S-1 1 d934761ds1.htm FORM S-1 Form S-1
Table of Contents

As filed with the Securities and Exchange Commission on December 17, 2015

Registration No. 333-            

 

 

 

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

 

FORM S-1

REGISTRATION STATEMENT

UNDER

THE SECURITIES ACT OF 1933

 

 

SECUREWORKS CORP.

(Exact name of registrant as specified in its charter)

 

 

 

 

Delaware   7379   56-2015395
(State or other jurisdiction of   (Primary Standard Industrial   (I.R.S. Employer
incorporation or organization)   Classification Code Number)   Identification Number)

 

 

One Concourse Parkway NE

Suite 500

Atlanta, Georgia 30328

(404) 327-6339

(Address, including zip code, and telephone number, including area code, of registrant’s principal executive office)

 

 

Michael R. Cote

President and Chief Executive Officer

SecureWorks Corp.

One Concourse Parkway NE

Suite 500

Atlanta, Georgia 30328

(404) 327-6339

(Name, address, including zip code, and telephone number, including area code, of agent for service)

 

 

Copies to:

 

Richard J. Parrino
Kevin K. Greenslade
Todd M. Aman

Hogan Lovells US LLP
555 Thirteenth Street, N.W.
Washington, D.C. 20004
(202) 637-5530

  Janet B. Wright
Vice President-Corporate,
Securities & Finance Counsel
Dell Inc.
One Dell Way
Round Rock, Texas 78682
(512) 338-4400
 

Bruce K. Dallas

Davis Polk & Wardwell LLP

1600 El Camino Real

Menlo Park, California 94025

(650) 752-2000

 

 

Approximate date of commencement of proposed sale to the public:

As soon as practicable after the effective date of this Registration Statement.


Table of Contents

If any of the securities being registered on this Form are to be offered on a delayed or continuous basis pursuant to Rule 415 under the Securities Act of 1933 check the following box.  ¨

If this Form is filed to register additional securities for an offering pursuant to Rule 462(b) under the Securities Act, please check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ¨

If this Form is a post-effective amendment filed pursuant to Rule 462(c) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ¨

If this Form is a post-effective amendment filed pursuant to Rule 462(d) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ¨

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company. See the definitions of “large accelerated filer,” “accelerated filer” and “smaller reporting company” in Rule 12b-2 of the Exchange Act.

 

Large accelerated filer   ¨    Accelerated filer   ¨
Non-accelerated filer   þ  (Do not check if a smaller reporting company)    Smaller reporting company   ¨

 

 

Calculation of Registration Fee

 

 

Title of Each Class of

Securities to be Registered

 

Proposed

Maximum

Aggregate
Offering Price (1)(2)

 

Amount of

Registration Fee

Class A Common Stock, $0.01 par value per share

  $100,000,000   $10,070

 

 

(1) Estimated solely for the purpose of calculating the registration fee pursuant to Rule 457(o) under the Securities Act.
(2) Includes the aggregate offering price of additional shares that the underwriters have the option to purchase to cover over-allotments of shares, if any.

 

 

The registrant hereby amends this registration statement on such date or dates as may be necessary to delay its effective date until the registrant shall file a further amendment which specifically states that this registration statement shall thereafter become effective in accordance with Section 8(a) of the Securities Act of 1933 or until the registration statement shall become effective on such date as the Commission, acting pursuant to said Section 8(a), may determine.

 

 

 


Table of Contents

The information in this preliminary prospectus is not complete and may be changed. We may not sell these securities until the registration statement filed with the Securities and Exchange Commission is effective. This prospectus is not an offer to sell these securities and it is not soliciting an offer to buy these securities in any jurisdiction where the offer or sale is not permitted.

 

Subject to Completion

Preliminary Prospectus dated December 17, 2015

            Shares

LOGO

Class A Common Stock

 

 

This is our initial public offering. We are offering             shares of our Class A common stock.

We expect that the public offering price will be between $         and $         per share. No public market currently exists for the shares, and no shares of the Class A common stock were outstanding before this offering. We intend to apply to list our Class A common stock on the NASDAQ Global Select Market under the trading symbol “SCWX.”

We are currently an indirect wholly-owned subsidiary of Dell Inc. and Dell Inc.’s ultimate parent company, Denali Holding Inc. Following this offering, our two classes of authorized common stock will consist of Class A common stock and Class B common stock. Denali Holding Inc. will own, indirectly through Dell Inc. and Dell Inc.’s subsidiaries, no shares of our outstanding Class A common stock and all outstanding shares of our Class B common stock, which will represent approximately     % of our total outstanding shares of common stock and approximately     % of the combined voting power of both classes of our outstanding common stock immediately after this offering (or approximately     % and     %, respectively, if the underwriters exercise their over-allotment option in full).

The rights of the holders of the Class A common stock and Class B common stock will be identical, except with respect to voting and conversion. Each share of Class A common stock will be entitled to one vote per share, and each share of Class B common stock will be entitled to ten votes per share. While beneficially owned by Denali Holding Inc. or any of its subsidiaries (excluding us and our controlled affiliates), each share of Class B common stock will be convertible into one share of Class A common stock at any time at the holder’s option. The Class B common stock also will automatically convert into Class A common stock on a share-for-share basis in circumstances specified in our charter.

We are an “emerging growth company” under the federal securities laws and are eligible to comply with reduced disclosure requirements for this prospectus and our public company filings.

 

 

Investing in our Class A common stock involves risks. See “Risk Factors” beginning on page 13.

 

     Price to
Public
     Underwriting
Discounts and
Commissions (1)
     Proceeds to
SecureWorks Corp.
 

Per Share

   $        $        $               

Total

   $                   $                   $    

 

(1) See “Underwriters” on page 159 for additional information regarding underwriting compensation.

The underwriters have an option to purchase a maximum of             additional shares of Class A common stock from us solely to cover over-allotments of shares.

Neither the Securities and Exchange Commission nor any state securities commission has approved or disapproved of these securities or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense.

Delivery of the shares of Class A common stock will be made on or about                     , 2016.

 

 

 

BofA Merrill Lynch   Morgan Stanley     Goldman, Sachs & Co.           J.P. Morgan

 

Barclays   Citigroup   Credit Suisse         RBC Capital Markets             UBS Investment Bank

 

Pacific Crest Securities

 a division of KeyBanc Capital Markets

  Stifel                       SunTrust Robinson Humphrey                       William Blair

 

The date of this prospectus is                     , 2016.


Table of Contents

LOGO

OUR MISSION
WE PROTECT OUR CLIENTS BY
PROVIDING COMPREHENSIVE
INTELLIGENCE-DRIVEN
INFORMATION
SECURITY SERVICES
SecureWorks


Table of Contents

LOGO

SecureWorks
61 countries
Over 4,100 clients
As many as
150 BILLION
events analyzed daily
MANAGED SECURITY
THREAT INTELLIGENCE
INCIDENT RESPONSE


Table of Contents

LOGO

Increasing Client Base & Global Visibility
Prevent
Detect
Counter Threat Unit
Counter Threat Platform
Counter Threat Operations Platform
Predict
Respond
Generating Actionable Intelligence
SECURITY & RISK CONSULTING


Table of Contents

TABLE OF CONTENTS

 

     Page  

Prospectus Summary

     1   

Risk Factors

     13   

Special Note Regarding Forward-Looking Statements

     39   

Industry and Market Data

     41   

Use of Proceeds

     42   

Dividend Policy

     43   

Capitalization

     44   

Dilution

     46   

Selected Condensed Combined Financial Data

     48   

Management’s Discussion and Analysis of Financial Condition and Results of Operations

     52   

Business

     76   

Management

     105   
 

 

 

Neither we nor the underwriters have authorized anyone to provide you with any information or make any representations other than those contained in this prospectus or in any free writing prospectus prepared by or on behalf of us or to which we have referred you. We take no responsibility for, and can provide no assurance as to the reliability of, any other information that others may give you. We are offering to sell, and seeking offers to buy, shares of Class A common stock only in jurisdictions where offers and sales are permitted. The information contained in this prospectus is accurate only as of the date of this prospectus, regardless of the time of delivery of this prospectus or of any sale of the Class A common stock. Our business, financial condition, results of operations and prospects may have changed since that date.

Through and including                     , 2016 (the 25th day after the date of this prospectus), all dealers effecting transactions in these securities, whether or not participating in this offering, may be required to deliver a prospectus. This is in addition to a dealer’s obligation to deliver a prospectus when acting as an underwriter and with respect to an unsold allotment or subscription.

For investors outside the United States: Neither we nor the underwriters have done anything that would permit this offering or possession or distribution of this prospectus in any jurisdiction where action for that purpose is required, other than in the United States. You are required to inform yourselves about and to observe any restrictions relating to this offering and the distribution of this prospectus outside of the United States.

 

 

Except where the context otherwise requires or where otherwise indicated, (1) all references to “SecureWorks,” “we,” “us,” “our” and “our company” in this prospectus refer to SecureWorks Corp. and our subsidiaries on a consolidated basis, (2) all references to “Dell” refer to Dell Inc. and its subsidiaries on a consolidated basis, (3) all references to “Denali” refer to Denali Holding Inc., the ultimate parent company of Dell Inc., (4) all references to “Dell Marketing” refer to Dell Marketing L.P., the indirect wholly-owned subsidiary of Dell Inc. and Denali that directly holds shares of our common stock, (5) all references to “Silver Lake” refer to Silver Lake Partners and (6) all references to our “charter” refer to our restated certificate of incorporation as it will be in effect immediately before the closing of this offering.

 

 

 

i


Table of Contents

PROSPECTUS SUMMARY

This summary highlights information presented in greater detail elsewhere in this prospectus. This summary is not complete and does not contain all of the information you should consider before deciding whether to purchase shares of our Class A common stock. You should read the entire prospectus carefully in making your investment decision. You should carefully consider, among other information, our combined financial statements and the related notes and the information under “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included elsewhere in this prospectus. Some of the statements in this summary contain forward-looking statements, as discussed under “Special Note Regarding Forward-Looking Statements.”

Our fiscal year is the 52- or 53-week period ending on the Friday nearest January 31. Our 2015 fiscal year ended on January 30, 2015, our 2014 fiscal year ended on January 31, 2014 and our 2013 fiscal year ended on February 1, 2013. Our 2016 fiscal year will end on January 29, 2016.

SECUREWORKS CORP.

Our Mission

Our mission is to secure our clients by providing exceptional intelligence-driven information security solutions.

Overview

We are a leading global provider of intelligence-driven information security solutions exclusively focused on protecting our clients from cyber attacks. We have pioneered an integrated approach that delivers a broad portfolio of information security solutions to organizations of varying size and complexity. Our solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real time, prioritize and respond rapidly to security breaches and predict emerging threats. The solutions leverage our proprietary technologies, processes and extensive expertise in the information security industry which we have developed over 16 years of operations. As of October 30, 2015, we served over 4,100 clients across 61 countries. Our success in serving our clients has resulted in consistent recognition of our company as a market leader by industry research firms such as International Data Corporation and Forrester Research, Inc. Gartner, Inc. has recognized us as a Leader in its “Magic Quadrant for Managed Security Services” from 2007 to 2014.

Organizations of all sizes rely on information technologies to make their businesses more productive and effective. These technologies are growing in complexity and often include a combination of on-premise, cloud and hybrid environments which are connected to multiple networks and are increasingly accessed via mobile devices. As a result, protecting information from cyber threats has become progressively more challenging, IT security budgets are growing and cybersecurity has become a critical priority for senior executives and boards of directors. At the same time, cyber attacks, which are growing in frequency and sophistication, are increasingly initiated by cyber criminals, nation states and other highly skilled adversaries intent on misappropriating information or inflicting financial and reputational damage. The challenge of information security is compounded by the proliferation of new regulations and industry-specific compliance requirements mandating that organizations maintain the integrity and confidentiality of their data.

These increasing cybersecurity challenges have created a large and fragmented market for IT security products and services. We believe that many organizations remain vulnerable to cyber attacks because they lack sufficient internal expertise in cybersecurity and rely on a collection of uncoordinated “point” products that address specific security issues but fall short in identifying and defending against next-generation cyber threats. As a result, these organizations engage information security services providers as part of their IT security

 



 

1


Table of Contents

strategy. Traditional security services providers, however, often lack a broad perspective on the threat landscape, are unable to scale their services to match the security needs of organizations, fail to provide actionable security information, focus only on a subset of the security needs of organizations or have limited deployment options.

Our intelligence-driven information security solutions offer an innovative approach to prevent, detect, respond to and predict cybersecurity breaches. Through our managed security offerings, we provide global visibility and insight into malicious activity, enabling our clients to detect and effectively remediate threats quickly. Threat intelligence, which is typically deployed as part of our managed security offerings, delivers early warnings of vulnerabilities and threats along with actionable information to help prevent any adverse impact. Through security and risk consulting, we advise clients on a broad range of security and risk-related matters. Incident response, which is typically deployed along with security and risk consulting, minimizes the impact and duration of security breaches through proactive client preparation, rapid containment and thorough event analysis followed by effective remediation.

Our proprietary Counter Threat Platform constitutes the core of our intelligence-driven information security solutions. This platform is purpose-built to provide us with global visibility into the threat landscape and a powerful perspective on our clients’ network environments. Each day, from our clients across the globe, it aggregates as many as 150 billion “network events,” which are events that possibly indicate anomalous activity or trends on a client’s network. Our platform analyzes these events with sophisticated algorithms to discover malicious activity and deliver security countermeasures, dynamic intelligence and valuable context regarding the intentions and actions of cyber adversaries. The platform leverages our intelligence gained over 16 years of processing and handling network events, the exclusive research on emerging threats and attack techniques conducted by our Counter Threat Unit research team and the extensive experience and deep understanding of the nature of cyber threats of our highly trained security analysts. We incorporate this intelligence into the platform on a real-time basis to provide additional context regarding “security events” or “threat events,” which represent malicious activity potentially compromising the security of a network, and to enhance the quality of the actionable security information we provide. The improved intelligence augments the value and drives broader adoption of our solutions, which in turn enables us to analyze yet more security information generated by a larger client base and increase the effectiveness of our protective and incident response measures.

We believe that our singular focus on providing a comprehensive portfolio of information security solutions makes us a trusted advisor and an attractive partner for our clients. Our flexible deployment model allows us to support the evolving needs of the largest, most sophisticated enterprises staffed with in-house security experts, as well as small and medium-sized businesses and government agencies with limited in-house capabilities and resources. Our vendor-neutral approach enables our clients to enhance their evolving IT security infrastructure, appliances and “best of breed” technologies with our solutions and capabilities, which provide our clients with both a comprehensive and highly effective security defense posture.

We have experienced significant growth since our inception. We generate revenue from our managed security and threat intelligence solutions through subscription-based arrangements, which provide us with a highly visible and recurring revenue stream, as well as revenue from our security and risk consulting engagements through fixed-price or retainer-based contracts. Our total revenue was $262.1 million in fiscal 2015, $205.8 million in fiscal 2014 and $172.8 million in fiscal 2013, for annual growth of 27% and 19%, respectively. For the first nine months of fiscal 2016 and fiscal 2015, our total revenue was $245.4 million and $190.7 million, respectively, representing a 29% growth rate. Our subscription revenue was $207.2 million in fiscal 2015, $170.2 million in fiscal 2014 and $145.1 million in fiscal 2013, for annual growth of 22% and 17%, respectively. For the first nine months of fiscal 2016 and fiscal 2015, our subscription revenue totaled $195.6 million and $149.9 million, respectively, representing a 31% growth rate. We incurred net losses of $38.5 million in fiscal 2015, $44.5 million in fiscal 2014 and $41.5 million in fiscal 2013. For the first nine months of fiscal 2016 and fiscal 2015, we incurred net losses of $57.5 million and $29.5 million, respectively.

 



 

2


Table of Contents

Industry Background

Organizations of all sizes are using new information technologies to make their businesses more productive and effective.

Organizations of all sizes rely on information technologies to make their businesses more productive and effective. Modern IT infrastructures are growing in complexity and often include a combination of on-premise, cloud and hybrid environments. In addition, the adoption of mobile computing allows access to critical business information from various devices and locations. The widespread adoption of these advanced IT architectures, along with the rapid growth of connected devices and new ways of delivering IT services, enables organizations to benefit from business applications that are more powerful and easier to deploy, use and maintain.

This rapidly evolving IT environment is increasingly vulnerable to frequent and sophisticated cyber attacks.

The evolving landscape of applications, modes of communication and IT architectures makes it increasingly challenging for businesses to protect their critical business assets from cyber threats. New technologies heighten security risks by increasing the number of ways a threat actor can attack a target by giving users greater access to important business networks and information and by facilitating the transfer of control of underlying applications and infrastructure to third-party vendors. Cyber attacks have evolved from computer viruses written by amateur hackers into highly complex and targeted attacks led by highly skilled adversaries intent on stealing information or causing financial and reputational damage.

The severe economic and reputational impact of attacks, coupled with growing regulatory burdens, makes cybersecurity defense increasingly a priority for senior management and boards of directors.

In the wake of numerous recent high-profile data breaches, organizations are increasingly aware of the financial and reputational risks associated with IT security vulnerabilities. We believe that the cybersecurity programs at many organizations do not rival the persistence, tactical skill and technological prowess of today’s cyber adversaries. Security breaches can be highly public and result in reputational damage and legal liability as well as large losses in productivity and revenue. Many organizations are particularly concerned about attacks that attempt to misappropriate sensitive and valuable business information. Adding to the urgency of the IT security challenge, new regulations and industry-specific compliance requirements direct organizations to design, implement, document and demonstrate controls and processes to maintain the integrity and confidentiality of information transmitted and stored on their systems.

The traditional cybersecurity approach of using numerous “point” products often fails to detect threats and block attacks.

Information systems at many organizations are vulnerable to breach because they rely on a collection of uncoordinated “point” security products that address security risks in a piecemeal fashion rather than in a proactive and coordinated manner. An effective cyber defense strategy requires the coordinated deployment of multiple products and services tailored to an organization’s specific security needs. Point products, however, primarily address security issues in a reactive manner, employing passive auditing or basic blocking techniques, and often lack integration and intelligent monitoring capabilities and management within a common framework necessary to provide effective information security throughout an organization.

Identifying and hiring qualified security professionals is a significant challenge for many organizations.

The difficulty in providing effective information security is exacerbated by the highly competitive environment for identifying, hiring and retaining qualified information security professionals.

 



 

3


Table of Contents

As a result, organizations engage information security services vendors to integrate, monitor and manage their point products to enhance their defense against cyber threats.

Because many organizations cannot adequately protect their networks from cyber threats, they are augmenting their IT security strategies to include information security services. By using these services, organizations seek to decrease their vulnerability to security breaches, increase the effectiveness of their existing investments in security products and free their own IT staff to focus on other responsibilities.

Traditional information security services vendors, however, often fail to satisfy the IT security needs of organizations, many of which seek the advantages of our solutions.

Gartner, Inc. estimates that the size of the combined Enterprise Security Services IT Outsourcing and consulting services markets was $25.0 billion in 2013 and expects it to grow at a compound annual growth rate of 11% to $47.4 billion in 2019. Frost & Sullivan estimates that sales of managed security services were $6.9 billion globally and $1.8 billion in North America in 2013, and expects sales to grow to $12.8 billion globally and $3.3 billion in North America in 2018, representing a compound annual growth rate of 13% and 12%, respectively. Recognizing the weaknesses of many traditional information security services vendors, organizations of all sizes are engaging us to help improve their defensive posture and manage their day-to-day exposure to cyber threats.

Our Solutions

Our Counter Threat Platform constitutes the core of our intelligence-driven information security solutions and provides our clients with a powerful integrated perspective and intelligence regarding their network environments and security threats. Our integrated suite of solutions includes:

 

    Managed security, through which we provide our clients global visibility and insight into malicious activity in their network environments and enable them to detect and remediate threats quickly and effectively

 

    Threat intelligence, through which we deliver early warnings of vulnerabilities and threats and provide actionable security intelligence to address these problems

 

    Security and risk consulting, through which we advise our clients on a variety of information security and risk-related matters, such as how to design and build strategic security programs, assess and test security capabilities and meet regulatory compliance requirements

 

    Incident response, through which we help our clients rapidly analyze, contain and remediate security breaches to minimize their duration and impact

The key capabilities of our solutions include:

Global Visibility. We have global visibility into the cyber threat landscape through our work for over 4,100 clients across 61 countries as of October 30, 2015. We are able to gain real-time insights that enable us to predict, detect and respond to threats quickly and effectively. We also are able to identify threats originating within a particular geographic area or relating to a particular industry and proactively leverage this threat intelligence to protect other clients against these threats.

Scalable Platform with Powerful Network Effects. Our proprietary Counter Threat Platform features a multi-tenant and distributed architecture that enables our software to scale and to provide faster performance while efficiently utilizing its underlying infrastructure. The platform analyzes as many as 150 billion daily network events from across our global client base to provide real-time risk assessment and rapid response. It is highly automated and processes an increasing percentage of events—over 99% as of October 30, 2015—without the need for human intervention. As our client base increases, our platform is able to analyze more events, and the intelligence derived from the additional events makes the platform more effective, which in turn drives broader client adoption and enhances the value of our solutions to both new and existing clients.

 



 

4


Table of Contents

Contextual and Predictive Threat Intelligence. Our proprietary and purpose-built technology analyzes and correlates billions of network events using advanced analytical tools and sophisticated algorithms to generate threat intelligence. This intelligence is augmented by our Counter Threat Unit research team, which conducts research into threat actors, uncovers new attack techniques, analyzes emerging threats and evaluates the risks posed to our clients. Applying this intelligence across our solutions portfolio provides clients with deeper insights and enriched context regarding tactics, techniques and procedures employed by those threat actors.

Integrated, Vendor-Neutral Approach. Our solutions are designed to monitor alerts, logs and other messages across multiple stages of the threat lifecycle by integrating a wide array of proprietary and third-party security products. This vendor-neutral approach allows us to aggregate events from a wide range of security and network devices, applications and endpoints to enhance our understanding of clients’ networks and increase the effectiveness of our monitoring solutions.

Flexible Solution and Delivery Options. Our intelligence-driven information security solutions are purpose-built to serve a broad array of evolving client needs regardless of a client’s size or the complexity of its security infrastructure. Our clients may subscribe to any combination of our solutions and also choose how much control they will maintain over their IT security infrastructure by selecting among our fully-managed, co-managed or monitored solution delivery options. Our flexible approach enables clients to tailor our solutions to reduce large and risky investments and costly implementations and to ensure quick and easy deployment.

Our Competitive Strengths

We believe that the following key competitive advantages will allow us to maintain and extend our leadership position in providing intelligence-driven information security solutions:

A Leader in Intelligence-Driven Information Security Solutions. We are a global leader in providing intelligence-driven information security solutions and believe that we have become a mission-critical vendor to many of the large enterprises, small and medium-sized businesses and U.S. state and local government agencies we serve. Our position as a technology and market leader enhances our brand and enables us to influence organizations’ purchasing decisions as they look for a comprehensive solution.

Purpose-Built, Proprietary Technology. At the core of our solutions is the Counter Threat Platform, a proprietary technology platform we have developed during our 16 years of operations. This platform collects, correlates and analyzes billions of daily network events and data points, and generates enriched security intelligence on threat actor groups and global threat indicators.

Specialist Focus and Expertise. We have built our company, technology and culture with a singular focus on protecting our clients by delivering intelligence-driven information security solutions. We believe this continued focus reinforces our differentiation from other information security services vendors, including telecommunications and network providers, IT security product companies and local and regional information security services providers.

Strong Team Culture. At our company, the fight against sophisticated and malicious cybersecurity threats is a personal one, and we take great pride in helping our clients protect their critical business data and processes. We dedicate significant resources to ensure that our culture and brand reflect our exclusive focus on protecting our clients.

Seasoned Management Team and Extensive IT Security Expertise. We have a highly experienced and tenured management team with extensive IT security expertise and a record of developing successful new technologies and solutions to help protect our clients.

 



 

5


Table of Contents

Our Growth Strategy

Our goal is to be the global leader of intelligence-driven information security solutions. To pursue our growth strategy, we seek to:

Maintain and extend our technology leadership: We intend to enhance our leading intelligence-driven integrated suite of solutions by adding complementary solutions that strengthen the security posture of our clients, such as security solutions for cloud-based environments. We intend to meet this goal by investing in research and development, increasing our global threat research capabilities and hiring personnel with extensive IT security expertise.

Expand and diversify our client base: We intend to continue to grow our client base, both domestically and internationally, by investing in our direct sales force, further developing our strategic and distribution relationships, pursuing opportunities across a broad range of industries and creating new cloud-based solutions. We also intend to continue increasing our geographic footprint to further enhance our deep insight into the global threat landscape and our ability to deliver comprehensive threat intelligence to our clients.

Deepen our existing client relationships: We intend to leverage the strong client relationships and high client satisfaction from across our client base to sell additional solutions to existing clients. We will continue to invest in our account management, marketing initiatives and client support programs in seeking to achieve high client renewal rates, help clients realize greater value from their existing solutions and encourage them to expand their use of our solutions over time.

Attract and retain top talent: Our technology leadership, brand, exclusive focus on information security, client-first culture and robust training and development program have enabled us to attract and retain highly talented professionals with a passion for building a career in the information security industry. We will continue to invest in attracting and retaining top talent to support and enhance our information security offerings.

Risks Associated with Our Business

Our business is subject to numerous risks, including those discussed under “Risk Factors” beginning on page 13 immediately following this prospectus summary. These risks could materially and adversely affect our business, financial condition, operating results and prospects, which could cause the trading price of our Class A common stock to decline and could result in a partial or total loss of your investment.

