Back to GetFilings.com
1
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
------------------------
FORM 10-K
FOR ANNUAL AND TRANSITION REPORTS
PURSUANT TO SECTIONS 13 OR 15(d) OF THE
SECURITIES EXCHANGE ACT OF 1934
(MARK ONE)
[X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF
THE SECURITIES EXCHANGE ACT OF 1934
FOR THE FISCAL YEAR ENDED JUNE 30, 1999
OR
[ ] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF
THE SECURITIES EXCHANGE ACT OF 1934
FOR THE TRANSITION PERIOD FROM _________ TO __________
COMMISSION FILE NUMBER 0-24544
CYBERGUARD CORPORATION
(EXACT NAME OF REGISTRANT AS SPECIFIED IN ITS CHARTER)
FLORIDA 65-0510339
(STATE OR JURISDICTION (I.R.S. EMPLOYER
------------------------------ -------------------
INCORPORATION OR ORGANIZATION) IDENTIFICATION NO.)
2000 WEST COMMERCIAL BOULEVARD, SUITE 200, FORT LAUDERDALE, FLORIDA 33309
(ADDRESS OF PRINCIPAL EXECUTIVE OFFICES) (ZIP CODE)
Registrant's telephone number, including area code: (954) 958-3900
Securities Registered Pursuant to Section 12(b) of the Act: NONE
Securities Registered Pursuant to Section 12(g) of the Act:
COMMON STOCK, PAR VALUE $.01 PER SHARE
Indicate by check mark whether the registrant (1) has filed all reports
required to be filed by Section 13 or 15(d) of the Securities Exchange Act of
1934 during the preceding twelve months (or such shorter period that the
registrant was required to file such reports), and (2) has been subject to such
filing requirements for the past 90 days. Yes [ ] No [X]
Indicate by check mark if disclosure of delinquent filers pursuant to
Item 405 of Regulation S-K is not contained herein, and will not be contained,
to the best of registrant's knowledge, in definitive proxy or information
statements incorporated by reference in Part III of this Form 10-K or any
amendment to this Form 10-K. Yes [ ] No [X]
The aggregate market value of voting stock held by nonaffiliates of the
Registrant was approximately $10,205,927 (computed by reference to the last
sales price of the Registrant's Common Stock on August 29, 1999).
As of August 29, 1999, 9,071,937 shares of the Registrant's $0.01 par
value Common Stock were outstanding.
DOCUMENTS INCORPORATED BY REFERENCE
Definitive Proxy Statement for the Company's 1999 Annual Meeting of
Shareholders (incorporated in Part III to the
extent provided in Items 10, 11, 12 and 13 hereof).
1
2
PART I
ITEM 1. BUSINESS
OVERVIEW
CyberGuard Corporation ("CyberGuard" or the "Company") is a leading
network security solutions provider to Fortune 1000 companies, major financial
institutions, and government agencies worldwide. The Company's CyberGuard(R)
Firewall provides a level of security, features and availability that the
Company believes is not matched in the industry. Through a combination of
proprietary and third-party technology (such as Virtual Private Network ("VPN"),
authentication, virus scanning, encryption, advanced reporting, high
availability and centralized management), the Company provides a full suite of
products and services that are designed to protect the integrity of electronic
data and customer applications from unauthorized individuals and digital
thieves.
The Company was incorporated in 1994 in connection with a spin-off of
the Company from Harris Corporation. The Company produced computers for the
real-time computing market as well as the CyberGuard Firewall for the secure
computing market. The Company changed its name from Harris Computer Systems
Corporation in Jun 1996 following a sale of the Company's real-time computer
business.
Information in this report contains forward-looking statements that
involve risks and uncertainties. The Company's actual accomplishments and
results may differ significantly from those discussed in the forward- looking
statements. See Item 7, "Management's Discussion and Analysis," for a more
complete discussion regarding forward-looking statements.
SIGNIFICANT EVENTS
During the Company's fiscal year ended June 30, 1999, the Company has
undergone significant changes and an organizational restructuring. During August
1998, the Audit Committee of the Board of Directors and the Company's outside
directors became aware that previously reported revenues had been overstated and
that a restatement of the Company's financial statements would be forthcoming.
An internal corporate investigation was undertaken immediately, resulting in
various management and other corporate changes over the past twelve months.
Some of the major events comprising these changes are described below.
o RETAINING. PRICEWATERHOUSECOOPERS LLP. The Company's Board of Directors
retained PricewaterhouseCoopers LLP ("PwC") to serve as the Company's
independent auditors for its 1998 fiscal year. This engagement began after
PwC had been engaged in September 1998 to assist in the Company's internal
investigation of the revenue overstatements. This change in auditors
occurred after the resignation of the Company's prior auditors, KPMG. See
Item 9 of this report on Form 10-K. The Company later also retained PwC to
re-audit the Company's 1997 fiscal year.
o NEW MANAGEMENT TEAM. The Company underwent numerous organizational changes,
resulting in a new management team. Mr. David Proctor, who first became
associated with CyberGuard as a member of the Board of Directors in 1997,
joined the Company's management team as Chief Executive Officer, President,
and Chairman of the Board of Directors. Mr. Proctor has previously served
as President and Chief Operating Officer of Platinum Software Corporation,
as President and Chief Operating Officer of Ashton-Tate Corporation, and as
Vice President of the Personal Software Products Division of IBM. Mr.
Terrence Zielinski, who joined the Company on an interim basis during
September 1998, has been named Chief Financial Officer. Mr. Zielinski is a
CPA with over thirty-five years experience, including having served as
chief financial officer of several public companies and having received
certification as a fraud auditor. Mr. Michael Wittig, who had been serving
as Vice President of Development for the Company, has been appointed to the
additional position of Chief Technical Officer. Mr. Frederick Hawkes,
having executive experience working with technology companies in marketing,
business development and product development, has joined CyberGuard as Vice
President of Worldwide Marketing.
2
3
o CORPORATE INVESTIGATION. During August, 1998, the Company's Board of
Directors appointed a Special Committee/Executive Committee with the full
powers of the Board ("Special Committee"). The Special Committee authorized
and directed the Audit Committee of the Company's Board of Directors
("Audit Committee") to conduct an investigation into internal controls and
corporate governance matters of the Company. An independent law firm was
engaged to assist the Audit Committee in this investigation. This internal
investigation has been completed and the Audit Committee has made
recommendations to the Board of Directors regarding additional specific
actions to be taken with respect to the matters discovered as a result of
the investigation as well as improvements to the internal control
structure. The Company's management is in the process of executing these
actions. To date, a review of the Company's revenue recognition policies
has resulted in the quarterly adjustments described under the caption
"Quarterly Restatement" included in Item 6 of this report on Form 10-K and
in Note. 2 to the Consolidated Financial Statements contained in Item 8 of
this report.
o ADDING LIQUIDITY. To improve the Company's liquidity, the Company sold a
non-strategic asset for $2 million (the Company's Galaxy Internet search
engine, which was an asset of the Company's TradeWave division);
substantially all the assets of a subsidiary for $3.4 million (ARCA
Systems, Inc., a consulting company); and substantially all the assets of
its TradeWave division for $810,000, subject to an escrow agreement. During
December 1998, the Company obtained an additional $1,125,000 through the
issuance of convertible debt. The Company increased this convertible debt
to approximately $4,300.000 including repaying the initial debt
transaction. It closed the transaction on August 27, 1999. This increased
amount is principally with the same debt holders as the December 17, 1998,
transaction. The interest rate will be amended to 11.5% per annum. The
conversion rate will be amended to be convertible into approximately
4,300,000 shares of commom stock at a conversion price equal to $1.00 per
share. In addition, the initial warrants from the December 17, 1998,
transaction will be cancelled. The amended transaction will have the
Company issue approximately 4,300,000 warrants to purchase the Company's
common stock at $2.00 per share.
o RE-ESTABLISHMENT OF COMPANY GOALS. The Company believes that its flagship
product, the CyberGuard(R) Firewall, currently enjoys technological
advantages over its competitors. In addition, when coupled with other
network security products that are either proprietary to the Company or are
available through relationships with third parties, the Company provides a
full suite of network security products and services. The Company has
refocused its attention on capitalizing on its technological advantages and
is aggressively pursuing opportunities in its target markets.
o RESTATEMENT OF FINANCIAL RESULTS. Restatement of the Company's financial
statements for its fiscal years 1997 and 1998 is completed. See Items 6, 7
and 8 of this report on Form 10-K.
o OPTIONS EXCHANGE AND NEW ISSUANCES. As part of the overall program to
incentivize its personnel, during September 1998, the Company offered its
employees, officers and directors the opportunity to exchange their
existing stock options for new options, with an exercise price equal to the
market price per share on the date the Board of Directors adopted the
exchange program ($1.125 per share). The weighted-average exercise price
per share prior to this exchange offer was $7.58 per share. The only
employees who did not voluntarily terminate their employment with the
Company before May 6, 1999 were eligible for the Company's offer. Option
holders holding options on 1,140,007 shares of Company common stock
accepted this offer. In addition, during September 1998, the Company issued
new options on 1,110,936 shares of Company common stock at an exercise
price of $1.31 per share.
INDUSTRY BACKGROUND
CyberGuard competes in the network security and electronic commerce
markets. Network security has historically been the focus primarily of those
businesses in security-sensitive industries such as healthcare, financial
services, insurance, telecommunications, government and others. Businesses in
these industries historically maintained a secure network environment by
isolating their networks from others and allowing only authorized users to
connect to their privately managed networks.
3
4
In recent years, organizations have increasingly begun using the TCP/IP
protocol for their enterprise networks or using the Internet as an inexpensive
alternative to establishing their own wide-area networks. An enterprise network
that uses the TCP/IP protocol is called an "intranet". An intranet can extend
internal information systems and enterprise applications to geographically
dispersed facilities, remote offices and mobile employees using personal
computers running on incompatible operating systems. Using any "web browser," an
employee can view electronic information notwithstanding the incompatible
operating systems utilized by the employee and the information source. In many
cases, different departments within the same organization can create "home
pages" used to share information among coworkers. The increasing ability to
interconnect with disparate enterprise units has increased the use of mobile or
"nomadic" computing by which users connect to enterprise networks from remote
offices and while traveling. The increasing use of the non-proprietary TCP/IP
network protocol for internal network communications is due, in large part, to
(i) the widely distributed nature of such protocol, (ii) the fact that TCP/IP
network protocol support is available on nearly all types of computer systems
currently manufactured, and (iii) cost considerations.
As popularity and use of the Internet and intranets for business
applications has increased, companies have become increasingly concerned that
data collected and stored electronically by organizations might be vulnerable to
access by unauthorized users, including certain of a company's own employees.
This concern is due in part to the fact that the TCP/IP protocol is particularly
susceptible to penetration, and, as a result, interest in and purchases of
firewall software to protect enterprise networks have increased.
The following elements are principal means for protecting organizations
from digital mischief. These elements require substantial integration and
interoperability to smoothly implement an organization's security policy.
SECURITY POLICY. Security products are not effective unless they follow
a well-thought out enterprise security policy. Creating a policy requires
cooperation between information technology staffers, business unit managers and
senior executives. Generally, a policy should follow one of two philosophies.
The first is, "That which is not expressly prohibited is permitted." The second
is, "That which is not expressly permitted is prohibited." The former is less
intrusive but will not provide maximum protection. The latter requires
discussion and support from management because it affects the workflow of the
entire organization - all the way down to rules for locking offices and filing
cabinets, and discarding waste paper. The use of security technology such as a
firewall, generally is associated with the second philosophy.
LAN SECURITY. Popular local-area network ("LAN") operating system
software provides many security options - many of which are seldom used. Network
managers can immediately improve protection by implementing security features
such as log-in restrictions on specific workstations, days of the week and hours
of the day. More stringent password policies also create extra barriers, such as
increasing the minimum password length and forcing regular password changes.
Another overlooked area is share-level security rarely used with appropriate
precision. Rigorous application of LAN security features can bolster protection
from internal breaches.
FIREWALLS. Firewalls provide access control. They usually are aimed at
preventing external security breaches, but can also provide additional internal
security for corporate intranets. Firewalls are a combination of software and
hardware, usually consisting of a fast workstation located outside the LAN but
inside the router link to the Internet. To be effective, all network traffic
must pass through the firewall, whether going to the outside world or entering
the LAN. The firewall permits only authorized traffic to pass either way, and
must be impervious to unauthorized penetration.
4
5
Premium firewalls run on special versions of the UNIX operating system, although
Windows NT-based versions are also popular for less-rigorous security
environments. Some firewalls also support ancillary special features, such as
Web URL filtering. Firewall features and the underlying operating system of the
firewall generally determine the level of security that a firewall provides.
Presented below is the security spectrum of firewall products available today.
- --------------------------------------------------------------------------------
ROUTER- PROXY FIREWALL
FULL BASED APPLICATION HYBRID WITH NO
ACCESS FILTERING FIREWALL FIREWALL SECURE OS ACCESS
< ------------------------------ >
LEAST SECURE MOST SECURE
- --------------------------------------------------------------------------------
Generally, these technologies build on each other so that the most secure
technologies can also perform the functions of the less secure ones and,
depending on price and other factors, can serve markets for such products.
CyberGuard has developed its products to emphasize stringent security and thus
fall to the far right of this diagram.
o ENCRYPTION. Encryption is a data-scrambling technique that prevents
information from being read by unauthorized people. It is used to protect
data packets during transmission from one point to another. Encryption can
be implemented in two ways: from the PC that originates the data, or from
the server or Internet connection device that passes the data outside the
LAN. Protected data is decrypted by a reciprocating destination LAN server
or PC. Digital key technology is a common means of implementing encryption.
A digital key bearing a secret value is used to encrypt data. Decryption
can occur only by someone who possesses the appropriate decryption key--
much like secret agents passing coded messages from behind enemy lines.
Systems using the same key for encryption and decryption are referred to as
symmetric key encryption systems, whereas those that use a different key
for decryption than encryption are referred to as asymmetric or public-key
encryption systems. Encryption is a common security technique used to
protect VPNs and standard intranets.
o ANTI-VIRUS. A computer virus modifies programs and data, sometimes in an
innocuous manner and sometimes with malicious intent. Some viruses can
erase applications and data from systems or merely act as electronic
graffiti. Any form of computer virus, regardless of its intent, increase
costs and decreases productivity, and therefore cannot be tolerated.
Anti-virus protection software can be run from individual workstations or
from a network server or firewall. This software scans incoming files and
attachments to E-mail messages to protect servers, PCs and LANs from
infection.
o IDENTIFICATION AND AUTHENTICATION. On the Internet, no one can truly see
who is using the system. Digital identification technology is used to
identify who you are before you start using an information system.
Authentication is the means for proving to the system that you actually are
the person you claim to be. This is similar to the process of signing a
check, then showing a driver's license and a major credit card to a store
clerk. Digital identification and authentication employs passwords, keys,
physical tokens, badges and smart cards - even fingerprints, retinal scans
or voiceprints (biometric identification) in advanced systems. Digital
identification and authentication are particularly important for securing
electronic commerce, which mostly operates outside the protection of a
corporate intranet's security infrastructure.
5
6
o CERTIFICATE AUTHORITY. Applications requiring absolute user identification
employ digital signatures managed by a trusted organization called a
certificate authority. Digital signatures are locked and unlocked with
electronic keys, and filed in a directory of certificates that identify
users owning the keys. A trusted organization called a certificate
authority manages and distributes these certificates with their
corresponding keys. A certificate authority can be an in-house department
or a third-party service provider. It is responsible for the complex
process of registering new users, securing Web servers, distributing and
updating private keys and certificates, recovering lost or forgotten keys
and maintaining audit trails.
THE CYBERGUARD SOLUTION
The Company produces two different firewall products: one based on a
Unix operating system (obtained from Santa Cruz Operations, Inc. ("SCO") and one
based on the Microsoft Windows NT operating system. CyberGuard has modified the
SCO UnixWare operating system to remove penetration vulnerabilities that are
common in Unix platforms. On the Windows NT operating system, CyberGuard has
developed a capability called SecureGuard that closes virtually all of the
security holes in that operating system. Both approaches have resulted in the
CyberGuard firewall products being the most secure firewalls in the industry for
both Unix and Windows NT.
The Company's secure operating system and secure networking software
technologies allow CyberGuard to position its product suite to address the broad
range of customer requirements in the commercial network security market.
Generically speaking, a firewall consists of a firewall application, an
operating system and networking software, each playing an important role in the
receipt and processing of data through the firewall. In competitive network
security products, only the firewall application has been designed to resist
penetration by an attacker, leaving the operating system and network software
unsecure. Therefore, an attacker can penetrate a competitive firewall through
the unsecure operating system or networking software. The Company's
CyberGuard(R) Firewall uses a secure operating system and secure networking
software to prevent network penetration by requiring network communication to
pass through the firewall application.
The graphic presentation below depicts the three major components of a
firewall system and demonstrates the fundamental security deficiency of an
application-only solution as compared to the CyberGuard(R) Firewall.
