the network or firewall.
o APPLICATION PROXIES. The CyberGuard(R)Firewall supports a number of
security-enhanced application proxies for many network services,
including remote login ("rlogin"), terminal emulation ("Telnet"), file
transfer protocol ("FTP"), hypertext transport protocol ("HTTP") (used
with the Internet), secure sockets layer ("SSL") security, network news
transport protocol ("NNTP"), simple mail transport protocol ("SMTP"),
X-Windows ("X"), load balancing, lightweight directory access protocol
("LDAP"), server message block ("SMB"), Load Equalizer ("LDE"), Lotus
Notes(R)("Notes"), Port Guard intercept ("Port Guard"), post office
protocol Revision 3 ("POP3"), Oracle Database ("SQL*Net"), Proxy-Writer
for custom proxies ("Proxy-Writer"), RealAudio(TM)Protocol proxy
("RealAudio"),and Gopher(TM)protocol ("Gopher").
o SECURE REMOTE ADMINISTRATION. The CyberGuard(R) Firewall supports the
ability to remotely monitor and administer a firewall from a "Network
Operations Center." Using this remote administration capability, a
CyberGuard(R) Firewall can be managed from a remote site as if the
system administrator were physically located with the firewall.
o CENTRAL MANAGEMENT. The CyberGuard(R) Firewall provides the ability to
centrally manage and monitor multiple remote CyberGuard(R) Firewalls
(both UnixWare and NT). Remote firewalls (targets) can be administered
and monitored individually or within groups by a Central Manager, while
the Central Manager can still continue to be utilized as a firewall.
The high-availability feature allows central management functions to be
migrated to an alternate manager. CyberGuard's Central Management also
has the added capability of providing automatic fail-over in the case
where the firewall acting as the Central Manager, should fail. The
"back-up" manager can be located anywhere in the world remote from the
master Central Manager.
9
10
o DYNAMIC NETWORK ADDRESS TRANSLATION. The CyberGuard(R) Firewall can be
configured to translate all internal addresses to the firewall's
network address. From the Internet, the firewall appears to be the only
machine connected, reducing the risk of possible penetration attacks
against the internal network.
o STATIC NETWORK ADDRESS TRANSLATION. The CyberGuard(R) Firewall supports
the ability to map internal private network addresses to public network
addresses. This allows machines with illegal or private network
addresses to be accessed via a public network address different from
that of the firewall.
o GRAPHICAL USER INTERFACE. The CyberGuard(R) Firewall provides a
Motif(TM)-based Graphical User Interface, or "GUI," designed to
facilitate system configuration and administration. GUI is generally
considered easier to use than the traditional command-line interface.
o SPLIT DOMAIN NAME SERVICE. The CyberGuard(R) Firewall can function as a
Domain Name Service ("DNS") server. With Split DNS, the network
responds to queries differently depending on their source. For example,
responses to requests from the Internet might contain only the
CyberGuard(R) Firewall information; responses from internal requests
might contain a complete list of hosts.
o VIRTUAL PRIVATE NETWORKING. The CyberGuard(R) Firewall supports a
variety of VPN products from RedCreek Communications including their
IPSec-based product line. VPN products provide a mechanism for
establishing a logically separate network between multiple
CyberGuard(R) Firewall systems. This logical network supports fully
encrypted communication among the machines in the network. VPN also
supports high-performance encrypted communication between CyberGuard(R)
Firewalls or remote/mobile users.
o LINK AGGREGATION. The CyberGuard Firewall provides a feature called
Link Aggregation (LAG) that will combine multiple physical network
interface controller ports into one logical network interface. There
are two benefits gained from the Link Aggregation feature. The first is
an increase in the overall reliability of the network that can be
gained by providing redundancy. In this case two physical ports are
configured beneath one LAG device and one port will be active while the
other will be a hot standby. The second is that Link Aggregation can
also be used to provide improved throughput. In this case multiple
ports are configured under a single LAG device and the LAG driver will
optimize port utilization by balancing the traffic load.
o AUTOMATIC SYSTEM UPDATE. The CyberGuard Firewall includes a feature
that will allow the administrator to automatically update the firewall
with necessary patches via a remote download. This feature is
especially useful for very large firewall installations because the
administrator is able to implement patches to large numbers of
firewalls from a single central location.
o NETWORK TIME PROTOCOL SUPPORT. The CyberGuard Firewall provides a means
to automatically update the time via a network. Time synchronized via a
trusted Network Time Protocol Server is required to insure that audit
data can be accurately correlated. This feature is especially important
to installations with large numbers of firewalls.
o AUTOMATED AUDIT LOG ARCHIVING. The CyberGuard Firewall offers a feature
for automatically archiving audit logs to a remote archive server. The
log files can be encrypted to insure confidentiality. This feature is
especially important with the increase in the amount of audit
information that is directly proportional to data throughput.
o HIGH AVAILABILITY CYBERGUARD(R) FIREWALL. The CyberGuard(R) Firewall
for UnixWare supports an optional High Availability configuration,
which combines two firewalls to operate as a single logical unit. If
there is a disruption in network connectivity or the primary firewall
10
11
should fail, the secondary firewall is designed to automatically take
over to provide nearly continuous network connectivity. All
configuration changes are automatically synchronized between High
Availability firewall pairs. For critical connections, such as
electronic commerce sites, this High Availability configuration
minimizes the risk of lost network connectivity.
THIRD-PARTY PRODUCTS AND SERVICES. Through strategic alliances, the
Company offers certain network security products for use with the CyberGuard(R)
Firewall. These products include:
o URL BLOCKING. Together with its CyberGuard(R) Firewall, the Company
offers a product that can be used to control Internet site
accessibility. The URL Blocker is a software product that monitors and
controls access to non-business-related web sites such as pornography,
hate speech, on-line shopping, job searching, sports and other sites
that someone may wish to block.
o TOKEN AUTHENTICATION PRODUCTS. With the CyberGuard(R) Firewall, the
Company offers a number of third-party token authentication devices,
including those offered by the Company through alliances with Axent
Technologies and RSA, among others. Token authentication devices
provide an alternative to the use of static passwords for user
authentication, resulting in reduced likelihood of system penetration
through the reuse of an old password.
SECURE OPERATING SYSTEMS. The Company offers secure operating systems
based on the X86 architecture. The heritage of the Company's secure operating
system capabilities is from the Company's CX/SX operating system. CX/SX is a
multi-threaded, fully preemptive operating system for high performance, secure
UNIX-based applications. The Company's CX/SX operating system has received
rigorous evaluation from the NCSC in the United States and CELAR in France. The
NCSC performed an evaluation of the Company's CX/SX operating system and
subsequently granted it a B1 security rating. This heritage has been passed down
to the Company's re-engineering of the Caldera UnixWare operating system and to
the efforts the Company has placed into its SecureGuard product for Windows NT.
SERVICES
SYSTEM INTEGRATION SERVICES. The Company offers a number of systems
integration services, both directly and through strategic alliances, with the
purpose of offering customers network security expertise for their particular
networking environment. In addition, the Company markets several specific types
of pre-packaged consulting services relating to, among others, penetration
testing; Internet gateway security and technical evaluation; system security;
corporate data security policies and management control; network security policy
and management control; Internet security policy and management controls;
network security analysis; and information security training.
PRODUCT DEVELOPMENT
The following table shows the significant products and product
enhancements that the Company introduced during the first two quarters of
calendar year 2000 and will introduce during the last two quarters of calendar
year 2000.
11
12
PRODUCT INTRODUCTION DESCRIPTION
------- ------------ -----------
(Calendar Quarters)
KnightSTAR Q1 2000 Introduced the first Premium Firewall Appliance
Data Center Enhancements Q2 2000 New software release for KnightSTAR, with rapid
deployment features
STARLord(TM) Q3 2000 High performance Premium Firewall Appliance targeted
at customers using gigabit ethernet technology
FireSTAR(TM) Q4 2000 Small Office, Home Office (SOHO) Firewall Appliance
Windows NT and 2000 enhancements Q4 2000 New software release, with ease of use features and
support for Windows 2000
The expected dates of introduction in the above table are
forward-looking statements and are based on certain assumptions, including
certain assumed levels of staffing and capital resources, contractual
arrangements with suppliers, customers or strategic allies, market conditions,
overall product development costs and related sales and marketing expenses, the
nature of available competing and complementary technologies and products, and
other assumptions. Should these assumptions change or prove to be inaccurate, or
should the Company's plans change due to certain unforeseen factors, the
development of such products may be delayed or discontinued. Please refer to
page three of this Form 10-K for further information related to forward-looking
statements.
Development of new products and features is performed by the Company's
internal engineering staff and through third-party licensing. The Company has
approximately 35 full-time employees and independent contractors devoted to
product development. The Company supplements the development staff from
time-to-time with contract engineers as needed to meet product demands in the
market.
For the fiscal years ended June 30, 2000, June 30, 1999 and June 30,
1998, the Company spent $3.0 million, $3.7 million and $5.8 million,
respectively, on research and development, an equivalent of 16%, 27%, and 37%,
of total sales during such periods, respectively.
JOINT PRODUCT DEVELOPMENT AND STRATEGIC ALLIANCES
In December 1996, CyberGuard and Caldera, the world's largest supplier
of UNIX server and host applications, announced a strategic joint marketing
agreement that allows the two companies to market the CyberGuard(R) Firewall to
Caldera's premier resellers and major accounts worldwide. Caldera's premier
resellers consist of over 100 top resellers who specialize in UNIX application
software integration and training. Since January 1997, the Company has signed
several of the Caldera premier resellers who actively market and/or recommend
the products of both CyberGuard and Caldera.
In 1998, the Company entered into an agreement with RedCreek
Communications to integrate and market a family of hardware network security
products for VPN applications on the Internet. VPNs offer a secure,
cost-effective alternative to private leased communication lines. These products
are available for both Unix and NT firewalls.
To complement CyberGuard(R) Firewall product sales, the Company offers
consulting and security products through a series of strategic alliances with
prominent organizations. The Company has formed alliances with several
consulting partners worldwide. Consulting services include network and on-site
analysis services, network penetration testing, security policy and management
control, migration planning and security training.
12
13
The Company has alliances for the purpose of reselling the Company's
products with several strategic partners, including Data General. The Company
has additional strategic resellers outside the United States, which include
Nissin Electric Co., Ltd. and Hucom, Inc. (Japan), and Baltimore (United
Kingdom).
The Company is actively seeking additional strategic alliances for
product development and sales and marketing purposes. The Company is seeking
such alliances to continue efforts to develop additional products or
enhancements to its existing product offerings, particularly those relating to
encryption, token authentication, VPNs, intrusion detection and virus detection.
The Company is also actively pursuing sales and marketing alliances,
particularly with value added resellers and distributors, in order to expand the
geographic distribution of the Company's products. There can be no assurance
that the Company will be able to create new alliances, or that if formed, that
such alliances will be successful.
CUSTOMERS AND MARKETS
End-users of CyberGuard products include commercial businesses,
government agencies, public-utility consortiums, and educational institutions.
In many cases, CyberGuard supplies its product to authorized resellers,
distributors, business partners, or system integrators who ultimately sell to
and support the end-users. The Company in turn supports these reseller channels
which are marketed by the Company's direct sales force. The Company's current
and prospective commercial customers include medium to large domestic and
multinational companies, that routinely create and store proprietary and/or
highly sensitive information which is accessible via corporate networks
including intranets and extranets (wide area networks). These customers are
likely to consider network security and network throughput performance as
decisive factors in their procurement decisions. Target markets for the
Company's products include financial institutions, financial news services,
insurance companies, health care institutions, telecommunications companies and
companies who market electronic commerce applications to businesses and
consumers.
For the year ended June 30, 2000, sales to a major financial
institution accounted for approximately 28% of the total revenues of the
Company. No other single customer accounted for more than 10% of sales for the
2000 fiscal year.
SALES, MARKETING, AND DISTRIBUTION
The Company has established a range of channels by which to market its
products in the United States and internationally, including Value Added
Resellers ("VARs"), distributors and manufacturers' representatives, strategic
alliance partners, as well as direct sales representatives. Key resellers and
distributors include Genicom, Hucom, Inc., Datacraft Asia, Baltimore Zergo and
Nissin Electric Co. Ltd. (a member of Japan's Sumitomo Group). During the year
ended June 30, 2000, the indirect marketing channels for the Company's products
accounted for 28% of the Company's sales. See also "Strategic Alliances" above.
The Company employs 11 sales representatives and maintains sales
offices in Naperville, Illinois; Fairlawn, Ohio; Fort Lauderdale, Florida;
Dallas Texas; Los Angeles and Palo Alto, California; Atlanta, Georgia;
Elizabeth, New Jersey; Washington, DC; and the United Kingdom. The sales force
focuses its sales and marketing efforts towards customers and VARs in selected
vertical markets such as financial services, healthcare, insurance,
telecommunications and electronic commerce application providers. The Company's
sales staff also solicits prospective customers and provides technical advice
and support with respect to the Company's products.
In support of its sales efforts, the Company markets its products
through direct mail, advertising, seminars, trade shows, telemarketing, and
on-going customer and third-party communications programs. The Company has
entered into strategic marketing relationships with various vendors of
communications, security and network management products and consulting
13
14
services. Certain of these vendors recommend the Company's products along with
their own solutions to meet a customer's security needs. The Company also seeks
to generate interest in, and to educate potential customers about, computer and
network security through its speaking engagements, contributed articles,
interviews and documentaries.