Our Relationship with Dell and Denali

Ownership of Our Company Before this Offering. On February 8, 2011, we were acquired by Dell, a global information technology company. On October 29, 2013, Dell Inc. completed a going-private transaction in which its public stockholders received cash for their shares of Dell Inc. common stock. Dell Inc. was acquired by Denali Holding Inc., a holding company formed for the purposes of the transaction, and Dell Inc. thereafter ceased to file reports with the SEC. Denali is owned by Michael S. Dell, the Chairman, Chief Executive Officer and founder of Dell, his related family trust, investment funds affiliated with Silver Lake (a private equity firm), investment funds affiliated with MSDC Management L.P., an investment manager related to MSD Capital (a firm founded for the purpose of managing investments of Mr. Dell and his family), members of Dell’s management and other investors. As of October 30, 2015, Mr. Dell and his related family trust beneficially owned approximately 71% of Denali’s voting securities, the investment funds affiliated with Silver Lake beneficially owned approximately 24% of Denali’s voting securities, and the other stockholders beneficially owned approximately 5% of Denali’s voting securities. Denali currently beneficially owns all of our outstanding common stock indirectly through Dell Inc. and Dell Inc.’s subsidiaries.

Upon the completion of Dell Inc.’s going-private transaction, we guaranteed repayment of certain indebtedness incurred by Dell to finance the transaction and pledged substantially all of our assets to secure

 



 

6


Table of Contents

repayment of the indebtedness. In connection with this offering, our guarantees of Dell’s indebtedness and the pledge of our assets have been terminated and we have ceased to be subject to the restrictions of the agreements governing the indebtedness. Following this offering, all of our shares of common stock held by Dell Marketing L.P., an indirect wholly-owned subsidiary of Dell Inc. and Denali, or by any other subsidiary of Denali that is a party to the debt agreements, will be pledged to secure repayment of the foregoing indebtedness.

Control of Our Company by Denali After this Offering. Upon the completion of this offering, Denali will own, indirectly through Dell Inc. and Dell Inc.’s subsidiaries, including Dell Marketing L.P., no shares in our Class A common stock and all              outstanding shares of our Class B common stock, which will represent approximately     % of our total outstanding shares of common stock and approximately     % of the combined voting power of both classes of our outstanding common stock immediately after this offering (or approximately     % and     %, respectively, if the underwriters exercise their over-allotment option in full). As a result, Denali will continue to control us following this offering, and will be able to exercise control over all matters requiring approval by our stockholders, including the election of our directors and approval of significant corporate transactions. Denali’s controlling interest may discourage a change in control of our company that other holders of our common stock may favor. Denali is not subject to any contractual obligation to retain any of our common stock, except that it has agreed not to sell or otherwise dispose of any of our common stock for a period of 180 days after the date of this prospectus without the prior written consent of Merrill Lynch, Pierce, Fenner & Smith Incorporated and Morgan Stanley & Co. LLC on behalf of the underwriters, as described under “Underwriters.”

Michael S. Dell, the Chairman and Chief Executive Officer of Dell and Denali, and Egon Durban, a director of Dell and Denali, serve on our board of directors.

Our Services Arrangements with Dell. Before this offering, Dell has provided various corporate services to us in the ordinary course of our business, including finance, tax, human resources, legal, IT, procurement and facilities-related services. Dell also has provided us with the services of a number of its executives and employees. In connection with this offering, we have entered into agreements with Dell and Denali relating either to this offering or for the purpose of formalizing our existing and future relationships with these companies after this offering. The agreements include a shared services agreement, intellectual property agreements, a tax matters agreement, an employee matters agreement and agreements relating to real estate matters. For a description of these agreements, see “Certain Relationships and Related Transactions—Operating and Other Agreements Between Dell or Denali and Us.”

Our Commercial Arrangements with Dell. Before this offering, as a subsidiary of Dell, we have participated in commercial arrangements with Dell, under which, for example, we provide information security solutions to third-party clients with which Dell has contracted to provide our solutions, procure hardware, software and services from Dell and sell our solutions through Dell in the United States and some international jurisdictions. In connection with this offering, we have entered into agreements that govern these commercial arrangements now and after the offering. In particular, under a new master commercial customer agreement between us and Dell, we are able to procure hardware, software and services from Dell either at a discount to list price or at a margin above Dell’s cost that is generally consistent with the pricing terms Dell offers to select corporate customers. For information about our existing commercial arrangements with Dell and how we expect this offering will affect them, see “Certain Relationships and Related Transactions—Relationship with Dell” and “—Operating and Other Agreements Between Dell or Denali and Us.”

Corporate Information

Our principal executive offices are located at One Concourse Parkway NE, Suite 500, Atlanta, Georgia 30328. Our telephone number at that address is (404) 327-6339. Our website is www.secureworks.com. Information appearing on, or that can be accessed through, our website is not a part of this prospectus.

 



 

7


Table of Contents

Our predecessor company was originally formed as a limited liability company in Georgia in March 1999, and we were incorporated in Georgia under the name SecureWorks Holding Corporation in May 2009. On November 24, 2015, we reincorporated from Georgia to Delaware pursuant to a plan of conversion. In connection with our reincorporation, we changed our name to SecureWorks Corp. We are a holding company that conducts operations through our wholly-owned subsidiaries.

“SecureWorks,” the SecureWorks logos and other trade names, trademarks or service marks of SecureWorks appearing in this prospectus are the property of SecureWorks. This prospectus contains additional trade names, trademarks and service marks of other companies, which are the property of their respective owners. We do not intend our use or display of other companies’ trade names, trademarks or service marks to imply a relationship with, or endorsement or sponsorship of us by, these other companies.

Emerging Growth Company Status

We qualify as an “emerging growth company” as defined in the Jumpstart Our Business Startups Act of 2012, or the JOBS Act. For so long as we remain an emerging growth company, we are permitted and currently intend to rely on the following provisions of the JOBS Act that contain exceptions from disclosure and other requirements that otherwise are applicable to companies that conduct initial public offerings and file periodic reports with the SEC. The JOBS Act provisions:

 

    permit us to include three years, rather than five years, of selected financial data in this prospectus;

 

    provide an exemption from the auditor attestation requirement in the assessment of our internal control over financial reporting under the Sarbanes-Oxley Act of 2002;

 

    permit us to include reduced disclosure regarding executive compensation in this prospectus and our SEC filings as a public company; and

 

    provide an exemption from the requirement to hold a non-binding advisory vote on executive compensation and stockholder approval of any golden parachute arrangements not previously approved.

We will remain an emerging growth company until:

 

    the first to occur of the last day of the fiscal year (1) which follows the fifth anniversary of the completion of this offering, (2) in which we have total annual gross revenue of at least $1 billion or (3) in which the market value of our capital stock held by non-affiliates was $700 million or more as of the last business day of the preceding second fiscal quarter; or

 

    if it occurs before any of the foregoing dates, the date on which we have issued more than $1 billion in non-convertible debt over a three-year period.

We have irrevocably elected not to avail ourselves of the provision of the JOBS Act that permits emerging growth companies to take advantage of an extended transition period to comply with new or revised accounting standards applicable to public companies. As a result, we will be subject to new or revised accounting standards at the same time as other public companies that are not emerging growth companies.

 



 

8


Table of Contents

THE OFFERING

 

Class A common stock offered by us

            shares

 

Class A common stock offered by us pursuant to the underwriters’ over-allotment option

            shares

Common stock to be outstanding after this offering:

 

Class A common stock

            shares (or             shares, if the underwriters exercise their over-allotment option in full)

 

Class B common stock

            shares

 

Voting rights

Following this offering, our two classes of authorized common stock will consist of Class A common stock and Class B common stock. The rights of the holders of Class A and Class B common stock will be identical, except with respect to voting and conversion. Each share of Class A common stock will be entitled to one vote per share, and each share of Class B common stock will be entitled to ten votes per share. While beneficially owned by Denali or any of its subsidiaries (excluding us and our controlled affiliates), each share of Class B common stock will be convertible into one share of Class A common stock at any time at the holder’s option. The Class B common stock also will automatically convert into Class A common stock on a share-for-share basis in circumstances specified in our charter. See “Description of Our Capital Stock” for more information about the rights of each class of our common stock.

Denali’s ownership of common stock to be outstanding after this offering:

 

Class A common stock

No shares

 

Class B common stock

Immediately after this offering, Denali will own (indirectly through its wholly-owned subsidiaries) all              outstanding shares of our Class B common stock, which will represent approximately     % of our total outstanding shares of common stock and approximately     % of the combined voting power of both classes of our outstanding common stock (or     % and     %, respectively, if the underwriters exercise their over-allotment option in full).

 

Use of proceeds

We estimate that the net proceeds from this offering will be approximately $        , or approximately $         if the underwriters exercise their over-allotment option in full, at an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and other estimated offering expenses payable by us.

 



 

9


Table of Contents
  We intend to use the net proceeds we receive from this offering for working capital and other general corporate purposes, which may include financing our growth, developing new solutions and enhancements to our current solutions, funding capital expenditures, and making investments in, and acquisitions of, complementary businesses, services or technologies. We do not intend to transfer any net proceeds we receive from this offering to Denali, Dell or their respective affiliates, other than payments in the ordinary course of business under one or more of the agreements described under “Certain Relationships and Related Transactions—Operating and Other Agreements Between Dell or Denali and Us.” For information about our proposed use of proceeds, see “Use of Proceeds.”

 

Proposed NASDAQ Global Select Market trading symbol

“SCWX”

The number of shares of our common stock that will be outstanding immediately after this offering includes the following shares:

 

                 shares of Class A common stock that will be issued upon the conversion of our outstanding convertible notes at the closing of this offering based on an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus; and

 

                 restricted shares of our Class A common stock to be granted under our 2016 long-term incentive plan on the date of this prospectus, based on an assumed initial public offering price of $             per share, which is the midpoint of the estimated offering price range set forth on the cover page of the prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.”

The number of shares of our common stock that will be outstanding immediately after this offering excludes the following shares as of                         , 2016:

 

                shares of our Class A common stock that may be issuable upon the conversion of the outstanding shares of our Class B common stock; and

 

                shares of our Class A common stock reserved for issuance under our 2016 long-term incentive plan pursuant to grants of restricted stock units and stock options to be made on the date of this prospectus, based on an assumed initial public offering price of $             per share, which is the midpoint of the estimated offering price range set forth on the cover page of the prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.”

Except as otherwise indicated, the information in this prospectus about our common stock reflects our capitalization as it will be in effect upon the closing of this offering and assumes no exercise of the underwriters’ over-allotment option.

 



 

10


Table of Contents

SUMMARY CONDENSED COMBINED FINANCIAL DATA

The following tables present our summary historical condensed combined financial data. For the purposes of the combined financial statements included in this prospectus, we elected to utilize pushdown accounting for Dell’s going-private transaction completed on October 29, 2013. Accordingly, periods prior to October 29, 2013 reflect our financial position, results of operations and changes in financial position before the transaction, referred to as the predecessor period, and the period beginning on October 29, 2013 reflects our financial position, results of operations and changes in financial position after the transaction, referred to as the successor period. The summary condensed combined statements of operations for the periods ended October 30, 2015 and October 31, 2014 and the summary condensed combined statements of financial position as of October 30, 2015 have been derived from our unaudited condensed combined financial statements included elsewhere in this prospectus. The summary condensed combined statements of operations for the periods ended January 30, 2015, January 31, 2014 and February 1, 2013 and the summary condensed combined statements of financial position as of January 30, 2015 are derived from our audited combined financial statements included elsewhere in this prospectus. The unaudited condensed combined financial statements have been prepared on the same basis as the audited combined financial statements and, in the opinion of our management, include all adjustments necessary to fairly state the information set forth herein.

The summary historical condensed combined financial data presented below should be read in conjunction with our audited combined financial statements and accompanying notes and our unaudited condensed combined financial statements and accompanying notes, as well as “Selected Condensed Combined Financial Data” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included elsewhere in this prospectus. Our condensed combined financial information may not be indicative of our future performance and does not necessarily reflect what our financial position and results of operations would have been if we had operated as a stand-alone public company during the periods presented, including changes that will occur in our operations and capitalization as a result of this offering.

 

     Nine Months Ended     Fiscal Year Ended  
     Successor     Successor     Combined (1)     Predecessor  
     October 30, 2015     October 31, 2014     January 30, 2015     January 31, 2014     February 1, 2013  
     (in thousands)  

Results of Operations:

      

Net revenue

   $ 245,441      $ 190,718      $ 262,130      $ 205,830      $ 172,803   

Gross margin

   $ 111,263      $ 85,192      $ 117,284      $ 92,623      $ 79,447   

Operating expenses

   $ 194,787      $ 131,961      $ 178,377      $ 160,871      $ 141,606   

Operating loss

   $ (83,524   $ (46,769   $ (61,093   $ (68,248   $ (62,159

Net loss

   $ (57,482   $ (29,524   $ (38,490   $ (44,515   $ (41,547

 

(1) For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods in the above table. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Recognition of Dell’s Going-Private Transaction” and “Notes to Audited Combined Financial Statements—Note 1—Description of the Business and Basis of Presentation” for more information on the predecessor and successor periods.

The following table presents our summary historical condensed combined balance sheet information as of the date indicated:

 

    on an actual basis;

 

    on a pro forma basis to give effect to our capitalization as it will be in effect immediately before the closing of this offering; and

 



 

11


Table of Contents
    on a pro forma as adjusted basis to give effect to our sale of             shares of our Class A common stock in this offering at an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us.

 

     October 30, 2015  
     Actual      Pro Forma      Pro Forma
(as adjusted)
 
            (in thousands)         

Balance Sheet:

        

Cash and cash equivalents

   $ 39,451       $         $     

Accounts receivable, net

   $ 83,681       $         $     

Total assets

   $ 916,087       $         $     

Short-term deferred revenue

   $ 91,864       $         $     

Long-term deferred revenue

   $ 16,030       $         $     

Long-term convertible notes

   $ 27,993         

Total parent company equity

   $ 616,006                   —                   —   

Total stockholders’ equity (deficit)

   $       $         $     

 



 

12


Table of Contents

RISK FACTORS

Investing in our Class A common stock involves a high degree of risk. You should carefully consider the risks described below, together with all of the other information in this prospectus, including our combined financial statements and related notes, before deciding whether to purchase shares of our Class A common stock. The risks could materially and adversely affect our business, financial condition, results of operations and prospects. As a result, the trading price of our Class A common stock could decline and you could lose part or all of your investment.

Risks Related to Our Business and Our Industry

We have a history of losses and may not achieve or maintain profitability.

We incurred net losses of $57.5 million in the first nine months of fiscal 2016, $38.5 million in fiscal 2015, $44.5 million in fiscal 2014 and $41.5 million in fiscal 2013. Any failure to increase our revenue as we grow our business could prevent us from achieving or maintaining profitability on a consistent basis or at all. We expect our operating expenses to continue to increase as we implement our growth strategy to maintain and extend our technology leadership, expand and diversify our client base and attract and retain top talent. Our strategic initiatives may be more costly than we expect, and we may not be able to increase our revenue to offset these increased operating expenses and the additional expenses we will incur as a public company. Our revenue growth may slow or revenue may decline for a number of reasons, including increased competition, reduced demand for our solutions, a decrease in the growth or size of the information security market or any failure by us to capitalize on growth opportunities. If we are unable to meet these risks and challenges as we encounter them, our business, financial condition and results of operations may suffer.

We must continually enhance our existing solutions and technologies and develop or acquire new solutions and technologies, or we will lose clients and our competitive position will suffer.

Many of our clients operate in markets characterized by rapidly changing technologies, which require them to support a variety of hardware, software applications, operating systems and networks. As their technologies grow more complex, we expect these clients to face new and increasingly sophisticated methods of cyber attack. To maintain or increase our market share, we must continue to adapt and improve our solutions in response to these changes without compromising the high service levels demanded by our clients. If we fail to predict accurately or react in a timely manner to the changing needs of our clients and emerging technological trends, we will lose clients, which will negatively affect our revenue, financial condition and results of operations. The forces behind changes in technology, which we do not control, include:

 

    the establishment by organizations of increasingly complex IT networks that often include a combination of on-premise, cloud and hybrid environments;

 

    the rapid growth of smart phones, tablets and other mobile devices and the “bring your own device” trend in enterprises;

 

    action by hackers and other threat actors seeking to compromise secure systems;

 

    evolving computer hardware and software standards and capabilities;

 

    changing client requirements for information technology; and

 

    introductions of new products and services or enhancements to existing products and services by our competitors.

Our future growth also depends on our ability to scale our Counter Threat Platform to analyze an ever increasing number of network events. As of October 30, 2015, our platform analyzed as many as 150 billion network events each day, and we estimate that the number of events analyzed through our solutions doubles approximately every 16 months. If the number of network events grows to a level that our platform is unable to process effectively, or if our platform fails to handle automatically an increasing percentage of events or is

 

13


Table of Contents

unable to process a sudden, sharp increase in the number of events, we might fail to identify network events as significant threat events, which could harm our clients and negatively affect our business and reputation.

We operate in a rapidly evolving market, and if the new solutions and technologies we develop or acquire do not achieve sufficient market acceptance, our growth rates will decline and our business, results of operations and competitive position will suffer.

We spend substantial amounts of time and money researching and developing new information security solutions and technologies and enhancing the functionality of our current solutions and technologies to meet the rapidly evolving demands of our clients for information security in our highly competitive industry. For us to realize the benefits from our significant investments in developing and bringing our solutions to market, our new or enhanced solutions must achieve high levels of market acceptance, which may not occur for many reasons, including as a result of:

 

    delays in introducing new, enhanced or modified solutions that address and respond to innovations in computer technology and client requirements;

 

    defects, errors or failures in any of our solutions;

 

    any inability by us to integrate our solutions with the security and network technologies used by our current and prospective clients;

 

    any failure by us to anticipate, address and respond to new and increasingly sophisticated security threats or techniques used by hackers and other threat actors;

 

    negative publicity about the performance or effectiveness of our solutions; and

 

    disruptions or delays in the availability and delivery of our solutions.

Even if the initial development and commercial introduction of any new solutions or enhancements to our existing solutions are successful, the new or enhanced solutions may not achieve widespread or sustained market acceptance. In such an event, our competitive position may be impaired and our revenue and profitability may be diminished. The negative effect of inadequate market acceptance on our results of operations may be particularly acute because of the significant research, development, marketing, sales and other expenses we will have incurred in connection with the new or enhanced solutions.

We rely on personnel with extensive information security expertise, and the loss of, or our inability to attract and retain, qualified personnel in the highly competitive labor market for such expertise could harm our business.

Our future success depends on our ability to identify, attract, retain and motivate qualified personnel. We depend on the continued contributions of Michael R. Cote, our President and Chief Executive Officer, and our other senior executives, who have extensive information security expertise. The loss of any of these executives could harm our business and distract other senior managers engaged to search for their replacements.

Our Counter Threat Unit and security analyst teams are staffed with experts in information security, software coding and advanced mathematics. Because there are a limited number of individuals with the education and training necessary to fill these roles, such individuals are in high demand. We face intense competition in hiring individuals with the requisite expertise, including from companies with greater resources than ours. As a result, we may be unable to attract and retain on a timely basis, or at all, suitably qualified individuals who are capable of meeting our growing technical, operational and managerial requirements, or may be required to pay increased compensation to satisfy our staffing needs. Further, if we hire personnel from competitors, we may be subject to allegations that the new employees were improperly solicited or have divulged proprietary or other confidential information in breach of agreements with their former employers. Any inability by us to attract and retain the qualified personnel we need to succeed could adversely affect our competitive market position, revenue, financial condition and results of operations.

 

14


Table of Contents

Our quarterly results of operations or other operating measures may fluctuate significantly based on a number of factors that could make our future results difficult to predict.

Our results of operations or other operating measures have fluctuated in the past from quarter to quarter. We expect that quarterly fluctuations will continue as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:

 

    our ability to increase sales to existing clients and to renew contracts with our clients;

 

    delays in deployment of solutions under our client contracts;

 

    our ability to attract new clients;

 

    interruptions or service outages in our data centers and other technical infrastructure, other technical difficulties or security breaches;

 

    client budgeting cycles, seasonal buying patterns and purchasing practices;

 

    changes in our pricing policies or those of our competitors;

 

    fluctuations in demand for our information security solutions and in the growth rate of the information security market generally;

 

    the level of awareness of IT security threats and the market adoption of information security solutions;

 

    the timing of the recognition of revenue and related expenses;

 

    our ability to expand our direct sales force and our strategic and distribution relationships;

 

    our ability to develop in a timely manner new and enhanced information security solutions and technologies that meet client needs;

 

    our ability to retain, hire and train key personnel, including sales personnel, security analysts and members of our security research team;

 

    fluctuations in available cash flow from prepayments for our solutions;

 

    changes in the competitive dynamics of our market, including the launch of new products and services by our competitors;

 

    the effectiveness and efficiency of in-house information security solutions;

 

    our ability to control costs, including our operating and capital expenses;

 

    our ability to keep our proprietary technologies current;

 

    any failure of or technical issues with a significant number of our appliances or software;

 

    adverse litigation judgments, settlements or other litigation-related costs;

 

    costs related to the acquisition of businesses, talent, technologies or intellectual property, including potentially significant amortization costs and possible write-downs;

 

    stock-based compensation expenses associated with attracting and retaining personnel; and

 

    general economic conditions, geopolitical events and natural catastrophes.

The factors above, individually or in the aggregate, may result in significant fluctuations in our financial and other results of operations from quarter to quarter. As a result of this variability and unpredictability, you should not unduly rely on our historical results of operations as an indication of future performance.

 

15


Table of Contents

We face intense competition, including from larger companies, and may lack sufficient financial or other resources to maintain or improve our competitive position.

The market for managed security and other information security services is highly competitive, and we expect competition to intensify in the future. Increased competition in our market could result in intensified pricing pressure, reduced profit margins, increased sales and marketing expenses and a failure to increase, or a loss of, market share. Our competitors vary in size and in the scope and breadth of the products and services they offer. For additional information regarding our competitors, see “Business—Competition.”

Many of our existing and potential competitors, particularly in the large enterprise market, enjoy substantial competitive advantages because of their longer operating histories, greater brand name recognition, larger client bases, more extensive client relationships within large commercial enterprises, more mature intellectual property portfolios and greater financial and technical resources. As a result, they may be able to adapt more quickly than we can to new or emerging technologies and changing opportunities, standards or client requirements. In addition, several of our competitors have made acquisitions or entered into partnerships or other strategic relationships with one another to offer more comprehensive cybersecurity solutions than each could offer individually. Mergers, consolidations or alliances among competitors, or acquisitions of our competitors by large companies, may result in more formidable competition for us if their security products and services are bundled into sales packages with their widely utilized non-security-related products and services. For example, large telecommunications companies may choose in the future to integrate managed security services aggressively as a complement to their existing communications offerings. In addition, we expect pricing pressures within the information security market to intensify as a result of action by our larger competitors to reduce the prices of their security monitoring, detection and prevention products and managed security services. If we are unable to maintain or improve our competitive position with respect to our current or future competitors, our failure to do so could adversely affect our revenue growth and financial condition.

If we are unable to attract new clients, retain existing clients or increase our annual contract values, our revenue growth will be adversely affected.

To achieve revenue growth, we must expand our client base, retain existing clients and increase our annual contract values. In addition to attracting additional large enterprise and small and medium-sized business clients, we intend to pursue non-U.S. clients, government entity clients and clients in other industry sectors in which our competitors may have a stronger position. The renewal rates of our existing clients may decline or fluctuate as a result of a number of factors, including their satisfaction or dissatisfaction with our solutions, the price of our solutions, the prices or availability of competing solutions and technologies or consolidation within our client base. If we fail to attract new clients, or our clients do not renew their contracts for our solutions or renew them on less favorable terms, our revenue may cease to grow or may decline and our business may suffer.

We offer managed security and advanced threat intelligence on a subscription basis under contracts with initial terms that typically range from one to three years and, as of October 30, 2015, averaged two years in duration. Our clients have no obligation to renew their contracts after the expiration of their terms, and we cannot be sure that client contracts will be renewed on terms favorable to us or at all. The fees we charge for our solutions vary based on a number of factors, including the solutions selected, the number of client devices covered by the selected solutions and the level of management we provide for the solutions. Our initial contracts with clients may include amounts for hardware, installation and professional services that may not recur. Further, if a client renews a contract for a term longer than the preceding term, it may pay us greater total fees than it paid under the preceding contract, but still pay lower average annual fees, because we generally offer discounted rates in connection with longer contract terms. In any of these situations, we would need to sell additional solutions to maintain the same level of annual fees from the client. Some clients elect not to renew their contracts with us or renew them on less favorable terms, and we may not be able on a consistent basis to increase our annual contract values by obtaining advantageous contract renewals.

 

16


Table of Contents

The loss of, or significant reduction in purchases by, our largest client could adversely affect our business and financial results.

In fiscal 2015, we derived 12% of our revenue from Bank of America, N.A., or Bank of America, which is our largest client. Our business, financial condition and results of operations could suffer if Bank of America were to terminate or significantly curtail its purchases of our solutions, if we were unable to sell our solutions to Bank of America on terms substantially as favorable to us as the terms under our current agreement, or if we were to experience delays in collecting payments from Bank of America. We provide managed security solutions to Bank of America under supplements entered into from time to time under a master services agreement. Bank of America may terminate any supplement for convenience and without cause at any time. The master services agreement will terminate automatically two years after the date on which there are no supplements outstanding under the agreement, and may be terminated by the parties for cause under specified circumstances. Bank of America may choose not to continue purchasing solutions from us in the future. The continuation of our business relationship with Bank of America, and the amount and timing of Bank of America’s purchases and payments, might be adversely affected by general economic conditions, significant changes within the financial services industry or in the regulation of that industry, competition from other providers of managed security services, changes in Bank of America’s demand for our solutions and other factors beyond our control.