MULTI-LEVEL SECURITY PROVIDES HIGHEST DEGREE
OF PROTECTION
STANDARD FIREWALL MLS CYBERGUARD FIREWALL
FIREWALL
APPLICATION
OPERATING
SYSTEM
NETWORKING
SOFTWARE
INTERNAL NETWORK EXTERNAL NETWORK INTERNAL NETWORK EXTERNAL NETWORK
NORMAL ACCESS PATH HACKER'S PATH MLS HACKER
PROTECTION
SOURCE: CYBERGUARD CORPORATION
6
7
CyberGuard's secure operating system and secure networking software are
based on multi-level security ("MLS"), that is, they restrict access to
information based on the sensitivity of the information and the access
authorization of system users. In an MLS system, a user cannot read data that
has been labeled at a level more sensitive than the security level that person
has been given, and cannot create or modify data having a different security
label. The operating system and programs reside at a protected level that cannot
be read or modified by network users.
The Company's secure operating system and networking software have been
rated by the National Computer Security Center ("NCSC") at a B1 level. The NCSC
ratings range from D (systems with minimal security) to A1 (systems with assured
security). Certain agencies of the United States government have incorporated
the NCSC ratings into their procurement requirements, and commercial users,
while not having specific NCSC-rating requirements, often look to an NCSC rating
as an indication of the product's proven reliability. The Company believes that
the CyberGuard(R) Firewall is the only commercially available firewall built on
an integrated operating system and networking software with a rating as high as
B1. These components have also been successfully evaluated by the Centre
d'Electronique de l'Armement ("CELAR") in France and have been awarded an E3
rating in the United Kingdom and Australia against the Information Technology
Security Evaluation Criteria ("ITSEC").
The Company's CyberGuard(R) Firewall also meets the compliance
standards of the Internet Protocol Security Standard (IPSec). IPSec is a
framework of open standards for ensuring private communications over public
networks like the Internet. Based on standards developed by the Internet
Engineering Task Force (IETF) IP Security Working Group, IPSec is an
industry-driven standard that ensures confidentiality, integrity, and
authenticity on an IP network. IPSec is a key component of this standards-based,
flexible solution for deploying a network-wide security policy.
In addition to enhanced operating system and network security,
CyberGuard's firewalls have been built on the Company's legacy of providing
high-performance, real-time computing systems. Therefore, the Company's
CyberGuard(R) Firewall also addresses the high performance end of the commercial
network security market because the underlying operating system and networking
software were designed for demanding security environments. The Company's secure
operating system is designed to function as a high performance, real-time
operating system able to process high levels of throughput without
time-consuming failures. This same operating system technology underlies the
Company's secure networking software and firewall technology.
The CyberGuard(R) Firewall product is the basis for the Company's
ability to offer a complete suite of enterprise-wide security products including
mobile security applications, secure database applications, and network access
control filters.
The Company's UNIX-based firewall is currently using SCO version 2.1.3.
SCO is working on version 7.1.X of their operating system and the Company is
evaluating current changes in the technology to further its goal of
multi-platform compatibility.
PRODUCTS AND SERVICES
PRODUCTS
The Company's products are used to secure access to distributed
electronic data and to safeguard the integrity of electronic commerce
applications. The products offered by the Company include the CyberGuard(R)
Firewall and related third-party products offered by the Company with its
strategic partners. Additional information regarding each of these products is
presented below.
7
8
CYBERGUARD(R) FIREWALL. The CyberGuard(R) Firewall for UnixWare and the
CyberGuard(R) Firewall for NT include the following features and attributes:
o PACKET FILTERING. The CyberGuard(R) Firewall implements packet filtering
technology designed to allow the firewall to expressly permit or deny
connections using criteria based upon source and destination host, or
network and the type of network service being requested and the time of day
or day of week.
o SECURITY AUDITING AND ALARMS. The CyberGuard(R) Firewall incorporates
built-in auditing and alarm functions that are designed to permit
administrators to review a chronological record of system activities and
allow the reconstruction of security sensitive activities. The
CyberGuard(R) Firewall can be configured to dynamically process the
security auditing information and, in real-time, take explicit actions in
response to actions deemed security sensitive or possible attempts to
attack the network or firewall.
o APPLICATION PROXIES. The CyberGuard(R) Firewall supports a number of
security-enhanced application proxies for many network services, including
remote login ("rlogin"), terminal emulation ("Telnet"), file transfer
protocol ("FTP"), hypertext transport protocol ("HTTP") (used with the
Internet), secure sockets layer ("SSL") security, network news transport
protocol ("NNTP"), simple mail transport protocol ("SMTP"), X-Windows
("X"), load balancing, lightweight directory access protocol ("LDAP") and
server message block ("SMB").
o REMOTE ADMINISTRATION. The CyberGuard(R) Firewall supports the ability to
remotely monitor and administer a firewall from a "Network Operations
Center." Using this remote administration capability, a CyberGuard(R)
Firewall can be managed from a remote site as if the system administrator
were physically located with the firewall.
o CENTRAL MANAGEMENT. The CyberGuard(R) Firewall provides the ability to
centrally manage and monitor multiple remote CyberGuard(R) Firewalls (both
UnixWare and NT). Remote firewalls (targets) can be administered and
monitored individually or within groups. The manager (central commander)
can continue to be utilized as a firewall. The high-availability feature
allows central management functions to be migrated to an alternate manager.
CyberGuard's Central Management also has the added capability of providing
automatic fail-over in the case where the firewall acting as the Central
Manager, should fail. The "back-up" manager can be located anywhere in the
world remote from the master Central Manager.
o DYNAMIC NETWORK ADDRESS TRANSLATION. The CyberGuard(R) Firewall can be
configured to translate all internal addresses to the firewall's network
address. From the Internet, the firewall appears to be the only machine
connected, reducing the risk of possible penetration attacks against the
internal network.
o STATIC NETWORK ADDRESS TRANSLATION. The CyberGuard(R) Firewall supports the
ability to map internal private network addresses to public network
addresses. This allows machines with illegal or private network addresses
to be accessed via a public network address different from that of the
firewall.
o GRAPHICAL USER INTERFACE. The CyberGuard(R) Firewall provides a
Motif(TM)-based Graphical User Interface, or "GUI," designed to facilitate
system configuration and administration. A GUI is generally considered
easier to use than the traditional command-line interface.
o SPLIT DOMAIN NAME SERVICE. The CyberGuard(R) Firewall can function as a
Domain Name Service ("DNS") server. With Split DNS, the network responds to
queries differently depending on their source. For example, responses to
requests from the Internet might contain only the CyberGuard(R) Firewall
information; responses from internal requests might contain a complete list
of hosts.
8
9
o VIRTUAL PRIVATE NETWORKING. The CyberGuard(R) Firewall supports a variety
of VPN products from RedCreek Communications including their IPSec-based
product line. VPN products provide a mechanism for establishing a logically
separate network between multiple CyberGuard(R) Firewall systems. This
logical network supports fully encrypted communication among the machines
of the network. VPN also supports high-performance encrypted communication
between CyberGuard(R) Firewalls or remote/mobile users.
o HIGH AVAILABILITY CYBERGUARD(R) FIREWALL. The CyberGuard(R) Firewall for
UnixWare supports an optional High Availability configuration, which
combines two firewalls to operate as a single logical unit. If there is a
disruption in network connectivity or the primary firewall should fail, the
secondary firewall is designed to automatically take over to provide nearly
continuous network connectivity. All configuration changes are
automatically synchronized between High Availability firewall pairs. For
critical connections, such as electronic commerce sites, this High
Availability configuration minimizes the risk of lost network connectivity.
Originally introduced in October, 1994, the CyberGuard(R) Firewall was a
combined hardware/software solution which ran exclusively on the Concurrent
Night Hawk(R) UNIX platform. In October, 1996, the Company introduced the
Release 3 CyberGuard(R) Firewall, which is based on the SCO UnixWare operating
system. The Release 3 CyberGuard product is a "software only" solution that runs
on all industry-standard Intel(TM) Pentium-based platforms from leading
suppliers such as IBM, Hewlett Packard, Compaq and Data General. The newest
Release 4.1 CyberGuard(R) Firewall added new, or enhanced existing features,
such as centralized firewall management, high availability, IPSec VPN, advanced
reporting, load balancing, performance enhancements and embedded virus scanning.
THIRD-PARTY PRODUCTS AND SERVICES. Through strategic alliances, the
Company offers certain network security products for use with the CyberGuard(R)
Firewall. These products include:
o URL BLOCKING. Together with its CyberGuard(R) Firewall, the Company offers
a product that can be used to control Internet site accessibility. The URL
Blocker is a software product that monitors and controls access to
non-business-related web sites such as pornography, hate speech, on-line
shopping, job searching, sports and other sites that the firewall user
wishes to block.
o TOKEN AUTHENTICATION PRODUCTS. With the CyberGuard(R) Firewall, the Company
offers a number of third-party token authentication devices, including
those offered by the Company through alliances with Axent Technologies,
Security Dynamics and Enigma Logic, among others. Token authentication
devices provide an alternative to the use of static passwords for user
authentication, resulting in reduced likelihood of system penetration
through the reuse of an old password.
SECURE OPERATING SYSTEMS. The Company offers secure operating systems
based on the Intel Pentium. The heritage of the Company's secure operating
system capabilities is from the Company's CX/SX operating system. CX/SX is a
multi-threaded, fully preemptive operating system for high performance, secure
UNIX-based applications. The Company's CX/SX operating system has received
rigorous evaluation from the NCSC in the United States and CELAR in France. The
NCSC performed an evaluation of the Company's CX/SX operating system and
subsequently granted it a B1 security rating. This heritage has been passed down
to the Company's re-engineering of the SCO UnixWare operating system and to the
efforts the Company has placed into its SecureGuard product for Windows NT.
SECURE NETWORKING SOFTWARE. In a manner similar to the Company's legacy
with secure operating systems, the Company had developed the LAN/SX product as a
secure network software product that provided a multi-level secure interface
between CX/SX and a heterogeneous networking environment. The NCSC had
previously performed an evaluation of the Company's LAN/SX network software and
subsequently granted it a B1 rating.
9
10
SERVICES
SYSTEM INTEGRATION SERVICES. The Company offers a number of systems
integration services, both directly and through strategic alliances, with the
purpose of offering customers network security expertise for their particular
networking environment. In addition, the Company markets several specific types
of pre-packaged consulting services relating to, among others, penetration
testing; Internet gateway security and technical evaluation; system security;
corporate data security policies and management control; network security policy
and management control; Internet security policy and management controls;
network security analysis; and information security training.
PRODUCT DEVELOPMENT
The following table shows the significant products and product
enhancements that the Company introduced during the last quarter of calendar
year 1998 and during calendar year 1999.
PRODUCT INTRODUCTION DESCRIPTION
------- ------------ -----------
(Calendar Quarters)
Integrated hardware-based IPSec Q4 1998 Provides secure communications from firewall-
encryption to-firewall and remote user-to-firewall utilizing
industry standard encryption protocols
ITSEC E3 Evaluated Firewalls Q1 1999 ITSEC Evaluation of Windows NT and
UnixWare firewalls
Role-Based Management Q4 1998 Allows the definition of administrative roles to
allow for separation of duties
Synchronized High Availability Q4 1998 Automatic firewall fail-over with active network
health monitoring and firewall policy
synchronization
Fail-Safe Central Management Q4 1998 Provides backup central manager functionality
Advanced NT-based Internet Firewall Q2 1999 Microsoft NT-based firewall with Internet
features similar to the UNIX-based firewall
Checkmark Certification Q3 1999 Obtained Checkmark certification for NT and Unix
firewalls
PKI aware firewall 1999 Provide integrated public key infrastructure support
Browser-based administration 1999 Firewall administration via Netscape/Microsoft
Explorer-based browsers
10
11
The expected dates of introduction in the above table are
forward-looking statements and are based on certain assumptions, including
certain assumed levels of staffing and capital resources, contractual
arrangements with suppliers, customers or strategic allies, market conditions,
overall product development costs and related sales and marketing expenses, the
nature of available competing and complementary technologies and products, and
other assumptions. Should these assumptions change or prove to be inaccurate, or
should the Company's plans change due to certain unforeseen factors, the
development of such products may be delayed or discontinued. See Item 7,
"Management's Discussion and Analysis" for a more complete discussion regarding
forward-looking statements.
Development of new products and features is performed by the Company's
internal engineering staff and through third-party licensing. The Company has
approximately 35 full-time and contract employees devoted to product
development. The Company supplements the development staff from time-to-time
with contract engineers as needed to meet product demands in the market.
For the fiscal years ended June 30, 1999, June 30, 1998 and June 30,
1997, the Company spent $3.7 million and $5.8 million and $4.7 million,
respectively, on research and development, an equivalent of 27%, 37%, and 33% of
total sales during such periods, respectively.
JOINT PRODUCT DEVELOPMENT AND STRATEGIC ALLIANCES
In December 1996, CyberGuard and the Santa Cruz Operation, Inc.
("SCO"), the world's largest supplier of UNIX server and host applications,
announced a strategic joint marketing agreement that allows the two companies to
market the CyberGuard(R) Firewall to SCO's premier resellers and major accounts
worldwide. SCO's premier resellers consist of over 100 top resellers who
specialize in UNIX application software integration and training. Since January
1997, the Company has signed several of the SCO premier resellers who actively
market and/or recommend the products of both CyberGuard and SCO.
In 1998, the Company entered into an agreement with RedCreek
Communications to integrate and market a family of hardware network security
products for VPN applications on the Internet. VPNs offer a secure,
cost-effective alternative to private leased communication lines. These products
are available for both Unix and NT firewalls.
To complement CyberGuard(R) Firewall product sales, the Company offers
consulting and security products through a series of strategic alliances with
prominent organizations. The Company has formed alliances with several
consulting partners worldwide. Consulting services include network and on-site
analysis services, network penetration testing, security policy and management
control, migration planning and security training.
The Company has alliances for the purpose of reselling the Company's
products with several strategic partners, including Data General. The Company
has additional strategic resellers outside the United States, which include
Nissin Electric Co., Ltd. and Hucom, Inc. (Japan), Pan Dacom (Germany) and
Baltimore (United Kingdom).
The Company has also entered into product-related strategic alliances
with Axent Technologies Inc., Security Dynamics Technologies, Inc., PC Security
Ltd., and Aladdin Knowledge Systems to offer a variety of value-added products
to its CyberGuard(R) Firewall family of products.
11
12
The Company is actively seeking additional strategic alliances for
product development and sales and marketing purposes. The Company is seeking
such alliances to continue efforts to develop additional products or
enhancements to its existing product offerings, particularly those relating to
encryption, token authentication, VPNs, intrusion detection and virus detection.
The Company is also actively pursuing sales and marketing alliances,
particularly with value added resellers and distributors, in order to expand the
geographic distribution of the Company's products. There can be no assurance
that the Company will be able to create new alliances, or that if formed, that
such alliances will be successful.
CUSTOMERS AND MARKETS
End-users of CyberGuard products include commercial businesses,
government agencies, public-utility consortiums, and educational institutions.
In many cases, CyberGuard supplies its product to authorized resellers,
distributors, business partners, or system integrators who ultimately sell to
and support the end-users. The Company in turn supports these reseller channels
which are marketed by the Company's direct sales force. The Company's current
and prospective commercial customers include medium to large domestic and
multinational companies, that routinely create and store proprietary and/or
highly sensitive information which is accessible via corporate networks
including intranets and extranets (wide area networks). These customers are
likely to consider network security and network throughput performance as
decisive factors in their procurement decisions. Target markets for the
Company's products include financial institutions, financial news services,
insurance companies, health care institutions, telecommunications companies and
companies who market electronic commerce applications to businesses and
consumers.
For the year ended June 30, 1999, sales to a major financial
institution accounted for approximately 34% of the total revenues of the
Company, one international telecommunications company accounted for 10% of
revenue and one international distributor accounted for 8% of revenue. No other
single customer accounted for more than 10% of sales for the 1999 fiscal year.
SALES, MARKETING, AND DISTRIBUTION
The Company has established a range of channels by which to market its
products in the United States and internationally, including Value Added
Resellers ("VARs"), distributors and manufacturers' representatives, strategic
alliance partners, as well as direct sales representatives. Key resellers and
distributors include: Harris Genicom, Hucom Inc., Pan Dacom, Datacraft Asia,
Baltimore Zergo and Nissin Electric Co. Ltd. (a member of Japan's Sumitomo
Group). During the year ended June 30, 1999, the indirect marketing channels for
the Company's products accounted for 27% of the Company's sales. See also
"Strategic Alliances" above.
The Company employs 18 sales representatives and maintains sales
offices in Chicago, Illinois; Dayton and Fairlawn, Ohio; Fort Lauderdale,
Florida; Dallas Texas; Los Angeles and Palo Alto, California; New York, New
York; Columbia, Maryland; United Kingdom and France. The sales force focuses its
sales and marketing efforts towards customers and VARs in selected vertical
markets such as financial services, healthcare, insurance, telecommunications
and electronic commerce application providers. The Company's sales staff also
solicits prospective customers and provides technical advice and support with
respect to the Company's products.
12
13
In support of its sales efforts, the Company markets its products
through direct mail, advertising, seminars, trade shows, telemarketing, and
on-going customer and third-party communications programs. The Company has
entered into strategic marketing relationships with various vendors of
communications, security and network management products and consulting
services. Certain of these vendors recommend the Company's products along with
their own solutions to meet a customer's security needs. The Company also seeks
to generate interest in, and to educate potential customers about, computer and
network security through its speaking engagements, contributed articles,
interviews and documentaries.
