Risks Related to Our Business
We depend on a small number of large customers and the loss of one or more major customers could have a material adverse effect on our business, financial condition and results of operations.
For fiscal 2018, we had one customer contributing 9.0% of total revenues and our top five customers, in the aggregate, generating approximately 28.4% of total revenues. We expect that our top five customers will continue to account for a significant portion of our revenues for the foreseeable future. For fiscal 2017, we had one customer contributing 7.5% of total revenues and our top five customers, in the aggregate, generating approximately 26.5% of total revenues. For fiscal 2016, we had one customer contributing 10.2% of total revenues and our top five customers, in aggregate, generating approximately 25.5% of total revenues. We have had in the past large customers terminate their relationship with us and it is possible that any of our large customers could decide to terminate their relationship with us in the future. The loss of one or more of our top five customers, or a substantial decrease in demand by any of those customers for our services and solutions, could have a material adverse effect on our business, results of operations and financial condition. Additionally, our large customers have substantial negotiating leverage, which may require that we agree to terms and conditions that result in increased cost of sales, decreased revenues and lower average selling prices and gross margins, all of which could harm our operating results.
Our information systems, like those of other software and technology companies, are vulnerable to the threat of cybersecurity and data privacy risks.
Our business involves the storage, management, and transmission of the proprietary information of our customers, including personal, financial, and other sensitive or confidential information of our customers’ insureds. Cyberattacks and other efforts by bad actors to steal personal information, to steal proprietary and sensitive company information, and to disrupt service are on the rise, and the methods used to attack, to obtain unauthorized access to, to disable, to degrade, or to otherwise compromise our systems, our software, and our applications are continuously changing and evolving. We may be unable to anticipate or detect successfully these methods or implement adequate preventive measures. Moreover, software or applications we develop or obtain from third parties may contain defects in design or manufacture or other vulnerabilities that could unexpectedly compromise or lead to the compromise of our systems, our software, our applications, or the information security and privacy of the proprietary and personal information stored, managed, and transmitted by or on those systems, software, or applications.
Although we have in place control procedures and security measures to protect the proprietary and personal data we store, manage and transmit for our customers, we cannot guarantee that these measures will be sufficient to detect or prevent interceptions, intrusions, break-ins, security breaches, theft, the introduction of viruses or malicious code, or other disruptions or attacks that may jeopardize the security, confidentiality, or integrity of the proprietary and personal information stored, managed, or transmitted by our systems, software, applications, and products. Security breaches or other malicious attacks of our systems, software, applications, and products could result in system or service disruptions or the theft, misappropriation, misuse, unauthorized disclosure, or compromise of personal and proprietary information. In addition, security breaches or other malicious attacks of our systems, software, applications, and products could also result in impact to or compromise of the systems of our customers who utilize our software, applications, and products. Our systems, software, applications, and productions are also exposed to computer viruses, denial of service attacks and bulk unsolicited commercial email, or spam. Despite the security measures we have in place, these events could cause a loss of service and data to customers.
If our products or systems experience data security breaches or there is unauthorized access to or release of our customers’ data, we may lose current or future customers and our reputation and business may be harmed. We may also incur liabilities to repair or replace our systems or in connection with litigation or regulatory enforcement actions that may result from such breaches.
We are subject to data security and data privacy laws that are becoming more widespread, burdensome, and increasingly require notification of security breaches to affected individuals, regulators, customers, and other third-parties. The occurrence of a security breach impacting our systems, software, applications, or