We generate a significant portion of our revenue from clients in the financial services industry, and changes within that industry or an unfavorable review by the federal banking regulatory agencies could reduce demand for our solutions.

We derived approximately 38% of our revenue in fiscal 2015 from financial services institutions and expect to continue to derive a substantial portion of our revenue from clients in the financial services industry. Any of a variety of changes in that industry could adversely affect our revenue, profitability and financial condition. Spending by financial services clients on technology generally has fluctuated, and may continue to fluctuate, based on changes in economic conditions and on other factors, such as decisions by clients to reduce or restructure their technology spending in an attempt to improve profitability. Further, mergers or consolidations of financial institutions could reduce our current and potential client base, resulting in a smaller market for our solutions.

Some of our solutions have been deemed to be mission-critical functions of our financial institution clients that are regulated by one or more member agencies of the Federal Financial Institutions Examination Council, or the FFIEC. We therefore are subject to examination by the member agencies of the FFIEC. The agencies conduct periodic reviews of our operations to identify existing or potential risks associated with our operations that could adversely affect our financial institution clients, evaluate our risk management systems and controls, and determine our compliance with applicable laws that affect the solutions we provide to financial institutions. Areas of examination include our management of technology, data integrity, information confidentiality, service availability and financial stability. A sufficiently unfavorable review could result in our financial institution clients not being allowed, or not choosing, to continue using our solutions, which could adversely affect our revenue, financial condition and results of operations.

If we fail to manage our growth effectively, we may be unable to execute our business plan and maintain high levels of client service, and our operations may be disrupted.

We have substantially increased our overall headcount and expanded our business and operations in recent periods. Since February 1, 2013, our client base grew approximately 28% from approximately 3,200 managed security clients to over 4,100 managed security clients as of October 30, 2015, contributing to an increase in our revenue from $172.8 million in fiscal 2013 to $262.1 million in fiscal 2015. In addition, since February 1, 2013, our headcount increased from 1,036 full-time employees to 2,013 full-time employees as of October 30, 2015. As our client base continues to grow, we will be required to further expand our operations, which could place a strain on our resources and infrastructure and affect our ability to maintain the quality of our solutions, deploy

 

17


Table of Contents

our solutions, support our clients after deployment and foster our client-focused culture. If we are unable to manage our growth, expenses or business effectively, our financial condition, results of operations and profitability could be adversely affected.

As we grow, we must continue to manage efficiently our employees, operations, finances, research and development and capital investments. Our productivity, client-focused culture and the quality of our solutions may be negatively affected if we do not integrate and train our new employees, particularly our sales and account management personnel, quickly and effectively. In addition, we may need to make substantial investments in additional IT infrastructure to support our growth and will need to maintain or improve our operational, financial and management controls and our reporting procedures, which will require substantial management effort and additional investments in our operations. Further, if we expand our offerings, we may compete more directly with security software and service providers that may be better established or have greater resources than we do, our relationships with our channel and strategic partners may be impaired and we may be required to comply with additional industry regulations.

Failure to maintain high-quality client service and support functions could adversely affect our reputation and growth prospects.

Once our solutions are deployed within our clients’ networks, our clients depend on our technical and other support services to ensure the security of their IT systems. If we fail to hire, train and retain qualified technical support and professional services employees, our ability to satisfy our clients’ requirements could be adversely affected, particularly if the demand for our solutions expands more rapidly than our ability to implement our solutions and provide client support. If we do not effectively assist our clients to deploy our solutions, resolve post-deployment issues or provide effective ongoing support, our ability to sell additional solutions or subscriptions to existing clients could suffer and our reputation with potential clients could be damaged. If we fail to meet the requirements of our existing clients, particularly larger enterprises that may require higher levels of support, it may be more difficult to realize our strategy of selling higher-margin or different types of solutions to those clients.

Our results of operations may be adversely affected by service level agreements with some of our clients that require us to provide them with credits for service failures or inadequacies.

We have agreements with some of our clients in which we have committed to provide them our solutions at specified levels. If we are unable to meet the commitments, we may be obligated to extend service credits to such clients, or could face terminations of the service agreements. Damages for failure to meet the service levels specified in our service level agreements generally are limited to the fees charged over the previous 12 months, but, if challenged, such limits on damages payable by us may not be upheld, and we may be required to pay damages greater than such fees. Repeated or significant service failures or inadequacies could adversely affect our reputation and results of operations.

If we are unable to continue the expansion of our sales force, the growth of our business could be harmed.

We are substantially dependent on our direct sales force to obtain new clients and increase sales to existing clients, and believe that our growth will be constrained if we are not successful in recruiting, training and retaining a sufficient number of qualified sales personnel. There is significant competition for sales personnel with the deep skills and technical knowledge that are required to sell our information security solutions. We may be unable to hire or retain sufficient numbers of qualified individuals in the domestic and international markets in which we do business or plan to do business. Because we continue to grow rapidly, a large percentage of our sales force is new to our company. Newly hired sales personnel require extensive training and experience in selling activity before they achieve full productivity. Sales force members that we have hired recently or plan to hire may not become productive as quickly as we expect. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new clients or increasing sales to our existing client base, our business, results of operations and growth prospects will be adversely affected.

 

18


Table of Contents

Our sales cycles are long and unpredictable, and our sales efforts require considerable time and expense, which could adversely affect our results of operations.

Sales of our information security solutions usually require lengthy sales cycles, which are typically three to nine months, but can exceed 12 months for larger clients. Sales to our clients can be complex and require us to educate our clients about our technical capabilities and the use and benefits of our solutions. Clients typically undertake a significant evaluation and acceptance process, and their subscription decisions frequently are influenced by budgetary constraints, technology evaluations, multiple approvals and unplanned administrative, processing and other delays. We spend substantial time, effort and money in our sales efforts without any assurance that our efforts will generate long-term contracts. If we do not realize the sales we expect from potential clients, our revenue and results of operations could be adversely affected.

As we continue to expand sales of our information security solutions to clients located outside the United States, our business increasingly will be susceptible to risks associated with international sales and operations.

We have limited experience operating in international jurisdictions compared to our experience operating in the United States and expect to increase our presence internationally through additional relationships with local and regional strategic and distribution partners and potentially through acquisitions of other companies. In fiscal 2015, approximately 12% of our revenue was attributable to sales to clients located outside the United States, compared to approximately 12% in fiscal 2014 and approximately 8% in fiscal 2013. Our lack of experience in operating our business outside the United States increases the risk that any international expansion efforts will not be successful. In addition, operating in international markets requires significant management attention and financial resources. The investment and additional resources required to establish operations and manage growth in other countries may not produce the expected levels of revenue or earnings.

Conducting international operations subjects us to risks that include:

 

    localization of our solutions, including translation of our Internet-based portal interface into additional foreign languages, provision of client support in foreign languages and creation of localized agreements;

 

    the burdens of complying with a wide variety of international laws, regulations and legal standards, including local data privacy laws, local consumer protection laws that could regulate permitted pricing and promotion practices, and restrictions on the use, import or export of encryption technologies;

 

    longer accounts receivable payment cycles and difficulties in collecting accounts receivable;

 

    fluctuations in foreign currency exchange rates;

 

    tariffs and trade barriers and other regulatory or contractual limitations on our ability to sell or develop our solutions in some international markets;

 

    difficulties in managing and staffing international operations;

 

    compliance with U.S. laws that apply to foreign operations, including the Foreign Corrupt Practices Act, or FCPA, the Trading with the Enemy Act and regulations of the Office of Foreign Assets Control;

 

    potentially adverse tax consequences and compliance costs resulting from the complexities of international value added tax systems, restrictions on the repatriation of earnings and overlap of different tax regimes;

 

    reduced or varied protection of intellectual property rights in some countries that could expose us to increased risk of infringement of our patents; and

 

    political, social and economic instability abroad, terrorist attacks and security concerns in general.

The occurrence of any of these risks could negatively affect our international business and, consequently, our overall business, results of operations and financial condition.

 

19


Table of Contents

An inability to expand our key distribution relationships would constrain the growth of our business.

We intend to expand our distribution relationships to increase domestic and international sales. Approximately 6% of our revenue in fiscal 2015 was generated through our channel partners, which include referral agents, regional value-added resellers and trade associations. Our strategy is to increase the percentage of our revenue that we derive from sales through our channel partners. Our inability to maintain or further develop relationships with our current and prospective distribution partners could reduce sales of our information security solutions and adversely affect our revenue growth and financial condition.

Our agreements with our partners generally are non-exclusive, and our partners may have more established relationships with one or more of our competitors. If our partners do not effectively market and sell our solutions, if they choose to place greater emphasis on their own products or services or those offered by our competitors or if they fail to meet our clients’ needs, our ability to expand our business and sell our solutions may be adversely affected. Our business also may suffer from the loss of a substantial number of our partners, the failure to recruit additional partners, any reduction or delay in the sales of our solutions by our partners, or conflicts between sales by our partners and our direct sales and marketing activities. The gross margins to us from sales by our partners generally are lower than gross margins to us from direct sales. In addition, sales by our partners are more likely than direct sales to involve collectability concerns and may contribute to periodic fluctuations in our results of operations.

Our technology alliance partnerships expose us to a range of business risks and uncertainties that could prevent us from realizing the benefits we seek from these partnerships.

We have entered, and intend to continue to enter, into technology alliance partnerships with third parties to support our future growth plans. Such relationships include technology licensing, joint technology development and integration, research cooperation, co-marketing and sell-through arrangements. We face a number of risks relating to our technology alliance partnerships that could prevent us from realizing the benefits we seek from these partnerships on a timely basis or at all. Technology alliance partnerships can require significant coordination between the partners and a significant commitment of time and resources by their technical staffs. In cases where we wish to integrate a partner’s products or services into our solutions, the integration process may be more difficult than we anticipate, and the risk of integration difficulties, incompatibility and undetected programming errors or defects may be higher than the risks normally associated with the introduction of new products or services. In addition, we have no assurance that any particular relationship will continue for any specific period of time. If we lose a significant technology alliance partner, we could lose the benefit of our investment of time, money and resources in the relationship. Moreover, we could be required to incur significant expenses to develop a new strategic alliance or to formulate and implement an alternative plan to pursue the opportunity that we targeted with the former partner.

Real or perceived defects, errors or vulnerabilities in our solutions or the failure of our solutions to prevent a security breach could disrupt our business, harm our reputation, cause us to lose clients and expose us to costly litigation.

Our solutions are complex and may contain defects or errors that are not detected until after their adoption by our clients. As a result of such defects, our clients may be vulnerable to cyber attacks and hackers or other threat actors may misappropriate our clients’ data or other assets or otherwise compromise their IT systems. In addition, because the techniques used to access or sabotage IT systems and networks change frequently and generally are not recognized until launched against a target, an advanced attack could emerge that our solutions are unable to detect or prevent. Further, as a well-known information security solutions provider, we are a high-profile target, and our websites, networks, information systems, solutions and technologies may be selected for sabotage, disruption or misappropriation by attacks specifically designed to interrupt our business and harm our reputation. Our solutions frequently involve the collection, filtering and logging of our clients’ information, and our enterprise operations involve the collection, processing, storage and disposal of our own human resources,

 

20


Table of Contents

intellectual property and other information. A security breach of proprietary information could result in significant legal and financial exposure, damage to our reputation and a loss of confidence in the security of our solutions that could potentially have an adverse effect on our business.

If any of our clients experiences an IT security breach after adopting our solutions, even if our solutions have blocked the theft of any data or provided some form of remediation, the client could be disappointed with our solutions and could look to our competitors for alternatives to our solutions. Further, if any enterprise or government entity publicly known to use our solutions is the subject of a publicized cyber attack, some of our other current clients could seek to replace our solutions with those provided by our competitors. Any real or perceived defects, errors or vulnerabilities in our solutions, or any other failure of our solutions to detect an advanced threat, could result in:

 

    expenditure of significant financial and development resources in efforts to analyze, correct, eliminate or work around the cause of any related vulnerabilities;

 

    loss of existing or potential clients or channel partners;

 

    delayed or lost revenue;

 

    extension of service credits to affected clients, which would reduce our revenue;

 

    failure to attain or retain market acceptance; and

 

    litigation, regulatory inquiries or investigations that may be costly and harm our reputation.

Any person that circumvents our security measures could misappropriate the confidential information or other valuable property of our clients or disrupt their operations. If such an event occurs, affected clients or others may sue us, and defending a lawsuit, regardless of its merit, could be time-consuming and costly. Because our solutions provide and monitor information security and may protect valuable information, we could face liability claims or claims for breach of service level agreements. Provisions in our service agreements that limit our exposure to liability claims may not be enforceable in some circumstances or may not protect us fully against such claims and related costs. Alleviating any of these problems could require significant expenditures by us and result in interruptions to and delays in the delivery of our solutions, which could cause us to lose existing or potential clients and damage our business and prospects.

If our solutions do not interoperate with our clients’ IT infrastructure, our solutions may become less competitive and our results of operations may be harmed.

Our solutions must effectively interoperate with each client’s existing or future IT infrastructure, which often has different specifications, utilizes multiple protocol standards, deploys products and services from multiple vendors and contains multiple generations of products and services that have been added over time. As a result, when problems occur in a network, it may be difficult to identify the sources of these problems and avoid disruptions in providing software updates or patches to defend against particular vulnerabilities. Ineffective interoperation could increase the risk of a successful cyber attack and violations of our service level agreements, which would require us to provide service credits that would reduce our revenue.

In addition, government entities and other clients may require our solutions to comply with security or other certifications and standards. If our solutions are late in achieving or fail to achieve compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards before we do, we may be disqualified from selling our solutions to such clients or otherwise may be placed at a competitive disadvantage.

Loss of our right or ability to use various third-party technologies could result in short-term disruptions to our business.

We incorporate some third-party technologies into our solutions and may seek to incorporate additional third-party technologies in the future. Any loss of our right to use third-party or other technologies could result in

 

21


Table of Contents

delays in producing or delivering our solutions until we identify and integrate equivalent technologies. If any of the technologies we license or purchase from others, or functional equivalents of these technologies, are no longer available to us or are no longer offered to us on commercially reasonable terms, we would be required either to redesign our solutions and devices to function with technologies available from other parties or to develop these components ourselves, which could result in increased costs or delays in the delivery of our solutions and in the release of new offerings. We also might have to limit the features available in our current or future solutions. If we fail to maintain or renegotiate some of our technology agreements with third parties, we could face significant delays and diversion of resources in attempting to license and integrate other technologies with equivalent functions. Any errors or defects in third-party technologies, any inability to utilize third-party technologies as contemplated, or any inability to procure and implement suitable replacement technologies could adversely affect our business and results of operations by impeding delivery of our solutions.

Evolving information security and data privacy laws and regulations may result in increased compliance costs, impediments to the development or performance of our offerings and monetary or other penalties.

Because our solutions process client data that may contain personal identifying information or other potentially sensitive information, we are or may become subject to federal, state and foreign laws and regulations regarding the privacy and protection of such client data. These laws and regulations address a range of issues, including data privacy, cybersecurity and restrictions or technological requirements regarding the collection, use, storage, protection, retention or transfer of data. The regulatory framework for online services, data privacy and cybersecurity issues worldwide can vary substantially from jurisdiction to jurisdiction, is rapidly evolving and is likely to remain uncertain for the foreseeable future. Foreign privacy and data protection laws and regulations can be more restrictive than those in the United States. Internationally, most of the jurisdictions in which we operate have established their own data security and privacy legal frameworks with which we or our clients must comply, including the Data Protection Directive established in the European Union. The costs of compliance with, and other burdens imposed by, these laws and regulations may become substantial and may limit the use and adoption of our offerings, require us to change our business practices, impede the performance and development of our solutions, or lead to significant fines, penalties or liabilities for noncompliance with such laws or regulations.

To facilitate the transfer of both client and personnel data from the European Union to the United States, we subscribed to the EU-U.S. Safe Harbor Framework, which requires organizations operating in the United States to provide assurance that they are adhering to relevant European standards for data protection for such transfers. On October 6, 2015, the Court of Justice of the European Union ruled that the EU-U.S. Safe Harbor Framework is invalid under European law. In light of the court’s decision, we are reviewing our current operations to confirm that there exist available alternative means, such as standard contractual provisions, that will provide a sufficient legal basis under European law for such data transfers.

If we are not able to maintain and enhance our brand, our revenue and profitability could be adversely affected.

We believe that maintaining and enhancing the SecureWorks brand is critical to our relationships with our existing and potential clients, channel partners and employees and to our revenue growth and profitability. Our brand promotion activities, however, may not be successful. Any successful promotion of our brand will depend on our marketing and public relations efforts, our ability to continue to offer high-quality information security solutions and our ability to differentiate successfully our solutions from the services offered by our competitors.

We believe our association with Dell has helped us to build relationships with many of our clients because of Dell’s globally recognized brand and favorable market perception of the quality of its products. We have entered into a trademark license agreement with Dell Inc. under which Dell Inc. has granted us a non-exclusive, royalty-free worldwide license to use the trademark “DELL,” solely in the form of “SECUREWORKS—A DELL COMPANY,” in connection with our business and products, services and advertising and marketing materials related to our business, after this offering. Under the agreement, our use of the Dell trademark in

 

22


Table of Contents

connection with any product, service or otherwise is subject to Dell Inc.’s prior review and written approval, which may be revoked at any time. We must immediately cease use of the licensed trademark generally or in connection with any product, services or materials upon Dell Inc.’s written request. The agreement is terminable at will by either party, and we must cease all use of the Dell trademark upon any such termination. If we discontinue our association with Dell in the future, our ability to attract new clients may suffer.

Extending our brand to new solutions that differ from our current offerings may dilute our brand, particularly if we fail to maintain our quality standards in providing the new solutions. Moreover, it may be difficult to maintain and enhance our brand in connection with sales through channel partners. The promotion of our brand will require us to make substantial expenditures, and we anticipate that the expenditures will increase as the information security market becomes more competitive and as we continue to increase our geographic footprint. To the extent that our promotional activities yield increased revenue, the revenue may not offset the expenses we incur.

We may expand through acquisitions of other companies, which may divert our management’s attention from our current business and could result in unforeseen operating difficulties, increased costs and dilution to our stockholders.

We may make strategic acquisitions of other companies to supplement our internal growth. We could experience unforeseen operating difficulties in assimilating or integrating the businesses, technologies, services, products, personnel or operations of acquired companies, especially if the key personnel of any acquired company choose not to work for us. Further, future acquisitions may:

 

    involve our entry into geographic or business markets in which we have little or no experience;

 

    create difficulties in retaining the clients of any acquired business;

 

    result in a delay or reduction of client sales for both us and the company we acquire because of client uncertainty about the continuity and effectiveness of solutions offered by either company; and

 

    disrupt our existing business by diverting resources and significant management attention that otherwise would be focused on development of the existing business.

To complete an acquisition, we may be required to use a substantial amount of our cash, engage in equity or debt financings or obtain credit facilities to secure additional funds. If we raise additional funds through issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges senior to those of our Class A common stock. Any debt financing obtained by us in the future could involve restrictive covenants that will limit our capital-raising activities and operating flexibility. In addition, we may not be able to obtain additional financing on terms favorable to us or at all, which could limit our ability to engage in acquisitions, and may not realize the anticipated benefits of any acquisition we are able to complete. An acquisition also may negatively affect our results of operations because it may:

 

    expose us to unexpected liabilities;

 

    require us to incur charges and substantial indebtedness or liabilities;

 

    have adverse tax consequences;

 

    result in acquired in-process research and development expenses, or in the future require the amortization, write-down or impairment of amounts related to deferred compensation, goodwill and other intangible assets; or

 

    fail to generate a financial return sufficient to offset acquisition costs.

 

23


Table of Contents

Because we recognize revenue ratably over the terms of our managed security and threat intelligence contracts, decreases in sales of these solutions may not immediately be reflected in our results of operations.

Over the past three years, approximately 80% of our revenue was derived from subscription-based solutions attributable to managed security contracts, while approximately 20% was derived from professional services engagements. Our subscription contracts typically range from one to three years in duration and, as of October 30, 2015, averaged two years in duration. Revenue related to these contracts generally is recognized ratably over the contract term. As a result, we derive most of our quarterly revenue from contracts we entered into during previous fiscal quarters. A decline in new or renewed contracts and any renewals at reduced annual dollar amounts in a particular quarter may not be reflected in any significant manner in our revenue for that quarter, but would negatively affect revenue in future quarters. Accordingly, the effect of significant downturns in bookings may not be fully reflected in our results of operations until future periods. As of January 30, 2015, approximately 43% of our clients were billed in advance under their service contracts. We may not be able to adjust our outflows of cash to match any decreases in cash received from prepayments if sales decline. In addition, we may be unable to adjust our cost structure to reflect reduced revenue, which would have a negative effect on our earnings in future periods. Our subscription model also makes it difficult for us to increase our revenue rapidly through additional sales in any period, as revenue from new clients must be recognized over the applicable contract term. Accordingly, the effect of significant downturns in sales and market acceptance of our solutions may not be fully reflected in our results of operations in the current period, making it more difficult for investors to evaluate our financial performance.

Because we typically expense sales commissions paid to our strategic and distribution partners upon entering contracts for the solutions sold and recognize the revenue associated with such sales over the terms of the contracts, our operating income in any period may not be indicative of our future performance.

In connection with sales facilitated by our strategic and distribution partners, which accounted for approximately 6% of our revenue for fiscal 2015, we typically expense the associated commissions paid to such partners, which were $0.4 million for fiscal 2015, at the time we enter into the client contract for our solutions. In contrast, we recognize the revenue associated with the sales of our subscription-based solutions ratably over the term of a client contract, which, as of October 30, 2015, had an average duration of two years. The commissions associated with increased sales from our strategic and distribution partners could reduce our operating income. In addition, the number of sales through our strategic and distribution partners may fluctuate within a period. Therefore our operating income during any one quarter may not be a reliable indicator of our future financial performance.

If the estimates or judgments relating to our critical accounting policies prove to be incorrect, our reported results of operations may be adversely affected.

The preparation of financial statements in conformity with generally accepted accounting principles in the United States of America, or GAAP, requires management to make estimates and assumptions that affect the amounts reported in our combined financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances. Our reported results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions. Significant assumptions and estimates used in preparing our combined financial statements include those related to revenue recognition, accounting for deferred commissions, establishing income tax provisions and estimating the amount of loss contingencies. In addition, GAAP is subject to interpretation by the Securities and Exchange Commission, or the SEC, and various other bodies. A change in GAAP or interpretations of GAAP could have a significant effect on our reported results and may affect our reporting of transactions completed before a change is announced. Changes to those rules or the interpretation of our current practices may adversely affect our reported financial results or the way we conduct our business.

 

24


Table of Contents

We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations.

Our revenue and expenses denominated in foreign currencies are subject to fluctuations due to changes in foreign currency exchange rates. As we expand internationally in accordance with our growth strategy, we will enter into more sales contracts denominated in foreign currencies and incur an increasing portion of our operating expenses outside the United States. Further, a strengthening of the U.S. dollar could increase the real cost of our solutions and subscriptions to our clients outside of the United States, which could adversely affect our financial condition and results of operations. We do not currently hedge against the risks associated with currency fluctuations, but, as our international operations grow, we may begin to use foreign exchange forward contracts to partially mitigate the impact of fluctuations in net monetary assets denominated in foreign currencies. Any such hedges may be ineffective to protect us fully against foreign currency risk.

Governmental export or import controls could subject us to liability or limit our ability to compete in foreign markets.

Our information security solutions and technologies incorporate encryption technology and may be exported outside the United States only if we obtain an export license or qualify for an export license exception. Compliance with applicable regulatory requirements regarding the export of our solutions and technologies may create delays in the introduction of our solutions and technologies in international markets, prevent our clients with international operations from utilizing our solutions and technologies throughout their global systems or prevent the export of our solutions and technologies to some countries altogether. In addition, various countries regulate the import of our appliance-based technologies and have enacted laws that could limit our ability to distribute, and our clients’ ability to implement, our technologies in those countries. Any new export or import restrictions, new legislation or shifting approaches in the enforcement or scope of existing regulations, or in the countries, persons or technologies targeted by such regulations, could result in decreased use of our solutions and technologies by existing clients with international operations, loss of sales to potential clients with international operations and decreased revenue. If we fail to comply with export and import regulations, we may be denied export privileges, be subjected to fines or other penalties or fail to obtain entry for our technologies into other countries.

Failure to comply with the Foreign Corrupt Practices Act, and similar laws associated with our current and future international activities, could subject us to penalties and other adverse consequences.

In some countries where we currently operate or expect to conduct business in the future, it is common to engage in business practices that are prohibited by U.S. laws and regulations, including the FCPA. Such laws prohibit improper payments or offers of payments to foreign governments and their officials and political parties by U.S. and other business entities for the purpose of obtaining or retaining business. Although we have implemented policies and procedures to discourage such practices, some of our employees, consultants, sales agents or channel partners, including those that may be based in or from countries where practices that violate U.S. laws may be customary, may take actions in violation of our procedures and for which we ultimately may be responsible. Violations of the FCPA may result in severe criminal or civil sanctions, including suspension or debarment from contracting with government entities in the United States, and could subject us to other liabilities, which could negatively affect our business and financial condition.

Our disclosure controls and procedures may not prevent or detect all errors or acts of fraud.