The Company focuses its direct and indirect marketing efforts on
commercial businesses that the Company perceives as having a need for network
security due to the sensitive nature of data they collect or the devastating
potential impact of computer "hacking." The Company addresses these markets with
its direct sales force and through indirect channels such as VARs and systems
integrators who already serve such markets. The Company also believes its
products are particularly well suited to Internet service providers ("ISP"),
electronic commerce service providers ("ESPs") and Internet-based retailers of
subscription products and services.
COMPETITION
The market for network security products is intensely competitive and
characterized by frequent technological change. The Company believes that
competition in this market is likely to persist and to intensify if demand for
network security products continues to increase.
In the market segments requiring the highest levels of network
security, the Company competes with Secure Computing Corporation, which also
offers a firewall with a security-enhanced operating system. The Company also
competes with manufacturers of proxy application firewalls and hybrid systems,
such as Check Point Software Technologies Ltd., Cisco Systems, Inc., Axent
Technologies, Inc., Network Associates, and IBM. Most of these companies enjoy
higher sales volumes than the Company due to their sales of lower-end firewalls
and other (non-firewall) products and applications.
These companies' products may be considered to be alternatives to the
Company. In addition, companies such as Compaq (Digital Equipment Corporation)
and Sun Microsystems, Inc. sell products with similar features and functions
that could be considered competitors of the Company. In addition, certain
companies, such as Microsoft and Lucent Technologies, Inc., have now begun to
offer network-related security products that could eventually compete with the
Company's firewall products.
Many of the Company's current and potential competitors have greater
name recognition, larger installed customer bases and significantly greater
financial, technical and marketing resources than the Company. There can be no
assurance that the Company can maintain its competitive position against current
and potential competitors, especially those with significantly greater
financial, marketing, service, support, technical and other competitive
resources. Failure to keep pace with rapid technology and changes could result
in the Company's products becoming less valuable or obsolete. Certain of the
Company's competitors may determine, for strategic reasons, to consolidate,
substantially lower the price of their network security products or bundle their
products with other products, such as hardware products or other enterprise
software products. The trend toward enterprise-wide network management and
security solutions may result in a consolidation of the network management and
security market around a smaller number of vendors who are able to provide the
necessary software and support capabilities. In addition, current and potential
competitors have established or may establish financial or strategic
relationships among themselves, with existing or potential customers, resellers
or other third parties.
13
14
The Company believes that the principal competitive factors affecting
the market for computer and network security products include the product's
level of security, performance and reliability (particularly maximum levels of
throughput), technical features including interoperability and functionality,
ease of use, capabilities, customer service and support, integration of
products, manageability of products, brand name recognition, company reputation,
distribution channels and price. Based upon its understanding of the features of
the products and services offered by the Company's competitors, the Company
believes that its products currently compete favorably with respect to such
factors. Based upon its experience and understanding of the existing network
security market, the Company believes that potential purchasers of the Company's
security products who do not differentiate between the level of security
provided by competing security products are as likely to base their purchasing
decisions on price, ease of use, or other considerations as they are to base
such decisions on the level of security provided. In circumstances where a
potential purchaser's primary concern is the level of security provided by
products being considered, the Company, based upon its understanding of the
features in products and of the services offered by the Company's competitors,
believes that its products compete favorably.
Additionally, the Company believes a key competitive factor in the
foreign network security market, and certain domestic vertical markets, is a
computer system's security rating by intelligence and other government agencies
such as the NCSC and ITSEC. The CyberGuard(R) Firewall is built on an integrated
secure operating system and secure networking software components that are
certifiable to the B1 level by the NCSC and are rated E3 by ITSEC Certification
testing in the United Kingdom and Australia. The Company's secure operating
system has also successfully completed evaluation by CELAR, the ISCA, CheckMark
and NSS organizations. Certain of the Company's competitors have either recently
received an ITSEC Certification or have submitted their products for review
against the ITSEC E3 Requirements.
In addition, see Item 7, "Management's Discussion and Analysis -
Forward-Looking Statements," for further information regarding other factors
that could affect the Company's competitive position.
PATENTS AND PROPRIETARY TECHNOLOGY
The Company relies upon license agreements with customers; trademark,
copyright and trade secret laws; employee conflict of interest and third-party
non-disclosure agreements and other methods to protect the trade secrets,
proprietary know-how and other proprietary rights on which the Company's
business depends. There can be no assurance that these agreements will not be
breached, that the Company will have adequate remedies for any breach, or that
the Company's trade secrets will not otherwise become known to or independently
developed by competitors. The Company has no pending patent applications to
cover any aspects of its technology. The Company has received trademark
registration in the United States, Canada and numerous other countries for its
"CyberGuard(R) Firewall" marks and its CyberGuard logo.
YEAR 2000 COMPLIANCE
The Year 2000 problem stems from the use of a two-digit date to represent the
year (e.g., 85 = 1985) in computer software and firmware. As a result, many
currently installed computer systems are not capable of distinguishing dates
beginning with the year 2000 from dates prior to the year 2000. As a result,
computer systems or applications used by many companies in a wide variety of
industries may experience operating difficulties unless the systems or
applications are modified to process adequately information related to the date
change. Significant uncertainty exists in the software and other industries
concerning the scope and magnitude of problems associated with the century
change. To the extent Year 2000 issues cause significant delays in or
cancellation of decisions to purchase products or product support, due to the
reallocation of resources to address Year 2000 issues or otherwise, the
Company's business could be materially adversely affected.
14
15
The Company recognizes the need to ensure its operations will not be adversely
impacted by Year 2000 issues. The Company has put into place a Year 2000 risk
management initiative. This initiative's scope covers both the Company's
information technology (IT) systems and non-IT systems and addresses all areas
of the Year 2000 issues as defined by the Information Technology Association of
America (ITAA).
Based on the ongoing assessment relative to the Company's current software
service offerings, the Company believes that the current versions of its
products are Year 2000 compliant. The Company has reviewed, and continues to
review, internal management information and other systems in order to identify
and to further modify those products, services or systems that may not be Year
2000 compliant. Based on the Company's assessment to date, the Company believes
that internal management information and other systems are either Year 2000
compliant or will not require substantial effort or cost to make them Year 2000
compliant.
The Company's Year 2000 initiative also addresses vendor relationships (both IT
and non-IT) and their readiness/preparedness relating to Year 2000 issues. IT
vendors include software providers, hardware providers, service providers,
off-the-shelf software publishers and IT consultants. Non-IT providers include
electric power suppliers, vendors of uninterruptable power supplies and
generators, telecommunications service and equipment providers, business
partners, facilities maintainers and other non-IT service contractors. In the
event that third parties cannot provide the Company with products, services or
systems that are Year 2000 compliant on a timely basis, the Company's business
could be materially adversely affected. To date, the Company has not discovered
nor does it anticipate any material Year 2000 issues with vendors and service
providers. Evaluation of vendor Year 2000 preparedness is an on-going process.
As the Company's Year 2000 evaluation does not evaluate its vendors' vendors nor
its vendors' customer base viability issues, the Company may be required to
develop contingency plans to address specific vendor/service provider concerns.
Many of the Company's customers maintain their Internet operations on servers,
which may be impacted by Year 2000 complications. The failure of the Company's
customers to ensure that their servers are Year 2000 compliant could have a
material adverse effect on the Company's customers, which in turn could have a
material adverse affect on the Company's business, if the Company's customers
are forced to cease or interrupt Internet operations or experience malfunctions
related to their equipment.
While the Company believes its Year 2000 initiative is appropriate given its
available resources, there can be no assurance that the Company will identify
and remedy all Year 2000 problems in a timely fashion, that any remedial efforts
in this regard will not involve significant time and expense, or that such
problems will not have a material adverse affect on the Company's business. The
Company has been addressing these matters on an ongoing basis for the past two
years and has incurred minimal cost to date, due to the dynamic nature of the
development process.
REGULATION
The Company is not currently subject to direct regulation by any
government agency other than regulations applicable to businesses generally and
U.S. Commerce Department licensing of export of cryptographic products. Export
controls on cryptographic products restrict the export of the Company's products
outside the U.S. In addition, certain of the Company's government products are
subject to U.S. government contracting regulations and to the International
Trade in Arms Regulation ("ITAR"), which restricts the exports of certain
products affecting national security. These regulations could restrict the
Company's ability to sell its products to foreign governments and businesses
identified from time to time by the U.S. Department of State. The combined
effect of these regulations is to create delays in the introduction of the
Company's products in international markets, and in some cases to prohibit them
altogether.
There are currently few laws or regulations directly applicable to
access to or commerce on the Internet. The Communications Reform Act, which
applies to, among other things, communications over the Internet, became
effective in 1996, and additional laws and regulations could be adopted with
respect to the Internet, covering issues such as user privacy, pricing and
characteristics and quality of products and services.
15
16
The Company believes that some regulations could be addressed by
application of the Company's Internet-related network security products and that
certain types of regulation would be beneficial to the Company. One such
regulation is the Health Insurance Portability and Accountability Act (HIPAA), a
federal regulation in effect since 1996. HIPAA provides strict guidelines for
privacy and security of patient medical records affecting the methods used by
healthcare and insurance providers to transfer data over networks such as the
Internet. However, the adoption of laws or regulations may decrease the growth
of the Internet, which could in turn decrease the demand for the Company's
products and increase the Company's cost of doing business or otherwise have an
adverse effect on the Company's business, operating results or financial
condition.
EMPLOYEES
On June 30, 1999, the Company employed 86 employees through its Fort
Lauderdale headquarters, and its field offices in the United States and abroad.
The Company also utilizes the services of approximately three contract engineers
on a temporary basis for software development or documentation. All employees
are bound by agreement containing confidentiality and conflict of interest
provisions.
CyberGuard's future success will depend in significant part on the
continued service of its key technical, sales and senior management personnel.
Competition for such personnel is intense and there can be no assurance that
CyberGuard can retain its key managerial, sales and technical employees, or that
it can attract, assimilate or retain other highly qualified technical, sales and
managerial personnel in the future. None of CyberGuard's employees is
represented by a labor union. CyberGuard has not experienced any work stoppages
and considers its relations with its employees to be good.
ITEM 2. PROPERTIES
The Company's principal administrative, sales and marketing,
development, engineering, production and support facilities are located in Fort
Lauderdale, Florida. In August 1997, the Company relocated its principal offices
to a new location in Fort Lauderdale, Florida and now occupies approximately
26,000 square feet of leased office space. The lease on the facility expires on
June 30, 2004, although the Company has the right to sublease the premises.
Additionally, the Company maintains two other offices which perform sales and
product development functions. The facility located in the United Kingdom also
functions as the administrative office for the Company's subsidiary, CyberGuard
Europe Ltd.
The Company leases its sales office locations in the United States and
abroad. CyberGuard believes that its existing facilities are adequate for its
current needs and additional space will be available at current market rates as
required in the future.
ITEM 3. LEGAL PROCEEDINGS AND OTHER MATTERS
On August 24, 1998, the Company announced, among other things, that due
to a review of its revenue recognition policies relating to distributors and
resellers, it would restate prior financial results. After the August 24, 1998
announcement, twenty-five purported class action lawsuits were filed by alleged
shareholders against the Company and certain current and former officers and
directors. Each of these lawsuits was filed in the United States District Court
for the Southern District of Florida. These actions seek damages purportedly on
behalf of all persons who purchased or otherwise acquired the Company's common
stock during various periods from October 7, 1997 through August 24, 1998. The
complaints allege, among other things, that as a result of accounting
irregularities relating to the Company's revenue recognition policies, the
Company's previously issued financial statements were materially false and
misleading and that the defendants knowingly or recklessly published these
16
17
financial statements which caused the Company's common stock prices to rise
artificially. The actions allege violations of Section 10(b) of the Securities
Exchange Act of 1934 (the "Exchange Act") and SEC Rule 10b-5 promulgated
thereunder and Section 20(a) of the Exchange Act. One action also alleges
violations of common law. Pursuant to an order issued by the Court, these
actions have been consolidated into one action, styled STEPHEN CHENEY, ET AL. V.
CYBERGUARD CORPORATION, ROBERT L. CARBERRY AND WILLIAM D. MURRAY, Case No.
98-6879-CIV-Gold, in the United States District Court, Southern District of
Florida. An amended consolidated complaint is expected within 45 days after the
filing of the Company's restated financial results.
On April 30, 1999, the Company sold substantially all of the assets of
its TradeWave division to Digital Signature Trust Company ("DST"). In June 1999,
CyberGuard filed a lawsuit against DST and Zions First National Bank, N.A. in
state court in Austin, Texas. The action was removed to United States District
Court, Western District of Texas, Case No. 99-CA-431-JN. The Company alleged
breach of contract, tortious interference and fraud. Also in June 1999, DST
filed a lawsuit against the Company in United States District Court, District of
Utah, Case No. 99CV 0417G, alleging fraud, negligent misrepresentation, unjust
enrichment, with unspecified damages, and rescission and reformation of
contract. Both actions are currently tolled due to ongoing negotiations towards
settlement between the Company and DST.
In August, 1998, the Securities and Exchange Commission (the "SEC")
began an informal investigation into certain accounting and financial reporting
practices of the Company and certain members of Company's management.
The Company is unable to predict the ultimate outcome of the litigation
and investigation described above in this Item 3. The resolution of such matters
could have a material adverse affect on the Company's results of operations and
financial position. The Company's financial statements do not include any
adjustments related to these matters.
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS
None.
17
18
PART II
ITEM 5. MARKET FOR REGISTRANT'S COMMON EQUITY AND RELATED STOCKHOLDER
MATTERS
The Company's Common Stock was traded on NASDAQ under the symbol "CYBG"
until October 2, 1998. From October 2, 1998 until January 13, 1999, the
Company's stock symbol was changed to "CYBGE" due to the Company being late in
filing its Form 10-K for its fiscal year ended June 30, 1998. On January 13,
1999, the Company was delisted from the NASDAQ Stock Market on which its
securities were traded, because the Company was delinquent in its filings under
the Exchange Act. From January 13, 1999, the Company's securities have been
traded by market makers through the "pink sheets" again under the symbol "CYBG."
Upon filing this report on Form 10-K and Forms 10-Q for the quarters
ended September 30, 1998, December 31, 1998 and March 31, 1999, the Company
believes that it will be current in its reporting responsibilities pursuant to
the Exchange Act. Once the Company is current in its Exchange Act reporting, the
Company will be eligible for trading on the OTC Bulletin Board; however, moving
from being traded on the "pink sheets" to the OTC Bulletin Board will require
that at least one NASD Broker/Dealer serve as a market maker for the Company's
securities. Although the Company is in the process of meeting with various
potential market makers, there can be no assurance that any NASD Broker/Dealer
will undertake to serve as market maker, in which case, the Company's securities
will continue to be traded through the "pink sheets." Therefore, at the present
time, the Company is unable to predict with certainty whether its securities
will be available for public trading on the OTC Bulletin Board.
There were approximately 4,368 holders of record of Common Stock as of
June 30, 1999. The table below sets forth, for the quarters indicated, the high
and low bid prices of the Company's Common Stock as reported by NASDAQ/NMS.
BID PRICES (1)
--------------
HIGH LOW
---- ---
FISCAL YEAR 1997
Quarter Ended September 30, 1996 $ 17 1/4 $ 8 1/2
Quarter Ended December 31, 1996 14 8
Quarter Ended March 31, 1997 11 3/4 9
Quarter Ended June 30, 1997 10 1/2 8 1/2
FISCAL YEAR 1998
Quarter Ended September 30, 1997 11 1/2 $ 8 7/16
Quarter Ended December 31, 1997 9 7/8 5 1/8
Quarter Ended March 31, 1998 12 3/4 4
Quarter Ended June 30, 1998 18 3/8 7 7/8
FISCAL YEAR 1999
Quarter Ended September 30, 1998 11 1 1/16
Quarter Ended December 31, 1998 3 3/8 1 1/16
Quarter Ended March 31, 1999 2 1/4 1 1/4
Quarter Ended June 30, 1999 1 3/8 5/8
The Company has never paid dividends on its Common Stock. The Company
intends to retain earnings, if any, to finance future operations and expansion
and, therefore, does not anticipate paying any cash dividends in the foreseeable
future. Any future payment of dividends will depend upon the financial
condition, capital requirements and earnings of the Company, as well as upon
other factors that the Board of Directors may deem relevant. The Company issued
on August 27, 1999, convertible debt securities in the approximate amount of
$4,300,000. For more information regarding this sale of the Company's
securities, see Item 7 of this report on Form 10-K.
18
19
ITEM 6. SELECTED FINANCIAL DATA
The following table sets forth, for the fiscal years ended June 30,
1999, June 30, 1998, June 30, 1997, June 30, 1996 and September 30, 1995,
selected historical consolidated financial data for the Company (which combined
the Company's Trusted Systems Division and the Real-time Business through June
30, 1996, and which, effective June 30, 1996 was sold to Concurrent Computer
Corporation ("Concurrent")). The financial data for the fiscal years ended June
30, 1999, June 30, 1998 and June 30, 1997 have been derived from the audited
financial statements of the Company as audited by PricewaterhouseCoopers LLP.