The Company focuses its direct and indirect marketing efforts on
commercial businesses that the Company perceives as having a need for network
security due to the sensitive nature of data they collect or the devastating
potential impact of computer "hacking." The Company addresses these markets with
its direct sales force and through indirect channels such as VARs and systems
integrators who already serve such markets. The Company also believes its
products are particularly well suited to Internet service providers ("ISP"),
electronic commerce service providers ("ESPs") and Internet-based retailers of
subscription products and services.
COMPETITION
The market for network security products is intensely competitive and
characterized by frequent technological change. The Company believes that
competition in this market is likely to persist and to intensify if demand for
network security products continues to increase.
In the market segments requiring the highest levels of network
security, the Company competes with Secure Computing Corporation, which also
offers a firewall with a security-enhanced operating system. The Company also
competes with manufacturers of proxy application firewalls and hybrid systems,
such as Check Point Software Technologies Ltd., Cisco Systems, Inc., Axent
Technologies, Inc., Network Associates, and IBM. Most of these companies enjoy
higher sales volumes than the Company due to their sales of lower-end firewalls
and other (non-firewall) products and applications.
These companies' products may be considered to be alternatives to the
Company. In addition, companies such as Compaq (Digital Equipment Corporation)
and Sun Microsystems, Inc. sell products with similar features and functions
that could be considered competitors of the Company. In addition, certain
companies, such as Microsoft and Lucent Technologies, Inc., have now begun to
offer network-related security products that could eventually compete with the
Company's firewall products.
Many of the Company's current and potential competitors have greater
name recognition, larger installed customer bases and significantly greater
financial, technical and marketing resources than the Company. There can be no
assurance that the Company can maintain its competitive position against current
and potential competitors, especially those with significantly greater
financial, marketing, service, support, technical and other competitive
resources. Failure to keep pace with rapid technology and changes could result
in the Company's products becoming less valuable or obsolete. Certain of the
Company's competitors may determine, for strategic reasons, to consolidate,
substantially lower the price of their network security products or bundle their
products with other products, such as hardware products or other enterprise
software products. The trend toward enterprise-wide network management and
security solutions may result in a consolidation of the network management and
security market around a smaller number of vendors who are able to provide the
necessary software and support capabilities. In addition, current and potential
competitors have established or may establish financial or strategic
relationships among themselves, with existing or potential customers, resellers
or other third parties.
The Company believes that the principal competitive factors affecting
the market for computer and network security products include the product's
level of security, performance and reliability (particularly maximum levels of
throughput), technical features including interoperability and functionality,
ease of use, capabilities, customer service and support, integration of
products, manageability of products, brand name recognition, company reputation,
distribution channels and price. Based upon its understanding of the features of
the products and services offered by the Company's competitors, the Company
believes that its products currently compete favorably with respect to such
14
15
factors. Based upon its experience and understanding of the existing network
security market, the Company believes that potential purchasers of the Company's
security products who do not differentiate between the level of security
provided by competing security products are as likely to base their purchasing
decisions on price, ease of use, or other considerations as they are to base
such decisions on the level of security provided. In circumstances where a
potential purchaser's primary concern is the level of security provided by
products being considered, the Company, based upon its understanding of the
features in products and of the services offered by the Company's competitors,
believes that its products compete favorably.
Additionally, the Company believes a key competitive factor in the
foreign network security market, and certain domestic vertical markets, is a
computer system's security rating by intelligence and other government agencies
such as the NCSC and ITSEC. The CyberGuard(R) Firewall is built on an integrated
secure operating system and secure networking software components that are
certifiable to the B1 level by the NCSC and are rated E3 by ITSEC Certification
testing in the United Kingdom and Australia. The Company's secure operating
system has also successfully completed evaluation by CELAR, the ISCA, CheckMark
and NSS organizations. Certain of the Company's competitors have either recently
received an ITSEC Certification or have submitted their products for review
against the ITSEC E3 Requirements.
PATENTS AND PROPRIETARY TECHNOLOGY
The Company relies upon license agreements with customers; trademark,
copyright and trade secret laws; employee conflict of interest and third-party
non-disclosure agreements and other methods to protect the trade secrets,
proprietary know-how and other proprietary rights on which the Company's
business depends. There can be no assurance that these agreements will not be
breached, that the Company will have adequate remedies for any breach, or that
the Company's trade secrets will not otherwise become known to or independently
developed by competitors. The Company has no pending patent applications to
cover any aspects of its technology. The Company has received trademark
registration in the United States, Canada and numerous other countries for its
"CyberGuard(R) Firewall" marks and its CyberGuard logo.
RISK RELATED TO YEAR 2000 PROBLEM
The Year 2000 problem stems from the use of a two-digit date to
represent the year (e.g., 85 = 1985) in computer software and firmware. It was
thought that many currently installed computer systems were not capable of
distinguishing dates beginning with the year 2000 from dates prior to the year
2000. Computer systems or applications used by many companies in a wide variety
of industries could experience operating difficulties unless the systems or
applications were modified to adequately process information related to the date
change. A degree of uncertainty still exists in the software and other
industries concerning the scope and magnitude of problems associated with the
century change. Many industry experts believe that the extent of Year 2000
issues may not be realized until after March 31, 2001.
While the Company believes its Year 2000 risk management initiative's
scope covered both the Company's information technology (IT) systems and non-IT
systems and addressed all areas of the Year 2000 issues as defined by the
Information Technology Association of America (ITAA), and to date there have
been no Year 2000 issues detected, there can be no assurance that the Company
has identified and remedied all Year 2000 problems, and that such problems will
not have a material adverse affect on the Company's business.
GOVERNMENT REGULATION
The Company is not currently subject to direct regulation by any
government agency other than regulations applicable to businesses generally and
the U.S. Department of Commerce licensing of export of cryptographic products.
Export controls on cryptographic products permit the export of the Company's
encryption products outside the U.S. only with the required level of export
license or through an export license exception. Although to date the Company has
15
16
been able to secure all required U.S. export licenses and license exceptions,
there can be no assurance that the Company will continue to be able to secure
such licenses or exceptions in a timely manner in the future. The effect of
these regulations is to create delays in the introduction of the Company's
products in international markets, and in some cases to prohibit them
altogether.
There are currently few laws or regulations directly applicable to
access to or commerce on the Internet. Additional laws and regulations could be
adopted with respect to the Internet, covering issues such as privacy, pricing
and characteristics and quality of products and services. The adoption of
additional laws or regulations may decrease the growth of the Internet, which
could in turn decrease the demand for the Company's products and increase the
Company's cost of doing business or otherwise have an adverse effect on the
Company's business, operating results or financial condition.
EMPLOYEES
On June 30, 2000, the Company employed 82 employees through its Fort
Lauderdale headquarters, and its field offices in the United States and abroad.
The Company also utilizes the services of approximately two contract engineers
on a temporary basis for software development or documentation. All employees
are bound by agreement containing confidentiality and conflict of interest
provisions.
CyberGuard's future success will depend in significant part on the
continued service of its key technical, sales and senior management personnel.
Competition for such personnel is intense and there can be no assurance that
CyberGuard can retain its key managerial, sales and technical employees, or that
it can attract, assimilate or retain other highly qualified technical, sales and
managerial personnel in the future. None of CyberGuard's employees is
represented by a labor union. CyberGuard has not experienced any work stoppages
and considers its relations with its employees to be good.
ITEM 2. PROPERTIES
The Company's principal administrative, sales and marketing,
development, engineering, production and support facility is located in Fort
Lauderdale, Florida, and consisting of approximately 26,000 square feet of
leased office space. The lease on the facility expires on June 30, 2004,
although the Company has the right to sublease the premises. Additionally, the
Company maintains a marketing and sales office located in the United Kingdom,
which also functions as the administrative office for the Company's subsidiary,
CyberGuard Europe Ltd.
The Company leases its office locations in the United States and
abroad. CyberGuard believes that its existing facilities are adequate for its
current needs and additional space will be available at current market rates as
required in the future.
ITEM 3. LEGAL PROCEEDINGS AND OTHER MATTERS
On August 24, 1998, the Company announced, among other things, that due
to a review of its revenue recognition practices relating to distributors and
resellers, it would restate prior financial results. After the August 24, 1998
announcement, twenty-five purported class action lawsuits were filed by alleged
shareholders against the Company and certain former officers and directors.
Pursuant to an order issued by the Court, these actions have been consolidated
into one action, styled STEPHEN CHENEY, ET AL. V. CYBERGUARD CORPORATION, ET
AL., Case No. 98-6879-CIV-Gold, in the United States District Court, Southern
District of Florida. On August 23, 1999, the plaintiffs filed a Consolidated and
Amended Class Action Complaint. This action seeks damages purportedly on behalf
of all persons who purchased or otherwise acquired the Company's common stock
during various periods from November 7, 1996 through August 24, 1998. The
complaint alleges, among other things, that as a result of accounting
irregularities relating to the Company's revenue recognition policies, the
16
17
Company's previously issued financial statements were materially false and
misleading and that the defendants knowingly or recklessly published these
financial statements which caused the Company's common stock prices to rise
artificially. The action alleges violations of Section 10(b) of the Securities
Exchange Act of 1934 ("Exchange Act") and SEC Rule 10b-5 promulgated thereunder
and Section 20(a) of the Exchange Act. Subsequently, the defendants, including
the Company, filed their respective motions to dismiss the amended complaint. On
July 31, 2000, the Court issued a ruling denying the Company's and Robert L.
Carberry's (the Company's CEO from June 1996 through August 1998) motions to
dismiss. The court granted the motions to dismiss with prejudice for defendants
William D. Murray (the Company's CFO from November 1997 through August 1998),
Patrick O. Wheeler (the Company's CFO from April 1996 through October 1997), C.
Shelton James (former Audit Committee Chairman), and KPMG Peat Marwick LLP
("KPMG"). The Company filed an answer to the plaintiffs' complaint on August 24,
2000.
In August 1998, the Securities and Exchange Commission ("SEC")
commenced an informal inquiry into certain accounting and financial reporting
practices of the Company and its officers, directors and employees. On March 25,
1999, the SEC issued a formal order of investigation (which the Company learned
of on September 27, 1999) into certain accounting and financial reporting
practices of the Company and its officers, directors and employees. The SEC's
investigation is ongoing.
On September 16, 1999, the Company filed a lawsuit against KPMG and
August A. Smith, the KPMG engagement partner. The lawsuit is pending in the
Circuit Court of the 17th Judicial Circuit in and for Broward County, Case No.
00-004102-CACE-14. On May 1, 2000, the Company filed the First Amended
Complaint, alleging that KPMG failed to properly audit the Company's financial
statements and provided inaccurate advice on accounting matters for fiscal years
1996, 1997 and 1998. The action alleges professional malpractice, breach of
fiduciary duty, breach of contract and breach of implied duty of good faith, and
seeks damages in excess of $10 million. KPMG and Mr. Smith filed motions to
dismiss, which were denied. In August 2000, KPMG and Mr. Smith filed their
answers and KPMG filed counterclaims against the Company, alleging the Company's
breach of contract, negligent misrepresentation and abuse of process, and seeks
an unspecified amount of damages consisting of unpaid service fees and legal
fees and costs.
The Company is involved from time to time in other litigation on
various matters relating to the conduct of its business. The Company believes
that these other litigation matters, single or collective, will not have a
material adverse effect on its consolidated financial position, results of
operations or cash flows.
The Company is unable to predict the ultimate outcome of the litigation
and investigation described above in this Item 3. The resolution of such matters
could have a material adverse affect on the Company's results of operations and
financial position. The Company's financial statements do not include any
adjustments related to these matters.
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS
No matters were submitted to a vote of security holders during the
fourth quarter of the fiscal year ended June 30, 2000.
17
18
PART II
ITEM 5. MARKET FOR REGISTRANT'S COMMON EQUITY AND RELATED STOCKHOLDER
MATTERS
The Company's Common Stock was traded on NASDAQ under the symbol "CYBG"
until October 2, 1998. From October 2, 1998 until January 13, 1999, the
Company's stock symbol was changed to "CYBGE" due to the Company being late in
filing its Form 10-K for its fiscal year ended June 30, 1998. On January 13,
1999, the Company was de-listed from the NASDAQ Stock Market, on which its
securities were traded, because the Company was delinquent in its filings under
the Exchange Act. From January 13, 1999, the Company's securities have been
traded by market makers through the "pink sheets" again under the symbol "CYBG."
The Company is current in its reporting responsibilities pursuant to
the Exchange Act. On February 14, 2000, the Company filed an application to list
its securities on the NASDAQ SmallCap Market ("NASDAQ SmallCap"). On July 27,
2000, the Company received a letter from the NASDAQ staff that the Company's
application for listing on the NASDAQ SmallCap has been denied. On August 2,
2000, the Company appealed the decision to the NASDAQ Listing Qualifications
Panel ("Panel") and on September 7, 2000 the Company attended an oral hearing in
front of the Panel. Currently, the Company is awaiting a decision from the
Panel. At the present time, the Company is unable to predict whether the
Company's securities will be available for public trading on the NASDAQ
SmallCap.