Upon the completion of this offering, we will become subject to the periodic reporting requirements of the Securities Exchange Act of 1934, or Exchange Act, and will be required to maintain effective disclosure controls and procedures. Our disclosure controls and procedures are designed to provide reasonable assurance that information required to be disclosed by us in reports we file with or submit to the SEC under the Exchange Act is accumulated and communicated to management and is recorded, processed, summarized and reported within the

 

25


Table of Contents

periods specified in SEC rules and forms. Because of the inherent limitations in our control system, however, misstatements due to error or fraud may occur and not be detected. These inherent limitations include the realities that judgments in decision-making can be faulty and that breakdowns can occur because of simple error. In addition, controls can be circumvented by the individual acts of some persons, by collusion of two or more people or by an unauthorized override of the controls.

Earthquakes, fires, power outages, floods, terrorist attacks and other catastrophic events could disrupt our business and ability to serve our clients.

A significant natural disaster, such as an earthquake, a fire, a flood or significant power outage, could have a material adverse effect on our business, results of operations or financial condition. Although our four counter threat operations centers are designed to be redundant and to offer seamless backup support in an emergency, we rely on two primary data centers to sustain our operations. While each of these data centers is capable of sustaining our operations individually, a simultaneous failure of the centers could disrupt our ability to serve our clients. In addition, our ability to deliver our solutions as agreed with our clients depends on the ability of our supply chain, manufacturing vendors or logistics providers to deliver products or perform services we have procured from them. If any natural disaster impairs the ability of our vendors or service providers to support us on a timely basis, our ability to perform our client engagements may suffer. Acts of terrorism or other geopolitical unrest also could cause disruptions in our business or the business of our supply chain, manufacturing vendors or logistics providers. The adverse impacts of these risks may increase if the disaster recovery plans for us and our suppliers prove to be inadequate.

Risks Related to Intellectual Property

We rely in part on patents to protect our intellectual property rights, and if our patents are ineffective in doing so, third parties may be able to use aspects of our proprietary technology without compensating us.

As of December 15, 2015, we owned 15 issued patents and nine pending patent applications in the United States and four issued patents and two pending patent applications outside the United States. Obtaining, maintaining and enforcing our patent rights is costly and time-consuming. Moreover, any failure of our patents and patent strategy to protect our intellectual property rights adequately could harm our competitive position. We do not know whether any of our pending patent applications will result in the issuance of patents or whether the examination process will require us to modify or narrow our claims, and even if any of our pending patent applications issue, such patents may not provide us with meaningful protection or competitive advantages, and may be circumvented by third parties. Changes in patent laws, implementing regulations or the interpretation of patent laws may diminish the value of our rights. Our competitors may design around technologies we have patented, licensed or developed. In addition, the issuance of a patent does not give us the right to practice the patented invention. Third parties may have blocking patents that could prevent us from marketing our solutions or practicing our own patented technology.

Third parties may challenge any patent that we own or license, through adversarial proceedings in the issuing offices or in court proceedings, including as a response to any assertion of our patents against them. In any of these proceedings, a court or agency with jurisdiction may find our patents invalid or unenforceable or, even if valid and enforceable, insufficient to provide adequate protection against competing solutions. The standards by which the United States Patent and Trademark Office and its foreign counterparts grant technology-related patents are not always applied predictably or uniformly. The legal systems of some countries do not favor the aggressive enforcement of patents, and the laws of other countries may not allow us to protect our inventions with patents to the same extent as U.S. laws. If any of our patents is challenged, invalidated or circumvented by third parties, and if we do not own or have exclusive rights to other enforceable patents protecting our solutions or other technologies, competitors and other third parties could market products or services and use processes that incorporate aspects of our proprietary technology without compensating us, which may have an adverse effect on our business.

 

26


Table of Contents

If we are unable to protect, maintain or enforce our non-patented intellectual property rights and proprietary information, our competitive position could be harmed and we could be required to incur significant expenses in order to enforce our rights.

Our business relies in part on non-patented intellectual property rights and proprietary information, such as trade secrets, confidential information and know-how, all of which offer only limited protection to our technology. The legal standards relating to the validity, enforceability and scope of protection of intellectual property rights in the information technology industry are highly uncertain and evolving. Although we regularly enter into non-disclosure and confidentiality agreements with employees, vendors, clients and other third parties, these agreements may be breached or otherwise fail to prevent disclosure of proprietary or confidential information effectively or to provide an adequate remedy in the event of such unauthorized disclosure. In addition, the existence of our own trade secrets affords no protection against independent discovery or development of such trade secrets by other persons. If our employees, consultants or contractors use technology or know-how owned by third parties in their work for us, disputes may arise between us and those third parties as to the rights in related inventions. Our ability to police that misappropriation or infringement is uncertain, particularly in other countries. Costly and time-consuming litigation could be necessary to enforce and determine the scope of our proprietary rights, and failure to maintain trade secret protection could adversely affect our competitive business position.

Claims by others that we infringe their proprietary technology could harm our business and financial condition.

Third parties could claim that our technologies and the processes underlying our solutions infringe or otherwise violate their proprietary rights. The software and technology industries are characterized by the existence of a large number of patents, copyrights, trademarks and trade secrets and by frequent litigation, including by non-practicing entities, based on allegations of infringement or other violations of intellectual property rights, and we expect that such claims may increase as competition in the information security market continues to intensify, as we introduce new solutions (including in geographic areas where we currently do not operate) and as business-model or product or service overlaps between our competitors and us continue to occur. For example, we recently settled litigation in which SRI International, Inc., or SRI International, alleged that aspects of our business and solutions infringe and induce the infringement of two of their U.S. patents relating to network intrusion and event monitoring technology. SRI International sought damages (including enhanced damages for alleged willful infringement), a recovery of costs and attorneys’ fees, and such other relief as the court deemed appropriate. For more information about this litigation and the settlement, see “Business—Legal Proceedings.”

To the extent that we achieve greater prominence and market exposure as a public company, we may face a higher risk of being the target of intellectual property infringement claims. From time to time, we may receive notices alleging that we have infringed, misappropriated or misused other parties’ intellectual property rights. There may be third-party intellectual property rights, including patents and pending patent applications, that cover significant aspects of our technologies, processes or business methods. Any claims of infringement by a third party, even claims without merit, could cause us to incur substantial defense costs and could distract our management and technical personnel from our business, and there can be no assurance that our technologies and processes will be able to withstand such claims. Competitors may have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them than we do. Further, a party making such a claim, if successful, could secure a judgment that requires us to pay substantial damages, which potentially could include treble damages if we are found to have willfully infringed patents. A judgment also could include an injunction or other court order that could prevent us from offering our solutions. In addition, we might be required to seek a license or enter into royalty arrangements for the use of the infringed intellectual property, which may not be available on commercially reasonable terms or at all. The failure to obtain a license or the costs associated with any license could materially and adversely affect our business, financial condition and results of operations. If a third party does not offer us a license to its technology or other intellectual property on reasonable terms, we could be precluded from continuing to use such

 

27


Table of Contents

intellectual property. Parties with which we currently have license agreements, or with which we may enter into license agreements in the future, including Dell, may have the right to terminate such agreements for our material breach or for convenience at any time, which could affect our ability to make use of material intellectual property rights. Alternatively, we might be required to develop non-infringing technology, which could require significant effort and expense and ultimately might not be successful.

Third parties also may assert infringement claims against our clients relating to our devices or technology. Any of these claims might require us to initiate or defend potentially protracted and costly litigation on their behalf, regardless of the merits of these claims, because under specified conditions we agree to indemnify our clients from claims of infringement of proprietary rights of third parties. If any of these claims were to succeed, we might be forced to pay damages on behalf of our clients, which could adversely affect our profitability and harm our reputation in the industry.

Our use of open source technology could require us in some circumstances to make available source code of our modifications to that technology, which could include source code of our proprietary technologies, and also may restrict our ability to commercialize our solutions.

Some of our solutions and technologies incorporate software licensed by its authors or other third parties under open source licenses. To the extent that we use open source software, we face risks arising from the scope and requirements of common open source software licenses. Some of these licenses contain requirements that we make available source code for modifications or derivative works we create based on the open source software, and that we license such modifications or derivative works under the terms of a particular open source license or other license granting third parties certain rights of further use. If we combine our proprietary technology with open source software in a certain manner, we may face claims from time to time from third parties claiming ownership of, or demanding release of, the open source software or derivative works that we developed using such software, which could include our proprietary source code, or otherwise seeking to enforce the terms of the applicable open source license. For example, the GNU General Public License could subject certain portions of our proprietary technologies to the requirements of that license, and these, or similar requirements, may have adverse effects on our sale of solutions incorporating such open source software.

Our ability to commercialize solutions or technologies incorporating open source software may be restricted because, among other reasons, open source license terms may be ambiguous and may result in unanticipated or uncertain obligations regarding our solutions, litigation or loss of the right to use this software. The terms of many open source licenses to which we are subject have not been interpreted by U.S. or foreign courts. Therefore, there is a risk that the terms of these licenses will be construed in a manner that imposes unanticipated conditions or restrictions on our ability to commercialize our solutions, and we could be required to (1) seek licenses from third parties to continue offering our solutions, (2) re-engineer our technology or (3) discontinue offering our solutions if re-engineering cannot be accomplished in a commercially reasonable manner. In addition, use of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on the origin of the software, and it may be difficult for us to identify accurately the developers of the open source code and determine whether the open source software infringes third-party intellectual property rights. We would be subject to similar risks with respect to software or technologies we acquire that include open source components. Our need to comply with unanticipated license conditions and restrictions, the need to seek licenses from third parties or any judgments requiring us to provide remedies typically covered by third-party product warranties, as a result of our use of open source software, could adversely affect our business, results of operations and financial condition.

Risks Related to Our Relationship with Dell and Denali

As long as Denali controls us, your ability to influence matters requiring stockholder approval will be limited.

We have been an indirect wholly-owned subsidiary of Dell Inc. and Dell Inc.’s subsidiaries since our acquisition by Dell on February 8, 2011. On October 29, 2013, Dell Inc. was acquired in a going-private transaction by Denali Holding Inc., a holding company owned by Michael S. Dell, the Chairman, Chief

 

28


Table of Contents

Executive Officer and founder of Dell, his related family trust, investment funds affiliated with Silver Lake (a private equity firm), investment funds affiliated with MSDC Management L.P., an investment manager related to MSD Capital (a firm founded for the purpose of managing investments of Mr. Dell and his family), members of Dell’s management and other investors. Upon the completion of the going-private transaction, we became an indirect wholly-owned subsidiary of Denali.

Upon the completion of this offering, Denali will own, indirectly through Dell Inc. and Dell Inc.’s subsidiaries, including Dell Marketing L.P., no shares of our outstanding Class A common stock and all                  outstanding shares of our Class B common stock, which will represent approximately     % of our total outstanding shares of common stock and approximately     % of the combined voting power of both classes of our outstanding common stock immediately after this offering (or approximately     % and     %, respectively, if the underwriters exercise their over-allotment option in full). Investors in this offering will not be able to affect the outcome of any stockholder vote while Denali controls the majority of the voting power of our outstanding common stock. Denali will be able to control, directly or indirectly and subject to applicable law, all matters affecting us, including:

 

    the appointment and removal of our directors and executive officers;

 

    determinations with respect to our business direction and policies, including financing policies;

 

    determinations with respect to mergers, business combinations, dispositions of assets or other extraordinary corporate transactions;

 

    the payment of dividends or other distributions on, and repurchases of, our common stock;

 

    executive compensation and benefit programs and other human resources policy decisions; and

 

    agreements that may adversely affect us.

If Denali does not provide any requisite consent allowing us to conduct particular activities or take other corporate actions when requested, we will not be able to conduct such activities, and as a result, our business and our results of operations may be adversely affected.

Denali could have interests that differ from, or conflict with, the interests of our other stockholders, and could cause us to take corporate actions even if the actions are not favorable to us or our other stockholders, or are opposed by our other stockholders. For example, Denali’s voting control and its additional rights described above could discourage or prevent a change in control of our company even if some of our other stockholders might favor such a transaction. Even if Denali were to control less than a majority of the voting power of our outstanding common stock, it may be able to influence the outcome of significant corporate actions by us for as long as it owns a significant portion of the voting power. If Denali is acquired or otherwise experiences a change in control, any acquiror or successor will be entitled to exercise Denali’s voting control and contractual rights with respect to us, and might do so in a manner that could vary significantly from the manner in which Denali would have exercised such rights.

Our inability to resolve in a manner favorable to us any potential conflicts or disputes that arise between us and Dell or Denali with respect to our past and ongoing relationships may adversely affect our business and prospects.

Potential conflicts or disputes may arise between Dell or Denali and us in a number of areas relating to our past or ongoing relationships, including:

 

    actual or anticipated variations in our quarterly or annual results of operations;

 

    tax, employee benefit, indemnification and other matters arising from our changed relationship with Dell;

 

    employee retention and recruiting;

 

    business combinations involving us;

 

29


Table of Contents
    our ability to engage in activities with certain channel, technology or other marketing partners;

 

    sales or dispositions by Denali of all or any portion of its beneficial ownership interest in us;

 

    the nature, quality and pricing of services Dell has agreed to provide us;

 

    business opportunities that may be attractive to both Dell and us;

 

    Dell’s ability to use and sublicense patents that we have licensed to Dell under a patent license agreement; and

 

    product or technology development or marketing activities that may require consent of Dell or Denali.

The resolution of any potential conflicts or disputes between us and Dell or Denali over these or other matters may be less favorable to us than the resolution we might achieve if we were dealing with an unaffiliated party.

The shared services agreement, employee matters agreement, tax matters agreement, intellectual property agreements, real estate-related agreements and commercial agreements we have entered into with Dell or Denali, which are described in this prospectus, are of varying durations and may be amended upon agreement of the parties. The terms of these agreements were primarily determined by Dell, and therefore may not be representative of the terms we could obtain on a stand-alone basis or in negotiations with an unaffiliated third party. For so long as we are controlled by Denali, we may not be able to negotiate renewals or amendments to these agreements, if required, on terms as favorable to us as those we would be able to negotiate with an unaffiliated third party.

If Denali, Dell or Denali’s other affiliates or Silver Lake or its affiliates engage in the same type of business we conduct or take advantage of business opportunities that might be attractive to us, our ability to operate successfully and expand our business may be hampered.

Our charter provides that, except as otherwise agreed in writing between us and Denali, Dell or Denali’s other affiliates (other than us or our controlled affiliates), referred to as the Denali Entities, will have no duty to refrain from:

 

    engaging in the same or similar activities or lines of business as those in which we are engaged;

 

    doing business with any of our clients, customers or vendors; or

 

    employing, or otherwise engaging or soliciting for such purpose, any of our officers, directors or employees.

In addition, under our charter, Silver Lake and its affiliates, referred to as the Silver Lake Entities, will have no duty to refrain from any of the foregoing activities except as otherwise agreed in writing between us and a Silver Lake Entity.

Our charter addresses potential conflicts of interest between our company, on the one hand, and the Denali Entities or the Silver Lake Entities and their respective officers and directors who are officers or directors of our company, on the other hand. If any Denali Entity or Silver Lake Entity is offered, or acquires knowledge of, a potential corporate opportunity suitable for both it and us, we will have no interest in that opportunity. Our charter also provides that if any of our directors or officers who is also a director or officer of any Denali Entity or Silver Lake Entity is offered, or acquires knowledge of, a potential corporate opportunity suitable for both the Denali Entity or the Silver Lake Entity and us, we will have no interest in that opportunity unless the opportunity is expressly offered to that person in writing solely in such person’s capacity as our director or officer.

These provisions of our charter could result in the Denali Entities and the Silver Lake Entities having rights to corporate opportunities in which both we and the Denali Entities or the Silver Lake Entities have an interest. By becoming a stockholder in our company, you will be deemed to have notice of and to have consented to these provisions. See “Description of Our Capital Stock—Corporate Opportunity Charter Provisions.”

 

30


Table of Contents

Our historical financial information as a subsidiary of Dell may not be representative of our results as an independent public company.

The historical financial statements and the related financial information presented in this prospectus do not purport to reflect what our results of operations, financial position, equity or cash flows would have been if we had operated as a stand-alone public company during the periods presented. Our combined financial statements include allocations for various corporate services Dell has provided to us in the ordinary course of our business, including finance, tax, human resources, legal, IT, procurement and facilities-related services. As a result, the historical financial statements included in this prospectus may not be comparable to the financial statements of the stand-alone public company after this offering. In addition, the preparation of financial statements in accordance with GAAP requires management to make estimates and assumptions that affect the amounts reported in the financial statements. Actual results could differ from those estimates.

To preserve Denali’s ability to conduct a tax-free distribution of the shares of our Class B common stock that it beneficially owns and its ability to consolidate with us for tax purposes, we may be prevented from pursuing opportunities to raise capital, acquire other companies or undertake other transactions, which could hurt our ability to grow.

To preserve its ability to effect a future tax-free spin-off of us, or certain other tax-free transactions involving us, Denali is required to maintain “control” of us within the meaning of Section 368(c) of the Internal Revenue Code, which is defined as 80% of the total voting power and 80% of each class of nonvoting stock. In addition, to preserve its ability to consolidate with us for tax purposes, Denali generally is required to maintain 80% of the voting power and 80% of the value of our outstanding stock. We have entered into a tax matters agreement with Denali, which restricts our ability to issue any stock, issue any instrument that is convertible, exercisable or exchangeable into any of our stock or which may be deemed to be equity for tax purposes, or take any other action that would be reasonably expected to cause Denali to beneficially own stock in us that, on a fully diluted basis, does not constitute “control” within the meaning of Section 368(c) of the Internal Revenue Code or cause a deconsolidation of us for tax purposes with respect to the Denali consolidated group. We also have agreed to indemnify Denali for any breach by us of the tax matters agreement. As a result, we may be prevented from raising equity capital or pursuing acquisitions or other growth initiatives that involve issuing equity securities as consideration.

Our ability to operate our business effectively may suffer if we are unable to establish in a cost-effective manner our own administrative and other support functions in order to operate as a stand-alone company after the expiration of our shared services and other agreements with Dell.

As a subsidiary of Dell, we have relied on administrative and other resources of Dell to operate our business. In connection with this offering, we have entered into various agreements to retain the ability for varying periods to use these Dell resources. These services may not be sufficient to meet our needs, and if our agreements with Dell are not renewed by the parties after their initial terms, we may not be able to replace the services at all or obtain them at prices and on terms as favorable as those under our current arrangements with Dell. In such a case, we may need to create our own administrative and other support systems or contract with third parties to replace Dell’s systems. In addition, we have received informal support from Dell that may not be addressed in our new agreements, and the level of this informal support may diminish as we become a more independent company. Any significant performance failures affecting our own administrative systems or Dell’s administrative systems on which we rely could result in unexpected costs, adversely affect our results and prevent us from paying our suppliers or employees and performing other administrative services on a timely basis. We currently lease from Dell one of the primary data centers that sustain our operations. When the lease expires, we may not be able to renew it or renew it on terms that are as favorable to us as the current terms.

In connection with this offering, we have entered into agreements with Dell that formalize the process and terms pursuant to which Dell will purchase information security solutions from us, together with related hardware, and pursuant to which we will procure hardware and software from Dell from time to time. These

 

31


Table of Contents

agreements may not be renewed after their expiration or, if they are renewed, Dell may not agree to renew them on the existing terms. The expiration or termination of these agreements, or their renewal on less favorable terms to us, could result in a loss of business or require us to procure comparable hardware and software from alternative sources, which could have a material adverse effect on our business, results of operations and financial condition.

All of our shares of common stock directly held by a Dell subsidiary, our majority stockholder, are pledged to secure Dell’s indebtedness, and foreclosure on the pledge could result in a change in control of our company and depress the market price of our Class A common stock.

All of our shares of common stock held by Dell through its indirect wholly-owned subsidiary Dell Marketing L.P. are pledged to secure Dell’s indebtedness to financial institutions that are lenders to Dell or holders of Dell’s debt securities. If Dell defaults under its debt agreements and the secured parties foreclose on their pledge, they may acquire and seek to sell the pledged shares. Any such action with respect to a pledge of our Class B common stock could result in a conversion of our outstanding shares of Class B common stock into shares of Class A common stock. Investors are likely to perceive unfavorably any such action, which, based on ownership of our common stock immediately following this offering, could result in a change in control of our company. If, upon a foreclosure, the secured parties do not transfer the pledged shares immediately, their interests may differ from those of our public stockholders. Any of these events could depress the market price of our Class A common stock.

Risks Related to this Offering and Ownership of Our Class A Common Stock

The price of our Class A common stock may be volatile and your investment could decline in value.

The trading prices of the securities of technology companies historically have experienced high levels of volatility, and the trading price of our Class A common stock following this offering may fluctuate substantially. The price of our Class A common stock that will prevail in the market after this offering may be higher or lower than the price you pay, depending on many factors. The trading price of our Class A common stock could fluctuate as a result of the following factors, among others:

 

    announcements of new products, services or technologies, commercial relationships, acquisitions or other events by us or our competitors;

 

    changes in how customers perceive the effectiveness of our solutions in protecting against advanced cyber attacks;

 

    actual or anticipated variations in our quarterly or annual results of operations;

 

    changes in our financial guidance or estimates by securities analysts;

 

    price and volume fluctuations in the overall stock market from time to time;

 

    significant volatility in the market price and trading volume of technology companies in general and of companies in the information security industry in particular;

 

    actual or anticipated changes in the expectations of investors or securities analysts;

 

    fluctuations in the trading volume of our shares or the size of the trading market for our shares held by non-affiliates;

 

    litigation involving us, our industry, or both, including disputes or other developments relating to our ability to patent our processes and technologies and protect our other proprietary rights;

 

    regulatory developments in the United States and foreign jurisdictions in which we operate;

 

    general economic and political factors, including market conditions in our industry or the industries of our clients;

 

32


Table of Contents
    major catastrophic events;

 

    sales of large blocks of our Class A common stock; and

 

    additions or departures of key employees.

If the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price of our Class A common stock could decline for reasons unrelated to our business, results of operations or financial condition. The market price of our Class A common stock also might decline in reaction to events that affect other companies in our industry, even if these events do not directly affect us.

In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. If our stock price is volatile, we may become the target of securities litigation, which could cause us to incur substantial costs and divert our management’s attention and resources from our business.

A market may not develop for our Class A common stock and the future market price of our Class A common stock cannot be predicted.

We intend to apply to have our Class A common stock listed on the NASDAQ Global Select Market under the symbol “SCWX.” An active trading market for our Class A common stock, however, may not develop on that exchange or elsewhere or, if such a market does develop, the market may not be sustained. We cannot predict the prices at which our Class A common stock will trade. The initial public offering price of our Class A common stock was determined through negotiations between us and the underwriters of this offering and may not bear any relationship to the market price at which our Class A common stock will trade after this offering or to any other established criteria of the value of our business.

If securities or industry analysts do not publish research or reports about our business, or publish inaccurate or unfavorable research reports about our business or prospects, the market price of our Class A common stock and trading volume could decline.

We expect that the trading market for our Class A common stock will depend in part on the research and reports that securities or industry analysts publish about us, our business or our prospects. We do not have any control over these analysts. If one or more of the analysts covering us should downgrade our shares or express a change of opinion regarding our shares, the market price of our Class A common stock could decline. If one or more of these analysts should cease coverage of our company or fail to publish reports on us on a regular basis, we could lose following in the financial markets, which could cause the market price of our Class A common stock or trading volume to decline.

As a “controlled company” under the NASDAQ marketplace rules, we may rely on exemptions from certain corporate governance requirements that provide protection to stockholders of companies that are subject to such requirements.

Immediately after this offering, Denali will beneficially own more than 50% of the combined voting power of both classes of our outstanding shares of common stock. As a result, we will be a “controlled company” under the NASDAQ marketplace rules and eligible to rely on exemptions from NASDAQ corporate governance requirements generally obligating listed companies to maintain:

 

    a board of directors having a majority of independent directors;

 

    a nominating committee composed entirely of independent directors that will nominate candidates for election to the board of directors, or recommend such candidates for nomination by the board of directors; and

 

    a compensation committee composed entirely of independent directors that will approve the compensation payable to the company’s chief executive officer and other executive officers.

 

33


Table of Contents

Although we do not currently intend to rely on the foregoing exemptions from NASDAQ’s corporate governance requirements, we may decide to avail ourselves of one or more of these exemptions. During any period in which we do so, you may not have the same protections afforded to stockholders of companies that must comply with all of NASDAQ’s corporate governance requirements. Our status as a controlled company could make our Class A common stock less attractive to some investors or otherwise adversely affect its trading price.

Investors purchasing Class A common stock in this offering will experience immediate and substantial dilution.

The initial public offering price of shares of our Class A common stock is substantially higher than the net tangible book value per outstanding share of our Class A common stock. If you purchase shares of our Class A common stock in this offering, you will experience immediate dilution of $         per share, the difference between the price per share you pay (based on the midpoint of the estimated offering price range set forth on the cover page of this prospectus) for our Class A common stock and the pro forma net tangible book value per share of our Class A common stock as of                     , 2015, after giving effect to the issuance of shares of our Class A common stock in this offering. For a further description of the dilution you will experience immediately following this offering, see “Dilution.”

Future sales, or the perception of future sales, of a substantial amount of shares of our Class A common stock could depress the trading price of our Class A common stock.

Sales of a substantial number of shares of our Class A common stock in the public market after this offering, or the perception that these sales could occur, could adversely affect the market price of our Class A common stock and may make it more difficult for you to sell your shares of our Class A common stock at a time and price that you deem appropriate.