The financial data for the fiscal years ended June 30, 1996 and September 30,
1995 have been derived from unaudited financial statements of the Company. Such
data have been derived from, and should be read in conjunction with, the audited
financial statements and other financial information, including the notes
thereto, appearing elsewhere in this Annual Report.
TWELVE MONTHS ENDED
June 30, June 30,
June 30, June 30, 1997 1996 (B) September 30,
1999 1998 (restated) (i) (restated) 1995 (A)
-------- -------- -------------- -------------- -------------
Revenues $ 13,873 $ 15,552 $ 14,224 $ 46,118 $ 45,111
Cost of goods sold 5,313 7,076 7,244 26,177 25,764
-------- -------- -------- -------- --------
Gross profit 8,560 8,476 6,980 19,941 19,347
Research & development 3,664 5,767 4,723 7,293 7,903
Selling, general & administrative 14,724 18,869 15,133 4,304 22,984
Other operating expenses 20,983
-------- -------- -------- -------- --------
Operating loss (9,828) (16,160) (12,876) (12,639) (11,540)
Interest income (expense), net (186) 399 646 275 456
Interest income (expense) 79 11 (200) 331 (4)
Gain (loss) on sale of securities (128) (5,012)
available for sale
Gain (loss) on sale of business units 1,820 (2,386) (14,836)
-------- -------- -------- -------- --------
Net loss $ (8,115) $(18,264) $(17,442) $(26,869) $(11,088)
======== ======== ======== ======== ========
Loss per share $ (0.91) $ (2.17) $ (2.46) $ (4.44) $ (1.88)
======== ======== ======== ======== ========
(i) See Note 2 to the Company's Consolidated Financial Statements (Item 8
of this report on Form 10-K) and the Quarterly Restatement schedule
below in this Item 6.
(A) During fiscal year 1995, the Company changed its fiscal year end from
June 30 to September 30.
(B) Coinciding with the sale of the Real-time Business to Concurrent on
June 30, 1996, the Company elected to change its fiscal year end from
September 30 to June 30. The Company's audited financial statements
included in Item 8 are as of and for the years ended June 30, 1999,
1998 and 1997. To facilitate comparability between periods, management
has prepared the preceding table by annualizing the nine months ended
June 30, 1996. Such annualization was accomplished by adding the
results of operations for the three months ended September 30, 1995 to
the nine months ended June 30, 1996.
19
20
QUARTERLY RESTATEMENT
Previously, CyberGuard Corporation had announced that due to a review
of its revenue recognition policy relating to distributors and resellers it
would restate results for the first three quarters of its fiscal year ended June
30, 1998. Subsequently, the Company determined that it would also restate its
results from fiscal year 1997. These restatements are presented below.
Previously the Company had reported revenues for fiscal year 1997 of $15,621 and
a net loss of $12,490 or a loss per share of $1.76. For the first three-quarters
of fiscal 1998, the Company had previously reported revenue of $15,069 and a net
loss of $5,951 or $0.75 per share
The restatements arise from errors in applying the Company's revenue
recognition policy and resulted in the following adjustments to correct revenues
previously reported in fiscal years 1998 and 1997. In addition, the restatement
of expenses was primarily due to the restatement of the write-off of capitalized
software in fiscal year end 1996 and its amortization in fiscal years 1997 and
1998, and the timing of recognition of expense amounts.
1997 FISCAL YEAR 1998 FISCAL YEAR
-----------------------------------------------------------------------------------------------
QTR 1 QTR 2 QTR 3 QTR 4 QTR 1 QTR 2 QTR 3
9/30/96 12/31/96 3/31/97 6/30/97 9/30/97 12/31/97 3/31/98
----------- ----------- ----------- ----------- ----------- ----------- -----------
Revenues, as previously
reported $ 3,067 $ 3,047 $ 4,105 $ 5,402 $ 5,063 $ 4,854 $ 5,152
Restatements (457) (389) (52) (499) (890) (669) (636)
-----------------------------------------------------------------------------------------------
Revenues, restated 2,610 2,658 4,053 4,903 4,173 4,185 4,516
===============================================================================================
Cost of revenues, as previously
reported 1,874 1,508 1,870 1,988 1,796 1,828 1,778
Restatements 4 (25) (5) (30)
-----------------------------------------------------------------------------------------------
Costs of revenues, restated 1,874 1,508 1,870 1,992 1,771 1,823 1,748
===============================================================================================
Gross profit, as previously
reported 1,193 1,539 2,235 3,414 3,267 3,026 3,374
Restatements (457) (389) (52) (503) (865) (664) (606)
-----------------------------------------------------------------------------------------------
Gross profit, restated 736 1,150 2,183 2,911 2,402 2,362 2,768
===============================================================================================
Development, Selling, General and
Administrative, as reported 3,400 3,563 3,875 5,557 5,421 5,817 5,047
Restatements 817 942 816 898 389 560 500
-----------------------------------------------------------------------------------------------
Development, Selling, General and
Administrative, restated 4,217 4,505 4,691 6,455 5,810 6,377 5,547
===============================================================================================
Other income(expense), as reported (6,055) 1,207 748 (376) 452 187 29
Restatements -- (238) (18) 178 (188) (59) --
-----------------------------------------------------------------------------------------------
Other income(expense), restated (6,055) 969 730 (198) 264 128 29
===============================================================================================
Net loss, as previously reported $ (8,262) $ (817) $ (892) $ (2,519) $ (1,702) $ (2,604) $ (1,644)
Restatements (1,274) (1,569) (886) (1,223) (1,442) (1,283) (1,106)
-----------------------------------------------------------------------------------------------
Net loss, restated (9,536) (2,386) (1,778) (3,742) (3,144) (3,887) (2,750)
===============================================================================================
Loss per share, as previously
reported $ (1.20) $ (0.12) $ (0.12) $ (0.32) $ (0.22) $ (0.32) $ (0.19)
Restatements (0.19) (0.22) (0.12) (0.17) (0.19) (0.16) (0.13)
-----------------------------------------------------------------------------------------------
Loss per share, restated $ (1.39) $ (0.34) $ (0.24) $ (0.49) $ (0.41) $ (0.48) $ (0.32)
===============================================================================================
Weighted Average Shares
Outstanding 6,859,146 7,086,692 7,375,293 7,100,014 7,688,529 8,111,851 8,504,575
===============================================================================================
20
21
ITEM 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND
RESULTS OF OPERATIONS
The following information should be read in conjunction with the
Consolidated Financial Statements and the related Notes to Consolidated
Financial Statement. Except for historical information contained herein, the
matters discussed herein are forward-looking statements made pursuant to the
safe harbor provisions of the Securities Litigation Reform Act of 1995. A more
complete statement regarding forward-looking statements is set forth at the end
of this Item 7.
OVERVIEW
The Company is a leading developer and provider of commercial Internet
and Intranet network security solutions to Fortune 1000 companies, major
financial institutions and government agencies worldwide. Through a combination
of the Company's proprietary technology and licensed technology, the
CyberGuard(R) Firewall and related security products comprise a software suite
of products designed to protect the integrity of electronic and computer data
and customer applications from unauthorized individuals and digital thieves.
During August 1998, the Company suspended its Chief Executive Officer
(who was also Chairman of the Board of Directors) and its Chief Financial
Officer. These two officers subsequently resigned. At the same time, the four
non-employee members of the Company's Board of Directors determined that they
should form a Special Committee and take control of the management of the
Company. Initially, Mr. C. Shelton James served as Chairman and acting Chief
Executive Officer and guided the Company through various significant changes,
until March 1999. The Board appointed Mr. David R. Proctor as the Company's
Chief Executive Officer, President and Chairman of the Board of Directors. Mr.
Proctor has previously served as President and Chief Operating Officer of
Platinum Software Corporation, as President and Chief Operating Officer of
Ashton-Tate Corporation, and as Vice President of the Personal Software Products
Division of IBM. During September 1998, the Company also hired Mr. Terrence A.
Zielinski as Vice President Finance. Mr. Zielinski was subsequently appointed as
Chief Financial Officer. Mr. Zielinski is a CPA with 28 years experience in
working with public companies, including serving as an audit manager and
director of personnel at Coopers & Lybrand and as chief financial officer of
several public companies. His credentials include certification as a fraud
auditor. See Item 1, "Business - Significant Events" for further information
regarding the Company's recent management changes.
On June 23, 1998, the Company completed the acquisition of Arca
Systems, Inc. ("Arca"), a privately held information professional services firm,
for 590,429 shares of the Company's common stock. On October 5, 1998, the
Company sold all the assets of Arca. As a result, the transaction is presented
as an investment in Arca and accounted for on the cost basis at June 30, 1998,
because of the temporary control that the Company had over this wholly owned
subsidiary.
On September 14, 1998, the Company announced the sale of its Galaxy
Internet search engine for approximately $2,000,000. The disposition resulted in
a gain of approximately $1,820,000, which was recognized in the first quarter of
fiscal 1999. There are no significant revenues or costs associated with Galaxy
in the Company's consolidated statements of operations for any of the periods
presented.
21
22
On April 30, 1999, the Company sold substantially all of the assets of
its TradeWave division to Digital Signature Trust Company for $810,000, subject
to an escrow agreement.
In May 1995, the Company separated its business operations into two
units: the real-time computer business ("Real-time Business") and the Trusted
Systems Division, which developed network security products. Effective June 30,
1996, the Company sold to Concurrent the assets of the Real-time Business (the
"Real-time Sale"). Since the completion of this transaction, the Company has
been focused solely on the business of developing and providing security
solutions. (Unless otherwise indicated, references in this Form 10-K to the
"Company" with respect to periods before the Real-time Sale are to the Company's
Trusted Systems Division.) The Real-time Business provided significant cash flow
and certain economies of scale with respect to sales and general and
administrative costs. Many of the Company's sales and administrative personnel
and facilities were transferred to Concurrent in connection with the Real-time
Sale. As a result, the Company incurred significant costs during fiscal year
1997, to establish the administrative, logistical and support groups necessary
to continue to operate the Company without the Real-time Business.
RESULTS OF OPERATIONS
FISCAL YEAR ENDED JUNE 30, 1999 COMPARED TO THE FISCAL YEAR ENDED JUNE 30, 1998
NET REVENUES. Net Revenues for the year ended June 30, 1999 were $13.9
million compared to $15.6 million for the year ended June 30, 1998. This
represents a decrease of $1.7 million or 12%. The decrease in net revenues from
network security products for 1999 is principally the result of decreased sales
to distributors and reseller channels.
International sales accounted for $3.0 million or 22% of the total
revenue in 1999 as compared to $4.1 million or 26% of the total revenue in 1998,
a decrease of $1.2 million or 29%. North American sales have also decreased from
$11.4 million in 1998 to $10.9 million in 1999, a difference of $0.5 million or
4%.
CyberGuard provides its customer base with a service offering that
includes the installation of its firewall, customer support including hotline
assistance, and product training and consulting. For the fiscal year ended June
30, 1999, the Company reported service revenue for its security products of $2.5
million, an increase of $0.5 million or 25% compared to revenues of $2.0 million
for the year ended June 30, 1998. As a percentage of total security revenues,
service revenues accounted for 18% in 1999 as compared to 13% in 1998. The
increase in net revenues from services is attributable to a growing base of
customers under maintenance agreements and additional consulting and training
service revenues.
GROSS PROFIT. CyberGuard's cost of sales includes license fees to third
parties, media, packaging costs, equipment costs, and certain pre-sales,
post-sales and contract labor support costs. The Company's overall gross profit
increased by $0.1 million or 1% from $8.5 million for the year ended June 30,
1998 to $8.6 million for the year ended June 30, 1999.
Gross profit for network security products was $7.8 million or 68% in
1999 as compared to $8.1 million or 59% in 1998. The Company's gross profit
margin has remained steady over the past two fiscal years.
Gross profit for security-related services, as measured in dollars as a
percentage of service revenues, was $0.8 million or 31% for 1999 compared to
$0.4 million or 21% in 1998, a increase of $0.4 million. The increase in
service-related gross profit margin is the result of a greater number of
customers under firewall maintenance support contracts.
22
23
OPERATING EXPENSES. The primary operating expenses of the company
consists of research and development, sales, and general and administration
costs. Research and development costs consist primarily of personnel costs
including salaries, benefits, payments to third-party or contract labor
development firms, travel, training and other personnel expenses to determine
the technical feasibility of products, develop the necessary product
features/functions for marketability, and maintain the product after customer
installation. The Company capitalizes costs related to the development of
certain software products when technological feasibility has been established
and ends when the product is available for general release to customers.
Software development costs incurred prior to technological feasibility defined
by completion of a working model are considered research and development costs
and are expensed as incurred. Sales, general and administrative costs, consist
principally of personnel costs including commissions, bonuses, travel,
communication, MIS-related costs, marketing-related costs (such as advertising,
trade shows, seminars), finance and accounting expenses, legal, insurance,
general management and professional services.
For the year ended June 30, 1999, the Company reported total operating
expenses of $18.4 million compared to $24.6 million for the year ended June 30,
1998. The decrease of $6.2 million is attributable to a $2.1 million decrease in
research and development costs and a $4.1 million decrease in selling, general
and administrative costs. The decreased R&D expenses are attributed to the
introduction of the Company's NT-based firewall, new release version 4.0 UNIX
based firewall, and the ITSEC certification for E-3 in 1998. The decrease in
selling, general and administrative costs is the result of several factors.
Marketing costs decreased by approximately $2.7 million. These decreased
marketing costs are directly related to personnel changes, lower advertising and
promotion of the Company in trade shows and events. The additional decrease from
1998 is attributable to general and administrative expenses.
NET LOSS. For the year ended June 30, 1999, the Company incurred a net
loss of $8.6 million compared to a net loss of $18.3 million for the year ended
June 30, 1998. The net loss for fiscal year ended June 30, 1999 included a gain
from the sale of the Galaxy search engine of $1.8 million as compared to fiscal
year 1998 that included a charge of $2.4 million on the disposition of Arca.
FISCAL YEAR ENDED JUNE 30, 1998 COMPARED TO THE FISCAL YEAR ENDED JUNE 30, 1997
NET REVENUES. For the 12 months ended June 30, 1998 net revenues were
derived principally from the sale of the Company's firewall systems, and other
network security products, and service and support related to security products.
Net revenues for the year ended June 30, 1998 were $15.5 million compared to
$14.2 million for the year ended June 30, 1997. This represents an increase of
$1.3 million or 9%. The increase in net revenues from network security products
for 1998 is principally the result of increased sales to distributors and
reseller channels.
For the fiscal year ended June 30, 1998 the Company reported service
revenue for its security products of $2.0 million, an increase of $0.9 million
or 83% compared to revenues of $1.1 million for the year ending June 30, 1997.
As a percentage of total security revenues, service revenues accounted for 13%
in 1998 as compared to 8% in 1997. The increase in net revenues from services is
attributable to a larger base of customers under maintenance agreements in 1998.
The Company's overall gross profit increased by $1.5 million from $7.0
million for the year ended June 30, 1997 to $8.5 million for the year ended June
30, 1998. The increase is principally attributable to increased sales and
increased margins on product sales.
Gross profit for network security products was $8.1 million or 59% in
1998 as compared to $6.5 million in 1997 or 49%. The increase in the gross
profit percentage is largely due to product mix. As the Company moved
23
24
away from a bundled proprietary hardware/software solution and toward a software
only product with Intel based hardware, the profit margins increased.
Gross profit for security-related services, as measured in dollars and
as a percentage of service revenues, was $0.4 million and 21% for 1998 compared
to $0.5 million or 47% for 1997. The decrease in service related gross profit is
the result of a greater number of customers under firewall maintenance support
contracts.
OPERATING EXPENSES. For the year ended June 30, 1998 the Company
reported total operating expenses of $24.6 million compared to $19.9 million for
year ended June 30, 1997. The increase of $4.7 million is attributable to $1.0
million increase in research and development costs and $3.7 million in selling,
general administrative costs. The increased R&D expenses are attributed to the
introduction of the Company's NT-based firewall, new release version 4.0
UNIX-based firewall, and the ITSEC certification for E-3. The increase in
selling, general and administrative expense is the result of several factors.
These factors included marketing expenses to expand worldwide sales and promote
the Company's network security products; new marketing personnel, additional
advertising and promotion of the Company in tradeshows and events; professional
fees relating to the acquisition and disposition of a subsidiary and additional
accounting, auditing fees, and other legal expenses due to its revenue
restatement and Arca acquisition and disposition; and increased facilities
expenses reflecting the move into a new facility and expanding other offices
throughout the United States.
NET LOSS. For the year ended June 30, 1998 the Company incurred a net
loss of $18.3 million compared to a net loss of $17.4 million for year ended
June 30, 1997. The net loss for 1997 included a loss of $ 5.0 million on the
disposition of the common stock of Concurrent Computer Corporation. This stock
had been received in June 1996 in exchange for assets of the Real-time Business
of the Company. The net loss for fiscal year ended June 30, 1998 included a
non-recurring loss of $2.4 million due to the disposition of Arca.