The Company is also eligible for trading on the OTC Bulletin Board;
however, moving from being traded on the "pink sheets" to the OTC Bulletin Board
requires that at least one NASD Broker/Dealer serve as a market maker for the
Company's securities. Although the Company has been meeting with various
potential market makers, the Company is unable to predict whether its securities
will be available for public trading on the OTC Bulletin Board.
There were approximately 4,145 holders of record of Common Stock as of
June 30, 2000. The table below sets forth, for the quarters indicated, the high
and low bid prices of the Company's Common Stock as reported by NASDAQ.
BID PRICES
------------------
HIGH LOW
---- ---
FISCAL YEAR 1998
Quarter Ended September 30, 1997 $ 11 1/2 $ 8 7/16
Quarter Ended December 31, 1997 9 7/8 5 1/8
Quarter Ended March 31, 1998 12 3/4 4
Quarter Ended June 30, 1998 18 3/8 7 7/8
FISCAL YEAR 1999
Quarter Ended September 30, 1998 $ 11 $ 1 1/16
Quarter Ended December 31, 1998 3 3/8 1 1/16
Quarter Ended March 31, 1999 2 1/4 1 1/4
Quarter Ended June 30, 1999 1 3/8 5/8
FISCAL YEAR 2000
Quarter Ended September 30, 1999 $ 1 3/4 $ 1
Quarter Ended December 31, 1999 6 5/8 1 3/4
Quarter Ended March 31, 2000 15 7/8 4 1/4
Quarter Ended June 30, 2000 10 1/8 5 3/8
18
19
The Company has never paid dividends on its Common Stock. The Company
intends to retain earnings, if any, to finance future operations and expansion
and, therefore, does not anticipate paying any cash dividends in the foreseeable
future. Any future payment of dividends will depend upon the financial
condition, capital requirements and earnings of the Company, as well as upon
other factors that the Board of Directors may deem relevant. The Company issued
on August 26, 1999, convertible debt securities in the approximate amount of
$4,300,000. For more information regarding this sale of the Company's
securities, see Item 7 of this report on Form 10-K.
ITEM 6. SELECTED FINANCIAL DATA
The following table sets forth, for the fiscal years ended June 30,
2000, 1999, 1998, 1997 and 1996, selected historical consolidated financial
data for the Company. Through June 30, 1996, the Company's Trusted Systems
Division and the Real-time Business were combined, however, effective June 30,
1996, the Real-time Business was sold to Concurrent Computer Corporation
("Concurrent"). The financial data for the fiscal year ended June 30, 2000 has
been derived from the audited consolidated financial statements of the Company
as audited by Grant Thornton, LLP. The financial data for the fiscal years ended
June 30, 1999, June 30, 1998 and June 30, 1997 have been derived from the
audited consolidated financial statements of the Company as audited by
PricewaterhouseCoopers, LLP. The financial data for the fiscal year ended June
30, 1996 have been derived from unaudited consolidated financial statements of
the Company. Such data have been derived from, and should be read in conjunction
with, the audited consolidated financial statements and other financial
information, including the notes thereto, appearing elsewhere in this Annual
Report.
TWELVE MONTHS ENDED
--------------------------------------------------------------------------------
JUNE 30, JUNE 30, JUNE 30, JUNE 30, JUNE 30,
2000 1999 1998 1997 1996 (A)
-------- -------- -------- -------- --------
Revenues $ 18,859 $ 13,873 $ 15,552 $ 14,224 $ 46,118
Cost of goods sold 5,956 5,313 7,076 7,244 26,177
-------- -------- -------- -------- --------
Gross profit 12,903 8,560 8,476 6,980 19,941
Research & development 2,969 3,664 5,767 4,723 7,293
Selling, general & administrative 9,753 14,724 18,869 15,133 4,304
Other operating expenses 20,983
-------- -------- -------- -------- --------
Operating income (loss) 182 (9,828) (16,160) (12,876) (12,639)
Interest income (expense), net (1,066) (186) 399 646 275
Other income (expense) (92) 41 11 (200) 331
Gain (loss) on sale of securities
available for sale (128) (5,012)
Gain (loss) on sale of business
units 1,858 (2,386) (14,836)
-------- -------- -------- -------- --------
Net loss $ (976) $ (8,115) $(18,264) $(17,442) $(26,869)
======== ======== ======== ======== ========
Loss per share $ (0.10) $ (0.90) $ (2.17) $ (2.46) $ (4.44)
======== ======== ======== ======== ========
(A) Coinciding with the sale of the Real-time Business to Concurrent on June
30, 1996, the Company elected to change its fiscal year end from September
30 to June 30. The Company's audited financial statements included in Item
8 are as of and for the years ended June 30, 2000, 1999, and 1998. To
facilitate comparability between periods, management has prepared the
preceding table by annualizing the nine months ended June 30, 1996. Such
annualization was accomplished by adding the results of operations for the
three months ended September 30, 1995 to the nine months ended June 30,
1996.
19
20
ITEM 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND
RESULTS OF OPERATIONS
The following information should be read in conjunction with the
Consolidated Financial Statements and the related Notes to Consolidated
Financial Statement. Except for historical information contained herein, the
matters discussed herein are forward-looking statements made pursuant to the
safe harbor provisions of the Securities Litigation Reform Act of 1995. Please
refer to page three of this Form 10-K for further information related to
forward-looking statements.
RESULTS OF OPERATIONS
FISCAL YEAR ENDED JUNE 30, 2000 COMPARED TO THE FISCAL YEAR ENDED JUNE 30, 1999
NET REVENUES. Net Revenues for the year ended June 30, 2000 were $18.9
million compared to $13.9 million for the year ended June 30, 1999. This
represents an increase of $5.0 million or 36%. The increase in net revenues from
network security products for 2000 is principally the result of increased sales
of the newly released Premium Appliance Firewall Solution, KnightSTAR a, and the
associated maintenance revenue.
International sales accounted for $7.1 million or 37% of the total
revenue in 2000 as compared to $3.0 million or 22% of the total revenue in, an
increase of $4.1 million or 137%. North American rose slightly to $11.8 million
in 2000 from $11.4 million in 1999, a difference of $0.4 million or .04%. The
increase in international sales is mainly attributed to a stronger Asian
economy.
CyberGuard provides its customer base with a service offering that
includes the installation of its firewall, customer support including hotline
assistance, and product training and consulting. For the fiscal year ended June
30, 2000, the Company reported service revenue for its security products of $3.9
million, an increase of $1.4 million or 57% compared to revenues of $2.5 million
for the year ended June 30, 1999. As a percentage of total security revenues,
service revenues accounted for 21% in 2000 as compared to 18% in 1999. The
increase in net revenues from services is attributable to a growing base of
customers under maintenance agreements and additional consulting and training
service revenues.
GROSS PROFIT. CyberGuard's costs of sales includes license fees to
third parties, media, packaging costs, equipment costs, and certain pre-sales,
post-sales and contract labor support costs. The Company's overall gross profit
increased by $4.3 million or 51% from $8.6 million for the year ended June 30,
1999 to $12.9 million for the year ended June 30, 2000.
Gross profit for network security products was $11.3 million or 75% in
2000 as compared to $7.8 million or 68% in 1999. The Company's gross profit
margin has increased over the past two fiscal years. The Company believes this
percentage will level off with the continued sales trend of the appliance
product. The increase in gross profit for security product is directly related
to the lower costs associated with third party royalties.
Gross profit for security-related services, as measured in dollars as a
percentage of service revenues, was $1.6 million or 42% in 2000 compared to $0.8
million or 31% for 1999, an increase of $0.8 million. The increase in
service-related gross profit margin is the result of a greater number of
customers under firewall maintenance support contracts.
OPERATING EXPENSES. The primary operating expenses of the company
consists of research and development, sales, and general and administration
costs. Research and development costs consist primarily of personnel costs
20
21
including salaries, benefits, payments to third-party or contract labor
development firms, travel, training and other personnel expenses to determine
the technical feasibility of products, develop the necessary product
features/functions for marketability, and maintain the product after customer
installation. The Company capitalizes costs related to the development of
certain software products when technological feasibility has been established
and ends when the product is available for general release to customers.
Software development costs incurred prior to technological feasibility defined
by completion of a working model are considered research and development costs
and is expensed as incurred. Sales, general and administrative costs, consist
principally of personnel costs including commissions, bonuses, travel,
communication, MIS-related costs, marketing-related costs (such as advertising,
trade shows, seminars), finance and accounting expenses, legal, insurance,
general management and professional services.
For the year ended June 30, 2000, the Company reported total operating
expenses of $12.7 million compared to $18.4 million for the year ended June 30,
1999. The decrease of $5.7 million is attributable to a $0.7 million decrease in
research and development costs and a $5.0 million decrease in selling, general
and administrative costs. The decreased R&D expense is attributed the reduction
in headcount. The decrease in selling, general and administrative costs is the
result of several factors, including a significant decrease in marketing costs,
a reduction in compensation and related employee costs, a reduction in
professional accounting and legal fees and better overall cost control.
INTEREST EXPENSE. For the year ended June 30, 2000, the Company
reported net interest expense of $1.1 million compared to $0.2 million for the
year ended June 30, 1999. The increase of $0.9 million is attributable to
interest expense associated with the convertible debt and warrants.
NET LOSS. For the year ended June 30, 2000, the Company incurred a net
loss of less than $1.0 million compared to a net loss of $8.1 million for the
year ended June 30, 1999. The net loss for the year ended June 30, 2000 included
$1.1 in interest expense, whereas, the net loss for fiscal year ended June 30,
1999 included a gain from the sale of the Galaxy search engine of $1.8 million.
FISCAL YEAR ENDED JUNE 30, 1999 COMPARED TO THE FISCAL YEAR ENDED JUNE 30, 1998
NET REVENUES. Net Revenues for the year ended June 30, 1999 were $13.9
million compared to $15.6 million for the year ended June 30, 1998. This
represents a decrease of $1.7 million or 12%. The decrease in net revenues from
network security products for 1999 was principally the result of decreased sales
to distributors and reseller channels.
International sales accounted for $3.0 million or 22% of the total
revenue in 1999 as compared to $4.1 million or 26% of the total revenue in 1998,
a decrease of $1.2 million or 29%. North American sales also decreased from
$11.4 million in 1998 to $10.9 million in 1999, a difference of $0.5 million or
4%.
CyberGuard provides its customer base with service offerings that
includes the installation of its firewall, customer support including hotline
assistance, and product training and consulting. For the fiscal year ended June
30, 1999, the Company reported service revenue for its security products of $2.5
million, an increase of $0.5 million or 25% compared to revenues of $2.0 million
for the year ended June 30, 1998. As a percentage of total security revenues,
service revenues accounted for 18% in 1999 as compared to 13% in 1998. The
increase in net revenues from services was attributable to a growing base of
customers under maintenance agreements and additional consulting and training
service revenues.
GROSS PROFIT. CyberGuard's cost of sales includes license fees to third
parties, media, packaging costs, equipment costs, and certain pre-sales,
post-sales and contract labor support costs. The Company's overall gross profit
increased by $0.1 million or 1% from $8.5 million for the year ended June 30,
1998 to $8.6 million for the year ended June 30, 1999.
21
22
Gross profit for network security products was $7.8 million or 68% in
1999 as compared to $8.1 million or 59% in 1998. The Company's gross profit
margin has increased over the past two fiscal years.
Gross profit for security-related services, as measured in dollars as a
percentage of service revenues, was $0.8 million or 31% for 1999 compared to
$0.4 million or 21% in 1998, a increase of $0.4 million. The increase in
service-related gross profit margin is the result of a greater number of
customers under firewall maintenance support contracts.
OPERATING EXPENSES. The primary operating expenses of the company
consists of research and development, sales, and general and administration
costs. Research and development costs consist primarily of personnel costs
including salaries, benefits, payments to third-party or contract labor
development firms, travel, training and other personnel expenses to determine
the technical feasibility of products, develop the necessary product
features/functions for marketability, and maintain the product after customer
installation. The Company capitalizes costs related to the development of
certain software products when technological feasibility has been established
and ends when the product is available for general release to customers.
Software development costs incurred prior to technological feasibility defined
by completion of a working model are considered research and development costs
and are expensed as incurred. Sales, general and administrative costs, consist
principally of personnel costs including commissions, bonuses, travel,
communication, MIS-related costs, marketing-related costs (such as advertising,
trade shows, seminars), finance and accounting expenses, legal, insurance,
general management and professional services.
For the year ended June 30, 1999, the Company reported total operating
expenses of $18.4 million compared to $24.6 million for the year ended June 30,
1998. The decrease of $6.2 million is attributable to a $2.1 million decrease in
research and development costs and a $4.1 million decrease in selling, general
and administrative costs. The decreased R&D expenses are attributed to the
introduction of the Company's NT-based firewall, new release version 4.0 UNIX
based firewall, and the ITSEC certification for E-3 in 1998. The decrease in
selling, general and administrative costs is the result of several factors.
Marketing costs decreased by approximately $2.7 million. These decreased
marketing costs are directly related to personnel changes, lower advertising and
promotion of the Company in trade shows and events. The additional decrease from
1998 is attributable to general and administrative expenses.