Upon the completion of this offering, we will have outstanding                  shares of our Class A common stock and                  shares of our Class B common stock (or                  shares of our Class A common stock and                  shares of our Class B common stock assuming full exercise of the underwriters’ over-allotment option), excluding              shares of our Class A common stock issued or reserved for issuance under our 2016 long-term incentive plan pursuant to equity grants to be made on the date of this prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.” Of these shares, the                  shares of Class A common stock to be sold in this offering (or                  shares if the underwriters exercise their over-allotment option in full) will be freely tradable without restriction or further registration under the Securities Act of 1933, or Securities Act, unless these shares are held by our “affiliates,” as that term is defined in Rule 144 under the Securities Act. Following this offering, Denali will own, indirectly through its subsidiary Dell Inc. and through Dell Inc.’s subsidiaries, no shares of our Class A common stock and all                  outstanding shares of our Class B common stock.

We, our directors, our executive officers and the current holders of all of our common stock and other equity securities, including Denali, each have entered into lock-up agreements providing that we and they will not offer, sell or contract to sell, directly or indirectly, any shares of our Class A common stock or securities convertible into or exchangeable for shares of our Class A common stock (including shares of Class B common stock), or engage in other specified transactions in our equity securities, without the prior written consent of Merrill Lynch, Pierce, Fenner & Smith Incorporated and Morgan Stanley & Co. LLC, on behalf of the underwriters, for a period of 180 days after the date of this prospectus, subject to certain exceptions. Any of our employees who acquire shares of our common stock or other equity securities, including awards issued under our 2016 long-term incentive plan, during this period will be subject to the same lock-up restrictions. See “Underwriters” for a description of these lock-up agreements and restrictions.

Immediately upon the expiration of the lock-up period,                  shares of Class A common stock will be freely tradable pursuant to Rule 144 under the Securities Act by non-affiliates and another                  shares of Class A common stock will be eligible for resale pursuant to Rule 144, subject to the volume, manner of sale, holding period and other requirements of Rule 144, by our officers, directors and other affiliates.

 

34


Table of Contents

Before the completion of this offering, we will enter into a registration rights agreement with Dell Marketing, Michael S. Dell, the Susan Lieberman Dell Separate Property Trust, MSDC Denali Investors, L.P., MSDC Denali EIV, LLC and the Silver Lake investment funds that own Denali common stock in which we will grant them and their respective permitted transferees demand and piggyback registration rights with respect to the shares of our Class A common stock and Class B common stock. In addition, we have entered into a registration rights agreement with the holders of our convertible notes in which we have granted such holders and their permitted transferees shelf and piggyback registration rights with respect to the shares of our Class A common stock that will be issued upon the conversion of the convertible notes at the closing of this offering. Registration of those shares under the Securities Act would permit the stockholders under each registration rights agreement to sell their shares into the public market. For more information about the registration rights, see “Shares Eligible for Future Sale—Registration Rights.”

Our issuance of additional capital stock in connection with financings, acquisitions, investments, our stock incentive plans or otherwise will dilute all other stockholders.

Our charter authorizes us to issue up to              shares of Class A common stock, up to                  shares of Class B common stock and up to                  shares of preferred stock with such rights and preferences as may be determined by our board of directors. Subject to compliance with applicable law, we may issue our shares of Class A common stock or securities convertible into our Class A common stock from time to time in connection with a financing, acquisition, investment, our stock incentive plans or otherwise. We may issue additional shares of Class A common stock from time to time at a discount to the market price of our Class A common stock at the time of issuance. Any issuance of Class A common stock could result in substantial dilution to our existing stockholders and cause the market price of our Class A common stock to decline.

Provisions in our charter and bylaws and in Delaware law could discourage takeover attempts even if our stockholders might benefit from a change in control of our company.

Provisions in our charter and bylaws and in Delaware law may discourage, delay or prevent a merger, acquisition or other change in control of our company that stockholders may favor, including transactions in which stockholders might receive a premium for their shares of Class A common stock. These provisions also could make it more difficult for you and other stockholders to elect directors of your choosing and to cause us to take other corporate actions you support, including removing or replacing our current management. The charter and bylaw provisions:

 

    provide that our Class B common stock is entitled to ten votes per share, while our Class A common stock is entitled to one vote per share, enabling Denali, as the beneficial owner of all outstanding shares of our Class B common stock upon the completion of this offering, to control the outcome of all matters submitted to a vote of our stockholders, including the election of directors;

 

    provide for the classification of the board of directors into three classes, with approximately one-third of the directors to be elected each year;

 

    limit the number of directors constituting the entire board of directors to a maximum of 15 directors, subject to the rights of the holders of any outstanding series of preferred stock, and provide that the authorized number of directors at any time will be fixed exclusively by a resolution adopted by the affirmative vote of the authorized number of directors (without regard to vacancies);

 

    provide that, at such time (if any) as the Denali Entities beneficially own capital stock representing less than 40% in voting power of the capital stock entitled to vote generally on the election of directors, any newly-created directorship and any vacancy on the board of directors may be filled only by the affirmative vote of a majority of the remaining directors then in office;

 

    provide that, at such time (if any) as the Denali Entities beneficially own capital stock representing less than 50% in voting power of the capital stock entitled to vote generally on the election of directors, directors may be removed only for cause and only by the affirmative vote of the holders of at least a majority in voting power of all outstanding shares of capital stock, voting together as a single class;

 

35


Table of Contents
    provide that a special meeting of stockholders may be called only by our chairman of the board, a majority of the directors then in office or, so long as Denali Entities beneficially own capital stock representing at least 40% in voting power of the capital stock entitled to vote generally on the election of directors, Denali;

 

    provide that, at such time (if any) as the Denali Entities beneficially own capital stock representing less than 50% in voting power of the capital stock entitled to vote generally on the election of directors, any action required or permitted to be taken by our stockholders at any annual or special meeting may not be effected by a written consent in lieu of a meeting unless such action and the taking of such action by written consent have been approved in advance by our board of directors;

 

    establish advance notice procedures for stockholders to make nominations of candidates for election as directors or to present any other business for consideration at any annual or special stockholder meeting; and

 

    provide authority for the board of directors without stockholder approval to provide for the issuance of up to                  shares of preferred stock, in one or more series, with terms and conditions, and having rights, privileges and preferences, to be determined by the board of directors.

In addition, we will become subject to Section 203 of the Delaware General Corporation Law at such time (if any) as the Denali Entities cease to own beneficially capital stock representing at least 10% in voting power of the capital stock entitled to vote generally on the election of directors. This statute prohibits a publicly held Delaware corporation from engaging in a business combination with an interested stockholder (generally a person who, together with its affiliates, owns or within the last three years has owned 15% or more of our voting stock) for a period of three years after the date of the transaction in which the person became an interested stockholder, unless the business combination is approved in prescribed manner.

Our charter designates the Court of Chancery of the State of Delaware as the sole and exclusive forum for certain types of actions and proceedings that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or with our directors, our officers or other employees, or our majority stockholder.

Our charter provides that, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware will be the exclusive forum for:

 

    any derivative action or proceeding brought on our behalf;

 

    any action asserting a claim of breach of a fiduciary duty owed by, or other wrongdoing by, any of our directors, officers or other employees, or stockholders to us or our stockholders;

 

    any action asserting a claim arising pursuant to any provision of the Delaware General Corporation Law or as to which the Delaware General Corporation Law confers jurisdiction on the Court of Chancery of the State of Delaware; or

 

    any action asserting a claim governed by the internal affairs doctrine.

Any person purchasing or otherwise acquiring any interest in shares of our capital stock is deemed to have received notice of and consented to the foregoing provisions. This choice of forum provision may limit a stockholder’s ability to bring a claim in a judicial forum that it finds more favorable for disputes with us or with our directors, our officers or other employees, or our other stockholders, including our majority stockholder, which may discourage such lawsuits against us and such other persons. Alternatively, if a court were to find this choice of forum provision inapplicable to, or unenforceable in respect of, one or more of the specified types of actions or proceedings, we may incur additional costs associated with resolving such matters in other jurisdictions, which could adversely affect our business, results of operations and financial condition.

 

36


Table of Contents

We have broad discretion in the use of the net proceeds that we receive in this offering.

We intend to use the net proceeds from this offering for working capital and other general corporate purposes, which may include financing our growth, developing new solutions and enhancements to our current solutions, and funding capital expenditures. We also may use a portion of the net proceeds to make investments in, or acquisitions of, complementary businesses, services and technologies. Accordingly, our management will have broad discretion over the specific use of the net proceeds that we receive in this offering and might not be able to obtain a significant return, if any, on investment of such net proceeds. Investors in this offering will need to rely upon the judgment of our management with respect to the use of proceeds. If we do not use the net proceeds that we receive in this offering effectively, our business, results of operations and financial condition could be harmed.

We do not expect to pay any dividends on our Class A common stock for the foreseeable future.

We intend to retain any earnings to finance the operation and expansion of our business, and do not expect to pay any cash dividends on our Class A common stock for the foreseeable future. Accordingly, investors must rely on sales of our Class A common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investment. Investors seeking cash dividends should not purchase our Class A common stock.

We are an “emerging growth company,” and our election to comply with the reduced disclosure requirements as a public company may make our Class A common stock less attractive to investors.

We qualify as an “emerging growth company” as defined in the JOBS Act. For so long as we remain an emerging growth company, we are permitted and currently intend to rely on the following provisions of the JOBS Act that contain exceptions from disclosure and other requirements that otherwise are applicable to companies that conduct initial public offerings and file periodic reports with the SEC. The JOBS Act provisions:

 

    permit us to include three years, rather than five years, of selected financial data in this prospectus;

 

    provide an exemption from the auditor attestation requirement in the assessment of our internal control over financial reporting under the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act;

 

    permit us to include reduced disclosure regarding executive compensation in this prospectus and our SEC filings as a public company; and

 

    provide an exemption from the requirement to hold a non-binding advisory vote on executive compensation and stockholder approval of any golden parachute arrangements not previously approved.

We will remain an emerging growth company until:

 

    the first to occur of the last day of the fiscal year (1) which follows the fifth anniversary of the completion of this offering, (2) in which we have total annual gross revenue of at least $1 billion or (3) in which the market value of our capital stock held by non-affiliates was $700 million or more as of the last business day of the preceding second fiscal quarter; or

 

    if it occurs before any of the foregoing dates, the date on which we have issued more than $1 billion in non-convertible debt over a three-year period.

Some investors may find our Class A common stock less attractive if we rely on these exemptions, which could result in a less active trading market for our Class A common stock and higher volatility in our stock price.

 

37


Table of Contents

We will incur increased costs as a result of operating as a public company, and our management will be required to devote substantial time to compliance with our public company responsibilities and corporate governance practices.

As a public company, and particularly after we are no longer an emerging growth company, we will incur significant legal, accounting and other expenses that we did not incur as a private company. The Sarbanes-Oxley Act, the Dodd-Frank Wall Street Reform and Consumer Protection Act, the listing requirements of the NASDAQ Global Select Market and other applicable securities rules and regulations impose various requirements on public companies. Our management and other personnel will need to devote a substantial amount of time to compliance with these requirements. Moreover, these rules and regulations will increase our legal and financial compliance costs and will make some activities more time-consuming and costly. For example, we expect that these rules and regulations may make it more difficult and more expensive for us to obtain directors’ and officers’ liability insurance, which could make it more difficult for us to attract and retain qualified members of our board of directors. We cannot predict or estimate the amount of additional costs we will incur as a public company or the timing of such costs.

As a public company, we will be obligated to develop and maintain proper and effective internal control over financial reporting and any failure to maintain the adequacy of these internal controls may adversely affect investor confidence in our company and, as a result, the value of our Class A common stock.

We will be required, pursuant to Section 404 of the Sarbanes-Oxley Act, or Section 404, to furnish a report by our management on, among other matters, the effectiveness of our internal control over financial reporting for the first full fiscal year beginning after the effective date of this offering. This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting. Our independent registered public accounting firm will not be required to attest to the effectiveness of our internal control over financial reporting until our first annual report required to be filed with the SEC following the date we are no longer an emerging growth company. We will be required to disclose significant changes made in our internal control procedures on a quarterly basis.

We are beginning the costly and challenging process of compiling the system and processing documentation necessary to perform the evaluation needed to comply with Section 404, and we may not be able to complete our evaluation, testing and any required remediation in a timely fashion. Our compliance with Section 404 will require that we incur substantial accounting expense and expend significant management efforts. Although we currently perform regulatory audits, and expect that Dell will provide specified audit services to us pursuant to the shared services agreement that we have entered into with Dell, we may need to hire additional accounting and financial staff with public company experience and technical accounting knowledge necessary to perform the evaluation needed to comply with Section 404.

During the evaluation and testing process of our internal controls, if we identify one or more material weaknesses in our internal control over financial reporting, we will be unable to assert that our internal control over financial reporting is effective. We may experience material weaknesses or significant deficiencies in our internal control over financial reporting in the future. Any failure to maintain internal control over financial reporting could severely inhibit our ability to report accurately our financial condition or results of operations. If we are unable to conclude that our internal control over financial reporting is effective, or if our independent registered public accounting firm determines we have a material weakness or significant deficiency in our internal control over financial reporting, we could lose investor confidence in the accuracy and completeness of our financial reports, the market price of our Class A common stock could decline, and we could be subject to sanctions or investigations by the SEC or other regulatory authorities. Failure to remedy any material weakness in our internal control over financial reporting, or to implement or maintain other effective control systems required of public companies, also could restrict our future access to the capital markets.

 

38


Table of Contents

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

This prospectus, including the sections entitled “Prospectus Summary,” “Risk Factors,” “Use of Proceeds,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and “Business,” contains forward-looking statements, which are statements that relate to future, rather than past, events and outcomes. Forward-looking statements generally address our expectations regarding our business, results of operations, financial condition and prospects and often contain words such as “expect,” “anticipate,” “intend,” “plan,” “target,” “seek,” “potential,” “believe,” “will,” “could,” “would” and “project” and similar words or expressions that convey the uncertainty of future events or outcomes.

The forward-looking statements in this prospectus include, but are not limited to, our statements concerning the following matters:

 

    the evolution of the cyber threat landscape facing organizations in the United States and other countries;

 

    developments and trends in the domestic and international markets for information security services;

 

    our ability to educate prospective clients about our technical capabilities and the use and benefits of our solutions, and to achieve increased market acceptance of our solutions and technologies;

 

    our beliefs and objectives regarding our prospects and our future results of operations and financial condition;

 

    the effects of increased competition in the market for information security services and our ability to compete effectively;

 

    our business plan and our ability to manage our growth effectively;

 

    our growth strategy to maintain and extend our technology leadership, expand and diversify our client base, deepen our existing client relationships and attract and retain highly skilled IT security professionals;

 

    our ability to enhance our existing solutions and technologies and develop or acquire new solutions and technologies;

 

    our plans to attract new clients, retain existing clients and increase our annual contract revenue;

 

    our expectations concerning renewal rates for subscriptions and solutions by existing clients and growth of our monthly recurring revenue;

 

    our expectations regarding our relationships with third parties, including further development of our relationships with our strategic and distribution partners;

 

    our plan to expand our international operations;

 

    our expectations regarding future acquisitions of, or investments in, complementary companies, services or technologies;

 

    our ability to continue to generate a significant portion of our revenue from clients in the financial services industry;

 

    effects on our business of evolving information security and data privacy laws and regulations, government export or import controls and any failure to comply with the Foreign Corrupt Practices Act and similar laws;

 

    our ability to maintain, protect and enhance our brand and intellectual property;

 

    costs associated with defending intellectual property infringement and other claims;

 

    fluctuations in our quarterly results of operations and other operating measures;

 

39


Table of Contents
    changes in our cost of revenue and operating costs and expenses;

 

    our expectations regarding the portions of our revenue represented by subscription revenue and professional services revenue;

 

    our expectations concerning the impact on our results of operations of development of our distribution programs and sales through our channel partners;

 

    the impact on our revenue, gross margin and profitability of future investments in enhancement of our Counter Threat Platform, development of our solutions and expansion of our sales and marketing programs;

 

    potential changes to our pricing strategy to support our strategic initiatives;

 

    sufficiency of our existing liquidity sources to meet our cash needs;

 

    our potential use of foreign exchange forward contracts to hedge our foreign currency risk;

 

    our operation after this offering under shared services and other agreements with Dell and Denali; and

 

    costs we expect to incur as a public company, including transitional costs to establish our own stand-alone corporate functions.

Our forward-looking statements are subject to a number of risks, uncertainties and assumptions, including those described in “Risk Factors” and elsewhere in this prospectus. Moreover, our business, results of operations, financial condition and prospects may be affected by new risks that could emerge from time to time. In light of these risks, uncertainties and assumptions, the forward-looking events and outcomes discussed in this prospectus may not occur and our actual results could differ materially and adversely from those expressed or implied in our forward-looking statements.

You should not rely on forward-looking statements as predictions of future events or outcomes. Although we believe that the expectations reflected in the forward-looking statements are reasonable, the results, levels of activity, performance or events and circumstances reflected in the forward-looking statements may not be achieved or occur. We undertake no obligation to update publicly any forward-looking statements after the date of this prospectus to conform such statements to changes in our expectations or to our actual results, or for any other reason, except as required by law.

 

40


Table of Contents

INDUSTRY AND MARKET DATA

Unless otherwise indicated, information contained in this prospectus concerning our industry and the markets in which we operate, including our general expectations and market position, market opportunity and market size, is based on information from various third-party sources, including reports from Gartner, Inc., or Gartner, International Data Corporation, or IDC, Forrester Research, Inc., or Forrester, Center for Strategic and International Studies, or CSIS, Enterprise Strategy Group, or ESG, Ponemon Institute, or Ponemon, PricewaterhouseCoopers LLP, or PwC, and Frost & Sullivan, or F&S, on assumptions we have made based on such information and other, similar sources and on our knowledge of the markets for our solutions. Although we are not aware of any misstatements regarding any third-party information presented in this prospectus, estimates of third parties, particularly as they relate to projections, involve numerous assumptions, are subject to risks and uncertainties, and are subject to change based on various factors, including those described in “Risk Factors” and elsewhere in this prospectus. These and other factors could cause our results to differ materially from those expressed in the estimates made by the third parties and by us, and you are cautioned not to give undue weight to such estimates.

The Gartner reports described herein represent research opinions or viewpoints published by Gartner as part of a syndicated subscription service, and are not representations of fact. Each Gartner report speaks as of its original publication date (and not as of the date of this prospectus) and the opinions expressed in the Gartner reports are subject to change without notice. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The sources of the Gartner, IDC, Forrester, CSIS, ESG, Ponemon, PwC and F&S market and industry data contained in this prospectus are provided below:

 

    Gartner, Forecast: Information Security, Worldwide, 2013-2019, 1Q15 Update, April 28, 2015

 

    Gartner, Magic Quadrant for Managed Security Services, Worldwide, December 30, 2014

 

    IDC, IDC MarketScape: Worldwide Managed Security Services, 2014 Vendor Assessment, June 2014

 

    Forrester, The Forrester Wave™: Managed Security Services: North America, Q4 2014, November 18, 2014

 

    CSIS, Net Losses: Estimating the Global Cost of Cybercrime, June 2014

 

    ESG, 2015 IT Spending Intentions Survey, February 2015

 

    ESG, 2014 IT Spending Intentions Survey, February 2014

 

    ESG, 2013 IT Spending Intentions Survey, January 2013

 

    ESG, 2012 IT Spending Intentions Survey, January 2012

 

    Ponemon, 2015 Global Megatrends in Cybersecurity, February 2015

 

    PwC, Managing cyber risks in an interconnected world, September 30, 2014

 

    F&S, Global Managed Security Services Market – Threat Detection and Remediation to Emerge as a Key Market Engine Over the Forecast Period, March 2015

 

41


Table of Contents

USE OF PROCEEDS

We estimate that the net proceeds from our issuance and sale of                  shares of our Class A common stock in this offering will be approximately $         million, or approximately $         million if the underwriters exercise their over-allotment option in full, based on an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us.

Each $1.00 increase or decrease in the assumed initial public offering price of $         per share would increase or decrease, as applicable, the net proceeds to us from this offering by approximately $         million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same, after deducting estimated underwriting discounts and commissions and other estimated offering expenses payable by us. We also may increase or decrease the number of shares we are offering. Each increase or decrease of 1.0 million in the number of shares offered by us would increase or decrease, as applicable, the net proceeds that we receive from this offering by approximately $         million if the assumed initial public offering price remains the same, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us. We do not expect that a change by these amounts in the assumed initial public offering price or the number of shares we are offering would have a material effect on our uses of the proceeds from this offering, although a reduction in expected net proceeds could accelerate the time at which we would need to seek additional capital.

The principal purposes of this offering are to increase our financial flexibility, create a public market for our Class A common stock, obtain additional capital and increase our recognition in the marketplace. We intend to use the net proceeds from this offering for working capital and other general corporate purposes, which may include financing our growth, developing new solutions and enhancements to our current solutions, and funding capital expenditures. We also may use a portion of the net proceeds to make investments in, or acquisitions of, complementary businesses, services and technologies. We do not have any existing agreements or commitments for any specific investments or acquisitions. We do not intend to transfer any net proceeds we receive from this offering to Denali, Dell or their respective affiliates, other than payments in the ordinary course of business under one or more of the agreements described under “Certain Relationships and Related Transactions—Operating and Other Agreements Between Dell or Denali and Us.”

Our expected uses of the net proceeds from this offering represent our intentions based on our present plans and business conditions. We cannot predict with certainty all of the particular uses for such proceeds or the amounts that we actually will spend on the uses specified above. Accordingly, our management will have significant flexibility in applying the net proceeds of this offering.

The timing and amount of our actual application of the net proceeds from this offering will be based on many factors, including our cash flows from operations and the actual and anticipated growth of our business. Pending the uses set forth above, we intend to invest the net proceeds from this offering in a variety of investments, including short-term and intermediate-term, interest-bearing securities.

 

42


Table of Contents

DIVIDEND POLICY

We currently expect to retain all available funds and any future earnings for use in the operation and expansion of our business. We do not anticipate paying cash dividends on our Class A common stock or Class B common stock in the foreseeable future. Any future determination to declare cash dividends will be made at the discretion of our board of directors and will depend on our financial condition, results of operations, capital requirements, general business conditions, any restrictions under debt or other agreements, and other factors that our board of directors may consider relevant.

 

43


Table of Contents

CAPITALIZATION

The following table sets forth our cash and cash equivalents and our total capitalization as of October 30, 2015:

 

    on an actual basis;

 

    on a pro forma basis to give effect to our capitalization as it will be in effect immediately before the closing of this offering; and

 

    on a pro forma as adjusted basis to give effect to our sale of             shares of our Class A common stock in this offering at an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us.

You should read the following information together with the information under “Selected Condensed Combined Financial Data,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our combined financial statements and accompanying notes included elsewhere in this prospectus.

 

     As of October 30, 2015  
     Actual      Pro
Forma (1)
     Pro Forma
(as adjusted) (2)
 
            (unaudited)  
     (in thousands except share and per share data)  

Cash and cash equivalents

   $ 39,451       $                    $                
  

 

 

    

 

 

    

 

 

 

Long-term convertible notes

   $ 27,993       $         $     

Equity:

        

Total parent company equity

     616,006                   

Preferred Stock, par value $0.01 per share: 0 shares authorized, actual;                  shares authorized, 0 shares issued or outstanding, pro forma;                  shares authorized, 0 shares issued or outstanding, pro forma, as adjusted

     —           

Class A common stock, par value $0.01 per share: 0 shares authorized, actual;                  shares authorized,                  shares issued or outstanding, pro forma;                  shares authorized,                  shares issued or outstanding, pro forma, as adjusted

     —           

Class B common stock, par value $0.01 per share: 0 shares authorized, actual;                  shares authorized,              shares issued or outstanding, pro forma;                  shares authorized,                  shares issued or outstanding, pro forma, as adjusted

     —           

Additional paid-in capital

     —           

Accumulated deficit

     —           
  

 

 

    

 

 

    

 

 

 

Total equity

   $ 616,006       $         $     
  

 

 

    

 

 

    

 

 

 

Total capitalization

   $ 643,999       $         $     
  

 

 

    

 

 

    

 

 

 

 

(1) The number of shares of Class A common stock and Class B common stock issued and outstanding on a pro forma and pro forma as adjusted basis in the table above includes the following shares:

 

                 shares of Class A common stock that will be issued upon the conversion of our outstanding convertible notes at the closing of this offering based on an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus; and

 

                 restricted shares of our Class A common stock to be granted under our 2016 long-term incentive plan on the date of this prospectus, based on an assumed initial public offering price of $             per share, which is the midpoint of the estimated offering price range set forth on the cover page of the prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.”

 

44


Table of Contents

The number of shares of Class A common stock and Class B common stock issued and outstanding on a pro forma and pro forma as adjusted basis in the table above excludes the following shares as of                         , 2016:

 

                     shares of our Class A common stock that may be issuable upon the conversion of the              outstanding shares of our Class B common stock; and

 

                     shares of our Class A common stock reserved for issuance under our 2016 long-term incentive plan pursuant to grants of restricted stock units and stock options to be made on the date of this prospectus, based on an assumed initial public offering price of $             per share, which is the midpoint of the estimated offering price range set forth on the cover page of the prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.”

 

(2) Each $1.00 increase or decrease in the assumed initial public offering price of $         , which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, would increase or decrease, as applicable, the amount of our pro forma as adjusted cash and cash equivalents, additional paid-in capital, total equity and total capitalization by approximately $         , assuming that the number of shares of Class A common stock offered by us, as set forth on the cover page of this prospectus, remains the same, after deducting the estimated underwriting discounts and commissions and other estimated offering expenses payable by us. An increase or decrease of 1.0 million shares in the number of shares offered by us would increase or decrease the amount of our pro forma as adjusted cash and cash equivalents, additional paid-in capital, total equity and total capitalization by approximately $         million if the assumed initial public offering price remains the same, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us.