24
25
LIQUIDITY AND CAPITAL RESOURCES
The Company has experienced losses since its inception as a network
security company. The Company's historical uses of cash have been to fund net
losses from operations, establish inventory stocking levels, and fund capital
expenditures for property, equipment and software. For the fiscal year ended
June 30, 1997, the Company incurred a net loss of approximately $17.4 million on
revenues of approximately $14.2 million. For the fiscal year ended June 30,
1998, the Company incurred a loss of approximately $18.3 million on revenues of
approximately
25
26
$15.6 million. For the fiscal year ended June 30, 1999, the Company incurred a
net loss of approximately $8.1 million on revenues of approximately $13.9
million. Capital expenditures for the fiscal year ended June 30, 1997, June 30,
1998, and June 30, 1999, were $0.5 million, $0.9 million, and $0.4 million
respectively.
Prior to the Real-time Sale, the Company funded its cash requirements
principally from its working capital and cashflows generated, primarily, by the
Real-time Business. Subsequent to the Real-time Sale which occurred in June
1996, and through the end of the 1998 fiscal year, the Company funded its
working capital needs through sales of securities that have been held for
resale, through sales of its own securities and from the proceeds of secured
financing with an institutional lender. During fiscal year 1997, the principal
source of funding for cash requirements came from the Company's sales of
Concurrent securities that the Company owned as a result of the Real-time Sale.
Sales of Concurrent securities during fiscal year 1997, generated approximately
$12.4 million in proceeds. During fiscal year 1998, the funding for the
Company's cash requirements came principally from the Company's sale of $7.5
million of Company common stock through a private offering. During December
1997, the Company entered into a $3.35 million asset based revolving line of
credit and a $650,000 Term Note Agreement with Coast Business Credit
(collectively, the "Credit Facility"). The Credit Facility is collaterized by
all the tangible assets and intellectual property of the Company. The Term Note
is secured by a $650,000 cash compensating balance account equal to the amount
of the Term Loan. At June 1999, the Company had borrowings of $1.4 million under
the revolving asset based line of credit. The Company is currently in technical
default under the Credit Facility. As a result, interest is being charged at the
default rate of prime plus 5%, and the obligations under the Credit Facility are
classified as a current liability. Although Coast Business Credit has not
activated the acceleration provisions of the Credit Facility, there can be no
assurances that they will not accelerate or that they will continue to make
advances under the Credit Facility. Even if Coast Business Credit were to
accelerate the Company's obligations to report the Credit Facility, the Company
believes that such an event would not be materially adverse to the Company as
other sources of funding are available. For more information regarding the
Credit Facility, see Note 11 to the Company's financial statements included in
Item 8 of this report on Form 10-K. At June 30, 1999, the Company had cash and
cash equivalents of $2.62 million.
Subsequent to the end of the 1998 fiscal year, the Company has
continued to experience losses from operations. These net losses have been
funded through sales of assets and a convertible note financing. The sales of
assets have included the sale of the Company's Galaxy Internet search engine
(sold during the first quarter of the Company's 1999 fiscal year for
approximately $2 million in cash), and the sale of substantially all the assets
of the Company's Arca Systems, Inc. subsidiary, (sold during the second quarter
of fiscal year 1999 for approximately $3.4 million in cash). The Arca subsidiary
was expected to provide approximately $1.7 million in revenues on a quarterly
basis for the Company. The Galaxy search engine revenues were not significant.
On December 17, 1998, the Company executed an agreement to issue
$1,125,000 of Convertible Debt ("Debt"). The Debt bears interest at prime plus
200 basis points and is payable quarterly. The Debt is convertible into 750,000
shares of common stock at a conversion price equal to $1.50 per share. The Debt
is convertible, at the debt holders' option, after February 1, 2000. In
addition, the Company issued the debt holders warrants to purchase 500,000
shares of the Company's common stock at $2.00 per share. The warrants are
exercisable at any time before June 2001. The terms of the Debt and warrant
agreement, which permit the conversion of the Debt and warrants to common stock
at a discount to market, is considered a beneficial conversion feature. The
beneficial Conversion Feature at the date of issuance of the Debt will be
recognized as interest expense over the shortest possible conversion period. The
convertible debt is secured by a second lien on the Company's assets and
properties and is subordinated to the Company's senior debt. The Company
increased this convertible debt to approximately $4,300,000 including repaying
the initial debt transaction. It closed the transaction on August 27, 1999. This
increased amount is principally with the same debt holders as the December 17,
1998, transaction. The interest rate will be amended to 11.5% per annum. The
conversion rate will be amended to be convertible into approximately 4,300,000
shares of common stock at a conversion price equal to $1.00 per share. In
addition, the initial warrants from the December 17, 1998, transaction will be
cancelled. The amended transaction will have the Company issue approximately
4,300,000 warrants to purchase the Company's common stock at $2.00 per share.
See also Note 11 to the Company's Consolidated Financial Statements, Item 8 of
this report on Form 10-K.
Working capital decreased by $5.3 million from $1.6 million at June 30,
1998 to ($3.6) million at June 30, 1999. The Company did not make significant
capital expenditures during fiscal year 1999, other than replacements of
computer equipment in the ordinary course. Based upon information currently
available to the Company, including the Company's current level of sales, its
margins on sales, its expected levels of expense, opportunities
26
27
for selling additional network security products and the availability of
additional equity and debt financing, the Company believes that it has an
opportunity to execute on its business plans and achieve profitability. There
can be no assurance, however, that the Company will be able to execute on its
business plans, or that it will not be required to obtain additional financing
or capital infusions. There can be no assurance that the Company will be able to
secure additional financing or that such additional financing will be on terms
and conditions acceptable to the Company. Any additional financing may involve
dilution of the interests of the Company's then existing shareholders. The
future liquidity of the Company will be affected by numerous factors, including
sales volumes, gross margins, the levels of selling, general and administrative
expenses, levels of required capital expenditures and access to external sources
of financing. Management believes that upon execution of its business plan,
which includes tactics to achieve operating efficiencies, use of availability
under its current line of credit, and the issuance of convertible debt, it will
enable it to continue as a going concern. Other recent and possible future
events that could also materially impact the Company's ability to successfully
execute on its business plans are described in this Item 7 under the heading
"Forward-looking Statements."
NEW ACCOUNTING PRONOUNCEMENTS
In October 1997, the Accounting Standards Executive Committee of the
American Institute of Certified Public Accountants issued Statement of Position
97-2 "Software Revenue Recognition" ("SOP 97-2"). This statement provides
guidance on applying generally accepted accounting principles in recognizing
revenues on software transactions. SOP 97-2 supercedes Statement of Position
91-1 "Software Revenue Recognition". SOP 97-2 is effective for transactions
entered into in fiscal years beginning after December 15, 1997. Earlier
application is encouraged as of the beginning of the fiscal year or interim
period for which financial statements or information have not been issued.
Retroactive application of the provisions of this statement is prohibited. The
Company believes that the adoption of this statement did not have a material
impact on its revenue recognition.
In June 1997, the Financial Accounting Standards Board ("FASB") issued
SFAS No. 130, "Reporting Comprehensive Income" ("SFAS No. 130"). SFAS No. 130 is
effective for fiscal years beginning after December 15, 1997 and establishes
standards for reporting and display of comprehensive income and its components
in a full set of general-purpose financial statements. SFAS No. 130 requires all
items to be reported in a separate financial statement. The Company believes
that adoption of SFAS No.130 did not have a significant impact on its financial
reporting.
In June 1997, FASB issued SFAS No. 131, "Disclosures about Segments of
an Enterprise and Related Information" (SFAS No. 131). SFAS No. 131 is effective
for financial statements for periods beginning after December 15, 1997. SFAS No.
131 establishes standards for the way the public business enterprises report
selected information about operating segments in interim financial reports
issued to shareholders. The Company believes that adoption of SFAS No.131 did
not have a significant impact on its financial reporting.
FORWARD-LOOKING STATEMENTS
Statements regarding future products, future prospects, future
profitability, business plans and strategies, future revenues and revenue
sources, future liquidity and capital resources, computer network security
market directions, future acceptance of the Company's products, possible growth
in markets, as well as all other statements contained in this Report on Form
10-K that are not purely historical are forward-looking statements.
27
28
These statements are based upon assumptions and analyses made by the
Company in light of current conditions, future developments and other factors
the Company believes are appropriate in the circumstances, or information
obtained from third parties and are subject to a number of assumptions, risks
and uncertainties. Readers are cautioned that forward-looking statements are not
guarantees of future performance and that the actual results might differ
materially from those suggested or projected in the forward-looking statements.
Accordingly, there can be no assurance that the forward-looking statements will
occur, or that results will not vary significantly from those described in the
forward-looking statements. Some of the factors that might cause future actual
events to differ from those predicted or assumed include: future advances in
technologies and computer security; the Company's history of significant annual
operating losses and the financing of these losses through the sale of assets
and newly issued Company securities; risks related to the early stage of the
Company's existence and its products' development; the Company's history of
losses; the Company's ability to execute on its business plans; the Company's
dependence on outside parties such as its key customers and alliance partners;
competition from major computer hardware, software, and networking companies;
risks relating to the year 2000 problem; risk and expense of government
regulation and effects on changes in regulation; the limited experience of the
Company in marketing its products; uncertainties associated with product
performance liability; risks associated with growth and expansion; risks
associated with obtaining patent and intellectual property right protection;
uncertainties in availability of expansion capital in the future and other risks
associated with capital markets. In addition, certain recent events that have
occurred also are factors that might cause future actual events to differ from
those predicted or assumed, including: the resignation of KPMG Peat Marwick LLP
as the Company's independent accountant and the subsequent engagement of
PricewaterhouseCoopers LLP as the Company's independent accountant; the impact
of the restatement of financial results for the Company's fiscal year ended June
30, 1997 and quarters ended September 30, 1997, December 31, 1997 and March 31,
1998; the completion of the numerous organizational changes and the assembly of
a new management team for CyberGuard; the outcome of a purported class action
lawsuit against the Company and certain current and former officers and
directors relating to the restatement of financial results for the fiscal
periods noted above and an SEC investigation regarding these matters; the
delisting of the Company from the NASDAQ National Market; and the Company's past
delinquency in filing reports that were required to be filed under the
Securities Exchange Act of 1934 (which, among other things, restricts the
Company from being able to use Form S-3, a simplified method of registering
securities for sale with the Securities and Exchange Commission). In addition,
the forward-looking statements herein involve assumptions, risks and
uncertainties, including, but not limited to economic, competitive, operational,
management, governmental, regulatory, litigation and technological factors
affecting the Company's operations, liquidity, capital resources, markets,
strategies, products, prices and other factors discussed elsewhere herein and in
the other documents filed by the Company with the Securities and Exchange
Commission. Many of the foregoing factors are beyond the Company's control.
The Company's future success is based largely on its ability to develop
and sell increasingly technologically advanced network security solutions in
sufficient volume and at sufficient prices to become profitable on a consistent
basis. In addition, the network security market is characterized by extremely
rapid technological change, requiring rapid product in production. The velocity
of technological change has accelerated and the Company believes that it is
important to its future that it keeps pace with these changes. The Company
believes that competition will continue to intensify in the rapidly evolving
markets in which the Company is involved, and that the continued development of
technologically advanced products will be necessary to keep its products
current. The Company believes that its ability to generate adequate cash flow
from operations will be critical to its future.
ITEM 7A. QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK
None.
28
29
ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA
The following items are attached and incorporated into this Item 8.
Independent Accountant's Report F-1
Consolidated Balance Sheets as of June 30, 1999
and June 30, 1998 F-2
Consolidated Statements of Operations for years ended
June 30, 1999, June 30, 1998, and June 30, 1997 F-3
Statement of Cash Flows for years ended June 30, 1999,
June 30, 1998, and June 30, 1997 F-4
Consolidated Statements of Shareholders' Equity
for years ended June 30, 1999, June 30, 1998,
and June 30, 1997 F-5
Notes to Consolidated Financial Statements F-6
ITEM 9. CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND
FINANCIAL DISCLOSURES.
On August 21, 1998, KPMG Peat Marwick LLP ("KPMG"), the Company's
independent public accounting firm, resigned effective immediately. In KPMG's
letter of resignation, KPMG stated that it had "a disagreement with management
of the Company regarding the methodology used for software revenue recognition."
In its letter of resignation, KPMG also advised the Company that it concluded
that it could no longer rely on management's representations and that it was
unwilling to be associated with the financial statements prepared by management.
On August 19, 1998, two days before KPMG's resignation, the Company's
Audit Committee met with KPMG to discuss the Company's software revenue
recognition policies and KPMG's concerns about the quality of the financial
information which had been presented by management to the Audit Committee and to
KPMG. During that meeting, the Audit Committee advised KPMG that the Audit
Committee (and not management) had the exclusive decision-making authority and
duties with respect to the Company's financial statements. The Audit Committee
advised KPMG that it agreed with KPMG as to KPMG's preliminary assessment of
these matters and discussed the steps that should be implemented to resolve
these issues, including a restatement of the Company's interim financial
statements.
The Company is not aware of any other disagreements with KPMG on any
matter of accounting principles or practices, financial statement disclosure, or
auditing scope or procedure between June 30, 1996 and the date of KPMG's
resignation, which disagreements, if not resolved to the satisfaction of KPMG,
would have caused KPMG to make a reference thereto in its reports. KPMG's
reports on the financial statements for the Company for the past two years did
not contain any adverse opinion or disclaimer of opinion and such reports were
not qualified or modified as to uncertainty, audit scope or accounting
principles. KPMG's resignation was not recommended or approved by the Company's
Board of Directors or any committee thereof. The Company has authorized KPMG to
respond fully to the inquiries of any successor accountant concerning the
subject matter of the foregoing.
The Company's Board of Directors retained PricewaterhouseCoopers LLP
("PWC") to serve as the Company's independent auditors for its 1998 fiscal year.
This engagement began after PWC had been engaged in September 1998 to assist in
the Company's internal investigation of the revenue overstatements. This change
in auditors occurred after the resignation of the Company's prior auditors,
KPMG. The Company later also retained PWC to re-audit the Company's 1997 fiscal
year.
29
30
PART III
ITEM 10. DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT
ITEM 11. EXECUTIVE COMPENSATION
ITEM 12. SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT
ITEM 13. CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS
The information required by items 10, 11, 12 and 13 of this report is
incorporated by reference to the Company's Proxy Statement for the 1999 Annual
Meeting of Shareholders to be filed within 120 days from June 30, 1999 the end
of the Company's fiscal year.
30
31
PART IV
ITEM 14. EXHIBITS, FINANCIAL STATEMENT SCHEDULES AND REPORTS ON FORM 8-K
(a) The Financial Statements filed as part of this report are listed
separately in the index to Financial Statements beginning on page F-1
of this report.
(b) No reports on Form 8-K were filed during the fourth quarter of the
1999 fiscal year. During the first quarter of Fiscal Year 1999, the
Company filed three reports on Form 8-K (dated August 9, 1998,
September 29, 19998 and October 19, 1998, with amendments dated
October 13, 1998, and November 4, 1998). These reports contain
information regarding the change in CyberGuard's certifying
accountant's resignation, the disposition of assets to AHN Partners,
LP (purchaser of Galaxy search engine), and the disposition of
substantially all the assets of Arca Systems, Inc. to Exodus
Communications, Inc. The reports contain information under Items 2, 4
and 7, which discuss the aforementioned information.
(c) The following exhibits are included in this Report.
EXHIBIT
NUMBER EXHIBIT DESCRIPTION
- ------ -------------------
2.01 -- Restated Purchase and Sale Agreement between Concurrent Computer Corporation and the Company
dated May 23, 1996(i)
2.02 -- Agreement and Plan of Merger, dated May 29, 1998, among the Company, ARCA Acquisition
Corporation, ARCA Systems, Inc. and William F. Wilson, R. Kenneth Bauer and Michael L. Weidner(xii)
3.01 -- Articles of Incorporation of the Company, as amended(viii)
3.02 -- Bylaws of the Company(ii)
4.01 -- Form of Common Stock Certificate(iv)
4.02 -- Form of Stockholder Rights Plan(ii)
4.03 -- Form of Share Holding Agreement between Concurrent Computer Corporation and the Company(iv)
10.01 -- Employment Agreement dated November 7, 1997 between the Company and Tommy D. Steele, as amended
10.02 -- Termination Agreement dated May 17, 1999 between the Company and Tommy D. Steele
10.03 -- Employment Agreement dated March 11, 1999 between the Company and David R. Proctor, as amended May 4,
1999
10.04 -- Employment Agreement dated September 8, 1998 between the Company and Terrence A. Zielinski
10.05 -- Employment Agreement dated September 30, 1998 between the Company and Michael Wittig
-
10.06 -- Employee Stock Incentive Plan(vi)
10.07 -- Amendment to Employee Stock Incentive Plan(vii)
10.08 -- Amendment to Stock Incentive Plan dated March 20, 1998
10.09 -- Employee Stock Option Plan
10.10 -- Amendment to Employee Stock Option Plan
10.11 -- Employee Savings Plan(v)
10.12 -- Forms of Stock Option Agreements
10.13 -- TradeWave Asset Purchase Agreement(ix)
10.14 -- Agreement (regarding noncompetition, nonsolicitation and confidentiality)(ix)
10.15 -- Private Securities Subscription Agreement dated May 15, 1997 between the Company and Capital
Ventures International(x)
10.16 -- Registration Rights Agreement dated May 15, 1997 between the Company and Capital Ventures
International(x)
10.17 -- Loan and Security Agreement dated December 29, 1997 between the Company, TradeWave Corporation and
Coast Business Credit(xi)
10.18 -- Amendment Nr. 1 to Loan and Security Agreement dated December 29, 1997 between the Company, TradeWave
Corporation and Coast Business Credit(xi)
31
32
10.19 -- Loan Documents dated December 17, 1998 between the Company and Fernwood Partners, LLC
10.20 -- Joint Development and Marketing Agreement between the Company and Information Resource
Engineering, Inc.(viii)
10.21 -- OEM and Distribution Agreements between the Company and Information Resource Engineering, Inc. dated
June 11, 1998
10.22 -- Agreement between the Company and Information Resource Engineering, Inc. dated June 30, 1999
10.23 -- Asset Purchase Agreement dated September 11, 1998 between the Company and AHN
Partners, LP
10.24 -- Agreements relating to sale of assets of Arca Systems, Inc.