NET LOSS. For the year ended June 30, 1999, the Company incurred a net
loss of $8.1 million compared to a net loss of $18.3 million for the year ended
June 30, 1998. The net loss for fiscal year ended June 30, 1999 included a gain
from the sale of the Galaxy search engine of $1.8 million as compared to fiscal
year 1998 that included a charge of $2.4 million on the disposition of Arca.
LIQUIDITY AND CAPITAL RESOURCES
The Company has experienced net losses since its inception as a network
security company. The Company's historical uses of cash have been to fund net
losses from operations, establish inventory stocking levels, and fund capital
expenditures for property, equipment and software. For the fiscal year ended
June 30, 1998, the Company incurred a loss of approximately $18.3 million on
revenues of approximately $15.6 million. For the fiscal year ended June 30,
1999, the Company incurred a net loss of approximately $8.1 million on revenues
of approximately $13.9 million. For the fiscal year ended June 30, 2000, the
Company incurred a net loss of approximately $1.0 million on revenues of
approximately $19.0 million. Capital expenditures for the fiscal year ended June
30, 1998, June 30, 1999 and June 30, 2000, were $0.9 million, $0.2 million and
$0.4 million respectively.
22
23
During fiscal year 1998, the funding for the Company's cash
requirements came principally from the Company's sale of $7.5 million of Company
common stock through a private offering. During December 1997, the Company
entered into a $3.35 million asset based revolving line of credit and a $650,000
Term Note Agreement with Coast Business Credit (collectively, the "Credit
Facility"). The Credit Facility is collaterized by all the tangible assets and
intellectual property of the Company. The Term Note is secured by a $650,000
cash compensating balance account equal to the amount of the Term Loan. At June
2000, the Company had borrowings of $1.3 million under the revolving asset based
line of credit. At June 30, 2000, the Company had cash and cash equivalents of
$2.5 million.
Subsequent to the end of the 1998 fiscal year, the Company has
continued to experience net losses from operations. These net losses have been
funded through sales of assets and a convertible debt financing agreement. The
sales of assets have included the sale of the Company's Galaxy Internet search
engine (sold during the first quarter of the Company's 1999 fiscal year for
approximately $2 million in cash), and the sale of substantially all the assets
of the Company's Arca Systems, Inc. subsidiary, (sold during the second quarter
of fiscal year 1999 for approximately $3.4 million in cash). The Arca subsidiary
was expected to provide approximately $1.7 million in revenues on a quarterly
basis for the Company. The Galaxy search engine revenues were not significant.
On December 17, 1998, the Company executed an agreement to issue
$1,125,000 of Convertible Debt ("Debt"). The Debt was interest bearing at a rate
of prime plus 200 basis points and was payable quarterly. The Debt was
convertible into 750,000 shares of common stock at a conversion price equal to
$1.50 per share. The Debt was convertible, at the debt holders' option, after
February 1, 2000. In addition, the Company issued the debt holders warrants to
purchase 500,000 shares of the Company's common stock at $2.00 per share. The
warrants were exercisable at any time before June 2001. The terms of the Debt
and warrant agreement that permitted the conversion of the Debt and warrants to
common stock at a discount to market, was considered a beneficial conversion
feature. The beneficial conversion feature at the date of issuance of the Debt
was recognized as interest expense over the shortest possible conversion period.
The convertible debt was secured by a second lien on the Company's assets and
properties and was subordinated to the Company's senior debt.
On August 26, 1999, the Company increased the convertible debt to
approximately $4,300,000 including repaying the December 1998 issuance. This
increased amount is principally with the same debt holders as the December 1998
transaction, with certain company officers, directors and employees also
participating. The debt matures on June 30, 2002. The interest rate is 11.5% per
annum. Interest is payable quarterly, except that interest accruing from the
date of issuance through July 1, 2000, which will be added to the principal
amount of the note. The number of shares of common stock into which the debt
may be converted is equal to the principal amount of the note, plus the accrued
interest, divided by the conversion price of $1.00 per share. In addition,
the warrants from the December 17, 1998 transaction were cancelled, and the
Company issued approximately 4,300,000 warrants to purchase the Company's common
stock at $2.00 per share and have a term of five years. The warrants were valued
at $431 and this amount is being recognized as interest expense over the debt
conversion period.
As of September 30, 1999, the Company had recorded a beneficial
conversion feature attributable to the convertible debt. This feature was being
amortized over the term of the debt. Based upon a report issued by a national
valuation firm, the Company subsequently determined that the amount so
recognized was in error. Specifically, the fair value of the Company's common
stock was below the conversion price and therefore, no such beneficial
conversion feature existed as of the date of the transaction. The Company
reversed the charge to interest expense of $0.3 million in the fourth quarter.
The effect on the prior quarterly results was immaterial.
Within the upcoming fiscal year, it is the Company's intention to
submit a registration statement to the SEC and upon such registration going
effective, the Company will proceed with the conversion of the convertible debt
into common stock.
23
24
Working capital increased by $4.8 million from ($3.7) million at June
30, 1999 to $1.1 million at June 30, 2000. The Company did not make any
significant capital expenditures during fiscal year 2000, other than the
replacement of computer equipment in the ordinary course of business. Based upon
information currently available to the Company, including the Company's current
level of sales, its margins on sales, its expected levels of expense,
opportunities for selling additional network security products and the
availability of additional equity and debt financing, the Company believes that
it has an opportunity to execute on its business plans and achieve
profitability. There can be no assurance, however, that the Company will be able
to execute on its business plans, or that it will not be required to obtain
additional financing or capital infusions. There can be no assurance that the
Company will be able to secure additional financing or that such additional
financing will be on terms and conditions acceptable to the Company. Any
additional financing may involve dilution of the interests of the Company's then
existing shareholders. The future liquidity of the Company will be affected by
numerous factors, including sales volumes, gross margins, the levels of selling,
general and administrative expenses, levels of required capital expenditures and
access to external sources of financing.
NEW ACCOUNTING PRONOUNCEMENTS
In December 1999, Staff Accounting Bulletin No. 101, "Revenue
Recognition in Financial Statements" ("SAB 101") was issued. SAB 101 summarizes
the Securities and Exchange Commission staff's views in applying generally
accepted accounting principles to revenue recognition in financial statements.
The implementation of SAB101 shall be no later than the fourth quarter of fiscal
years beginning after December 15, 1999. The Company believes that the adoption
of SAB 101 will not have a material impact on its revenue recognition.
ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA
The following items are attached and incorporated into this Item 8.
Report of Independent Certified Public Accountants F-1
Report of Independent Accountants F-2
Consolidated Balance Sheets as of June 30, 2000 and June 30, 1999 F-3
Consolidated Statements of Operations for years ended June 30, 2000,
June 30, 1999, and June 30, 1998 F-4
Consolidated Statements of Cash Flows for years ended June 30, 2000,
June 30, 1999, and June 30, 1998 F-5
Consolidated Statements of Changes in Shareholders' Equity (Deficit)
and Comprehensive Income for years ended June 30, 2000, June 30, 1999,
and June 30, 1998 F-6
Notes to Consolidated Financial Statements F-7
ITEM 9. CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND
FINANCIAL DISCLOSURES
On August 21, 1998, KPMG Peat Marwick LLP ("KPMG"), the Company's
independent public accounting firm, resigned effective immediately. In KPMG's
letter of resignation, KPMG stated that it had "a disagreement with management
of the Company regarding the methodology used for software revenue recognition."
In its letter of resignation, KPMG also advised the Company that it concluded
that it could no longer rely on management's representations and that it was
unwilling to be associated with the financial statements prepared by management.
On August 19, 1998, two days before KPMG's resignation, the Company's
Audit Committee met with KPMG to discuss the Company's software revenue
recognition policies and KPMG's concerns about the quality of the financial
information which had been presented by management to the Audit Committee and to
24
25
KPMG. During that meeting, the Audit Committee advised KPMG that the Audit
Committee (and not management) had the exclusive decision-making authority and
duties with respect to the Company's financial statements. The Audit Committee
advised KPMG that it agreed with KPMG as to KPMG's preliminary assessment of
these matters and discussed the steps that should be implemented to resolve
these issues, including a restatement of the Company's interim financial
statements.
Immediately upon KPMG's resignation, the Company's Audit Committee
initiated an internal investigation regarding matters related to the Company's
internal controls and corporate governance. The Committee also engaged
independent counsel to assist the Committee in this investigation. During
September 1998, the independent counsel engaged the Strategic Risk Services
Group of PricewaterhouseCoopers, LLP ("PWC Consulting") to assist the
independent counsel in the investigation. During the course of this engagement,
representatives of the Company discussed numerous issues with representatives of
PWC Consulting regarding the Company's control environment and corporate
governance. During this investigative engagement, PWC Consulting assisted the
Company's independent counsel in various aspects of the investigation. Upon
completion of PWC Consulting's engagement for the Audit Committee's independent
counsel, the Company's Board of Directors requested that PricewaterhouseCoopers,
LLP ("PWC") serve as the Company's independent accountants for the Company's
1998 fiscal year. On October 14, 1998, PWC accepted the engagement with the
Company and agreed to serve as the Company's independent accountants for the
Company's 1998 fiscal year. Subsequently, the Company also determined that it
would restate its 1997 fiscal year financial statements, and engaged PWC to
serve as the independent accountants for such restatement. PWC also restated the
Company's beginning balance sheet as of July 1, 1996 and the balance sheet of
the results of operations for the fiscal year ending June 30, 1997. On June 11,
1999, KPMG informed the Company's Audit Committee that KPMG's 1997 and 1996
auditors' reports should no longer be relied on.
On October 11, 1999, the Company appointed the accounting firm of Grant
Thornton LLP ("GT") as the Company's independent accountants for fiscal year
2000 and dismissed PWC effective with such appointment. The decision to dismiss
PWC and appoint GT was approved by the Audit Committee of the Company's Board of
Directors.
PWC's reports on the financial statements for the past two fiscal
years did not contain an adverse opinion or a disclaimer of opinion, and were
not qualified or modified as to uncertainty, audit scope or accounting
principles. The Company has never had any disagreements with PWC on any matter
of accounting principles or practices, financial statement disclosure, or
auditing scope or procedure. During the course of performing services
regarding the two most recent fiscal years, PWC advised the Company and its
Audit Committee that the internal controls necessary for the Company to develop
reliable financial statements did not exist. No disagreements arose regarding
these matters. Upon the deficiencies in accounting controls being identified,
the Company's Chief Financial Officer began addressing and correcting these
deficiencies. The Company has authorized PWC to respond fully to the inquiries
of Grant Thornton LLP concerning this subject matter and any other matters
relating to the Company or its financial reporting.
The Company has provided PWC with a copy of this disclosure and has
requested that PWC furnish it with a letter addressed to the SEC stating
whether it agrees with the above statements.
25
26
PART III
ITEM 10. DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT
The information required by this Item is incorporated herein by
reference to the Company's Proxy Statement for the 2000 Annual Meeting of
Shareholders to be filed within 120 days from June 30, 2000, the end of the
Company's fiscal year.
ITEM 11. EXECUTIVE COMPENSATION
The information required by this Item is incorporated herein by
reference to the Company's Proxy Statement for the 2000 Annual Meeting of
Shareholders to be filed within 120 days from June 30, 2000, the end of the
Company's fiscal year.
ITEM 12. SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT
The information required by this Item is incorporated herein by
reference to the Company's Proxy Statement for the 2000 Annual Meeting of
Shareholders to be filed within 120 days from June 30, 2000, the end of the
Company's fiscal year.
ITEM 13. CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS
The information required by this Item is incorporated herein by
reference to the Company's Proxy Statement for the 2000 Annual Meeting of
Shareholders to be filed within 120 days from June 30, 2000, the end of the
Company's fiscal year.
26
27
PART IV
ITEM 14. EXHIBITS, FINANCIAL STATEMENT SCHEDULES AND REPORTS ON FORM 8-K
(A) FINANCIAL STATEMENTS. The Financial Statements filed as part of this Report
are listed separately in Item 8 of this Report.
(B) REPORTS ON FORM 8-K. No reports on Form 8-K were filed during the fourth
quarter of the fiscal year 2000. During the first three quarters of the
fiscal year 2000, the Company filed three reports on Form 8-K (dated July
30, 1999, October 15, 1999 and February 9, 2000). These reports contain
information regarding the restatements with financial statements for fiscal
year 1997 and three quarters of fiscal year 1998, Changes in Registrant's
Certifying Accountant, and Statement of Management's Responsibility. The
reports contain information under Items 7, 4 and 5, respectively, which
discuss the aforementioned information.