 

45


Table of Contents

DILUTION

If you invest in our Class A common stock, your ownership interest will be diluted to the extent of the difference between the initial public offering price per share of our Class A common stock and the pro forma as adjusted net tangible book value per share of our Class A common stock and Class B common stock upon the closing of this offering. Our pro forma net tangible book value gives effect to our capitalization as it will be in effect immediately before the closing of this offering. Our pro forma as adjusted net tangible book value is further adjusted to give effect to our sale of              shares of our Class A common stock in this offering at an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us.

Our pro forma net tangible book value represents the amount of our total tangible assets less our total liabilities, divided by the total number of pro forma shares of our common stock outstanding. As of October 30, 2015, our pro forma net tangible book value was $         , or $         per share of our common stock.

After giving effect to the sale of shares of our Class A common stock at an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us, our pro forma as adjusted net tangible book value as of October 30, 2015 would have been $         , or $         per share of our common stock. This represents an immediate increase in pro forma as adjusted net tangible book value of $         per share to Denali, as the sole holder (indirectly through its wholly-owned subsidiaries) of our existing common stock before this offering, and an immediate dilution of $         per share to investors purchasing shares of Class A common stock at the assumed initial public offering price.

The following table illustrates this dilution:

 

Assumed initial public offering price per share

      $                

Pro forma net tangible book value per share as of October 30, 2015

   $                   

Increase in pro forma net tangible book value per share attributable to investors purchasing shares of Class A common stock in this offering

     
  

 

 

    

Pro forma as adjusted net tangible book value per share after giving effect to this offering

     
     

 

 

 

Dilution in pro forma as adjusted net tangible book value per share to new investors

      $     
     

 

 

 

If the underwriters exercise their option to purchase additional shares of our Class A common stock in full, the pro forma as adjusted net tangible book value per share of our common stock would be $         per share, and the dilution in pro forma net tangible book value per share to investors in this offering would be $         per share of Class A common stock.

 

46


Table of Contents

The following table sets forth, as of October 30, 2015, the differences between the number of shares of Class A common stock purchased from us, the total price paid and the average price per share (on a pro forma as adjusted basis) paid by Dell, now a wholly-owned subsidiary of Denali, in its acquisition of us on February 8, 2011, and by the new investors in this offering at an assumed initial offering public offering price of $         per share, before deducting the estimated underwriting discounts and commissions and other estimated offering expenses payable by us. The table below does not reflect the $             million of aggregate net transfers from Dell to us since the date of the acquisition.

 

     Shares Purchased     Total Consideration     Average Price
Per Share
 
     Number    Percent     Number      Percent    
                (in thousands)               

Dell (on a pro forma as adjusted basis)

        100   $ 612,123                $               

New investors

            
  

 

  

 

 

   

 

 

    

 

 

   

Total

        100   $           100 %   $        
  

 

  

 

 

   

 

 

    

 

 

   

If the underwriters’ over-allotment option is exercised in full:

 

    the number of shares of common stock held by Denali (indirectly through its wholly-owned subsidiaries) will represent approximately     % of the total number of shares of our common stock outstanding after this offering; and

 

    the number of shares held by new investors will represent approximately     % of the total number of shares of our common stock outstanding after this offering.

The number of shares of our Class A common stock that will be outstanding after this offering includes the following shares:

 

                 shares of Class A common stock that will be issued upon the conversion of our outstanding convertible notes at the closing of this offering based on an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus; and

 

                 restricted shares of our Class A common stock to be granted under our 2016 long-term incentive plan on the date of this prospectus, based on an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of the prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.”

The number of shares of Class A common stock that will be outstanding after this offering excludes the following shares as of                         , 2016:

 

                 shares of our Class A common stock that may be issuable upon the conversion of the outstanding shares of our Class B common stock; and

 

                 shares of our Class A common stock reserved for issuance under our 2016 long-term incentive plan pursuant to grants of restricted stock units and stock options to be made on the date of this prospectus, based on an assumed initial public offering price of $         per share, which is the midpoint of the estimated offering price range set forth on the cover page of the prospectus, as described under “Executive Compensation—Benefit Plans—SecureWorks Corp. 2016 Long-Term Incentive Plan—Initial Grants.”

 

47


Table of Contents

SELECTED CONDENSED COMBINED FINANCIAL DATA

The following tables present our selected condensed combined financial data. The condensed combined statements of operations for the periods ended October 30, 2015 and October 31, 2014 and the condensed combined statements of financial position as of October 30, 2015 have been derived from our unaudited condensed combined financial statements included elsewhere in this prospectus. The condensed combined statements of operations for the periods ended January 30, 2015, January 31, 2014, October 28, 2013 and February 1, 2013 and the condensed combined statements of financial position as of January 30, 2015 and January 31, 2014 are derived from our audited combined financial statements included elsewhere in this prospectus. The unaudited condensed combined financial statements have been prepared on the same basis as the audited combined financial statements and, in the opinion of our management, include all adjustments necessary to fairly state the information set forth herein.

The selected condensed combined financial data presented below should be read in conjunction with our audited combined financial statements and accompanying notes and our unaudited condensed combined financial statements and accompanying notes, as well as “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” included elsewhere in this prospectus. Our financial information may not be indicative of our future performance and does not necessarily reflect what our financial position and results of operations would have been if we had operated as a stand-alone public company during the periods presented, including changes that will occur in our operations and capitalization as a result of this offering.

 

    Successor     Successor   Predecessor  
    Three Months
Ended
    Nine Months
Ended
    Fiscal Year
Ended
    October 29,
2013 through
         February 2,
2013 through
    Fiscal Year
Ended
 
    October 30,
2015
    October 31,
2014
    October 30,
2015
    October 31,
2014
    January 30,
2015
    January 31,
2014
         October 28,
2013
    February 1,
2013
 
    (in thousands)  
    (unaudited)     (unaudited)                               

Results of Operations:

                   

Net revenue

  $ 88,187      $ 66,775      $ 245,441      $ 190,718      $ 262,130      $ 54,350          $ 151,480      $ 172,803   

Gross margin

  $ 42,722      $ 30,827      $ 111,263      $ 85,192      $ 117,284      $ 23,551          $ 69,072      $ 79,447   

Operating expenses

  $ 67,567      $ 44,817      $ 194,787      $ 131,961      $ 178,377      $ 41,267          $ 119,604      $ 141,606   

Operating loss

  $ (24,845   $ (13,990   $ (83,524   $ (46,769   $ (61,093   $ (17,716       $ (50,532   $ (62,159

Net loss

  $ (18,528   $ (8,762   $ (57,482   $ (29,524   $ (38,490   $ (11,775       $ (32,740   $ (41,547

The following table presents our selected historical combined balance sheet information as of the dates indicated:

 

     Successor  
     October 30,
2015
     January 30,
2015
     January 31,
2014
 
     (in thousands)  
     (unaudited)                

Balance Sheet:

        

Cash and cash equivalents

   $ 39,451       $ 6,669       $ 2,426   

Accounts receivable

   $ 83,681       $ 70,907       $ 47,160   

Total assets

   $ 916,087       $ 878,431       $ 865,473   

Short-term deferred revenue

   $ 91,864       $ 82,188       $ 47,954   

Long-term deferred revenue

   $ 16,030       $ 11,040       $ 10,999   

Long-term convertible notes

   $ 27,993         —           —     

Total parent company equity

   $ 616,006       $ 622,040       $ 634,748   

 

48


Table of Contents

Non-GAAP Financial Measures

In this prospectus, we use supplemental measures of our performance, which are derived from our combined financial information, but which are not presented in our combined financial statements prepared in accordance with generally accepted accounting principles in the United States of America, referred to as GAAP. Non-GAAP financial measures presented in this prospectus include non-GAAP revenue, non-GAAP gross margin, non-GAAP operating expenses, non-GAAP operating loss, non-GAAP net loss and adjusted EBITDA. We use non-GAAP financial measures to supplement financial information presented on a GAAP basis. We believe these non-GAAP financial measures provide useful information to help evaluate our operating results by facilitating an enhanced understanding of our operating performance and enabling more meaningful period-to-period comparisons. There are limitations to the use of the non-GAAP financial measures presented in this prospectus. Our non-GAAP financial measures may not be comparable to similarly titled measures of other companies. Other companies, including companies in our industry, may calculate non-GAAP financial measures differently than we do, limiting the usefulness of those measures for comparative purposes.

Non-GAAP revenue, non-GAAP gross margin, non-GAAP operating expenses, non-GAAP operating loss and non-GAAP net loss, as defined by us, exclude the following items: the impact of purchase accounting adjustments primarily related to a change in the basis of deferred revenue for Dell’s going-private transaction discussed in “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Our Relationship with Dell and Denali—Recognition of Dell’s Going-Private Transaction,” as well as the acquisition of our company by Dell in fiscal 2012; amortization of intangible assets; other expenses, which consist of professional fees incurred in connection with this offering as well as amounts accrued for a legal matter; and for non-GAAP net income, an aggregate adjustment for income taxes. In addition to interest and other expenses, taxes, depreciation and amortization, adjusted EBITDA excludes purchase accounting adjustments primarily related to deferred revenue, stock-based compensation expense and other expenses. As the excluded items can have a material impact on earnings, our management compensates for this limitation by relying primarily on GAAP results and using non-GAAP financial measures supplementally. The non-GAAP financial measures are not meant to be considered as indicators of performance in isolation from or as a substitute for revenue, gross margin, operating expenses, operating loss or net loss prepared in accordance with GAAP, and should be read only in conjunction with financial information presented on a GAAP basis.

The following tables present our non-GAAP financial measures for each of the periods presented. For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Basis of Presentation” and “Notes to Audited Consolidated Financial Statements—Note 1—Description of the Business and Basis of Presentation” for more information on the predecessor and successor periods.

 

    Three Months Ended     Nine Months Ended     For the Fiscal Year Ended  
    Successor     Successor     Successor     Successor     Successor     Combined     Predecessor  
    October 30,
2015
    October 31,
2014
    October 30,
2015
    October 31,
2014
    January 30,
2015
    January 31,
2014
    February 1,
2013
 
    (in thousands)  
    (unaudited)    

(unaudited)

                   

Non-GAAP Results of Operations:

             

Non-GAAP net revenue

  $ 88,879      $ 69,960      $ 247,518      $ 200,274      $ 274,871      $ 216,190      $ 177,703   

Non-GAAP gross margin

  $ 46,865      $ 37,463      $ 128,560      $ 105,100      $ 143,829      $ 114,113      $ 94,066   

Non-GAAP operating expenses

  $ 61,967      $ 40,546      $ 174,582      $ 119,148      $ 161,293      $ 145,162      $ 128,401   

Non-GAAP operating loss

  $ (15,102   $ (3,083   $ (46,022   $ (14,047   $ (17,464   $ (31,049   $ (34,335

Non-GAAP net loss

  $ (12,512   $ (1,977   $ (34,322   $ (9,169   $ (11,350   $ (21,483   $ (24,366

Adjusted EBITDA

  $ (12,110   $ (302   $ (36,867   $ (5,739   $ (6,142   $ (16,141   $ (19,518

 

49


Table of Contents

Reconciliation of Non-GAAP Financial Measures

The table below presents a reconciliation of each non-GAAP financial measure to its most directly comparable GAAP financial measure. We encourage you to review the reconciliations in conjunction with the presentation of the non-GAAP financial measures for each of the periods presented. In future fiscal periods, we may exclude such items and may incur income and expenses similar to these excluded items. Accordingly, the exclusion of these items and other similar items in our non-GAAP presentation should not be interpreted as implying that these items are non-recurring, infrequent or unusual.

The following is a summary of the items excluded from the most comparable GAAP financial measures to calculate our non-GAAP financial measures:

 

    Impact of Purchase Accounting. The impact of purchase accounting consists primarily of purchase accounting adjustments related to a change in the basis of deferred revenue for Dell’s going-private transaction discussed in “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Our Relationship with Dell and Denali—Recognition of Dell’s Going-Private Transaction,” as well as the acquisition of our company by Dell in fiscal 2012.

 

    Amortization of Intangible Assets. Amortization of intangible assets consists of amortization of customer relationships and acquired technology. In connection with Dell’s going-private transaction and the acquisition of us by Dell in fiscal 2012, all of our tangible and intangible assets and liabilities were accounted for and recognized at fair value on the transaction date. Accordingly, for the successor periods, amortization of intangible assets consists of amortization associated with intangible assets recognized in connection with this transaction. In comparison, for the predecessor periods, amortization of intangible assets consists of amortization associated with purchased intangible assets recognized in connection with the acquisition of us by Dell.

 

    Other Expenses. Other expenses include professional fees incurred by us in connection with this offering and amounts expensed in the settlement of a legal matter. We are excluding these expenses for the purpose of calculating the non-GAAP financial measures presented below because we believe these items are outside our ordinary course of business and do not contribute to a meaningful evaluation of our current operating performance or comparisons to our past operating performance. Professional fees incurred by us in connection with this offering prior to the first nine months of fiscal 2016 were not significant.

 

    Aggregate Adjustment for Income Taxes. The aggregate adjustment for income taxes is the estimated combined income tax effect for the adjustments mentioned above. The tax effects are determined based on the tax jurisdictions where the above items were incurred.

 

50


Table of Contents
    Three Months Ended     Nine Months Ended     Fiscal Year Ended  
    Successor     Successor     Successor     Successor     Successor     Combined (1)     Predecessor  
    October 30,
2015
    October 31,
2014
    October 30,
2015
    October 31,
2014
    January 30,
2015
    January 31,
2014
    February 1,
2013
 
    (in thousands)  
   

(unaudited)

    (unaudited)              

GAAP revenue

  $ 88,187      $ 66,775      $ 245,441      $ 190,718      $ 262,130      $ 205,830      $ 172,803   

Impact of purchase accounting

    692        3,185        2,077        9,556        12,741        10,360        4,900   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP revenue

  $ 88,879      $ 69,960      $ 247,518      $ 200,274      $ 274,871      $ 216,190      $ 177,703   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

GAAP gross margin

  $ 42,722      $ 30,827      $ 111,263      $ 85,192      $ 117,284      $ 92,623      $ 79,447   

Amortization of intangibles

    3,410        3,410        10,230        10,231        13,642        10,700        9,719   

Impact of purchase accounting

    733        3,226        2,199        9,677        12,903        10,790        4,900   

Other

  $ —        $ —        $ 4,868      $ —        $ —        $ —        $ —     
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP gross margin

  $ 46,865      $ 37,463      $ 128,560      $ 105,100      $ 143,829      $ 114,113      $ 94,066   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

GAAP operating expenses

  $ 67,567      $ 44,817      $ 194,787      $ 131,961      $ 178,377      $ 160,871      $ 141,606   

Amortization of intangibles

    (3,524     (4,042     (11,136     (12,126     (16,168     (15,480     (13,205

Impact of purchase accounting

    (229     (229     (688     (687     (916     (229     —     

Other

    (1,847     —          (8,381     —          —          —          —     
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP operating expenses

  $ 61,967      $ 40,546      $ 174,582      $ 119,148      $ 161,293      $ 145,162      $ 128,401   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

GAAP operating loss

  $ (24,845   $ (13,990   $ (83,524   $ (46,769   $ (61,093   $ (68,248   $ (62,159

Amortization of intangibles

    6,934        7,452        21,367        22,357        29,810        26,180        22,924   

Impact of purchase accounting

    962        3,455        2,886        10,365        13,819        11,019        4,900   

Other

    1,847        —          13,249        —          —          —          —     
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP operating loss

  $ (15,102   $ (3,083   $ (46,022   $ (14,047   $ (17,464   $ (31,049   $ (34,335
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

GAAP net loss

  $ (18,528   $ (8,762   $ (57,482   $ (29,524   $ (38,490   $ (44,515   $ (41,547

Amortization of intangibles

    6,934        7,452        21,367        22,357        29,810        26,180        22,924   

Impact of purchase accounting

    962        3,455        2,886        10,365        13,819        11,019        4,900   

Other

    1,847        —          13,249        —          —          —          —     

Aggregate adjustment for income taxes

    (3,727     (4,122     (14,342     (12,367     (16,489     (14,167     (10,643
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP net loss

  $ (12,512   $ (1,977   $ (34,322   $ (9,169   $ (11,350   $ (21,483   $ (24,366
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

GAAP net loss

  $ (18,528   $ (8,762   $ (57,482   $ (29,524   $ (38,490   $ (44,515   $ (41,547

Interest and other, net

    5,724        (51     6,239        202        142        175        188   

Income tax benefit

    (12,041     (5,177     (32,281     (17,447     (22,745     (23,908     (20,800

Depreciation and amortization

    9,982        10,306        30,703        30,889        41,425        37,027        31,840   

Stock-based compensation expense

    214        197        628        585        785        4,331        5,901   

Impact of purchase accounting

    692        3,185        2,077        9,556        12,741        10,749        4,900   

Other

    1,847        —          13,249        —          —          —          —     
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Adjusted EBITDA

  $ (12,110   $ (302   $ (36,867   $ (5,739   $ (6,142   $ (16,141   $ (19,518
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

 

(1) For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Basis of Presentation” and “Notes to Audited Combined Financial Statements—Note 1—Description of the Business and Basis of Presentation” for more information on the predecessor and successor periods.

 

51


Table of Contents

MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

This management’s discussion and analysis should be read in conjunction with our audited and unaudited financial statements and accompanying notes included elsewhere in this prospectus. In addition to historical financial information, the following discussion contains forward-looking statements that reflect our plans, estimates and beliefs. Our actual results could differ materially from those discussed or implied in our forward-looking statements. Factors that could cause or contribute to these differences include those discussed in “Risk Factors” and elsewhere in this prospectus.

Our fiscal year is the 52- or 53-week period ending on the Friday nearest January 31. We refer to our fiscal years ended January 29, 2016, January 30, 2015, January 31, 2014 and February 1, 2013, as fiscal 2016, fiscal 2015, fiscal 2014 and fiscal 2013, respectively. Each of these fiscal years includes 52 weeks. All percentage amounts and ratios presented in this management’s discussion and analysis were calculated using the underlying data in thousands. Unless otherwise indicated, all changes identified for the current-period results represent comparisons to results for the prior corresponding fiscal periods.

Overview

We are a leading global provider of intelligence-driven information security solutions exclusively focused on protecting our clients from cyber attacks. We have pioneered an integrated approach that delivers a broad portfolio of information security solutions to organizations of varying sizes and complexities. Our solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real-time, prioritize and respond rapidly to security breaches and predict emerging threats. The solutions leverage our proprietary technologies, processes and extensive expertise in the information security industry, which we have developed over the past 16 years.

Our mission is to secure our clients by providing exceptional intelligence-driven information security solutions. We were founded in 1999, when we opened our first counter threat operations center in Atlanta, Georgia to support our managed security business. We began providing security and risk consulting offerings to our clients in 2005. In 2006, we acquired LURHQ Corporation, a leading provider of security information and event monitoring solutions to enterprises. In addition, we launched our information security offerings. Shortly thereafter, we focused our growth strategy on expanding into new market segments and geographic regions. In 2008, we launched our log management solution, among other new solutions. We began offering our managed web application firewall solutions in 2009, shortly before we acquired Verisign, Inc.’s managed security business. In the same year, we also expanded internationally through the acquisition of dns Limited, a managed security and consulting organization, which operated in London, England and in Edinburgh, Scotland. From 2009 to 2012, we capitalized on all of our investments, both organic and acquired, and integrated these technologies into the Counter Threat Platform. This platform provides our clients with a comprehensive view of their network environments and security threats, while adapting to a constantly evolving threat landscape. From April 2009 to October 2015, the number of events processed by our technology platform increased from five billion to as many as 150 billion events per day. Over the last several years, we have continued to expand our offerings, including through the recent launch of our advanced endpoint threat detection solution and our advanced malware protection and detection solution. Further, our client base has grown approximately 28% from approximately 3,200 managed security clients as of February 1, 2013 to over 4,100 managed security clients as of October 30, 2015.

We sell our solutions to clients of all sizes primarily through our direct sales organization, supplemented by sales through our channel partners. Over all of the periods presented in this management’s discussion and analysis, approximately 94% of our revenue was generated through our direct sales force, in some cases in collaboration with members of Dell’s sales force, with the remaining portion generated through our channel partners. As we focus on further developing our strategic and distribution relationships, we expect that sales from channel partners will account for an increasing percentage of our future revenue.

 

52


Table of Contents

Sales to prospective clients involve educating organizations about our technical capabilities and the use and benefits of our solutions. Large clients considering deployments typically undertake a substantial evaluation and approval process before subscribing to our solutions. As a result, although our typical sales cycles are three to nine months, they can exceed 12 months for larger clients.

Our intelligence-driven information security solutions offer an innovative approach to prevent, detect, respond to and predict cybersecurity breaches. Through our managed security offerings, which are sold on a subscription basis, we provide global visibility and insight into malicious activity, enabling our clients to detect and effectively remediate threats quickly. Threat intelligence, which is typically deployed as part of our managed security offerings, delivers early warnings of vulnerabilities and threats along with actionable information to help prevent any adverse impact. In addition to these solutions, we also offer a variety of professional services, which include security and risk consulting and incident response. Through security and risk consulting, we advise clients on a broad range of security and risk-related matters. Incident response, which is typically deployed along with security and risk consulting, minimizes the impact and duration of security breaches through proactive client preparation, rapid containment and thorough event analysis followed by effective remediation. We continuously evaluate potential investments and acquisitions of businesses, services and technologies that could complement our existing offerings. We have a single organization responsible for the delivery of our security solutions, which enables us to respond quickly to our client’s evolving needs.

Our subscription contracts typically range from one to three years in duration, and as of October 30, 2015, averaged two years in duration. Our initial contracts with clients may include amounts for hardware, installation and professional services that may not recur. Revenue related to these contracts is recognized ratably over the term of the contract. Our professional services engagements generally are sold pursuant to contracts that are shorter in duration, and revenue from these contracts is recognized as services are performed. The fees we charge for our solutions vary based on a number of factors, including the solutions selected, the number of client devices covered by the selected solutions, and the level of management we provide for the solutions. Over all of the periods presented, approximately 80% of our revenue was derived from subscription-based solutions, attributable to managed security contracts, while approximately 20% was derived from professional services engagements. As we respond to the evolving needs of our clients, the mix of subscription-based solutions to professional services we provide our clients may fluctuate.

We have experienced significant growth since our inception. Our total revenue was $262.1 million in fiscal 2015, $205.8 million in fiscal 2014 and $172.8 million in fiscal 2013, representing annual growth of 27% and 19%, respectively. In addition, our total revenue was $245.4 million and $190.7 million in the first nine months of fiscal 2016 and fiscal 2015, respectively, representing a 29% growth rate. Our subscription revenue was $207.2 million in fiscal 2015, $170.2 million in fiscal 2014 and $145.1 million in fiscal 2013, for annual growth of 22% and 17%, respectively. In addition, our subscription revenue was $195.6 million and $149.9 million in the first nine months of fiscal 2016 and fiscal 2015, respectively, representing a 31% growth rate. As we have continued to invest in our business, we incurred net losses of $57.5 million in the first nine months of fiscal 2016, $38.5 million in fiscal 2015, $44.5 million in fiscal 2014 and $41.5 million in fiscal 2013. We believe these investments are critical to our success, although they may impact our near-term profitability. As of October 30, 2015, we served over 4,100 managed security clients across 61 countries.

In fiscal 2015, fiscal 2014 and fiscal 2013, revenue attributable to clients located outside the United States represented approximately 12%, 12% and 8%, respectively, of total net revenue. In addition, revenue from outside the United States contributed approximately 12% of our total net revenue during the nine months of fiscal 2016. Our international clients are located primarily in Europe and Canada as of October 30, 2015, but we are focused on continuing to expand our international client base into other regions in the upcoming years.

Key Factors Affecting Our Performance

We believe that our future success will depend on many factors, including the adoption of our solutions by organizations, continued investment in our Counter Threat Platform and threat intelligence research, our

 

53


Table of Contents

introduction of new solutions, our ability to increase sales of our solutions to new and existing clients and our ability to attract and retain top talent. Although these areas present significant opportunities, they also present risks that we must manage to ensure our future success. See “Risk Factors” for additional information about these risks. We operate in a highly competitive industry and face, among other competitive challenges, pricing pressures within the information security market as a result of action by our larger competitors to reduce the prices of their security monitoring, detection and prevention products, and managed security services. We must continue to efficiently manage our investments and effectively execute our strategy to succeed. If we are unable to address these challenges, our business could be adversely affected.

Adoption of Intelligence-Driven Solution Strategy. The evolving landscape of applications, modes of communication and IT architectures makes it increasingly challenging for organizations of all sizes to protect their critical business assets, including proprietary information, from cyber threats. New technologies heighten security risks by increasing the number of ways a threat actor can attack a target, by giving users greater access to important business networks and information and by facilitating the transfer of control of underlying applications and infrastructure to third-party vendors. An effective cyber defense strategy requires the coordinated deployment of multiple products and services tailored to an organization’s specific security needs. Our integrated suite of solutions is designed to facilitate the successful implementation of such a strategy, but continual investment in, and adaptation of, our technology will be required as the threat landscape continues to evolve rapidly. The degree to which prospective and current clients recognize the mission-critical nature of our intelligence-driven information security solutions, and subsequently allocate budget dollars to our solutions, will affect our future financial results.