10.25 -- Agreements relating to sale of assets of TradeWave division
16.01 -- Letter from KPMG Peat Marwick LLP to the Company, dated August 21, 1998(xvi)
16.02 -- Letter from KPMG Peat Marwick LLP to the Commission, dated September 30, 1998(xvii)
16.03 -- Letter from KPMG Peat Marwick LLP to the Commission, dated November 3, 1998(xiii)
16.04 -- Letter from KPMG Peat Marwick LLP to the Company dated June 11, 1999
21.01 -- List of subsidiaries of the Company
23.01 -- Consent of PricewaterhouseCoopers LLP, Independent Certified Public Accountants
27.01 -- Financial Data Schedule (for SEC use only)
- -----------------
(i) Incorporated by reference to Annex A of the Registrant's Definitive Proxy
Statement as filed with the Commission on May 24, 1996
(ii) Filed with Post-Effective Amendment No. 1 to the Company's Registration
Statement on Form 10, dated September 29, 1994, File No. 0-24544 and
incorporated herein by reference.
(iv) Filed with the Company's Registration Statement on Form S-3 dated May 23,
1996 (File No. 333-04407) and incorporated herein by reference.
(v) Incorporated by reference from Exhibit 4.1 to the Company's Registration
Statement on Form S-8 (Commission File Number 33-88446) filed on January 13,
1995.
(vi) Incorporated by reference from Exhibit 4.1 to the Company's Registration
Statement on Form S-8 (Commission File Number 33-88448) filed on January 13,
1995.
(vii) Incorporated by reference to Annex E of the Registrant's Definitive Proxy
Statement as filed with the Commission on May 24, 1996.
(viii) Incorporated by reference to Company's Annual Report on 10-K for fiscal
year ended June 30, 1996.
(ix) Incorporated by reference to the Company's Current Report on Form 8-K dated
April 9, 1997.
(x) Incorporated by reference to the Company's Registration Statement on Form
S-3 (Commission File Number 333-28693) filed on June 12, 1997.
(xi) Filed with the Company's Quarterly Report on Form 10-Q for the period filed
on February 13, 1998 and incorporated herein by reference.
(xii) Filed with the Company's Current Report on Form 8-K dated June 17, 1998
and incorporated herein by reference.
(xiii) Filed with the Company's Current Report on Form 8-K/A filed as of
November 4, 1998 and incorporated herein by reference
(xiv) Referenced in the Company's Current Report on Form 8-K dated September 14,
1998.
(xv) Referenced in the Company's Current Report on Form 8-K dated October 2,
1998.
(xvi) Filed with the Company's Current Report on Form 8-K dated August 21, 1998
and incorporated herein by reference.
(xvii) Filed with the Company's Current Report on Form 8-K/A-1 filed as of
October 13, 1998 and incorporated herein by reference.
32
33
SIGNATURES
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange
Act of 1934, the registrant has duly caused this report to be signed on behalf
of the undersigned, thereunto duly authorized.
CYBERGUARD CORPORATION
By: /s/ DAVID R. PROCTOR
David R. Proctor
Chairman, President and Chief Executive Officer
Pursuant to the requirements of the Securities Exchange Act of 1934, this report
has been signed below by the following persons on behalf of the registrant and
in the capacities and on the dates indicated.
SIGNATURE TITLE DATE
- ------------------------------------------------- -------------------------------------------- -----------------------
/s/ DAVID R. PROCTOR Chairman, President and Chief Executive August 1999
- ----------------------------------------------- Officer and Director (Principal Executive
David R. Proctor Officer)
/s/ TERRENCE A. ZIELINSKI Chief Financial Officer and Vice President August 1999
- ----------------------------------------------- Finance (Principal Financial and Principal
Terrence A. Zielinski Accounting Officer)
/s/ C. SHELTON JAMES Director August 1999
- -----------------------------------------------
C. Shelton James
/s/ LELAND R. REISWIG, JR. Director August 1999
- -----------------------------------------------
Leland R, Reiswig, Jr.
/s/ RICHARD P. RIFENBURGH Director August 1999
- -----------------------------------------------
Richard P. Rifenburgh
33
34
REPORT OF INDEPENDENT ACCOUNTANTS
The Board of Directors and Shareholders of
CyberGuard Corporation and Subsidiaries
In our opinion, the accompanying consolidated balance sheets and the
related consolidated statements of operations, cash flows and changes in
shareholders' equity (deficit) and comprehensive income after the restatement
described in Note 2, present fairly, in all material respects, the financial
position of CyberGuard Corporation and its Subsidiaries at June 30, 1999, and
1998, and the results of their operations and cash flows for each of the three
years in the period ended June 30, 1999, in conformity with generally accepted
accounting principles. These consolidated financial statements are the
responsibility of the Company's management; our responsibility is to express an
opinion on these consolidated financial statements based on our audits. We
conducted our audits in accordance with generally accepted auditing standards,
which require that we plan and perform the audit to obtain reasonable assurance
about whether the financial statements are free of material misstatement. An
audit includes examining, on a test basis, evidence supporting the amounts and
disclosures in the consolidated financial statements, assessing the accounting
principles used and significant estimates made by management, and evaluating the
overall consolidated financial statement presentation. We believe that our
audits provide a reasonable basis for the opinion expressed above.
As further described in Note 2, the Company restated its 1997 and 1996
financial statements previously audited by other independent accountants.
PricewaterhouseCoopers LLP
Atlanta, Georgia
August 27, 1999
F-1
35
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(DOLLARS IN THOUSANDS, EXCEPT SHARE DATA)
JUNE 30,
1999 1998
----------- -----------
ASSETS
Cash and cash equivalents $ 2,622 $ 1,773
Restricted cash 908 650
Accounts receivable, less allowance for uncollectible accounts of
$407 at 1999 and $450 at 1998 2,021 3,334
Inventories, net 210 916
Software development costs, net 185
Other current assets 482 166
Receivable from sale of Arca Systems 3,261
-------- --------
Total current assets 6,428 10,100
-------- --------
Property and equipment, net 1,154 1,761
Non-compete agreements, net 560 840
Goodwill, net 96
Other assets 135 279
-------- --------
Total assets $ 8,277 $ 13,076
======== ========
LIABILITIES AND SHAREHOLDERS' EQUITY (DEFICIT)
Line of credit and note payable $ 2,054 $ 2,198
Accounts payable 2,766 2,383
Deferred revenue 2,047 1,288
Accrued expenses and other liabilities 3,210 2,619
-------- --------
Total current liabilities 10,077 8,488
Convertible debenture, net 885
Commitments and contingencies - Note 15
Shareholders' equity (deficit):
Common stock par value $0.01 authorized 20,000,000 shares; issued and
outstanding 9,064,756 shares at 1999 and 8,902,699 shares at 1998 91 89
Additional paid in capital 73,677 72,999
Accumulated deficit (76,475) (68,360)
Accumulated other comprehensive income 22 (140)
-------- --------
Total shareholders' equity (deficit) (2,685) 4,588
-------- --------
Total liabilities and shareholders' equity (deficit) $ 8,277 $ 13,076
======== ========
The accompanying notes are an integral part of the consolidated
financial statements.
F-2
36
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
YEAR ENDED JUNE 30,
1999 1998 1997
----------- ----------- -----------
Revenues:
Products $ 11,409 $ 13,563 $ 13,135
Services 2,464 1,989 1,089
----------- ----------- -----------
13,873 15,552 14,224
----------- ----------- -----------
Cost of Revenues:
Products 3,618 5,508 6,672
Services 1,695 1,568 572
----------- ----------- -----------
5,313 7,076 7,244
----------- ----------- -----------
Gross Profit 8,560 8,476 6,980
Operating Expenses:
Research and development 3,664 5,767 4,723
Selling, general and administrative 14,724 18,869 15,133
----------- ----------- -----------
Total operating expenses 18,388 24,636 19,856
Operating loss (9,828) (16,160) (12,876)
Interest income (expense), net (186) 399 646
Other income (expense), net 41 11 (200)
Loss on sale of Arca Systems (2,386)
Gain on sale of TradeWave 1,858
Loss on sale of securities available for sale (128) (5,012)
----------- ----------- -----------
1,713 (2,104) (4,566)
----------- ----------- -----------
Net loss $ (8,115) $ (18,264) $ (17,442)
=========== =========== ===========
Basic and fully-diluted loss per common share $ (.90) $ (2.17) $ (2.46)
=========== =========== ===========
Weighted average number of shares outstanding 8,967,045 8,423,011 7,100,014
=========== =========== ===========
The accompanying notes are an integral part of the consolidated
financial statements.
F-3
37
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(DOLLARS IN THOUSANDS)
YEAR ENDED JUNE 30,
1999 1998 1997
------------- ------------- -------------
Cash flows from operating activities
Net loss $ (8,115) $ (18,264) $ (17,442)
Adjustment to reconcile net loss to net
cash used by operating activities:
Depreciation 789 859 546
Amortization 525 888 2,861
Provision for inventory reserve 38 274 131
Provision for uncollectible accounts 326 500 327
Compensation and benefits 242 256 125
Gain on sale of TradeWave (1,858)
Loss on sale of securities available for sale 128 5,012
Loss on sale of Arca Systems 2,386
Changes in assets and liabilities net of effect of 1997 acquisition:
Accounts receivable 896 1,440 (1,905)
Inventories 667 379 (1,550)
Accounts payable 383 274 2,109
Accrued expenses and other liabilities 591 266 (1,647)
Deferred revenue 630 (130) 1,214
Other, net (31) 91 (494)
------------- ------------- -------------
Net cash used by operating activities (4,917) (10,656) (10,713)
Cash flows from (used) by investing activities:
Capitalized software development costs (230)
Additions to property and equipment (182) (911) (530)
Purchase of business, net of cash acquired (450) (400)
Proceeds from (advances to) Arca Systems 3,261 (417)
------------- ------------- -------------
Net cash from (used) by investing activities 2,849 (1,778) (930)
Cash flows from financing activities:
Increase in restricted cash (258)
Proceeds from sale of TradeWave 2,225
Proceeds from convertible debenture 1,125
Proceeds (repayments) on line of credit (194) 1,548 (3,200)
Proceeds from sale of securities 1,214 12,363
Proceeds from sale of common stock 19 8,470 1,838
------------- ------------- -------------
Net cash provided by financing activities 2,917 11,232 11,001
------------- ------------- -------------
Net increase (decrease) in cash and cash equivalents 849 (1,202) (642)
Cash and cash equivalents at beginning of the period 1,773 2,975 3,617
------------- ------------- -------------
Cash and cash equivalents at end of the period $ 2,622 $ 1,773 $ 2,975
============= ============= =============
The accompanying notes are an integral part of the consolidated
financial statements.
F-4
38
CYBERGUARD CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CHANGES IN SHAREHOLDERS' EQUITY (DEFICIT)
AND COMPREHENSIVE INCOME
(DOLLARS IN THOUSANDS, EXCEPT SHARE DATA)
Accumulated
Common Stock Additional Other
------------------------- Paid in Accumulated Comprehensive
Shares Amount Capital Deficit Income Total
---------- ---------- ---------- ---------- ---------- ----------
Balance June 30, 1996,
as previously reported 6,709,371 $ 67 $ 56,152 $ (37,210) $ (764) $ 18,245
Restatement 4,556 522 5,078
---------- ---------- ---------- ---------- ---------- ----------
Balance June 30, 1996, as restated 6,709,371 67 56,152 (32,654) (242) 23,323
Net loss (17,442) (17,442)
Change in market value of
securities available for sale (35) (35)
Translation adjustment 116 116
Issuance of common stock , for
the non compete agreement 91,800 1 1,399 1,400
Issuance of common stock 651,143 7 1,956 1,963
---------- ---------- ---------- ---------- ---------- ----------
Balance June 30, 1997, as restated 7,452,314 75 59,507 (50,096) (161) 9,325
Net loss (18,264) (18,264)
Translation adjustment (14) (14)
Change in market value of securities
available for sale 35 35
Issuance of common stock 1,450,385 14 8,711 8,725
Issuance of common stock for the
Arca investment 590,429 6 5,513 5,519
Receipt and retirement of common
stock for the Arca investment (590,429) (6) (732) (738)
---------- ---------- ---------- ---------- ---------- ----------
Balance June 30, 1998 8,902,699 $ 89 $ 72,999 $ (68,360) $ (140) $ 4,588
Net loss (8,115) (8,115)
Translation adjustment 162 162
Issuance of common stock 162,057 2 258 260
Beneficial conversion feature on
convertible debenture 420 420
---------- ---------- ---------- ---------- ---------- ----------
Balance June 30, 1999 9,064,756 $ 91 $ 73,677 $ (76,475) $ 22 $ (2,685)
========== ========== ========== ========== ========== ==========
The accompanying notes are an integral part of the consolidated
financial statements
F-5
39
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(DOLLARS IN THOUSANDS, EXCEPT SHARE AND PER SHARE DATA)
(1) BASIS OF PRESENTATION AND NATURE OF OPERATIONS
The consolidated financial statements are prepared on the basis of
generally accepted accounting principles. The preparation of financial
statements in conformity with generally accepted accounting principles requires
management to make estimates and assumptions that affect the reported amounts of
assets and liabilities and disclosure of contingent assets and liabilities at
the date of the financial statements as well as the reported amounts of revenues
and expenses during the reported periods. Significant estimates include those
made for software development costs, reserve for inventories, the allowance for
uncollectible accounts, and contingencies. Actual results could differ from
those estimates.
The consolidated financial statements of CyberGuard Corporation and
Subsidiaries (the "Company") include the accounts of the Company and its
subsidiaries over which it maintains control. Majority owned subsidiaries where
control is temporary are carried on the cost basis. All significant intercompany
balances and transactions have been eliminated.
The Company's operating results and financial condition may be impacted
by a number of factors including, but not limited to the following, any of which
could cause actual results to vary materially from current and historical
results or the Company's anticipated future results. A portion of the Company's
revenue is derived from its international operations and sources. As a result,
the Company's operations and financial results have been affected by
international factors such as changes in foreign currency exchange rates or weak
economic conditions in the international markets in which the Company
distributes its products. The network security industry is highly competitive
and competition is expected to intensify. There are numerous companies competing
in segments of the market in which the Company does business. Competitors
include organizations significantly larger and with more development, marketing
and financial resources than the Company.
In addition, the Company is subject to risks and uncertainties which
include, but are not limited to the timely development of and acceptance of new
products, impact of competitive products, regulation, inventory obsolescence,
the ultimate outcome of certain litigation matters, and cash balances in excess
of federally insured limits.
The Company provides a full suite of products and services for the
network security industry. The products offered by the Company include the
CyberGuard(R) Firewall, proprietary and third-party technology (such as Virtual
Private Network, authentication, virus scanning, encryption, advanced reporting,
high availability and centralized management), and consulting, support, and
installation services.
F-6
40
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(2) RESTATEMENT
The Company restated its 1997 and 1996 financial statements previously
audited by other independent accountants.
The following table depicts the components of the restatement:
1997 1996
------------- -------------
Accumulated deficit as previously reported $ (49,700) $ (37,210)
Prior year adjustments 4,556
Adjustments
Restore capitalized software development costs written off during fiscal 1996
and subsequent amortization during fiscal 1997 (2,539) 3,087
Reduction (recognition) of expenses due to changes in timing of
expense accrual (892) 1,196
Change in value of securities available for sale (598) 846
Write off of foreign currency translation adjustment related to
subsidiaries sold during fiscal 1996 522 (522)
Increase in receivable allowance for uncollectible accounts (51)
Deferral of revenue due to changes in timing of revenue recognition (1,374)
Change in components of TradeWave acquisition 255
Write off of inventory and other current assets (159)
Recognition of amounts related to prepaid licenses and post
contract customer support (167)
------------- -------------
Net Adjustments (396) 4,556
============= =============
Accumulated deficit, as adjusted $ (50,096) $ (32,654)
============= =============
1997
-------------
Net loss, as previously reported $ (12,490)
=============
Net loss, restated $ (17,442)
=============
Net loss per share, as previously reported $ (1.76)
=============
Net loss per share, restated $ (2.46)
=============
F-7
41
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(3) SIGNIFICANT ACCOUNTING POLICIES
INVENTORIES--Inventories consist primarily of purchase component parts
and are carried at the lower of cost, determined by the First-In-First-Out
(FIFO) method or market. The Company maintains a reserve for its estimate of
excess, obsolete and damaged goods based on historical and forecasted usage.