(C) EXHIBITS. The following exhibits are included in this Report:
EXHIBIT
NO. EXHIBIT DESCRIPTION
- ------- -------------------
2.01 -- Restated Purchase and Sale Agreement between Concurrent Computer Corporation and the Company
dated May 23, 1996(1)
2.02 -- Agreement and Plan of Merger, dated May 29, 1998, among the Company, ARCA Acquisition Corporation,
ARCA Systems, Inc. and William F. Wilson, R. Kenneth Bauer and Michael L. Weidner(12)
3.01 -- Articles of Incorporation of the Company, as amended June 26, 1996(8)
3.02 -- Articles of Amendment to the Articles of Incorporation of the Company
3.03 -- Restated Bylaws of the Company(3)
4.01 -- Form of Common Stock Certificate(4)
4.02 -- Form of Stockholder Rights Plan(2)
4.03 -- Form of Share Holding Agreement between Concurrent Computer Corporation and the Company(4)
10.01 -- Termination Agreement dated May 17, 1999 between the Company and Tommy D. Steele(15)
10.02 -- Employment Agreement dated March 11, 1999 between the Company and David R. Proctor, as amended May 4,
1999(15)
10.03 -- Amendment to Employment Agreement dated April 26, 2000 between the Company and David R. Proctor
10.04 -- Employment Agreement dated September 8, 1998 between the Company and Terrence A. Zielinski(15)
10.05 -- Employment Agreement dated September 30, 1998 between the Company and Michael Wittig(15)
10.06 -- Employee Stock Incentive Plan(6)
10.07 -- Amendment to Employee Stock Incentive Plan(7)
10.08 -- Amendment to Stock Incentive Plan dated March 20, 1998(15)
10.09 -- Employee Stock Option Plan(15)
10.10 -- Amendment Nr. 1 to Employee Stock Option Plan dated August 10, 1999(15)
10.11 -- Employee Savings Plan(5)
10.12 -- Forms of Stock Option Agreements(15)
10.13 -- TradeWave Asset Purchase Agreement(9)
10.14 -- Agreement (regarding non-competition, non-solicitation and confidentiality)(9)
10.15 -- Private Securities Subscription Agreement dated May 15, 1997 between the Company and Capital Ventures
International(10)
10.16 -- Registration Rights Agreement dated May 15, 1997 between the Company and Capital Ventures
International(10)
10.17 -- Loan and Security Agreement dated December 29, 1997 between the Company, TradeWave Corporation and
Coast Business Credit(11)
27
28
EXHIBIT
NO. EXHIBIT DESCRIPTION
- ------- -------------------
10.18 -- Amendment Nr. 1 to Loan and Security Agreement dated December 29, 1997 between the Company, TradeWave
Corporation and Coast Business Credit(11)
10.19 -- Loan Documents dated December 17, 1998 between the Company and Fernwood Partners, LLC(15)
10.20 -- Joint Development and Marketing Agreement between the Company and Information Resource Engineering, Inc.(8)
10.21 -- OEM and Distribution Agreements between the Company and Information Resource Engineering, Inc. dated
June 11, 1998(15)
10.22 -- Agreement between the Company and Information Resource Engineering, Inc. dated June 30, 1999(15)
10.23 -- Asset Purchase Agreement dated September 11, 1998 between the Company and AHN Partners, LP(15)
10.24 -- Agreements relating to sale of assets of Arca Systems, Inc.(15)
10.25 -- Agreements relating to sale of assets of TradeWave division(15)
10.26 -- Loan Agreements dated August 26, 1999, between (i) the Company and Fernwood Partners II, LLC;
(ii) the Company and certain officers, directors and employees of the Company; and (iii) the
Company and David R. Proctor(3)
10.27 -- Amendment Nr. 2 to Loan and Security Agreement dated October 6, 1999 between the Company and
Coast Business Credit(3)
10.28 -- Amendment Nr. 2 to Employee Stock Option Plan dated February 11, 2000
16.01 -- Letter from KPMG Peat Marwick LLP to the Company, dated August 21, 1998(15)
16.02 -- Letter from KPMG Peat Marwick LLP to the Commission, dated September 30, 1998(16)
16.03 -- Letter from KPMG Peat Marwick LLP to the Commission, dated November 3, 1998(13)
16.04 -- Letter from KPMG Peat Marwick LLP to the Company dated June 11, 1999(14)
21.01 -- List of subsidiaries of the Company
23.01 -- Consent of Grant Thornton LLP, Independent Certified Public Accountants
23.02 -- Consent of PricewaterhouseCoopers LLP, Independent Certified Public Accountants
27.01 -- Financial Data Schedule (for SEC use only)
- -----------------
(1) Incorporated herein by reference to Annex A of the Registrant's
Definitive Proxy Statement as filed on May 24, 1996.
(2) Incorporated herein by reference to Post-Effective Amendment No. 1 to the
Company's Registration Statement on Form 10 dated September 29, 1994,
File No. 0-24544.
(3) Incorporated herein by reference to the Company's Quarterly Report on
Form 10-Q filed on November 12, 1999.
(4) Incorporated herein by reference to the Company's Registration Statement
on Form S-3 dated May 23, 1996 (File No. 333-04407).
(5) Incorporated herein by reference from Exhibit 4.1 to the Company's
Registration Statement on Form S-8 (Commission File Number 33-88446)
filed on January 13, 1995.
(6) Incorporated herein by reference from Exhibit 4.1 to the Company's
Registration Statement on Form S-8 (Commission File Number 33-88448)
filed on January 13, 1995.
(7) Incorporated herein by reference to Annex E of the Registrant's
Definitive Proxy Statement as filed on May 24, 1996.
(8) Incorporated herein by reference to the Company's Annual Report on 10-K
for fiscal year ended June 30, 1996.
(9) Incorporated herein by reference to the Company's Current Report on Form
8-K dated April 9, 1997.
(10) Incorporated herein by reference to the Company's Registration Statement
on Form S-3 (Commission File Number 333-28693) filed on June 12, 1997.
(11) Incorporated herein by reference to the Company's Quarterly Report on
Form 10-Q filed on February 13, 1998.
(12) Incorporated herein by reference to the Company's Current Report on Form
8-K dated June 17, 1998.
(13) Incorporated herein by reference to the Company's Current Report on Form
8-K/A filed on November 4, 1998.
(14) Incorporated herein by reference to the Company's Annual Report on 10-K
for fiscal year ended June 30, 1999.
(15) Incorporated herein by reference to the Company's Current Report on Form
8-K dated August 21, 1998.
(16) Incorporated herein by reference to the Company's Current Report on Form
8-K/A-1 filed on October 13, 1998.
28
29
SIGNATURES
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange
Act of 1934, the registrant has duly caused this report to be signed on behalf
of the undersigned, thereunto duly authorized.
September 28, 2000
CYBERGUARD CORPORATION
By: /s/ DAVID R. PROCTOR
---------------------------------------------
David R. Proctor
Chairman, President and Chief Executive Officer
Pursuant to the requirements of the Securities Exchange Act of 1934, this report
has been signed below by the following persons on behalf of the registrant and
in the capacities and on the dates indicated.
SIGNATURE TITLE DATE
- --------- ----- ----
/s/ DAVID R. PROCTOR Chairman, President and Chief Executive September 2000
- --------------------------------------------- Officer and Director (Principal Executive
David R. Proctor Officer)
/s/ TERRENCE A. ZIELINSKI Chief Financial Officer and Vice President September 2000
- --------------------------------------------- Finance (Principal Financial and Principal
Terrence A. Zielinski Accounting Officer)
/s/ DAVID L. MANNING Director September 2000
- ---------------------------------------------
David L. Manning
/s/ WILLIAM G. SCOTT Director September 2000
- ---------------------------------------------
William G. Scott
/s/ JOHN V. TIBERI, JR. Director September 2000
- ---------------------------------------------
John V. Tiberi, Jr.
29
30
REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS
The Board of Directors and Shareholders of
CyberGuard Corporation and Subsidiaries
We have audited the accompanying consolidated balance sheet of CyberGuard
Corporation and Subsidiaries as of June 30, 2000, and the related consolidated
statement of operations, stockholders' equity (deficit) and comprehensive
income, and cash flows for the year then ended. These consolidated financial
statements are the responsibility of the Company's management. Our
responsibility is to express an opinion on these consolidated financial
statements based on our audit.
We conducted our audit in accordance with auditing standards generally accepted
in the United States. Those standards require that we plan and perform the audit
to obtain reasonable assurance about whether the financial statements are free
of material misstatement. An audit includes examining, on a test basis, evidence
supporting the amounts and disclosures in the financial statements. An audit
also includes assessing the accounting principles used and significant estimates
made by management, as well as evaluating the overall financial statement
presentation. We believe that our audit provides a reasonable basis for our
opinion.
In our opinion, the consolidated financial statements referred to above present
fairly, in all material respects, the financial position of CyberGuard
Corporation and Subsidiaries as of June 30, 2000, and the results of its
operations and its cash flows for the year then ended, in conformity with
accounting principles generally accepted in the United States.
Grant Thornton LLP
Ft. Lauderdale, Florida
August 8, 2000
F-1
31
REPORT OF INDEPENDENT ACCOUNTANTS
The Board of Directors and Shareholders of
CyberGuard Corporation and Subsidiaries
In our opinion, the accompanying consolidated balance sheet and the related
consolidated statements of operations, cash flows and changes in shareholders'
equity (deficit) and comprehensive income, present fairly, in all material
respects, the financial position of CyberGuard Corporation and its Subsidiaries
at June 30,1999, and the results of their operations and cash flows for each of
the two years in the period ended June 30, 1999, in conformity with generally
accepted accounting principles. These consolidated financial statements are the
responsibility of the Company's management; our responsibility is to express an
opinion on these consolidated financial statements based on our audits. We
conducted our audits in accordance with generally accepted auditing standards,
which require that we plan and perform the audit to obtain reasonable assurance
about whether the financial statements are free of material misstatement. An
audit includes examining, on a test basis, evidence supporting the amounts and
disclosures in the consolidated financial statements, assessing the accounting
principles used and significant estimates made by management, and evaluating the
overall consolidated financial statement presentation. We believe that our
audits provide a reasonable basis for the opinion expressed above.