Investment in Our Platform and Threat Intelligence Research. Our Counter Threat Platform constitutes the core of our intelligence-driven information security solutions. It provides our clients with a powerful integrated perspective and intelligence regarding their network environments and security threats. The platform is augmented by our Counter Threat Unit research team, which conducts exclusive research into threat actors, uncovers new attack techniques, analyzes emerging threats and evaluates the risks posed to our clients. Our performance is significantly dependent on the investments we make in our research and development efforts, and on our ability to be at the forefront of threat intelligence research, and to adapt our platform to new technologies as well as to changes in existing technologies. Our investments in this area have included a 82% increase in our research and development staff from February 1, 2013 to October 30, 2015 and an increase in research and development expense of approximately 81% during this period. We believe that investment in our platform will contribute to long-term revenue growth, but it may adversely affect our near-term profitability.

Introduction of New Information Security Solutions. Our performance is significantly dependent on our ability to continue to innovate and introduce new information security solutions that protect our clients from an expanding array of cybersecurity threats. We continue to invest in solutions innovation and leadership, including hiring top technical talent and focusing on core technology innovation. In addition, we will continue to evaluate and utilize third-party proprietary technologies, where appropriate, for the continuous development of complementary offerings. We cannot be certain that we will realize increased revenue from our solutions development initiatives. We believe that our investment in solutions development will contribute to long-term revenue growth, but it may adversely affect our near-term profitability.

Investments in Expanding Our Client Base and Deepening Our Client Relationships. To support future sales, we will need to continue to devote significant resources to the development of our global sales force. We have made and plan to continue to make significant investments in expanding our sales teams and distribution programs with our channel partners and increasing awareness of our brand. Any investments we make in our sales and marketing operations will occur before we realize any benefits from such investments. Therefore, it may be difficult for us to determine if we are efficiently allocating our resources in this area. The investments we have made, or intend to make, to strengthen our sales and marketing efforts may not result in an increase in revenue or an improvement in our results of operations. Although we believe our investment in sales and marketing will help us improve our results of operations in the long term, the resulting increase in operating

 

54


Table of Contents

expenses attributable to these functions sales and marketing may adversely affect our profitability in the near term. The continued growth of our business also depends in part on our ability to sell additional solutions to our existing clients. As our clients realize the benefits of the solutions they previously purchased, our portfolio of solutions provides us with a significant opportunity to sell additional solutions.

Investment in Our People. The difficulty in providing effective information security is exacerbated by the highly competitive environment for identifying, hiring and retaining qualified information security professionals. Our technology leadership, brand, exclusive focus on information security, client-first culture, and robust training and development program have enabled us to attract and retain highly talented professionals with a passion for building a career in the information security industry. These professionals are led by a highly experienced and tenured management team with extensive IT security expertise and a record of developing successful new technologies and solutions to help protect our clients. We will continue to invest in attracting and retaining top talent to support and enhance our information security offerings.

Key Operating Metrics

Over the periods presented, we have experienced broad growth across our portfolio of intelligence-driven information security solutions. Our growth strategy focuses on retaining our client base while maximizing the lifetime value of our relationships, adding new clients and expanding the capabilities of our solutions. We believe the key operating metrics described below provide insight into the long-term value of our subscription agreements and our ability to maintain and grow our client relationships.

 

     October 30,
2015
     January 30,
2015
     January 31,
2014
     February 1,
2013
 

Client base

     4,100         3,800            3,500            3,200      

Monthly recurring revenue (in millions)

   $ 28.3       $ 22.7       $ 18.7       $ 15.0   

Revenue retention rate

     105%         97%         102%         99%   

Client Base. We define our client base as the number of clients who subscribe to our managed security solutions at a point in time. We believe that our ability to increase our client base is an indicator of our market penetration, the growth of our business and the value of our solutions. We also believe our existing client base represents significant future revenue and growth opportunities for us. As of October 30, 2015, January 30, 2015, January 31, 2014 and February 1, 2013, we served approximately 4,100, 3,800, 3,500 and 3,200 subscription clients, respectively. The increase in our client base over this period is primarily related to an increase in the volume and complexity of cyber attacks and the results of our sales and marketing efforts to increase the awareness of our solutions. Our client base provides us with a significant opportunity to expand our professional services revenue. As of October 30, 2015, approximately 50% of our professional services clients subscribed to our managed security solutions.

Monthly Recurring Revenue. We define monthly recurring revenue as the monthly value of our subscription contracts, including operational backlog, as of a particular date. We define operational backlog as the monthly recurring revenue associated with pending contracts, which are contracts that have been sold but for which the service period has not yet commenced. Monthly recurring revenue totaled $28.3 million, $22.7 million, $18.7 million and $15.0 million as of October 30, 2015, January 30, 2015, January 31, 2014 and February 1, 2013, respectively. This consistent increase in monthly recurring revenue has been driven primarily by our continuing ability to expand our offerings and sell additional solutions to existing clients, as well as by growth in our client base. Operational backlog totaled $4.0 million, $3.6 million, $2.1 million and $2.0 million as of October 30, 2015, January 30, 2015, January 31, 2014 and February 1, 2013, respectively. We generally experience some volatility in our operational backlog due to the timing of sales, the size and complexity of our installations, and client readiness. Overall, we expect monthly recurring revenue to continue to grow as we retain and expand our client base, and as our clients extend the use of our solutions over time.

 

55


Table of Contents

Revenue Retention Rate. Our revenue retention rate is an important measure of our success in retaining and growing revenue from our managed security clients. To calculate our revenue retention rate for any period, we compare the monthly recurring revenue of our managed security client base at the beginning of the period, which we call our base recurring revenue, to the monthly recurring revenue from that same cohort of clients at the end of the period, which we call our retained recurring revenue. By dividing the retained recurring revenue by the base recurring revenue, we measure our success in retaining and growing revenue from the specific cohort of clients we served at the beginning of the period. Our calculation includes the positive revenue impacts of selling additional solutions to this cohort of clients and the negative revenue impacts of client attrition during the period. However, it does not include the positive impact on revenue from sales of solutions to any new clients we obtain during the period. Our revenue retention rate was 105% as of October 30, 2015, compared to 98% as of October 31, 2014, and 97%, 102% and 99% as of January 30, 2015, January 31, 2014 and February 1, 2013, respectively. Our revenue retention rates may decline or fluctuate in the future as a result of several factors, including client satisfaction with our solutions, the price of our solutions, the prices or availability of competing solutions and changing technologies, or consolidation within our client base.

Non-GAAP Financial Measures

Non-GAAP financial measures presented in this prospectus include non-GAAP revenue, non-GAAP gross margin, non-GAAP operating expenses, non-GAAP operating loss, non-GAAP net loss and adjusted EBITDA. See “Selected Condensed Combined Financial Data—Non-GAAP Financial Measures” and “—Reconciliation of Non-GAAP Financial Measures” for information about our use of these non-GAAP financial measures, including our reasons for including the measures, material limitations with respect to the usefulness of the measures and a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure.

Our Relationship with Dell and Denali

On February 8, 2011, we were acquired by Dell. On October 29, 2013, Dell Inc. completed a going-private transaction in which its public stockholders received cash for their shares of Dell Inc. common stock. Dell Inc. was acquired by Denali Holding Inc., a holding company formed for the purposes of the transaction, and accordingly, Dell Inc. ceased to file reports with the SEC. Denali is owned by Michael S. Dell, the Chairman, Chief Executive Officer and founder of Dell, his related family trust, investment funds affiliated with Silver Lake (a private equity firm), investment funds affiliated with MSDC Management L.P., an investment manager related to MSD Capital (a firm founded for the purpose of managing investments of Mr. Dell and his family), members of Dell’s management and other investors. Denali currently beneficially owns all of our outstanding common stock indirectly through Dell Inc. and Dell Inc.’s subsidiaries.

Upon the completion of Dell Inc.’s going-private transaction, we guaranteed repayment of certain indebtedness incurred by Dell to finance the transaction and pledged substantially all of our assets to secure repayment of the indebtedness. In connection with this offering, our guarantees of Dell’s indebtedness and the pledge of our assets have been terminated, and we have ceased to be subject to the restrictions of the agreements governing the indebtedness. Following this offering, all of our shares of common stock held by Dell Marketing L.P., an indirect wholly-owned subsidiary of Dell Inc. and Denali, or by any other subsidiary of Denali that is a party to the debt agreements, will be pledged to secure repayment of the foregoing indebtedness.

The financial statements included elsewhere in this prospectus and information included herein have been derived from the accounting records of Dell and us and include transactions with Dell as well as direct costs and allocations for indirect costs attributable to our operations. During the period after we became a Dell subsidiary, Dell has provided various corporate services to us in the ordinary course of our business, including finance, tax, human resources, legal, IT, procurement and facilities-related services. Dell also has provided us with the services of a number of its executives and employees. For the first two quarters of fiscal 2016, the costs of such services have been allocated to us based on the allocation method most relevant to the service provided, primarily based on relative percentage of total net sales, relative percentage of headcount or specific identification. Beginning in the

 

56


Table of Contents

third quarter of fiscal 2016, the costs of services provided to us by Dell were governed by a shared services agreement between us and Dell Inc. or its wholly-owned subsidiaries. The total amount of the allocations from Dell and the charges under the shared services agreement with Dell was $1.5 million and $7.0 million for the third quarter and first nine months of fiscal 2016, respectively, and $1.9 million and $5.7 million for the third quarter and first nine months of fiscal 2015, respectively. These allocations totaled $7.2 million, $5.1 million and $3.6 million for fiscal 2015, fiscal 2014 and fiscal 2013, respectively. The amounts for the third quarter and first nine months of fiscal 2016 include $0.1 million and $2.1 million, respectively, of fees for professional services directly related to the legal proceeding discussed in “Notes to Unaudited Condensed Combined Financial StatementsNote 3Commitments and Contingencies.” These cost allocations are reflected primarily within general and administrative expenses in our combined statements of operations. Management believes that the basis on which the expenses have been allocated is a reasonable reflection of the utilization of services provided to or the benefit received by us during the periods presented.

As a public company, we will assume responsibility for all of the corporate services Dell currently provides us, and we will incur additional costs. We anticipate that these costs will be higher than those historically allocated to us by Dell. In addition to these incremental costs related to corporate services, we expect to incur incremental costs related to compliance and other costs that would normally be incurred by a public company.

As a subsidiary of Dell, we have participated in various commercial arrangements with Dell, under which, for example, we provide information security solutions to third-party clients with which Dell has contracted to provide our solutions, procure hardware, software and services from Dell, and sell our solutions through Dell in the United States and some international jurisdictions. In connection with this offering, effective August 1, 2015, we entered into shared services agreements with Dell and Denali. The commercial arrangements set the terms and conditions for transactions between Dell and us, while the shared services agreements set the terms and conditions for certain administrative functions that continue to be provided by Dell. These agreements are effective for up to two years and include extension and cancellation options. To the extent that we choose to or are required to transition away from the corporate services currently provided by Dell, we may incur additional non-recurring transition costs to establish our own stand-alone corporate functions. For a description of the material terms of these agreements, see “Certain Relationships and Related Transactions—Operating and Other Agreements Between Dell or Denali and Us.”

Following this offering, we expect to institute compensation policies and programs as a public company, the expense for which may differ from compensation expensed in the historical financial statements. For a description of our compensation practices as a subsidiary of Dell and anticipated compensation practices following this offering, see “Executive Compensation.” In addition, we will become subject to the reporting requirements of the Exchange Act and the Sarbanes-Oxley Act. We will incur additional costs relating to internal audit, investor relations and stock administration, as well as other regulatory compliance costs.

As a result of the matters discussed above, our historical financial statements and the related financial information presented in this management’s discussion and analysis do not purport to reflect what our results of operations, financial position or cash flows would have been if we had operated as a stand-alone public company during the periods presented. The accompanying combined statements of financial position and the notes to our combined financial statements included elsewhere in this prospectus have been derived from the accounting records of Dell and us, and required the use of estimates and assumptions. Effective August 1, 2015, assets and liabilities supporting our business were contributed by Dell to us where necessary. As our historical statements of financial position reflect parent company equity, they will not be comparable to the opening balance sheet of the stand-alone public company after this offering. For a description of the basis of presentation and an understanding of the limitations of the combined financial statements, see “Notes to Audited Combined Financial StatementsNote 1Description of the Business and Basis of Presentation.”

 

57


Table of Contents

Recognition of Dell’s Going-Private Transaction

As discussed above, on October 29, 2013, our indirect parent company, Dell Inc., was acquired by Denali Holding Inc. in a merger transaction, which we refer to as Dell’s going-private transaction. This transaction was recorded using the acquisition method of accounting in accordance with the accounting guidance for business combinations. This guidance prescribes that the purchase price be allocated to assets acquired and liabilities assumed based on the estimated fair value of such assets and liabilities on the date of the transaction. For the purposes of the financial statements appearing in this prospectus, we elected to utilize pushdown accounting for this transaction, and, therefore, all of our assets and liabilities were accounted for and recognized at fair value as of the transaction date. Accordingly, periods prior to October 29, 2013 reflect our financial position, results of operations and changes in financial position prior to the going-private transaction, referred to as the predecessor period (with the entity during such period referred to as the predecessor entity), and the period beginning on October 29, 2013 reflects our financial position, results of operations and changes in financial position subsequent to the going-private transaction, referred to as the successor period (with the entity during such period referred to as the successor entity). Included in the results for the successor periods are the impact of purchase accounting adjustments, primarily related to deferred revenue, and an increase in amortization expense for intangible assets. Included in the results for the predecessor periods are the impact of purchase accounting adjustments related to deferred revenue and an increase in amortization expense for intangible assets recognized in connection with Dell’s acquisition of SecureWorks in fiscal 2012.

The following tables provide unaudited pro forma results of operations for the fiscal year ended January 31, 2014 as if Dell’s going-private transaction had occurred at the beginning of the fiscal year ended January 31, 2014. The impact of the fair value adjustments related to the deferred revenue and intangible assets are the only items impacting comparability between the 2014 predecessor and successor periods.

 

    As Reported                    
    Successor         Predecessor     Subtotal     Adjustments     Pro Forma  
    October 29, 2013  
through January 31,  
2014
          February 2, 2013
through October 28,
2013
    Fiscal Year Ended
January 31, 2014
    Going-private
transaction
    Fiscal Year Ended
January 31, 2014
 
    (in thousands)  

Net revenue

  $ 54,350        $ 151,480      $ 205,830      $ (6,422 ) (1)    $ 199,408   

Cost of net revenue

    30,799          82,408        113,207        2,942  (2)      116,149   
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

Gross margin

    23,551          69,072        92,623        (9,364     83,259   
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

Selling, general and administrative

    34,480          99,398        133,878        688  (2)      134,566   

Research and development

    6,787          20,206        26,993        —          26,993   
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

Total operating expenses

    41,267          119,604        160,871        688        161,559   
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

Operating loss

    (17,716       (50,532     (68,248     (10,052     (78,300

Interest and other, net

    (85       (90     (175     —          (175
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

Loss before income taxes

    (17,801       (50,622     (68,423     (10,052     (78,475

Income tax benefit

    (6,026       (17,882     (23,908     (3,518 )(3)      (27,426
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

Net Loss

  $ (11,775     $ (32,740   $ (44,515   $ (6,534   $ (51,049
 

 

 

     

 

 

   

 

 

   

 

 

   

 

 

 

 

(1) This adjustment, which reduces revenue, reflects amortization of the fair value adjustment to reduce deferred revenue. We recognized this adjustment in connection with Dell’s going-private transaction.
(2) These adjustments reflect an incremental increase in amortization expense for intangible assets recognized in connection with Dell’s going-private transaction. As a result of this transaction, we recognized $325 million in definite-lived intangible assets, which are being amortized over a weighted average useful life of 11.7 years.
(3) This adjustment reflects the tax impact of the pro forma adjustments discussed above.

 

58


Table of Contents

When compared to the results for fiscal 2013, the above pro forma results for fiscal 2014 reflect an increase in net losses, due to purchase accounting adjustments related to deferred revenue as well as an increase in amortization of intangible assets. The pro forma results reflect an increase from fiscal 2014 to fiscal 2015 in revenue and a decrease in net loss, due to purchase accounting adjustments related to deferred revenue as well as an increase in amortization of intangible assets.

As discussed in “Selected Condensed Combined Financial Data—Non-GAAP Financial Measures,” our management excludes purchase accounting adjustments and amortization of intangible assets when analyzing our operating results, as we do not believe these adjustments reflect the underlying operations of the business. Therefore, for purposes of the discussion in this management’s discussion and analysis, we have presented fiscal 2014 without giving effect to the pro forma adjustments discussed above to be consistent with the manner in which we address the fiscal 2013 and fiscal 2015 results of operations.

Basis of Presentation

As the following discussion compares our operating results for fiscal 2015 to fiscal 2014 and for fiscal 2014 to fiscal 2013, we have presented the operating results for the successor period ended January 31, 2014 and the predecessor period ended October 28, 2013 as results of one combined entity. Although the predecessor and successor periods within the year ended January 31, 2014 are not directly comparable due to the associated effects of the going-private transaction, including additional amortization expense and fair value adjustments, we believe the presentation of a 12-month period is more meaningful and provides more useful information than a comparison of either fiscal 2015 or fiscal 2013 to the nine-month period ended October 28, 2013.

Out-of-Period Adjustments

The unaudited interim condensed combined financial statements presented for the three and nine months ended October 30, 2015 include adjustments to correct errors related to the period ended January 31, 2015. For the three months ended October 30, 2015, the out-of-period adjustments decreased loss before taxes and net loss by approximately $0.5 million and $0.3 million, respectively. For the nine months ended October 30, 2015, the out-of-period adjustments increased loss before taxes and net loss by approximately $2.7 million and $1.8 million, respectively. The out-of-period adjustments primarily relate to the timing of services revenue recognition, cost of sales of hardware equipment sold but not expensed, and compensation expense from the previous year not recorded. Because these errors, both individually and in the aggregate, were not material to any of the prior periods’ financial statements, and because the impact of correcting these errors in the current period is not material to the unaudited interim condensed combined financial statements included in this prospectus, we recorded the correction of these errors in the period identified.

Components of Results of Operations

Revenue

Our mission is to secure our clients by providing exceptional intelligence-driven information security solutions. To accomplish our mission objective, we offer managed security solutions and threat intelligence solutions, which are sold on a subscription basis, and various professional services, including security and risk consulting and incident response solutions. Our managed security clients purchase solutions pursuant to subscription contracts with initial terms that typically range from one to three years and, as of October 30, 2015, averaged two years in duration. Revenue related to these contracts is recognized ratably over the terms of the contract. Professional services clients typically purchase solutions pursuant to customized contracts that are shorter in duration. In general, these contracts have terms of less than one year. Revenue related to these contracts is recognized as services are performed.

Over all of the periods presented, our pricing strategy for our various offerings was relatively consistent, and accordingly did not significantly affect our revenue growth. Because we operate in a competitive environment, however, we may adjust our pricing to support our strategic initiatives.

 

59


Table of Contents

Gross Margin

We operate in a challenging business environment, where the complexity as well as the number of cyber attacks are constantly increasing. Accordingly, initiatives to drive the efficiency of our Counter Threat Platform and the continued training and development of our employees is critical to our long-term success. Gross margin has been and will continue to be affected by the above factors as well as others, including the mix of solutions sold, the mix between large and small clients, timing of revenue recognition and the extent to which we expand our counter threat operations centers.

Cost of revenue consists primarily of personnel expenses, including salaries, benefits and performance-based compensation for employees who maintain our Counter Threat Platform and provide solutions to our clients, as well as perform other critical functions. Other expenses include depreciation of equipment and costs associated with hardware provided to clients as part of their subscription services, amortization of technology licensing fees, fees paid to contractors who supplement or support our solutions, maintenance fees and overhead allocations. As our business grows, the cost of revenue associated with our solutions may expand or fluctuate.

We operate in a high-growth industry, and we have experienced significant revenue growth since our inception. Accordingly, we expect our revenue to increase at a higher rate than cost of revenue, which will increase our gross margin in absolute dollars. As we balance revenue growth with initiatives to drive the efficiency of our business, however, gross margin as a percentage of total revenue may fluctuate from period to period.

Operating Costs and Expenses

Our operating costs and expenses consist of selling, general and administrative expenses and research and development expenses.

 

    Selling, General and Administrative, or SG&A, Expenses. Sales and marketing expense includes wages and benefits, sales commissions and related expenses for our sales and marketing personnel, travel and entertainment, marketing programs (including lead generation), client advocacy events, and other brand-building expenses, as well as allocated overhead. General and administrative expense includes primarily the costs of human resources and recruiting, finance and accounting, legal support, management information systems and information security systems, facilities management, corporate development and other administrative functions. As we continue to grow our business, both domestically and internationally, we will invest in our sales capability, which will increase our SG&A expenses in absolute dollars. In addition, we expect to incur additional costs as we increase our general and administrative functions to support stand-alone public company requirements.

 

    Research and Development, or R&D, Expenses. Research and development expenses include compensation and related expenses for the continued development of our solutions, including a portion of expenses related to our threat research team, which focuses on the identification of system vulnerabilities, data forensics and malware analysis. R&D expenses also encompass expenses related to the development and prototype of new solutions and allocated overhead. We operate in a competitive and highly technical industry. Therefore, to maintain and extend our technology leadership, we intend to continue to invest in our research and development efforts by hiring more research and development personnel to enhance our existing security solutions and to add complementary solutions.

Interest and Other, Net

Interest and other, net consists primarily of the effect of exchange rates on our foreign currency-denominated asset and liability balances and interest income earned on our cash and cash equivalents. All translation adjustments are recorded as foreign currency gains (losses) in the combined statements of operations. To date, we have had minimal interest income.

 

60


Table of Contents

Income Tax Expense (Benefit)

Our effective tax rate was 39.4% and 36.0% for the third quarter and first nine months of fiscal 2016, respectively, and 37.1% for both the third quarter and first nine months of fiscal 2015. The increase in our effective tax rate was due to a change in the geographic mix of losses. Our effective tax rate can fluctuate depending on the geographic distribution of our worldwide earnings, as our foreign earnings generally are taxed at lower rates than in the United States. The differences between our effective tax rate and the U.S. federal statutory rate of 35% resulted principally from state income taxes, offset in part by the geographical distribution of taxable income. For the historical periods presented, we filed a U.S. federal return on a consolidated basis with Dell. Accordingly, as of October 30, 2015, we do not have any U.S. federal net operating loss carryforwards to utilize as a stand-alone company. Following the completion of this offering, we expect to continue filing a consolidated U.S. federal return with Dell until such time (if any) as we are deconsolidated for tax purposes with respect to the Dell consolidated group. According to the terms of the tax matters agreement between Denali and us which went into effect on August 1, 2015, Denali will reimburse us for any amounts by which our tax assets reduce the amount of tax liability owed by the Dell group on an unconsolidated basis. For information about the tax matters agreement, see “Certain Relationships and Related Transactions—Operating and Other Agreements Between Dell or Denali and Us—Tax Matters Agreement.” For a further discussion of income tax matters, see “Notes to Audited Combined Financial Statements—Note 5—Income and Other Taxes” and “Notes to Unaudited Condensed Combined Financial Statements—Note 5—Income and Other Taxes.”

Results of Operations

Third Quarter and First Nine Months of Fiscal 2016 Compared to Third Quarter and First Nine Months of Fiscal 2015

The following table summarizes our consolidated results of operations for the third quarter and first nine months of fiscal 2016 and fiscal 2015:

 

    Three Months Ended     Nine Months Ended  
    October 30, 2015           October 31, 2014     October 30, 2015           October 31, 2014  
    Dollars     % of
Revenue
    %
Change
    Dollars     % of
Revenue
    Dollars     % of
Revenue
    %
Change
    Dollars     % of
Revenue
 
    (in thousands, except percentages; unaudited)  

Net revenue

  $ 88,187        100.0     32   $ 66,775        100.0   $ 245,441        100.0     29   $ 190,718        100.0

Cost of revenue

  $ 45,465        51.6     26   $ 35,948        53.8   $ 134,178        54.7     27   $ 105,526        55.3

Total gross margin

  $ 42,722        48.4     39   $ 30,827        46.2   $ 111,263        45.3     31   $ 85,192        44.7

Operating expenses

  $ 67,567        76.6     51   $ 44,817        67.1   $ 194,787        79.4     48   $ 131,961        69.2

Operating loss

  $ (24,845     (28.2 )%      (78 )%    $ (13,990     (21.0 )%    $ (83,524     (34.0 )%      (79 )%    $ (46,769     (24.5 )% 

Net loss

  $ (18,528     (21.0 )%      (111 )%    $ (8,762     (13.1 )%    $ (57,482     (23.4 )%      (95 )%    $ (29,524     (15.5 )% 

Other Financial Information (1)

                   

Non-GAAP revenue

  $ 88,879        100.0     27   $ 69,960        100.0   $ 247,518        100.0     24   $ 200,274        100.0

Non-GAAP gross margin

  $ 46,865        52.7     25   $ 37,463        53.5   $ 128,560        51.9     22   $ 105,101        52.5

Non-GAAP operating expenses

  $ 61,967        69.7     53   $ 40,546        58.0   $ 174,582        70.5     47   $ 119,148        59.5

Non-GAAP operating loss

  $ (15,102     (17.0 )%      (390 )%    $ (3,083     (4.4 )%    $ (46,022     (18.6 )%      (228 )%    $ (14,047     (7.0 )% 

Non-GAAP net loss

  $ (12,512     (14.1 )%      (533 )%    $ (1,977     (2.8 )%    $ (34,322     (13.9 )%      (274 )%    $ (9,169     (4.6 )% 

Adjusted EBITDA

  $ (12,110     (13.6 )%      (3,910 )%    $ (302     (0.4 )%    $ (36,867     (14.9 )%      (542 )%    $ (5,739     (2.9 )% 

 

(1) See “Selected Condensed Combined Financial Data—Non-GAAP Financial Measures” and “—Reconciliation of Non- GAAP Financial Measures” for more information about these non-GAAP financial measures, including our reasons for including the measures, material limitations with respect to the usefulness of the measures, and a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure. Non-GAAP financial measures as a percentage of revenue are calculated based on non-GAAP revenue.