LONG-LIVED ASSETS--Property and equipment is carried at cost.
Depreciation is computed by the straight-line method using the estimated useful
lives of the assets which range from 3 to 5 years. Maintenance and repairs are
charged to expense as incurred. Upon sale, retirement or other disposition of
these assets, the cost and the related accumulated depreciation are removed from
the respective accounts and any gain or loss on the disposition is included in
the consolidated statement of operations. The Company evaluates the
recoverability of all its long-lived assets including intangibles and goodwill.
If the sum of the undiscounted future cash flows is less than the carrying
amount of the asset, an impairment loss is recognized as the amount by which the
carrying amount of the asset exceeds its fair value.
SOFTWARE DEVELOPMENT COSTS--The Company capitalizes costs related to
the development of certain software products in accordance with Statement of
Financial Accounting Standards No. 86, "Accounting For the Costs of Computer
Software to be Sold, Leased, or Otherwise Marketed" ("SFAS No. 86") which
requires capitalization to begin when technological feasibility has been
established and ends when the product is available for general release to
customers. Software development costs incurred prior to technological
feasibility defined by completion of a working model are considered research and
development costs and are expensed as incurred. Capitalized costs are amortized
as the greater of the amount computed using the ratio that current revenues for
a product bear to the total current and anticipated future revenues for that
product or the straight-line method over two to five years.
During 1999, the Company had qualifying software development costs of
$230 and associated amortization of $45. During 1998 and 1997, the period
between established technological feasibility and the general release has been
less than three months and software development costs qualifying for
capitalization have been minimal. Accordingly, the Company has not capitalized
any software development costs for those years.
REVENUE RECOGNITION--The Company accounts for software revenues in
accordance with the American Institute of Certified Public Accountants Statement
of Position. In October 1997, the American Institute of Certified Public
Accountants issued Statement of Position 97.2 "Software Revenue Recognition"
(SOP 97-2"), subsequently amended. As amended, SOP 97-2 provides guidance on
applying generally accepted accounting principles in recognizing revenue on
software transactions, and is effective for transactions entered into in fiscal
years beginning after December 31, 1997. The Company adopted SOP 97-2 at July 1,
1998. Prior to July 1, 1998, the Company accounted for software revenues in
accordance with the American Institute of Certified Public Accountants Statement
of Position 91-1 "Software Revenue Recognition". The adoption did not have a
material impact on the Company's financial statements. Revenues earned under
software license agreements are generally recognized when the software has been
shipped, payment is due within one year, collectibility is probable, and there
are no significant vendor obligations. When factors indicate that fees in a
reseller or distributor arrangement are not fixed or that a reasonable basis for
estimating the degree of collectibility of the receivable does not exist,
revenue is recognized as cash is received. Certain arrangements with
distributors and resellers are under terms which allow for those distributors to
receive price protection based on future price reductions and allow limited
F-8
42
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
rights of return. The Company provides an allowance for uncollectible accounts,
which includes returns and price protection. Revenue on post contract customer
support is deferred and amortized by the straight-line method over the term of
the contracts. The Company also provides professional support services which are
available under Service Agreements and charged for separately. These services
are generally provided under time and materials contracts and revenue is
recognized as the service is provided.
INCOME TAXES--The provision for income taxes and corresponding balance
sheet accounts are determined in accordance with Statement of Financial
Accounting Standards No. 109, "Accounting for Income Taxes" ("SFAS No. 109").
Under SFAS No. 109, deferred tax liabilities and assets are determined based on
the temporary differences between the bases of certain assets and liabilities
for income tax and financial reporting purposes. The deferred tax assets and
liabilities are classified according to the financial statement classification
of the assets and liabilities generating the differences. Valuation allowances
are established when necessary to reduce deferred tax assets to the amount,
which more likely than not, is expected to be realized.
FOREIGN CURRENCY TRANSLATION--All balance sheet accounts denominated in
foreign currency are translated into U.S. dollars at the current exchange rate
as of the end of the accounting period. Income statement items are translated at
weighted-average currency exchange rates. Gains and losses resulting from
foreign currency transactions denominated in a currency other than the
functional currency are included in the Statement of Operations. Gains and
losses relative to intercompany foreign currency transactions for which
settlement is not planned or anticipated, are reflected as a separate component
of other comprehensive income.
CASH EQUIVALENTS AND RESTRICTED CASH--The Company considers all
investments purchased with an original maturity of three months or less at the
time of purchase to be cash equivalents. Restricted cash is unavailable to the
Company until certain contractual terms and conditions are met.
MARKETABLE SECURITIES--The Company accounts for marketable securities
in accordance with the Statement of Financial Accounting Standards No. 115,
"Accounting for Certain Investments in Debt and Equity Securities" ("SFAS No.
115"). In accordance with the provisions of SFAS No. 115, marketable securities,
which have been classified by the Company as available for sale, are carried at
market value, with the unrealized gains or losses, net of tax, reported as a
separate component of other comprehensive income.
BASIC AND DILUTED NET LOSS PER COMMON SHARE--Basic and diluted net loss
per common share are calculated according to the Financial Accounting Standards
Board ("FASB") issued Statement No. 128 ("SFAS No. 128"). This statement
establishes standards for computing and presenting earnings per share ("EPS").
Basic EPS excludes dilution and is computed by dividing income available to
common shareholders by the weighted-average number of common shares outstanding
for the period. Diluted EPS reflects the potential dilution that could occur if
securities or other contracts to issue common stock were exercised or converted
into common stock or resulted in the issuance of common stock that then shared
in the earnings of the entity. SFAS No. 128 requires restatement of all prior
period EPS data presented. Potential common stock is in the form of stock
options, which do not have an effect on diluted net loss per share calculations
due to its anti-dilutive effect. Common stock equivalents, like stock options,
warrants, and convertible debt, would have a dilutive effect on per common share
calculations if the company earns a profit.
RECLASSIFICATIONS-- Certain amounts in the prior Fiscal Year have been
reclassified to conform to the current Fiscal Year presentation.
F-9
43
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(4) LIQUIDITY AND CAPITAL RESOURCES
The consolidated financial statements have been prepared on a going
concern basis, which contemplates the realization of assets and the satisfaction
of liabilities in normal course of business. The Company has suffered recurring
losses from operations resulting in net cash used in operating activities. In
addition, violations of covenants in debt agreements have resulted in
classification of all of its debt as current as of June 30, 1999. Management's
operating plans include tactics to achieve efficiencies and its financing plan
encompasses the use of availability under its current line of credit, issuance
of convertible debt, as well as the potential issuance of equity securities.
Accordingly, management believes that the Company's consolidated financial
statements are appropriately prepared on a going concern basis.
The Company and certain former officers and directors were named in
twenty-five shareholder lawsuits. The plaintiffs sued for unspecified
compensatory damages, legal fees, and litigation costs. The Company is unable to
predict the ultimate outcome or potential financial impact of this litigation.
The consolidated financial statements do not include any adjustments
relating to the realization of assets and the recognition and satisfaction of
liabilities that might be necessary as a result of these matters.
(5) REAL-TIME BUSINESS
In May 1995, the Company separated its business operation into two
units: the Real-time Division, responsible for equipment development, and the
Trusted Systems Division, responsible for network security product development.
On February 8, 1996, the Company and Concurrent Computer Corporation
("Concurrent") announced the sale of the Real-time Division to Concurrent which
became effective under the Purchase and Sale Agreement effective March 26, 1996,
and amended and restated as of May 23, 1996 (hereinafter referred to as the
"Agreement").
The Agreement was approved by the shareholders of both companies on
June 27, 1996, and the transaction was closed effective June 30, 1996. In
connection with this sale, the Company changed its fiscal year end from
September 30 to June 30 becoming effective in the year beginning October 1,
1995.
Under the Agreement, the Company sold the net assets of its Real-time
Division with a book value of $21,561 and issued 683,178 shares of its common
stock valued at $1,804 to Concurrent in exchange for (a) 10,000,000 newly issued
shares of Concurrent common stock, par value $0.01 per share valued at $10,700,
and (b) convertible preferred stock of Concurrent paying a 9% cumulative annual
dividend quarterly in arrears valued at $4,699. The preferred stock was
redeemable by Concurrent when the current market price of Concurrent's common
stock exceeded $3.75 per share and was mandatory redeemable on June 27, 2006, at
the liquidation preference of $6,264 plus any unpaid dividends at that date. The
conversion ratio for the preferred stock was based on the liquidation preference
divided by the conversion price per the Agreement, set at $2.50 per share.
At June 30, 1996, the Company sold its interest in 2,000,000 shares of
Concurrent common stock recognizing no gain or loss on the sale. During 1997,
all of the convertible preferred stock was converted to Concurrent common stock
and accounted for as securities available-for-sale. During 1997, the Company
sold a total of 9,950,000 shares recognizing a total loss on sale of those
shares of $5,012. At June 30, 1997, the securities available-for-sale were
valued at their market value of $1,007 with a net unrealized holding loss of $35
reflected as a separate component of other comprehensive income. At June 30,
1997, the securities available for sale also included $300 of cumulative
dividends receivable on preferred stock. During 1998, the remaining shares of
Concurrent common stock were sold at a loss of $128.
F-10
44
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(6) TRADEWAVE
On April 9, 1997, the Company purchased substantially all the assets of
TradeWave Corporation ("TradeWave"). The transaction was accounted for as a
purchase and, accordingly, TradeWave's results are included in the consolidated
financial statements since the date of acquisition. The aggregate purchase price
was approximately $356. The fair value of identifiable net assets acquired was
approximately $211. Approximately $129 has been accounted for as goodwill and is
being amortized over its useful life of five years. Additionally, at the time of
acquisition, a deferred charge of $133 was recorded representing restricted
stock grants to TradeWave employees. The charge was expensed in 1998, over the
course of the vesting period of the restricted stock grants none of which
exceeded twelve months.
During September 1998, the Company's Board of Directors authorized a
plan to dispose of certain net assets of its TradeWave division, and on
September 14, 1998, the Company announced the sale of TradeWave's Galaxy
Internet search engine ("Galaxy") for approximately $2,000. In addition, on
April 30, 1999, the Company sold substantially all the remaining assets of its
TradeWave division to Digital Signature Trust Co. ("DST") for $810, subject to
an escrow agreement, and the assumption of certain liabilities. A definitive
Asset Purchase Agreement was entered into that has certain development
deadlines.
In June 1999, CyberGuard filed a lawsuit against DST in state court in
Austin, Texas. The Company alleged breach of contract, tortious interference and
fraud. Also in June 1999, DST filed a lawsuit against the Company in federal
court in Salt Lake City, Utah, alleging fraud, negligent misrepresentation,
unjust enrichment, with unspecified damages, and rescission and reformation of
contract. Both actions are currently tolled due to ongoing negotiations towards
settlement between the Company and DST.
(7) ARCA SYSTEMS, INC.
On June 17, 1998, the Company completed the acquisition of Arca
Systems, Inc. ("Arca"), a privately held information professional security
service firm, for 590,429 shares of its common stock. However, on October 5,
1998, the Company sold all the assets of Arca. As a result, the transaction is
presented as a receivable from the sale of Arca and accounted for on the cost
basis, at its net realizable value at June 30, 1998, because of the temporary
control the Company had over this majority owned subsidiary. The investment
amount was based on the fair value of the common stock issued, using an average
of its quoted market value a few days before and after the acquisition
announcement date, and other direct costs.
In response to the Company's announcement on August 24, 1998, that
revenues for certain 1998 quarters would be restated, the previous shareholders
of Arca threatened legal action under the purchase agreement. On October 5,
1998, the Company completed the sale of the net assets of Arca to Exodus
Communications. In exchange for the net assets of Arca, the Company received
approximately $3,261, the return of the previously issued 590,429 shares of the
Company's common stock, and the release of any potential legal claims the Arca
shareholders might have had against the Company. The disposition resulted in a
settlement loss that was recorded in the fourth quarter of fiscal 1998. The
settlement loss of $2,386 was determined based on the Company's investment in
and advances to Arca, less the $3,261 cash received and the 590,429 shares of
common stock at its fair value using its quoted market value on the return date.
The shares were assumed to be retired effective June 30, 1998.
F-11
45
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(8) PROPERTY AND EQUIPMENT
Property and equipment is summarized as follows:
June 30, June 30,
1999 1998
--------------- ----------------
Property and equipment $1,794 $3,286
Purchased software for internal use 255 415
Leasehold improvement 27 37
---------- ----------
Subtotal 2,076 3,738
---------- ----------
Less: accumulated depreciation (922) (1,977)
---------- ----------
Property and equipment, net $1,154 $1,761
========== ==========
(9) NON-COMPETE AGREEMENTS
In connection with the sale of the Real-time Business, the Company
entered into non-compete agreements for a period of five years with two former
officers of the Company. In consideration for these non-compete agreements,
these officers received 91,800 shares of the Company's common stock. These
shares were valued at market price as of the date of the agreement, June 28,
1996. These amounts will be amortized over the life of the agreement. The
amortization expense was $280, for the years ended June 30, 1999, 1998, and
1997, respectively.
(10) ACCRUED EXPENSES AND OTHER LIABILITIES
Accrued expenses and other liabilities consists of the following:
June 30, 1999 June 30, 1998
------------------- ---------------------
Salaries, wages and other compensation $ 1,271 $ 794
Accrued interest and sundry taxes 259 243
Accrued professional service fees 200 958
Other payables 550 624
Insurance finance payable 280 --
Customer advanced payments 650 --
------------------ ------------------
$ 3,210 $ 2,619
================== ==================
(11) LINE OF CREDIT AND NOTE PAYABLE
On April 1, 1996, the Company entered into a loan agreement with
Foothill Capital Corporation ("Foothill") pursuant to which Foothill agreed to
make revolving advances to the Company on an amount of up to $5,000 subject to
certain borrowing base requirements and at an interest rate equal to prime, plus
two percent. As collateral for the loan, the Company granted Foothill a security
interest in its assets (including the Concurrent common and preferred stock). In
addition, the Company granted Foothill warrants to purchase 100,000 shares of
common stock at a price equal to the lower of the price of a share of common
stock issued to the public pursuant to a registration statement or $17.00 per
share. In August 1996, the Foothill loan of $3,200 was repaid.
F-12
46
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
On December 30, 1997, the Company entered into a $3,350 asset-based
revolving line of credit and a $650 Term Note Agreement with Coast Business
Credit ("Coast"). The Company is in default of certain provisions of the
agreement and interest is charged at the default rate of prime rate plus 5.0%
(at June 30, 1999). The credit facility is collateralized by all of the tangible
assets and intellectual property of the Company. Availability under the
revolving credit facility is limited to 80% of eligible accounts receivable and
30% of qualified inventory up to a maximum availability of $300 on eligible
inventory. The Company has presented the $650 cash compensating balance equal to
the amount of the term loan as restricted cash. As of June 30, 1999, there was
$1,405 outstanding under the revolving line of credit agreement, all of which
was classified as a current liability. The Company estimates that the fair value
of the line of credit and note payable approximates carrying value based upon
its effective current borrowing rate.
(12) CONVERTIBLE DEBENTURE
On December 17, 1998, the Company executed an agreement to issue
$1,125,000 of Convertible Debt ("Debt"). The Debt bears interest at prime plus
200 basis points and is payable quarterly. The Debt is convertible into 750,000
shares of common stock at a conversion price equal to $1.50 per share. The Debt
is convertible to registered shares, at the debt holders option, after February
1, 2000. In addition, the Company issued the debt holders 500,000 warrants to
purchase the Company's common stock at $2.00. The warrants are exercisable at
any time before June 2001. The terms of the Debt and warrant agreement, which
permit the conversion of the Debt and warrants to common stock at a discount to
market, is considered a beneficial conversion feature. The beneficial conversion
feature at the date of issuance of the Debt of $420 will be recognized as
interest expense over the fourteen month conversion period. The Company has
recognized $180 as additional interest expense for 1999. The convertible debt is
subordinated to the Company's senior debt and includes a security interest in
the Company's assets.
On August 27, 1999, the Company increased convertible debt to
approximately $4,300,000 including repaying the December 1998 issuance. The
interest rate will be 11.5% per annum. The debt will be convertible into
approximately 4,300,000 shares of common stock at a conversion price equal to
$1.00 per share which represents a beneficial conversion feature. In addition,
the warrants from the December 17, 1998 transaction will be cancelled and the
Company will issue approximately 4,300,000 warrants to purchase the Company's
common stock at $2.00 per share.