PricewaterhouseCoopers LLP
Atlanta, Georgia
August 27, 1999
F-2
32
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(DOLLARS IN THOUSANDS, EXCEPT SHARE DATA)
JUNE 30, JUNE 30,
2000 1999
-------- --------
ASSETS
Cash and cash equivalents $ 2,497 $ 2,622
Restricted cash 800 908
Accounts receivable, less allowance for uncollectible accounts
of $52 at Jun. 30, 2000 and $407 at Jun. 30, 1999 3,614 2,021
Inventories, net 159 210
Capitalized software, net 671 185
Other current assets 1,255 482
-------- --------
Total current assets 8,996 6,428
Property and equipment at cost, less accumulated
depreciation of $1,181 at Jun. 30, 2000 and
$922 at Jun. 30, 1999 1,086 1,154
Capitalized software, net 471 --
Non-compete agreements, net 280 560
Other assets 163 135
-------- --------
Total assets $ 10,996 $ 8,277
======== ========
LIABILITIES AND SHAREHOLDERS' DEFICIT
Line of credit and note payable 1,575 2,054
Accounts payable 1,424 2,766
Deferred revenue 2,912 2,047
Accrued expenses and other liabilities 1,942 3,210
-------- --------
Total current liabilities 7,853 10,077
Note Payable 650 --
Convertible debenture, net 4,445 885
-------- --------
Total liabilities $ 12,948 $ 10,962
-------- --------
Commitments and Contingencies - Note 12
Shareholders' deficit
Common stock par value $0.01 authorized 50,000,000 shares
issued and outstanding 9,799,321 at Jun. 30, 2000
and 9,064,756 at Jun. 30, 1999 98 91
Additional paid-in capital 75,290 73,677
Accumulated deficits (77,451) (76,475)
Accumulated other comprehensive income 111 22
-------- --------
Total shareholders' deficit (1,952) (2,685)
-------- --------
Total liabilities and shareholders' deficit $ 10,996 $ 8,277
======== ========
See accompanying notes to consolidated financial statements
F-3
33
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
TWELVE MONTHS ENDED
-----------------------------------------------------
JUNE 30, JUNE 30, JUNE 30,
2000 1999 1998
----------- ----------- -----------
Revenues:
Products $ 14,988 $ 11,409 $ 13,563
Services 3,871 2,464 1,989
----------- ----------- -----------
Total revenues 18,859 13,873 15,552
Cost of revenues:
Products 3,708 3,618 5,508
Services 2,248 1,695 1,568
----------- ----------- -----------
Total cost of revenues 5,956 5,313 7,076
----------- ----------- -----------
Gross profit 12,903 8,560 8,476
----------- ----------- -----------
Operating expenses:
Research and development 2,969 3,664 5,767
Selling, general and administrative 9,752 14,724 18,869
----------- ----------- -----------
Total operating expenses 12,721 18,388 24,636
----------- ----------- -----------
Operating income (loss) 182 (9,828) (16,160)
----------- ----------- -----------
Other income (expense)
Interest expense, net (1,066) (186) 399
Gain (loss) on sale of assets -- 1,858 (2,386)
Other income (expense) (92) 41 11
Loss on sale of securities available for sale -- -- (128)
----------- ----------- -----------
Total other income (expense) (1,158) 1,713 (2,104)
Net income (loss) $ (976) $ (8,115) $ (18,264)
=========== =========== ===========
Basic & fully diluted earnings (loss) per common share $ (0.10) $ (0.90) $ (2.17)
=========== =========== ===========
Weighted average number of common shares outstanding 9,317,981 8,967,045 8,423,011
=========== =========== ===========
See accompanying notes to consolidated financial statements
F-4
34
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(DOLLARS IN THOUSANDS)
TWELVE MONTHS ENDED
--------------------------------------------
JUNE 30, JUNE 30, JUNE 30,
2000 1999 1998
-------- -------- --------
Cash flows from operating activities
Net loss $ (976) $ (8,115) $(18,264)
Adjustment to reconcile net loss to net cash
used in operating activities:
Depreciation 494 789 859
Amortization 531 525 888
Interest on retirement of convertible debt 240 -- --
Interest on new convertible debt 563 -- --
Compensation and benefits -- 242 256
Provision for uncollectible accounts receivable (355) 326 500
Provision for inventory reserve 35 38 274
(Gain)/loss on sale of business assets -- (1,858) 2,514
Changes in assets and liabilities
Accounts receivable (1,239) 896 1,440
Other current assets (776)
Inventories 17 667 379
Accounts payable (1,342) 383 274
Accrued expenses and other liabilities (988) 591 266
Deferred revenue 867 630 (130)
Other, net 60 (31) 91
-------- -------- --------
Net cash used by operating activities (2,869) (4,917) (10,653)
-------- -------- --------
Cash flows provided by (used in) investing activities
Capitalized software costs (1,205) (230)
Additions/deletions to Property & Equipment (426) (182) (911)
Purchase of business, net of cash required -- -- (450)
Proceeds from sale of Arca Systems -- 3,261 (417)
-------- -------- --------
Net cash provided (used) by investing activities (1,631) 2,849 (1,778)
-------- -------- --------
Cash flows provided by (used in) financing activities
Proceeds from sale of business assets -- 2,225 --
Change in restricted cash 108 (258) --
Issuance of new convertible debt 4,313 1,125 --
Retirement of existing convertible debt (1,125) -- --
Notes Payable (21) -- --
Revolving line of credit (89) (194) 1,548
Proceeds from stock options excercised 888 -- --
Proceeds from sale of securities -- -- 1,214
Proceeds from sale of common stock 301 19 8,470
-------- -------- --------
Net cash provided from financing activities 4,375 2,917 11,232
-------- -------- --------
Net decrease in cash (125) 849 (1,202)
Cash and cash equivalents at beginning of period 2,622 1,773 2,975
-------- -------- --------
Cash and cash equivalents at end of period $ 2,497 $ 2,622 $ 1,773
======== ======== ========
Supplemental disclosure of cash flow information
Cash paid for interest 1,171 274 84
======== ======== ========
Cash paid for income taxes -- -- --
======== ======== ========
See accompanying notes to consolidated financial statements
F-5
35
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CHANGES IN SHAREHOLDERS' EQUITY (DEFICIT)
AND COMPREHENSIVE INCOME
(DOLLARS IN THOUSANDS, EXCEPT SHARE DATA)
CUMULATIVE
UNREALIZED FOREIGN
COMMON COMMON ADDITIONAL GAIN CURRENCY
STOCK STOCK PAID ACCUMULATED AVAILABLE TRANSLATION
SHARES AMOUNT IN CAPITAL DEFICIT FOR SALE ADJUSTMENT TOTAL
--------- ------- ---------- ----------- ---------- ----------- ------
Balance June 30, 1997 7,452,314 $ 75 $ 59,507 $ (50,096) $ (35) $ (126) $ 9,325
Net loss (18,264) (18,264)
Translation adjustment (14) (14)
Change in market value of securities
available for sale 35 35
Issuance of common stock 1,450,385 14 8,711 8,725
Issuance of common stock for the Arca investment 590,429 6 5,513 5,519
Receipt and retirement of common stock re:
Arca investment (590,429) (6) (732) (738)
--------- ---- -------- ---------- ------ ------- --------
Balance June 30, 1998 8,902,699 $ 89 $ 72,999 $ (68,360) $ -- $ (140) $ 4,588
Net loss (8,115) (8,115)
Translation adjustment 162 162
Issuance of common stock 162,057 2 258 260
Beneficial conversion feature on
convertible debentures 420 420
--------- ---- -------- ---------- ------ ------- --------
Balance June 30, 1999 9,064,756 $ 91 $ 73,677 $ (76,475) $ -- $ 22 $ (2,685)
Net loss (976) (976)
Translation adjustment 89 89
Issuance of common stock 734,565 7 1,182 1,189
Discount on warrants 431 431
--------- ---- -------- ---------- ------ ------- --------
Balance June 30, 2000 9,799,321 $ 98 $ 75,290 $ (77,451) $ -- $ 111 $ (1,952)
See accompanying notes to consolidated financial statements
F-6
36
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
(1) BASIS OF PRESENTATION AND NATURE OF OPERATIONS
The consolidated financial statements are prepared on the basis of
generally accepted accounting principles. The preparation of financial
statements in conformity with generally accepted accounting principles requires
management to make estimates and assumptions that affect the reported amounts of
assets and liabilities and disclosure of contingent assets and liabilities at
the date of the financial statements as well as the reported amounts of revenues
and expenses during the reported periods. Significant estimates include those
made for software development costs, reserve for inventories, the allowance for
uncollectible accounts, and contingencies. Actual results could differ from
those estimates.
The consolidated financial statements of CyberGuard Corporation and
Subsidiaries (CyberGuard Europe Ltd. and CYBG Consultants, Inc. (the "Company"))
include the accounts of the Company and its subsidiaries over which it maintains
control. Majority owned subsidiaries where control is temporary are carried on
the cost basis. All significant intercompany balances and transactions have been
eliminated.
The Company's operating results and financial condition may be impacted
by a number of factors including, but not limited to the following, any of which
could cause actual results to vary materially from current and historical
results or the Company's anticipated future results. A portion of the Company's
revenue is derived from its international operations and sources. As a result,
the Company's operations and financial results have been affected by
international factors such as changes in foreign currency exchange rates or weak
economic conditions in the international markets in which the Company
distributes its products. The network security industry is highly competitive
and competition is expected to intensify. There are numerous companies competing
in segments of the market in which the Company does business. Competitors
include organizations significantly larger and with more development, marketing
and financial resources than the Company.
In addition, the Company is subject to risks and uncertainties which
include, but are not limited to the timely development of and acceptance of new
products, impact of competitive products, regulation, inventory obsolescence,
the ultimate outcome of certain litigation matters, and cash balances in excess
of federally insured limits.
The Company provides a full suite of products and services for the
network security industry. The products offered by the Company include the
CyberGuard(R) Firewall, proprietary and third-party technology (such as Virtual
Private Network, authentication, virus scanning, encryption, advanced reporting,
high availability and centralized management), and consulting, support, and
installation services.
(2) SIGNIFICANT ACCOUNTING POLICIES
CASH EQUIVALENTS AND RESTRICTED CASH--The Company considers all
investments purchased with an original maturity of three months or less at the
time of purchase to be cash equivalents. Restricted cash is unavailable to the
Company until certain contractual terms and conditions are met.
MARKETABLE SECURITIES--The Company accounts for marketable securities
in accordance with the Statement of Financial Accounting Standards No. 115,
"Accounting for Certain Investments in Debt and Equity Securities" ("SFAS No.
115"). In accordance with the provisions of SFAS No. 115, marketable securities,
which have been classified by the Company as available for sale, are carried at
market value, with the unrealized gains or losses, net of tax, reported as a
separate component of other comprehensive income.
INVENTORIES--Inventories consist primarily of purchase component parts
and are carried at the lower of cost, determined by the First-In-First-Out
(FIFO) method, or market. The Company maintains a reserve for its estimate of
excess, obsolete and damaged goods based on historical and forecasted usage.
F-7
37
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
LONG-LIVED ASSETS--Property and equipment is carried at cost.
Depreciation is computed by the straight-line method using the estimated useful
lives of the assets, which range from 2 to 10 years. Maintenance and repairs are
charged to expense as incurred. Upon sale, retirement or other disposition of
these assets, the cost and the related accumulated depreciation are removed from
the respective accounts and any gain or loss on the disposition is included in
the consolidated statement of operations. The Company evaluates the
recoverability of all its long-lived assets including intangibles and goodwill.
If the sum of the undiscounted future cash flows is less than the carrying
amount of the asset, an impairment loss is recognized as the amount by which the
carrying amount of the asset exceeds its fair value.
SOFTWARE DEVELOPMENT COSTS--The Company capitalizes costs related to
the development of certain software products in accordance with Statement of
Financial Accounting Standards No. 86, "Accounting For the Costs of Computer
Software to be Sold, Leased, or Otherwise Marketed" ("SFAS No. 86") which
requires capitalization to begin when technological feasibility has been
established and ends when the product is available for general release to
customers. Software development costs incurred prior to technological
feasibility defined by completion of a working model are considered research and
development costs and are expensed as incurred. Capitalized costs are amortized
as the greater of the amount computed using the ratio that current revenues for
a product bear to the total current and anticipated future revenues for that
product or the straight-line method over two years.
During 2000, the Company has qualifying software development costs of
$1,205 and associated amortization of $247. During 1999, the Company had
qualifying software development costs of $230 and associated amortization of
$45. During 1998 the period between established technological feasibility and
the general release had been less than three months and software development
costs qualifying for capitalization were minimal. Accordingly, the Company did
not capitalize any software development costs for 1998.
REVENUE RECOGNITION--The Company accounts for software revenues in
accordance with the American Institute of Certified Public Accountants Statement
of Position. In October 1997, the American Institute of Certified Public
Accountants issued Statement of Position 97-2 "Software Revenue Recognition"
(SOP 97-2"), subsequently amended. As amended, SOP 97-2 provides guidance on
applying generally accepted accounting principles in recognizing revenue on
software transactions, and is effective for transactions entered into in fiscal
years beginning after December 31, 1997. The Company adopted SOP 97-2 at July 1,
1998. Prior to July 1, 1998, the Company accounted for software revenues in
accordance with the American Institute of Certified Public Accountants Statement
of Position 91-1 "Software Revenue Recognition". The adoption did not have a
material impact on the Company's financial statements. Revenues earned under
software license agreements are generally recognized when the software has been
shipped, payment is due within one year, collectibility is probable, and there
are no significant vendor obligations. When factors indicate that fees in a
reseller or distributor arrangement are not fixed or that a reasonable basis for
estimating the degree of collectibility of the receivable does not exist,
revenue is recognized as cash is received. Certain arrangements with
distributors and resellers are under terms, which allow for those distributors
to receive price protection based on future price reductions and allow limited
right of return. The Company provides an allowance for uncollectible accounts,
which includes returns and price protection. Revenue on post contract customer
support is deferred and amortized by the straight-line method over the term of
the contracts. The Company also provides professional support services, which
are available under Service Agreements and charged for separately. These
services are generally provided under time and materials contracts and revenue
is recognized as the service is provided.
RECLASSIFICATIONS--Certain amounts in the Consolidated Financial
Statements for the Fiscal Year ended June 30, 1998 have been reclassified to
conform to the current fiscal year.
INCOME TAXES--The provision for income taxes and corresponding balance
sheet accounts are determined in accordance with Statement of Financial
Accounting Standards No. 109, "Accounting for Income Taxes" ("SFAS No. 109").
F-8
38
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
Under SFAS No. 109, deferred tax liabilities and assets are determined based on
the temporary differences between the bases of certain assets and liabilities
for income tax and financial reporting purposes. The deferred tax assets and
liabilities are classified according to the financial statement classification
of the assets and liabilities generating the differences. Valuation allowances
are established when necessary to reduce deferred tax assets to the amount,
which more likely than not, is expected to be realized.
FOREIGN CURRENCY TRANSLATION--All balance sheet accounts denominated in
foreign currency are translated into U.S. dollars at the current exchange rate
as of the end of the accounting period. Income statement items are translated at
weighted-average currency exchange rates. The Company will continue to be
exposed to the effects of foreign currency translation adjustments. Gains and
losses resulting from foreign currency transactions denominated in a currency
other than the functional currency are included in net loss. Gains and losses
relative to intercompany foreign currency transactions, for which settlement is
not planned or anticipated, are excluded from net loss and reflected as a
separate component of other comprehensive income.
BASIC AND DILUTED NET LOSS PER COMMON SHARE--Basic and diluted net loss
per common share are calculated according to the Financial Accounting Standards
Board ("FASB") issued Statement No. 128 ("SFAS No. 128"). This statement
establishes standards for computing and presenting earnings per share ("EPS").
Basic EPS excludes dilution and is computed by dividing income available to
common shareholders by the weighted-average number of common shares outstanding
for the period. Diluted EPS reflects the potential dilution that could occur if
securities or other contracts to issue common stock were exercised or converted
into common stock or resulted in the issuance of common stock that then shared
in the earnings of the entity. Potential common stock is in the form of stock
options, which do not have an effect on diluted net loss per share calculations
due to its anti-dilutive effect.
(3) TRADEWAVE
On April 9, 1997, the Company purchased substantially all the assets of
TradeWave Corporation ("TradeWave"). The transaction was accounted for as a
purchase and, accordingly, TradeWave's results were included in the consolidated
financial statements since the date of acquisition. The aggregate purchase price
was approximately $356. The fair value of identifiable net assets acquired was
approximately $211. Approximately $129 had been accounted for as goodwill and
was being amortized over its useful life of five years. Additionally, at the
time of acquisition, a deferred charge of $133 was recorded representing
restricted stock grants to TradeWave employees. The charge was expensed in 1998,
over the course of the vesting period of the restricted stock grants none of
which exceeded twelve months.