(13) INCOME TAXES
The significant components of the Company's net deferred income tax
assets (liabilities) are as follows:
DEFERRED TAX ASSETS AND LIABILITIES June 30, 1999 June 30, 1998
------------- -------------
Accrued expenses $ 384 $ 537
Depreciation and amortization (347) (444)
Net operating loss carryforwards 22,683 18,991
Capital loss carryforwards 2,023 2,697
Other Deferred tax assets(liabilities) 732 859
Valuation allowance (25,475) (22,640)
======== ========
Net deferred income tax liability -- --
======== ========
F-13
47
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
A reconciliation of the effective income tax rate and the statutory United
States income tax rate follows:
Year ended Year ended
June 30, June 30,
1999 1998
---------------- -------------------
Statutory U.S. income tax rate (34.0%) (34.0%)
Loss on sale of Arca 0.0% 5.1%
State taxes ( 3.0%) ( 3.0%)
Other 0.8% 0.8%
Valuation Allowance 36.2% 31.1%
---------------- -------------------
Effective income tax rate 0.0% 0.0%
================ ===================
As of June 30, 1999, the Company had U.S. net operating loss
carryforwards for federal income tax purposes of approximately $61 million. The
Company's net operating loss carryforwards begin to expire in 2010. Under the
Tax Reform Act of 1986, the amounts of, and the benefits from, net operating
loss carryforwards may be impaired or limited due to a change of ownership
control as defined by the Internal Revenue Code. In addition, the Company has a
U.S. net capital loss carryforwards of approximately $5,469. The Company may
utilize the capital loss carryforwards only to the extent it generates future
capital gains. As of June 30, 1999, a valuation allowance has been established
against the net deferred tax asset since the Company believes it is more likely
than not that some or all of the amounts will not be realized.
(14) SHAREHOLDERS' EQUITY
COMMON STOCK--Each share of the Company's common stock has attached to
it one right. Each right entitles its registered holder to purchase from the
Company after the "Separation Time", as hereinafter defined, one-hundredth of a
share of Participating Preferred Stock, par value $.01 per share, for an amount
calculated in accordance with the Preferred Stock Agreement. The rights will not
trade separately from the common stock unless and until the Separation Time. The
Separation Time is defined as the earlier of the tenth business day after the
date on which any person commences a tender or exchange offer which, if
consummated, would result in an acquisition, and the first date of public
announcement by the Company of such offering. In the event of any voluntary or
involuntary liquidation of the Company, the holders of the Preferred Stock shall
be paid an amount as calculated in accordance with the Preferred Stock
Agreement.
STOCK OPTION PLANS--Effective October 8, 1994, the Company adopted a
Stock Incentive Plan which permits the issuance of stock options, stock
appreciation rights, performance awards, restricted stock and/or other stock
based awards to directors and salaried employees. On February 4, 1996, the Board
of Directors approved an amendment to the plan to reserve 2,025,000 shares of
common stock for grant. The option price shall be determined by the Board
Committee effective on the Grant Date. The option price shall not be less than
fifty percent of the Fair Market Value of a share of common stock on the Grant
Date. If Incentive Stock Options are granted to a participant who on the Grant
Date is a ten-percent holder, such price shall not be less than one hundred and
ten percent of the Fair Market Value of a share of common stock on the Grant
Date. All options become immediately exercisable upon the occurrence of a Change
in Control of the Company. Vesting of these options occurs based on years of
service. Generally it begins at 33% after one year, 66% after two years, and
100% after the third year of service.
F-14
48
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
The Company also elected in September, 1998 to have non-qualified stock options
for key executives as part of their compensation plan. The Board of Directors
has the authority to determine to whom options may be granted, period of
exercise, the option price at the date of grant, and what other restrictions, if
any, should apply.
The Company applies APB 25 and related interpretations in accounting
for its plans. During 1995, the Financial Accounting Standards Board issued
Statement No. 123, "Accounting for Stock-Based Compensation" ("SFAS No. 123")
changing the methods for recognition of costs on plans similar to those of the
Company. Adoption of the accounting provisions of SFAS No. 123 is optional;
however, pro-forma disclosures as if the Company adopted the cost recognition
requirements under SFAS No. 123 are required.
The fair value method for these options was estimated at the date of
grant using the Black-Scholes option pricing model with the following weighted
average assumptions for 1999, 1998 and 1997, respectively: risk-free interest
rates were 5.11%, 5.69%, and 6.05%, expected dividend yield of 0%, volatility
factors of the expected market price of the Company's common stock were 116.3%,
79.1%, and 88.5% and a weighted average expected life of the option of 3, 4, and
3 years, respectively.
The Black-Scholes option valuation model was developed for use in
estimating the fair value of traded options, which have no vesting restrictions
and are fully transferable. In addition, option valuation models require the
input of highly subjective assumptions including the expected stock price
volatility. Because the Company's employee stock options have characteristics
significantly different from those of traded options, and because changes in
subjective input assumptions can materially affect the fair value estimate, in
management's opinion, the existing models do not necessarily provide a reliable
single measure of the fair value of its employee stock options.
The adoption of SFAS No.123 under the fair value based method would
have increased compensation expense by $2,108, $2,524 and $1,728 for the years
ended June 30, 1999, 1998 and 1997, respectively. The effect of SFAS No. 123
under the fair value based method would have effected net loss and loss per
share as follows:
Year ended Year Ended Year Ended
June 30, June 30, June 30,
1999 1998 1997
-------------------- ------------------- --------------------
Net loss $ (8,115) $ (18,264) $ (17,442)
==================== =================== ====================
Pro-Forma $(10,023) $ (20,789) $ (19,170)
==================== =================== ====================
Loss per common share as reported $ (0.90) $ (2.17) $ (2.46)
==================== =================== ====================
Pro-Forma $ (1.12) $ (2.47) $ (2.70)
==================== =================== ====================
F-15
49
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
Information relating to the Company's stock option plan is as follows:
Number of Weighted Average
Shares Exercise Price
---------------------- ------------------------
Shares under option at June 30, 1996 1,589,664 $3.50
Granted 947,850 $9.37
Exercised (636,559) $3.00
Forfeited (75,033) $8.75
============== =============
Shares under option at June 30, 1997 1,825,922 $7.77
============== =============
Shares exercisable at June 30, 1997 594,442 $6.43
============== =============
Shares under option at June 30, 1997 1,825,922 $7.77
Granted 889,668 $7.48
Exercised (254,071) $4.37
Forfeited (363,774) $9.21
============== =============
Shares under option at June 30, 1998 2,097,745 $7.81
============== =============
Shares exercisable at June 30, 1998 759,291 $7.95
============== =============
Shares under option at June 30, 1998 2,097,745 $7.81
Granted 2,856,343 $1.24
Exercised (17,000) $1.13
Forfeited (1,875,645) $5.03
============== =============
Shares under option at June 30, 1999 3,061,443 $1.91
============== =============
Shares exercisable at June 30, 1999 1,141,492 $2.96
============== ==============
At June 30, 1999, 2,684,868 stock options outstanding had exercise
prices ranging from $1.13 to $2.09. The weighted average exercise price of these
options is $1.25 and weighted remaining contractual life of these options is
4.16 years. Of these options, 764,917 are exercisable at a weighted average
price of $1.14.
At June 30, 1999, 376,575 stock options outstanding had exercise prices
ranging from $5.50 to $7.37. The weighted average exercise price of these
options is $6.67. The remaining contractual life of these options is 1.5 years.
Of these options, 376,575 are exercisable at a weighted average price of $6.67.
During September 1998, the Company re-priced all of the outstanding
options to its then current fair market value per share of $1.125 to all
officers, directors and employees with existing options. The total number of
shares re-priced were 1,404,891. In addition, during fiscal year 1999, the
Company issued officers, directors and employees approximately 1,110,936 new
options at an exercise price of $1.31 per share. As part of a severance
arrangement with a previous officer, the Company re-issued 235,490 shares at a
weighted average price of $7.10 per share.
F-16
50
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(15) COMMITMENTS AND CONTINGENCIES
LEASE COMMITMENTS--Rent expense was $744 for the year ended June 30,
1999, $501 for the year ended June 30, 1998, and $231 for the year ended June
30, 1997.
On June 10, 1997, the Company entered into a ten-year term office lease
for its corporate office located in a commercial building in Fort Lauderdale,
Florida. The lease provides for a 5-year renewal option.
Total future minimum rental commitments under non-cancelable operating
leases, primarily for buildings and equipment, for the years following June 30,
1999 are as follows:
YEAR AMOUNT
---- ------
2000 518
2001 475
2002 454
2003 464
=============
Total $1,911
=============
Effective May 1, 1999, the Company sold substantially all the assets of
its TradeWave division and the assumption of several capital and operating
leases. In the transaction, the operating lease amount assumed for the fiscal
year ended 1999 are $25, fiscal year end 2000 are $165, fiscal year end 2001 are
$3, and fiscal year end 2002 are $2.
LITIGATION--In August 1998, the Company and certain current and former
officers and directors were named as defendants in 25 shareholder lawsuits filed
in the United States District Court for the Southern District of Florida. All of
the lawsuits purport to be brought on behalf of a class of all persons who
purchased or otherwise acquired the Company's common stock during various
periods from October 7, 1997, through August 24, 1998. The lawsuits allege,
among other things, that as a result of accounting issues relating to the
Company's revenue recognition practices, defendants knowingly or recklessly
caused the Company to publish false and misleading financial statements which
caused the Company's common stock prices to rise artificially. One lawsuit also
alleges violations of common law. The plaintiffs are seeking an unspecified
amount of damages, interest, costs and attorney fees. These cases have been
transferred and consolidated into a single case for purposes of all pre-trial
matters and trial. Discovery has been stayed and the plaintiffs have been
ordered to file a single amended, consolidated complaint within 45 days of the
filing on July 22, 1999 of the Company's restated financial statements.
The Company's obligation to indemnify its officers and directors under
the aforementioned lawsuits is insured, to the extent of the limits of the
applicable insurance policies. The Company has notified its insurance carrier of
the existence of the lawsuits, and the carrier has sent the Company a
reservation of rights letter. The Company intends to vigorously defend these
actions, and believes that in the event that it is unsuccessful, that insurance
coverage will be available to defray a portion, or substantially all, the
expense of defending and settling the lawsuits or paying a judgment. However,
the Company is unable to predict the ultimate outcome of the litigation. There
can be no assurance that the Company will be successful in defending the
lawsuits or that if unsuccessful, that insurance will be available to pay all or
any portion of the expense of the lawsuits. If the Company is unsuccessful in
defending the lawsuits and the insurance coverage is unavailable or
insufficient, the resolution of the lawsuits could have a material adverse
effect on the Company's consolidated financial position, results of operations,
and cash flows. The Company's consolidated financial statements do not include
any adjustments related to these matters.
F-17
51
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
On April 30, 1999, the Company sold substantially all of the assets of
its TradeWave division to Digital Signature Trust Company ("DST"). In June 1999,
CyberGuard filed a lawsuit against DST and Zions First National Bank, N.A. that
alleged breach of contract, tortious interference and fraud. Also in June 1999,
DST filed a lawsuit against the Company, alleging fraud, negligent
misrepresentation, unjust enrichment, with unspecified damages, and rescission
and reformation of contract. Both actions are currently tolled due to ongoing
negotiations towards settlement between the Company and DST.
The Company is involved from time to time in other litigation on
various matters relating to the conduct of its business. The Company believes
that these other litigation matters, single or collective, will not have a
material adverse effect on its consolidated financial position, results of
operations or cash flows.
REGULATORY INVESTIGATIONS--In August 1998, the Securities and Exchange
Commission ("SEC") began an informal investigation into certain accounting and
financial reporting practices of the Company. The Company is cooperating with
the SEC. The Company is unable to predict the ultimate outcome of the
investigation. The resolution of such matters could have a material adverse
effect on the Company's consolidated financial position, results of operations,
and cash flows. The Company's consolidated financial statements do not include
any adjustments related to these matters.
(16) CONCENTRATIONS OF CREDIT RISK
Financial instruments, which potentially subject the Company to a
concentration of credit risk principally, consist of cash, cash equivalents and
trade receivables. The Company holds any excess cash in short-term investments
consisting of commercial paper. Concentrations of credit risk with respect to
receivables are limited due to the Company's customer base.
(17) EMPLOYEE BENEFIT PLANS
The Company has a 401(k) Savings Plan ("the Plan") which covers the
eligible employees of the Company. An employee is eligible to participate in the
Plan on the date of hire. The amount of profit-sharing contributions made by the
Company into the Plan is discretionary. Each participant may contribute up to
19% of compensation into the Plan. The Company makes a matching contribution on
behalf of each participant for the first 6% of their individual contribution.
These contributions are made in the form of cash and common stock of the
Company. Participants' profit sharing and matching contribution vests over a
three-year period. The Company's contributions to the Plan were $300 for year
ended June 30, 1999, $388 for the year ended June 30, 1998 and $221 for the year
ended June 30, 1997.
(18) GEOGRAPHIC AND CUSTOMER INFORMATION
The Company operates primarily in one segment: trusted systems
consisting of network security and electronic commerce products and services.
During 1999, one major financial institution represented 34% of consolidated
sales, one international telecommunications company represented 10.1% of
consolidated sales and one international distributor represented 7.8% of
consolidated sales. During 1998, one major financial institution represented 17%
of consolidated sales. During 1997 sales to a distributor represented 11% of
consolidated sales.
F-18
52
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
A summary of the Company's operations by geographic area is summarized
below:
Year Ended Year Ended Year Ended
June 30, June 30, June 30,
1999 1998 1997
-------------------- ------------------- --------------------
United States Operations
Net sales $ 10,882 $ 11,423 $ 10,057
Net loss (7,823) (17,292) (17,176)
Identifiable assets 5,795 11,100 15,043
European Operations
Net sales 2,991 4,129 4,167
Net loss (292) (972) (266)
Identifiable assets 2,482 1,976 162
U.S. Export Sales were $3,747 for the year ended June 30, 1999, $4,530
for the year ended June 30, 1998, and $5,209 for the year ended June 30, 1997.
(19) CONCURRENT CORPORATION AGREEMENTS
The Company entered into an agreement with Concurrent Corporation on
June 30, 1996, to provide certain administrative and personnel-related services
for the Company. The Company was billed monthly for these services which totaled
$461 for the year ended June 30, 1997. Effective June 30, 1997, the only service
provided was for rental of facilities. The facility costs paid to Concurrent
were $40 for the fiscal year ended June 30, 1998.
CYBERGUARD RESELLER AGREEMENT:
The Company and Concurrent entered into a reseller agreement effective
June 27, 1996, to act as a reseller of CyberGuard products. For each CyberGuard
product sold by Concurrent, Concurrent shall pay to CyberGuard a predetermined
fee. The initial term of the agreement was for a period of twelve months
beginning with the effective date of this agreement and may be renewed for two
additional terms of twelve months each with the written consent of both the
Company and Concurrent. During the current fiscal year, the Company elected to
extend the reseller agreement to Concurrent for an additional twelve-month
period.
Sales to Concurrent Computer Corporation and its subsidiaries were $60
for the year ended June 30, 1997, $174 for the year ended June 30, 1998 and $96
for the year ended June 30, 1999.
(20) SUPPLEMENTAL STATEMENT OF CASH FLOW INFORMATION
During 1998, the Company issued 590,429 shares of common stock for all
of the outstanding common stock of Arca and subsequently, retired these shares
in 1999. In addition, during 1999, 1998 and 1997, the Company paid cash for
interest of $217, $84 and $2, respectively.
F-19
53
CYBERGUARD CORPORATION AND SUBSIDIARIES
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (CONTINUED)
(21) NEW ACCOUNTING PRONOUNCEMENTS
In October 1997, the Accounting Standards Executive Committee of the
American Institute of Certified Public Accountants issued Statement of Position
97-2 "Software Revenue Recognition" ("SOP 97-2"). This statement provides
guidance on applying generally accepted accounting principles in recognizing
revenues on software transactions. SOP 97-2 supercedes Statement of Position
91-1 "Software Revenue Recognition". SOP 97-2 is effective for transactions
entered into in fiscal years beginning after December 15, 1997. Earlier
application is encouraged as of the beginning of the fiscal year or interim
period for which financial statements or information have not been issued.
Retroactive application of the provisions of this statement is prohibited. The
Company believes that the adoption of SOP 97-2 did not have a significant
impact on its revenue recognition policy.
In June 1997, Statement of Financial Accounting Standards No. 130,
"Reporting Comprehensive Income" ("SFAS 130") was issued. SFAS 130 establishes
standards for reporting and display of comprehensive income and its components,
and is effective for fiscal years beginning after December 15, 1997. The Company
adopted SFAS 130 at July 1, 1998 and has included the appropriate disclosures in
the Consolidated Statements of Changes in Stockholders Equity and Comprehensive
Income.
In June 1997, FASB issued Statement of Financial Accounting Standards
No. 131, "Disclosures about Segments of an Enterprise and Related Information"
("SFAS No. 131"). SFAS No. 131 is effective for financial statements for periods
beginning after December 15, 1997. SFAS No. 131 establishes standards for the
way public business enterprises report selected information about operating
segments in interim financial reports issued to shareholders. The Company
believes that the adoption of SFAS No. 131 did not have a significant impact on
its financial reporting.
(22) SUBSEQUENT EVENTS
On August 27, 1999, the Company increased convertible debt to
approximately $4,300,000 including repaying the December 1998 issuance. The
interest rate will be 11.5% per annum. The debt will be convertible into
approximately 4,300,000 shares of common stock at a conversion price equal to
$1.00 per share which represents a beneficial conversion feature. In addition,
the warrants from the December 17, 1998 transaction will be cancelled and the
Company will issue approximately 4,300,000 warrants to purchase the Company's
common stock at $2.00 per share.
F-20