During September 1998, the Company's Board of Directors authorized a
plan to dispose of certain net assets of its TradeWave division, and on
September 14, 1998, the Company announced the sale of TradeWave's Galaxy
Internet search engine ("Galaxy") for approximately $2,000. In addition, on
April 30, 1999, the Company sold substantially all the remaining assets of its
TradeWave division to Digital Signature Trust Co. ("DST") for $810 and the
assumption of certain liabilities. A definitive Asset Purchase Agreement was
entered into that had certain development deadlines.
In June 1999, CyberGuard filed a lawsuit against DST in state court in
Austin, Texas. The Company alleged breach of contract, tortious interference and
fraud. Also in June 1999, DST filed a lawsuit against the Company in federal
court in Salt Lake City, Utah, alleging fraud, negligent misrepresentation,
unjust enrichment, with unspecified damages, and rescission and reformation of
contract. The Company and DST settled both actions on October 27, 1999, with the
Company receiving $135 from funds being held in escrow and DST receiving a $60
non-interest bearing promissory note with a maturity date of October 26, 2000.
(4) ARCA SYSTEMS, INC.
F-9
39
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
On June 17, 1998, the Company completed the acquisition of Arca
Systems, Inc. ("Arca"), a privately held information professional security
service firm, for 590,429 shares of its common stock. However, on October 5,
1998, the Company sold all the assets of Arca. As a result, the transaction is
presented as a receivable from the sale of Arca and accounted for on the cost
basis, at its net realizable value at June 30, 1998, because of the temporary
control the Company had over this majority owned subsidiary. The investment
amount was based on the fair value of the common stock issued, using an average
of its quoted market value a few days before and after the acquisition
announcement date, and other direct costs.
In response to the Company's announcement on August 24, 1998, that
revenues for certain 1998 quarters would be restated, the previous shareholders
of Arca threatened legal action under the purchase agreement. On October 5,
1998, the Company completed the sale of the net assets of Arca to Exodus
Communications. In exchange for the net assets of Arca, the Company received
approximately $3,261, the return of the previously issued 590,429 shares of the
Company's common stock, and the release of any potential legal claims the Arca
shareholders might have had against the Company. The disposition resulted in a
settlement loss that was recorded in the fourth quarter of fiscal 1998. The
settlement loss of $2,386 was determined based on the Company's investment in
and advances to Arca, less the $3,261 cash received and the 590,429 shares of
common stock at its fair value using its quoted market value on the return date.
The shares were assumed to be retired effective June 30, 1998.
(5) PROPERTY AND EQUIPMENT
Property and equipment is summarized as follows:
JUNE 30, JUNE 30,
2000 1999
------- -------
Property and equipment $ 1,904 $ 1,794
Purchased software for internal use 342 255
Leasehold improvement 21 27
------- -------
Subtotal 2,170 2,076
------- -------
Less: accumulated depreciation (1,181) (922)
------- -------
Property and equipment, net $ 1,086 $ 1,154
======= =======
(6) NON-COMPETE AGREEMENTS
In connection with the sale of its Real-time Business, the Company
entered into non-compete agreements for a period of five years with two former
officers of the Company. In consideration for these non-compete agreements,
these officers received 91,800 shares of the Company's common stock. These
shares were valued at market price as of the date of the agreement, June 28,
1996. These amounts are being amortized over the life of the agreement. The
amortization expense was $280, for the years ended June 30, 2000, 1999 and 1998,
respectively, and will be fully amortized by June 30, 2001.
(7) ACCRUED EXPENSES AND OTHER LIABILITIES
Accrued expenses and other liabilities consists of the following:
F-10
40
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
JUNE 30, 2000 JUNE 30, 1999
------------- -------------
Salaries, wages and other compensation $1,271 $1,237
Accrued interest and sundry taxes 92 274
Accrued professional service fees 70 200
Other payables 509 569
Insurance finance payable 0 280
Customer advanced payments 0 650
------ ------
$1,942 $3,210
====== ======
(8) LINE OF CREDIT AND NOTE PAYABLE
On December 30, 1997, the Company entered into a $3,350 asset-based revolving
line of credit and a $650 Term Note Agreement with Coast Business Credit
("Coast"). Interest is charged at the prime rate plus 2.0% (prime plus 5.0% at
June 30, 1999 as a result of being in default). The credit facility is
collateralized by all of the tangible assets and intellectual property of the
Company. Availability under the revolving credit facility is limited to 80% of
eligible accounts receivable and 30% of qualified inventory up to a maximum
availability of $300 on eligible inventory. The original term note was for a
period of three years and payable in thirty-nine monthly installments. In
December 1999, the Company re-negotiated the terms of the note, which extended
the term of the note until December 30, 2001. The Company has presented the $650
cash compensating balance equal to the amount of the term loan as restricted
cash. As of June 30, 2000, there was $1,316 outstanding under the revolving line
of credit agreement, all of which was classified as a current liability. The
Company estimates that the fair value of the line of credit and note payable
approximates carrying value based upon its effective current borrowing rate.
(9) CONVERTIBLE DEBENTURE
On December 17, 1998, the Company executed an agreement to issue
$1,125,000 of Convertible Debt ("Debt"). The Debt was interest bearing at a rate
of prime plus 200 basis points and was payable quarterly. The Debt was
convertible into 750,000 shares of common stock at a conversion price equal to
$1.50 per share. The Debt was convertible, at the debt holders' option, after
February 1, 2000. In addition, the Company issued the debt holders warrants to
purchase 500,000 shares of the Company's common stock at $2.00 per share. The
warrants were exercisable at any time before June 2001. The terms of the Debt
and warrant agreement that permitted the conversion of the Debt and warrants to
common stock at a discount to market, was considered a beneficial conversion
feature. The beneficial conversion feature at the date of issuance of the Debt
was recognized as interest expense over the shortest possible conversion period.
The convertible debt was secured by a second lien on the Company's assets and
properties and was subordinated to the Company's senior debt.
On August 26, 1999, the Company increased the convertible debt to
approximately $4,300,000 including repaying the December 1998 issuance. This
increased amount is principally with the same debt holders as the December 1998
transaction, with certain company officers, directors and employees also
participating . The debt matures June 30, 2002. The interest rate is 11.5% per
annum. Interest is payable quarterly, except that interest accruing from the
date of issuance through July 1, 2000, which will be added to the principal
amount of the note. The number of shares of common stock into which the debt
may be converted is equal to the principal amount of the note, plus the accrued
interest, divided by the conversion price of $1.00 per share. In addition,
the warrants from the December 17, 1998 transaction were cancelled, and the
Company issued approximately 4,300,000 warrants to purchase the Company's common
stock at $2.00 per share and have a term of five years. The warrants were valued
at $431 and this amount is being recognized as interest expense over the debt
conversion period.
As of September 30, 1999, the Company had recorded a beneficial
conversion feature attributable to the convertible debt. This feature was being
amortized over the term of the debt. Based upon a report issued by a national
valuation firm, the Company subsequently determined that the amount so
recognized was in error. Specifically, the fair value of the Company's common
stock was below the conversion price and therefore, no such beneficial
conversion feature existed as of the date of the transaction.
F-11
41
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
The Company reversed the charge to interest expense of $0.3 million in the
fourth quarter. The effect on the prior quarterly results was immaterial.
(10) INCOME TAXES
The significant components of the Company's net deferred income tax
assets (liabilities) are as follows:
DEFERRED TAX ASSETS AND LIABILITIES JUNE 30, 2000 JUNE 30, 1999
------------- -------------
Accrued expenses $ 243 $ 384
Depreciation and amortization (290) (347)
Net operating loss carryforwards 22,843 22,683
Capital loss carryforwards 2,024 2,023
Other Deferred tax assets (liabilities) 522 732
Valuation allowance (25,342) (25,475)
-------- --------
Net deferred income tax liability -- --
======== ========
A reconciliation of the effective income tax rate and the statutory
United States income tax rate follows:
YEAR ENDED YEAR ENDED
JUNE 30, 2000 JUNE 30, 1999
-------------- ----------------
Statutory U.S. income tax rate 34.0 % 34.0 %
State taxes 3.0 % (3.0)%
Other (10.5)% (0.8)%
Interest on convertible debt* (60.4)% 0.0 %
Valuation Allowance 33.9 % (36.2)%
-------------- ----------------
Effective income tax rate 0.0 % 0.0 %
============== ================
- --------------------
* Convertible debt is considered equity for income tax purposes and
therefore the interest incurred is not deductible.
As of June 30, 2000, the Company had U.S. net operating loss
carryforwards for federal income tax purposes of approximately $62 million. The
Company's net operating loss carryforwards begin to expire in 2010. Under the
Tax Reform Act of 1986, the amounts of, and the benefits from, net operating
loss carryforwards may be impaired or limited due to a change of ownership
control as defined by the Internal Revenue Code. In addition, the Company has an
U.S. net capital loss carryforwards of approximately $5,469. The Company may
utilize the capital loss carryforwards only to the extent it generates future
capital gains. As of June 30, 2000, a valuation allowance has been established
against the net deferred tax asset since the Company believes it is more likely
than not that the benefits will not be realized.
(11) SHAREHOLDERS' EQUITY
COMMON STOCK--Each share of the Company's common stock has attached to
it one right. Each right entitles its registered holder to purchase from the
Company after the "Separation Time", as hereinafter defined, one-hundredth of a
share of Participating Preferred Stock, par value $.01 per share, for an amount
calculated in accordance with the Preferred Stock Agreement. The rights will not
F-12
42
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
trade separately from the common stock unless and until the Separation Time. The
Separation Time is defined as the earlier of the tenth business day after the
date on which any person commences a tender or exchange offer which, if
consummated, would result in an acquisition, and the first date of public
announcement by the Company of such offering. In the event of any voluntary or
involuntary liquidation of the Company, the holders of the Preferred Stock shall
be paid an amount as calculated in accordance with the Preferred Stock
Agreement.
STOCK OPTION PLANS--Effective October 8, 1994, the Company adopted a
Stock Incentive Plan. On February 4, 1996, the Board of Directors approved an
amendment to the plan to reserve 2,025,000 shares of common stock for grant,
and effective October 28, 1997 increased the reserve to 2,400,000 shares.
Effective September 4, 1998, the Company adopted an Employee Stock Option Plan.
The Board of Directors approved an initial reserve of 1,400,000 shares of
common stock for grant, and effective August 10, 1999 increased the reserve to
2,500,000 shares.
Both plans permit the issuance of stock options, stock appreciation
rights, performance awards, restricted stock and/or other stock based awards to
directors and salaried employees. The option price shall be determined by the
Board Committee effective on the Grant Date. The option price shall not be
less than fifty percent of the Fair Market Value of a share of common stock on
the Grant Date. If Incentive Stock Options are granted to a participant who on
the Grant Date is a ten-percent holder, such price shall not be less than one
hundred and ten percent of the Fair Market Value of a share of common stock on
the Grant Date. All options become immediately exercisable upon the occurrence
of a Change in Control of the Company. Vesting of these options occurs based on
years of service. Generally it begins at 33% after one year, 66% after two
years, and 100% after the third year of service. In September 1998, the Company
elected to have non-qualified stock options for key executives as part of their
compensation plan. The Board of Directors has the authority to determine who
may be granted options, the period of exercise, the option price at the date of
grant, and any other restrictions, if applicable.
The Company applies APB 25 and related interpretations in accounting
for its plans. During 1995, the Financial Accounting Standards Board issued
Statement No. 123, "Accounting for Stock-Based Compensation" ("SFAS No. 123")
changing the methods for recognition of costs on plans similar to those of the
Company. Adoption of the accounting provisions of SFAS No. 123 is optional;
however, pro-forma disclosures as if the Company adopted the cost recognition
requirements under SFAS No. 123 are required.
The fair value method for these options was estimated at the date of
grant using the Black-Scholes option pricing model with the following weighted
average assumptions for 2000, 1999, and 1998, respectively: risk-free interest
rates were 6.0%, 5.11%, and 5.69%, expected dividend yield of 0%, volatility
factors of the expected market price of the Company's common stock were 121.0%,
116.3%, and 79.1% and a weighted average expected life of the option of 3, 3,
and 4 years, respectively.
The Black-Scholes option valuation model was developed for use in
estimating the fair value of traded options, which have no vesting restrictions
and are fully transferable. In addition, option valuation models require the
input of highly subjective assumptions including the expected stock price
volatility. Because the Company's employee stock options have characteristics
significantly different from those of traded options, and because changes in
subjective input assumptions can materially affect the fair value estimate, in
management's opinion, the existing models do not necessarily provide a reliable
single measure of the fair value of its employee stock options.
The adoption of SFAS No.123 under the fair value based method would
have increased compensation expense by $3,397, $2,108, and $2,524 for the years
ended June 30, 2000, 1999, and 1998, respectively. The effect of SFAS No. 123
under the fair value based method would have effected net loss and loss per
share as follows:
YEAR ENDED YEAR ENDED YEAR ENDED
JUNE 30, JUNE 30, JUNE 30,
2000 1999 1998
---------- ---------- ----------
Net loss $ (976) $ (8,115) $ (18,264)
========== ========== ==========
Pro-Forma $ (4,373) $ (10,023) $ (20,789)
========== ========== ==========
Loss per common share as reported $ (0.10) $ (0.90) $ (2.17)
========== ========== ==========
Pro-Forma $ (0.47) $ (1.12) $ (2.47)
========== ========== ==========
F-13
43
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
Information relating to the Company's stock option plan is as follows:
NUMBER OF WEIGHTED AVERAGE
SHARES EXERCISE PRICE
----------- ----------------
Shares under option at June 30, 1997 1,825,922 $7.77
Granted 889,668 $7.48
Exercised (254,071) $4.37
Forfeited (363,774) $9.21
---------- -----
Shares under option at June 30, 1998 2,097,745 $7.81
========== =====
Shares exercisable at June 30, 1998 759,291 $7.95
========== =====
Shares under option at June 30, 1998 2,097,745 $7.81
Granted 2,856,343 $1.24
Exercised (17,000) $1.13
Forfeited (1,875,645) $5.03
---------- -----
Shares under option at June 30, 1999 3,061,443 $1.91
========== =====
Shares exercisable at June 30, 1999 1,141,492 $2.96
========== =====
Shares under option at June 30, 1999 3,061,443 $1.91
Granted 1,094,498 $3.94
Exercised (640,133) $1.41
Forfeited (538,777) $1.79
---------- -----
Shares under option at June 30, 2000 2,977,031 $2.65
========== =====
Shares exercisable at June 30, 2000 1,702,776 $2.05
========== =====
The following information applies to options outstanding as of June 30,
2000:
OPTIONS OUTSTANDING
------------------- OPTIONS EXERCISABLE
ACTUAL WEIGHTED-AVERAGE ----------------------------------
RANGE OF NUMBER REMAINING WEIGHTED-AVERAGE NUMBER WEIGHTED-AVERAGE
EXERCISE PRICES OUTSTANDING CONTRACTUAL LIFE EXERCISE PRICE EXERCISABLE EXERCISE PRICE
- --------------- ------------ -------------------- ---------------- -------------------------------------
$0.75 - 1.13 632,959 2.2 $1.07 501,323 $1.10
$1.25 - 1.75 1,419,066 5 $1.32 903,631 $1.30
$2.09 - 2.09 94,000 4.7 $2.09 70,666 $2.09
$3.50 - 5.00 202,500 4.8 $4.09 17,000 $4.14
$5.66 - 7.38 628,506 5.9 $6.85 210,156 $7.34
- ------------ ---------- ---- ------ --------- ------
$0.75 - 7.38 2,977,031 4.6 $2.65 1,702,776 $2.05
F-14
44
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
During September 1998, the Company re-priced all of the outstanding
options to its then current fair market value per share of $1.125 to all
officers, directors and employees with existing options. The total numbers of
shares re-priced were 1,404,891. In addition, during fiscal year 1999, the
Company issued officers, directors and employees approximately 1,110,936 new
options at an exercise price of $1.31 per share. As part of a severance
arrangement with a previous officer, the Company re-issued 235,490 shares at a
weighted average price of $7.10 per share.
(12) COMMITMENTS AND CONTINGENCIES
LEASE COMMITMENTS--Rent expense was $697 for the year ended June 30,
2000, $744 for the year ended June 30, 1999, and $501 for the year ended June
30, 1998.
On June 10, 1997, the Company entered into a seven-year term office
lease for its corporate office located in a commercial building in Fort
Lauderdale, Florida. The lease provides for a 5-year renewal option.
Total future minimum rental commitments under non-cancelable operating
leases, primarily for buildings and equipment, for the years following June 30,
2000 are as follows:
YEAR AMOUNT
---- ------
2001 537
2002 493
2003 497
2004 505
-----------
Total $2,032
===========
Effective May 1, 1999, the Company sold substantially all the assets of
its TradeWave division and the assumption of several capital and operating
leases. In the transaction, the operating lease amount assumed for the fiscal
year ended 1999 are $25, fiscal year end 2000 are $165, fiscal year end 2001 are
$3, and fiscal year end 2002 are $2.
LITIGATION--On August 24, 1998, the Company announced, among other
things, that due to a review of its revenue recognition practices relating to
distributors and resellers, it would restate prior financial results. After the
August 24, 1998 announcement, twenty-five purported class action lawsuits were
filed by alleged shareholders against the Company and certain former officers
and directors. Pursuant to an order issued by the Court, these actions have been
consolidated into one action, styled STEPHEN CHENEY, ET AL. V. CYBERGUARD
CORPORATION ET AL., Case No. 98-6879-CIV-Gold, in the United States District
Court, Southern District of Florida. On August 23, 1999, the plaintiffs filed a
Consolidated and Amended Class Action Complaint. This action seeks damages
purportedly on behalf of all persons who purchased or otherwise acquired the
Company's common stock during various periods from November 7, 1996 through
August 24, 1998. The complaint alleges, among other things, that as a result of
accounting irregularities relating to the Company's revenue recognition
policies, the Company's previously issued financial statements were materially
false and misleading and that the defendants knowingly or recklessly published
these financial statements which caused the Company's common stock prices to
rise artificially. The action alleges violations of Section 10(b) of the
Securities Exchange Act of 1934 ("Exchange Act") and SEC Rule 10b-5 promulgated
thereunder and Section 20(a) of the Exchange Act. Subsequently, the defendants,
including the Company, filed their respective motions to dismiss the amended
complaint. On July 31, 2000, the Court issued a ruling denying the Company's and
Robert L. Carberry's motions to dismiss while granting the motions to dismiss
F-15
45
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
with prejudice of the defendants William D. Murray, Patrick O. Wheeler, C.
Shelton James and KPMG Peat Marwick LLP ("KPMG"). The Company filed an answer to
the plaintiffs' complaint on August 24, 2000.
The Company's obligation to indemnify its officers and directors under
the aforementioned lawsuits is insured, to the extent of the limits of the
applicable insurance policies. The Company has notified its insurance carrier of
the existence of the lawsuits, and the carrier has sent the Company a
reservation of rights letter. The Company intends to vigorously defend these
actions, and believes that in the event that it is unsuccessful, that insurance
coverage will be available to defray a portion, or substantially all, the
expense of defending and settling the lawsuits or paying a judgment. However,
the Company is unable to predict the ultimate outcome of the litigation. There
can be no assurance that the Company will be successful in defending the
lawsuits or that if unsuccessful, that insurance will be available to pay all or
any portion of the expense of the lawsuits. If the Company is unsuccessful in
defending the lawsuits and the insurance coverage is unavailable or
insufficient, the resolution of the lawsuits could have a material adverse
effect on the Company's consolidated financial position, results of operations,
and cash flows. The Company's consolidated financial statements do not include
any adjustments related to these matters.
On September 16, 1999, the Company filed a lawsuit against KPMG Peat
Marwick LLP ("KPMG") and August A. Smith, the KPMG engagement partner. The
lawsuit is pending in the Circuit Court of the 17th Judicial Circuit in and for
Broward County, Case No. 00-004102-CACE-14. On May 1, 2000, the Company filed
the First Amended Complaint, alleging that KPMG failed to properly audit the
Company's financial statements and provided inaccurate advice on accounting
matters for fiscal years 1996, 1997 and 1998. The action alleges professional
malpractice, breach of fiduciary duty, breach of contract and breach of implied
duty of good faith, and seeks damages in excess of $10 million. KPMG and Mr.
Smith filed motions to dismiss, which were denied. In August 2000, KPMG and Mr.
Smith filed their answers and KPMG filed counterclaims against the Company,
alleging the Company's breach of contract, negligent misrepresentation and abuse
of process, and seeks an unspecified amount of damages consisting of unpaid
service fees and legal fees and costs.
The Company is involved from time to time in other litigation on
various matters relating to the conduct of its business. The Company believes
that these other litigation, single or collective, will not have a material
adverse effect on its consolidated financial position, results of operations or
cash flows.
REGULATORY INVESTIGATIONS--In August 1998, the Securities and Exchange
Commission ("SEC") commenced an informal inquiry into certain accounting and
financial reporting practices of the Company and its officers, directors and
employees. On March 25, 1999, the SEC issued a formal order of investigation
(which the Company learned of on September 27, 1999) into certain accounting and
financial reporting practices of the Company and its officers, directors and
employees. The SEC's investigation is ongoing and the Company is cooperating
with the SEC. The Company is unable to predict the ultimate outcome of the
investigation. The resolution of such matters could have a material adverse
effect on the Company's consolidated financial position, results of operations,
and cash flows. The Company's consolidated financial statements do not include
any adjustments related to these matters.
(13) CONCENTRATIONS OF CREDIT RISK
Financial instruments, which potentially subject the Company to a
concentration of credit risk principally, consist of cash, cash equivalents and
trade receivables. The Company holds any excess cash in short-term investments
consisting of commercial paper. Concentrations of credit risk with respect to
receivables are limited due to the Company's customer base.
(14) EMPLOYEE BENEFIT PLANS
The Company has a 401(k) Savings Plan ("the Plan") which covers the
eligible employees of the Company. An employee is eligible to participate in the
F-16
46
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
Plan on the date of hire. The amount of profit-sharing contributions made by the
Company into the Plan is discretionary. Each participant may contribute up to
19% of compensation into the Plan. The Company makes a matching contribution on
behalf of each participant for the first 6% of their individual contribution.
These contributions are made in the form of cash and common stock of the
Company. Participants' profit sharing and matching contribution vests over a
three-year period. The Company's contributions to the Plan were $274 for year
ended June 30, 2000, $300 for year ended June 30, 1999 and $388 for the year
ended June 30, 1998. For the year ended June 30, 2000, the Company received
proceeds of $301 related to the direct sale of common stock to the Plan.
The Company has an Employee Stock Purchase Plan ("ESPP") which covers
the eligible employees of the Company. An employee is eligible to participate in
the ESPP beginning on the offering date following their hire date. Each
participant may contribute the lesser of 10% of eligible compensation or $25,000
per year.
(15) GEOGRAPHIC AND CUSTOMER INFORMATION
The Company operates primarily in one segment: trusted systems
consisting of network security and electronic commerce products and services.
During 2000, one major financial institution represented 28% of consolidated
sales. During 1999, one major financial institution represented 34% of
consolidated sales, one international telecommunications company represented
10.1% of consolidated sales and one international distributor represented 7.8%
of consolidated sales. During 1998, one major financial institution represented
17% of consolidated sales.
A summary of the Company's operations by geographic area is summarized
below:
YEAR ENDED YEAR ENDED YEAR ENDED
JUNE 30, JUNE 30, JUNE 30,
2000 1999 1998
------------ ------------- ------------
United States Operations
Net sales $ 13,831 $ 10,882 $ 11,423
Net loss (431) (7,823) (17,292)
Identifiable assets 10,367 5,795 11,100
European Operations
Net sales 5,029 2,991 4,129
Net loss (545) (292) (972)
Identifiable assets 2,445 2,482 1,976
U.S. Export Sales were $7,752 for the year ended June 30, 2000, $3,747
for the year ended June 30, 1999 and $4,530 for the year ended June 30, 1998.
(16) SUPPLEMENTAL STATEMENT OF CASH FLOW INFORMATION
During 1998, the Company issued 590,429 shares of common stock for all
of the outstanding common stock of Arca and subsequently, retired these shares
in 1999. In addition, during 2000, 1999 and 1998, the Company paid cash for
interest of $1,171, $274 and $84, respectively.
On August 26, 1999, in connection with the convertible debt offering
(see Note 9), the Company issued warrants which were valued at $431. This amount
is being recognized as interest expense over the debt conversion period and at
June 30, 2000, the interest amortized on the warrants was $127.
(17) NEW ACCOUNTING PRONOUNCEMENTS
In December 1999, Staff Accounting Bulletin No. 101, "Revenue
Recognition in Financial Statements" ("SAB 101") was issued. SAB 101 summarizes
the Securities and Exchange Commission staff's views in applying generally
accepted accounting principles to revenue recognition in financial statements.
The implementation of SAB 101 shall be no later than the fourth quarter of
fiscal years beginning after December 15, 1999. The Company believes that the
adoption of SAB 101 will not have a material impact on its revenue recognition.
F-17
47
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
(18) SUBSEQUENT EVENTS
In August 2000, KPMG filed counterclaims against the Company, alleging
the Company's breach of contract, negligent misrepresentation and abuse of
process, and seeks an unspecified amount of damages consisting of unpaid service
fees and legal fees and costs. The Company intends to vigorously defend these
actions, however, the Company is unable to predict the ultimate outcome of the
litigation.
(19) QUARTERLY FINANCIAL INFORMATION (UNAUDITED)
Selected unaudited quarterly results for the fiscal year ended June 30,
2000 were as follows:
JUNE 30, MARCH 31, DECEMBER 31, SEPTEMBER 30,
TOTAL 2000 2000 1999 1999
----------- ----------- ------------ ------------- ---------------
Revenues $ 18,859 $ 4,893 $5,265 $ 4,370 $ 4,331
Gross profit 12,903 3,051 3,486 3,262 3,104
Operating income (loss) 182 (438) 702 148 (230)
Net loss $ (976) $ (600) $ 270 $ (62) $ (584)
======== ======= ====== ======= =======
Basic earnings (loss) per share $ (0.10) $ (0.06) $ 0.03 $ (0.01) $ (0.06)
======== ======= ====== ======= =======
Fully diluted earnings (loss)
per share $ (0.10) $ (0.06) $ 0.01 $ (0.01) $ (0.06)
======== ======= ====== ======= =======
F-18