 

61


Table of Contents

Revenue

During the third quarter of fiscal 2016, net revenue, which we refer to as revenue, increased 32% and 27% on a GAAP and non-GAAP basis, respectively. During the first nine months of fiscal 2016, revenue increased 29% and 24% on a GAAP and non-GAAP basis, respectively. Overall, these increases resulted primarily from an increase in revenue from subscription-based solutions, as revenue attributable to these solutions increased $17.9 million and $45.7 million on a GAAP basis and $15.4 million and $38.2 million on a non-GAAP basis during the third quarter and first nine months of fiscal 2016, respectively. In addition, revenue from our professional services offerings increased $3.5 million and $9.0 million on both a GAAP and non-GAAP basis during the third quarter and first nine months of fiscal 2016, respectively. Beginning in the third quarter of fiscal 2016, in connection with the effective date of our commercial agreements with Dell, we began recognizing revenues for certain services provided to or on behalf of Dell in lieu of the prior cost recovery arrangement. Such services totaled approximately $3.0 million during the quarter. For more information regarding the commercial agreements, see “Notes to Unaudited Condensed Combined Financial Statements—Note 6—Related Party Transactions.”

During the first nine months of fiscal 2016, we recognized $1.7 million in adjustments to revenue related to prior periods. Excluding these adjustments, revenue increased 30% and 24% on a GAAP and non-GAAP basis, respectively.

Revenue on a GAAP basis includes purchase accounting adjustments related to deferred revenue for Dell’s going-private transaction. These purchase accounting adjustments totaled $0.7 million and $2.1 million for the third quarter and first nine months of fiscal 2016, respectively, and $3.2 million and $9.6 million for the third quarter and first nine months of fiscal 2015, respectively. Prices for our information security solutions were relatively consistent during the current periods, and accordingly the impact of pricing changes did not significantly affect our revenue growth for the periods.

We primarily generate revenue from sales in the United States. However, during the third quarter and first nine months of fiscal 2016, revenue on a GAAP basis from sales to clients located outside the United States increased 44% to $11.1 million and 30% to $30.0 million, respectively. Currently, our international clients are primarily located in Europe and Canada. We are focused on continuing to grow our international client base in future periods.

Gross Margin

During the third quarter of fiscal 2016, our total gross margin in dollars increased 39% to $42.7 million on a GAAP basis and increased 25% to $46.9 million on a non-GAAP basis. The increases were attributable to an increase in revenue during each period.

During the third quarter of fiscal 2016, gross margin percentage increased 220 basis points to 48.4% on a GAAP basis. The increase in GAAP gross margin percentage was primarily driven by lower purchase accounting adjustments in the third quarter of fiscal 2016 compared to the third quarter of fiscal 2015. During the current quarter, gross margin percentage on a non-GAAP basis was 52.7%, which was effectively unchanged from the prior period.

Gross margin on a GAAP basis for the third quarter of fiscal 2016 and fiscal 2015 includes $4.1 million and $6.6 million, respectively, in amortization of intangibles and purchase accounting adjustments, primarily related to deferred revenue.

During the first nine months of fiscal 2016, our total gross margin in dollars increased 31% to $111.3 million on a GAAP basis and increased 22% to $128.6 million on a non-GAAP basis. The increases were attributable to an increase in revenue during each period.

 

62


Table of Contents

During the first nine months of fiscal 2016, gross margin percentage increased 60 basis points to 45.3% on a GAAP basis and decreased 60 basis points to 51.9% on a non-GAAP basis. During the first nine months of fiscal 2016, we recognized $2.4 million in adjustments related to prior periods. Excluding these adjustments, gross margin percentage increased 160 basis points to 46.3% and 50 basis points to 53.0% on a GAAP and non-GAAP basis, respectively. Overall, these increases were driven by improved gross margin from our professional services.

Gross margin on a GAAP basis for the first nine months of fiscal 2016 and fiscal 2015 includes $12.4 million and $19.9 million, respectively, in amortization of intangibles and purchase accounting adjustments, primarily related to deferred revenue. In addition, gross margin for the first nine months of fiscal 2016 includes $4.9 million related to the settlement of a legal proceeding. For information regarding the proceeding, see “Notes to Unaudited Condensed Combined Financial Statements—Note 3—Commitments and Contingencies.” For more information regarding our non-GAAP adjustments, see “Selected Condensed Combined Financial Data—Non-GAAP Financial Measures.”

Operating Expenses

The following table presents information regarding our operating expenses during the periods presented.

 

    Three Months Ended     Nine Months Ended  
    October 30, 2015           October 31, 2014     October 30, 2015           October 31, 2014  
    Dollars     % of
Revenue
    %
Change
    Dollars     % of
Revenue
    Dollars      % of
Revenue
    %
Change
    Dollars     % of
Revenue
 
    (in thousands, except percentages; unaudited)        

Operating expenses:

                    

Selling, general, and administrative

  $ 55,337        62.7     52   $ 36,522        54.7   $ 158,084         64.4     45   $ 109,289        57.3

Research and development

    12,230        13.9     47     8,295        12.3     36,703         15.0     62     22,672        11.9
 

 

 

       

 

 

     

 

 

        

 

 

   

Total operating expenses

  $ 67,567        76.6     51   $ 44,817        67.1   $ 194,787         79.4     48   $ 131,961        69.2
 

 

 

       

 

 

     

 

 

        

 

 

   

Other Financial Information

                    

Non-GAAP operating expenses (1)

  $ 61,967        69.7     53   $ 40,546        58.0   $ 174,582         70.5     47   $ 119,148        59.5

 

(1) See “Selected Condensed Combined Financial Data—Reconciliation of Non-GAAP Financial Measures” for a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure.

 

    Selling, General, and Administrative. During the third quarter of fiscal 2016, SG&A expenses increased 52% and 54% on a GAAP and non-GAAP basis, respectively. During the first nine months of fiscal 2016, SG&A expenses increased 45% and 43% on a GAAP and non-GAAP basis, respectively. Overall, these increases were attributable to an increase in compensation-related expenses, as we continued to invest in sales and support personnel and to establish administrative functions in preparing to operate on a stand-alone basis. As a percentage of revenue, SG&A expenses on both a GAAP and non-GAAP basis increased during the third quarter and first nine months of fiscal 2016, as investments we make in sales and support personnel occur before we realize the expected benefit of these investments in the form of increased revenue.

For the third quarter of fiscal 2016 and fiscal 2015, SG&A expenses on a GAAP basis included $3.8 million and $4.3 million in amortization of intangible assets and purchase accounting adjustments, respectively. In addition, SG&A expenses on a GAAP basis for the third quarter of fiscal 2016 included $1.8 million in costs incurred in connection with this offering. For the first nine months of fiscal 2016 and fiscal 2015,

 

63


Table of Contents

SG&A expenses on a GAAP basis include $11.8 million and $12.8 million in amortization of intangible assets and purchase accounting adjustments, respectively. SG&A expenses on a GAAP basis for the first nine months of fiscal 2016 also include $8.4 million in offering-related costs.

 

    Research and Development. During the third quarter and first nine months of fiscal 2016, R&D expenses increased 47% and 62%, respectively, on both a GAAP and non-GAAP basis, primarily due to costs incurred in augmenting our R&D staff during the periods. As a percentage of revenue, R&D expenses increased during both periods, as we continued to invest in this area.

Total operating expenses for the third quarter of fiscal 2016 increased 51% to $67.6 million and 53% to $62.0 million on a GAAP and a non-GAAP basis, respectively. Total operating expenses for the first nine months of fiscal 2016 increased 48% to $194.8 million and 47% to $174.6 million on a GAAP and non-GAAP basis, respectively. Operating expenses on a GAAP basis include the effects of amortization of intangible assets and purchase accounting adjustments, primarily related to fair value adjustments on property and equipment, and, for the third quarter and first nine months of fiscal 2016, costs incurred in connection with this offering.

Operating Loss

During the third quarter and first nine months of fiscal 2016, we generated GAAP operating losses of $24.8 million and $83.5 million, respectively, which represented operating loss percentages of 28.2% for the current quarter and 34.0% for the current nine-month period. In comparison, during the third quarter and first nine months of fiscal 2015, we generated GAAP operating losses of $14.0 million and $46.8 million, respectively, which represented operating loss percentages of 21.0% for the current quarter and 24.5% for the current nine-month period. On a non-GAAP basis, during the third quarter and first nine months of fiscal 2016, we generated operating losses of $15.1 million and $46.0 million, representing operating loss percentages of 17.0% and 18.6%, respectively. In comparison, during the third quarter and first nine months of fiscal 2015, we generated non-GAAP operating losses of $3.1 million and $14.0 million, respectively, which represented operating loss percentages of 4.4% for the current quarter and 7.0% for the current nine-month period.

Overall, these increases in both GAAP and non-GAAP operating loss were driven by increases in operating expenses, as we continue to invest in our business by adding sales, support, and research and development personnel and to establish administrative functions in preparing to operate on a stand-alone basis, the effect of which was partially offset by an increase in revenue. As a percentage of total revenue, the increases in both GAAP and non-GAAP operating losses during the third quarter and first nine months of fiscal 2016 were largely attributable to increases in operating expense percentages, as we made strategic investments in the business, the benefits of which we expect to realize over time in the form of increased revenue.

Operating loss on a GAAP basis for the third quarter and first nine months of fiscal 2016 includes $7.9 million and $24.3 million, respectively, in amortization of intangibles and purchase accounting adjustments. In comparison, operating loss on a GAAP basis for the third quarter and first nine months of fiscal 2015 includes $10.9 million and $32.7 million, respectively, in amortization of intangibles and purchase accounting adjustments. In addition, for the first nine months of fiscal 2016, operating loss on a GAAP basis includes $4.9 million for amounts accrued related to the settlement of a legal proceeding and $8.4 million in offering-related costs. For information regarding the proceeding, see “Notes to Unaudited Condensed Combined Financial Statements—Note 3—Commitments and Contingencies.” For more information regarding our non-GAAP adjustments, see “Selected Condensed Combined Financial Data—Non-GAAP Financial Measures.”

Interest and Other, net

During the third quarter of fiscal 2016, we issued convertible notes that are accounted for at fair value. Changes to fair value, which are recognized through earnings, totaled approximately $5.5 million during the third quarter.

 

64


Table of Contents

Net Loss

During the third quarter and first nine months of fiscal 2016, our net loss on a GAAP basis increased 111% to $18.5 million and 95% to $57.5 million, respectively, compared to a net loss of $8.8 million and $29.5 million for the third quarter and first nine months of fiscal 2015, respectively. Excluding the impact of purchase accounting adjustments, amortization of intangible assets and, for the third quarter and first nine months of fiscal 2016, other costs, net loss on a non-GAAP basis during the third quarter and first nine months of fiscal 2016 increased 533% to a net loss of $12.5 million and 274% to a net loss of $34.3 million, respectively, compared to a net loss of $2.0 million and a net loss of $9.2 million for the third quarter and first nine months of fiscal 2015, respectively. Overall, these increases were attributable to increases in operating losses.

Fiscal 2015 Compared to Fiscal 2014

The following table compares our key performance indicators for fiscal 2015 to those for fiscal 2014. For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods.

 

     Fiscal Year Ended  
     Successor           Combined  
     January 30, 2015           January 31, 2014  
     Dollars     % of
Revenue
    %
Change
    Dollars     % of
Revenue
 
     (in thousands, except percentages)  

Net revenue

   $ 262,130        100.0     27   $ 205,830        100.0

Cost of revenue

   $ 144,846        55.3     28   $ 113,207        55.0

Total gross margin

   $ 117,284        44.7     27   $ 92,623        45.0

Operating expenses

   $ 178,377        68.0     11   $ 160,871        78.2

Operating loss

   $ (61,093     (23.3 )%      10   $ (68,248     (33.2 )% 

Net loss

   $ (38,490     (14.7 )%      14   $ (44,515     (21.6 )% 

Other Financial Information (1)

          

Non-GAAP revenue

   $ 274,871        100.0     27   $ 216,190        100.0

Non-GAAP gross margin

   $ 143,829        52.3     26   $ 114,113        52.8

Non-GAAP operating expenses

   $ 161,293        58.7     11   $ 145,162        67.1

Non-GAAP operating loss

   $ (17,464     (6.4 )%      44   $ (31,049     (14.4 )% 

Non-GAAP net loss

   $ (11,350     (4.1 )%      47   $ (21,483     (9.9 )% 

Adjusted EBITDA

   $ (6,142     (2.2 )%      62   $ (16,141     (7.5 )% 

 

(1) See “Selected Condensed Combined Financial Data—Reconciliation of Non-GAAP Financial Measures” for a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure.

Revenue

During fiscal 2015, revenue on both a GAAP and non-GAAP basis increased 27%. Overall, the increases were primarily attributable to an increase in revenue from subscription-based solutions, as revenue attributable to these solutions increased $36.9 million and $39.3 million on a GAAP and non-GAAP basis, respectively. In addition, during fiscal 2015, revenue from our professional services offerings increased $19.4 million on both a GAAP and non-GAAP basis. Revenue on a GAAP basis for fiscal 2015 and fiscal 2014 includes $12.7 million and $10.4 million, respectively, in purchase accounting adjustments related to deferred revenue for Dell’s going-private transaction in the third quarter of fiscal 2014 as well as for the acquisition of our company by Dell in fiscal 2012. During fiscal 2015, prices for our information security solutions were relatively consistent and, accordingly, the impact of pricing changes did not significantly affect our revenue growth for the period. We experienced a higher mix of professional services revenue to subscription-based solutions revenue in fiscal 2015, as we have broadened our professional services portfolio to meet our clients’ security needs.

We generate revenue primarily from sales in the United States. However, during fiscal 2015, revenue on a GAAP basis from sales to clients located outside the United States increased 26% to $31.8 million.

 

65


Table of Contents

Gross Margin

During fiscal 2015, our total gross margin in dollars increased 27% to $117.3 million on a GAAP basis and increased 26% to $143.8 million on a non-GAAP basis. These increases were attributable to an increase in revenue during the period. As a percentage of revenue, during fiscal 2015, gross margin percentage on a GAAP and non-GAAP basis decreased 30 basis points and 50 basis points to 44.7% and 52.3%, respectively. During fiscal 2015, gross margin percentage benefited from certain operational efficiencies, including greater automation of our Counter Threat Platform and productivity improvements in our workforce, as we enhanced training programs. Accordingly, personnel costs as a percentage of revenue declined. The benefit gained in gross margin percentage as a result of these efficiencies was offset by a shift in revenue mix to our professional services offerings, which in general have lower margins than our subscription-based solutions. Gross margin on a GAAP basis for fiscal 2015 and fiscal 2014 includes $26.5 million and $21.5 million, respectively, in amortization of intangibles and purchase accounting adjustments, primarily related to deferred revenue.

Operating Expenses

The following table presents information regarding our operating expenses during each of the last two fiscal years. For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods.

 

     Fiscal Year Ended  
     Successor           Combined  
     January 30, 2015           January 31, 2014  
     Dollars      % of
Revenue
    %
Change
    Dollars      % of
Revenue
 
     (in thousands, except percentages)  

Operating expenses:

            

Selling, general and administrative

   $ 146,324         55.8     9   $ 133,878         65.1

Research and development

     32,053         12.2     19     26,993         13.1
  

 

 

        

 

 

    

Total operating expenses

   $ 178,377         68.0     11   $ 160,871         78.2
  

 

 

        

 

 

    

Other Financial Information

            

Non-GAAP operating expenses (1)

   $ 161,293         58.7     11   $ 145,162         67.1

 

(1)  See “Selected Condensed Combined Financial Data—Reconciliation of Non-GAAP Financial Measures” for a reconciliation of non-GAAP operating expenses to GAAP operating expenses.

 

    Selling, General and Administrative Expenses. During fiscal 2015, SG&A expenses increased 9% on both a GAAP and non-GAAP basis. These increases were attributable to a 22% increase in sales expense on both a GAAP and non-GAAP basis, as our sales headcount increased 25% during the period. General and administrative expenses were effectively unchanged on a GAAP basis and declined 2% on a non-GAAP basis during fiscal 2015. As a percentage of revenue, SG&A expenses declined during the period, as revenue increased at a greater rate than such expenses. For fiscal 2015 and fiscal 2014, SG&A expenses on a GAAP basis include $17.1 million and $15.7 million in amortization of intangible assets and purchase accounting adjustments, respectively.

 

    Research and Development Expenses. During fiscal 2015, R&D expenses increased 19%, primarily due to a 22% increase in R&D staff during the year. As a percentage of revenue, R&D expenses declined during the period, as revenue increased at a greater rate than such expenses.

Total operating expenses for fiscal 2015 increased 11% on both a GAAP and non-GAAP basis. Operating expenses on a GAAP basis totaled $178.4 million and operating expenses on a non-GAAP basis totaled $161.3 million. Operating expenses on a GAAP basis for fiscal 2015 and fiscal 2014 include the effects of amortization of intangible assets and purchase accounting adjustments related to fair value adjustments on property and equipment.

 

66


Table of Contents

Operating Loss

During fiscal 2015, we generated a GAAP operating loss of $61.1 million, representing an operating loss percentage of 23.3%. In comparison, during fiscal 2014, we generated a GAAP operating loss of $68.2 million, representing an operating loss percentage of 33.2%. On a non-GAAP basis, during fiscal 2015, we generated an operating loss of $17.5 million, representing an operating loss percentage of 6.4%, compared to a non-GAAP operating loss of $31.0 million for fiscal 2014, representing an operating loss percentage of 14.4%. From a dollars perspective, the decreases in GAAP and non-GAAP operating loss were attributable to an increase in revenue, the effect of which was largely offset by the increase in operating expenses. From a percentage perspective, the improvement in GAAP and non-GAAP operating loss percentage during fiscal 2015 was largely driven by an improvement in operating expense percentages, as revenue increased at a greater rate than operating expenses.

Operating loss on a GAAP basis for fiscal 2015 and fiscal 2014 includes $43.6 million and $37.2 million, respectively, in amortization of intangibles and purchase accounting adjustments.

Net Loss

During fiscal 2015, our net loss on a GAAP basis decreased 14% to $38.5 million, compared to a net loss of $44.5 million for fiscal 2014. Excluding the impact of purchase accounting adjustments and amortization of intangible assets, net loss on a non-GAAP basis during fiscal 2015 decreased 47% to $11.4 million, compared to a net loss of $21.5 million for fiscal 2014. Overall, the lower net loss was attributable to a reduction in our operating loss.

Fiscal 2014 Compared to Fiscal 2013

The following table compares our key performance indicators for fiscal 2014 to those for fiscal 2013. For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods.

 

     Fiscal Year Ended  
     Combined           Predecessor  
     January 31, 2014           February 1, 2013  
     Dollars     % of
Revenue
    %
Change
    Dollars     % of
Revenue
 
     (in thousands, except percentages)  

Net revenue

   $ 205,830        100.0     19   $ 172,803        100.0

Cost of revenue

   $ 113,207        55.0     21   $ 93,356        54.0

Total gross margin

   $ 92,623        45.0     17   $ 79,447        46.0

Operating expenses

   $ 160,871        78.2     14   $ 141,606        81.9

Operating loss

   $ (68,248     (33.2 )%      (10 )%    $ (62,159     (36.0 )% 

Net loss

   $ (44,515     (21.6 )%      (7 )%    $ (41,547     (24.0 )% 

Other Financial Information (1)

          

Non-GAAP revenue

   $ 216,190        100.0     22   $ 177,703        100.0

Non-GAAP gross margin

   $ 114,113        52.8     21   $ 94,066        52.9

Non-GAAP operating expenses

   $ 145,162        67.1     13   $ 128,401        72.3

Non-GAAP operating loss

   $ (31,049     (14.4 )%      10   $ (34,335     (19.3 )% 

Non-GAAP net loss

   $ (21,483     (9.9 )%      12   $ (24,366     (13.7 )% 

Adjusted EBITDA

   $ (16,141     (7.5 )%      17   $ (19,518     (11.0 )% 

 

(1)  See “Selected Condensed Combined Financial Data—Reconciliation of Non-GAAP Financial Measures” for a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure.

 

67


Table of Contents

Revenue

During fiscal 2014, revenue on a GAAP and non-GAAP basis increased 19% and 22%, respectively. Overall, the market for security services grew rapidly during fiscal 2014, and revenue from our subscription-based solutions increased $25.1 million and $30.6 million on a GAAP and non-GAAP basis, respectively. In addition, revenue from our professional services offerings increased by $7.9 million on both a GAAP and non-GAAP basis during the period. GAAP revenue from sales to clients located outside the United States increased 91% to $25.3 million during fiscal 2014. Revenue on a GAAP basis for fiscal 2014 and fiscal 2013 includes $10.4 million and $4.9 million, respectively, in purchase accounting adjustments related to deferred revenue for Dell’s going-private transaction in the third quarter of fiscal 2014 as well as for the acquisition of our company by Dell in fiscal 2012. During fiscal 2014, prices for our information security solutions were relatively consistent, and, accordingly, the impact of pricing changes did not significantly affect our revenue growth for the period.

Gross Margin

During fiscal 2014, our total gross margin in dollars increased 17% to $92.6 million on a GAAP basis and 21% to $114.1 million on a non-GAAP basis. These increases were attributable to an increase in revenue during the period. As a percentage of revenue, during fiscal 2014, gross margin percentage on a GAAP and non-GAAP basis decreased 100 basis points and 10 basis points to 45.0% and 52.8%, respectively. Overall, these declines in gross margin percentage were attributable to an increase in costs, as we continued to invest in the efficiency of our Counter Threat Platform during the period. Gross margin on a GAAP basis for fiscal 2014 and fiscal 2013 includes $21.5 million and $14.6 million, respectively, in amortization of intangibles and purchase accounting adjustments, primarily related to deferred revenue.

Operating Expenses

The following table presents information regarding our operating expenses during each of the past fiscal years. For comparative purposes, we have combined the fiscal 2014 operating results for the predecessor and successor periods.

 

     Fiscal Year Ended  
     Combined           Predecessor  
     January 31, 2014           February 1, 2013  
     Dollars      % of
Revenue
    %
Change
    Dollars      % of
Revenue
 
     (in thousands, except percentages)  

Operating expenses:

            

Selling, general and administrative

   $ 133,878         65.1     13   $ 118,739         68.7

Research and development

     26,993         13.1     18     22,867         13.2
  

 

 

        

 

 

    

Total operating expenses

   $ 160,871         78.2     14   $ 141,606         81.9
  

 

 

        

 

 

    

Other Financial Information

            

Non-GAAP operating expenses (1)

   $ 145,162         67.1     13   $ 128,401         72.3

 

(1)  See “Selected Condensed Combined Financial Data—Reconciliation of Non-GAAP Financial Measures” for a reconciliation of non-GAAP operating expenses to GAAP operating expenses.

 

   

Selling, General and Administrative Expenses. During fiscal 2014, SG&A expenses on a GAAP and non-GAAP basis increased 13% and 12%, respectively. Overall, these increases were attributable to an increase in sales expense, as these costs increased 30% on both a GAAP and non-GAAP basis during the period. The changes in sales expense were driven by a 12% increase in sales headcount, as we continued to invest in this area. General and administrative expenses on a GAAP basis increased 3% and on a non-GAAP basis were effectively unchanged. As a percentage of revenue, SG&A expenses on both a GAAP and non-GAAP basis declined during the period, as revenue increased at a higher rate than such expenses. SG&A expenses on a

 

68


Table of Contents
 

GAAP basis for fiscal 2014 include $15.7 million in amortization of intangible assets and purchase accounting adjustments related to fair value adjustments on property and equipment, while SG&A expenses on a GAAP basis for fiscal 2013 include $13.2 million in amortization of intangible assets.

 

    Research and Development Expenses. During fiscal 2014, R&D expenses increased 18%, primarily due to a corresponding increase of 18% in our R&D staff during the year.

Total operating expenses for fiscal 2014 increased 14% to $160.9 million on a GAAP basis and 13% to $145.2 million on a non-GAAP basis. Operating expenses on a GAAP basis for fiscal 2014 and fiscal 2013 include the effects of amortization of intangible assets, and for fiscal 2014, purchase accounting adjustments.

Operating Loss

During fiscal 2014, we generated a GAAP operating loss of $68.2 million, representing an operating loss percentage of 33.2%. In comparison, during fiscal 2013, we generated a GAAP operating loss of $62.2 million, representing an operating loss percentage of 36.0%. From a dollars perspective, the increase in GAAP operating losses during the period resulted from an increase in operating expenses, the effect of which was partially offset by an increase in gross margin attributable to an increase in revenue. On a non-GAAP basis, during fiscal 2014, we generated an operating loss of $31.0 million, representing an operating loss percentage of 14.4%, compared to a non-GAAP operating loss of $34.3 million for fiscal 2013, representing an operating loss percentage of 19.3%. From a dollars perspective, the decrease in non-GAAP operating loss during fiscal 2014 was driven by an increase in gross margin due to an increase in revenue, largely offset by an increase in operating expenses. As a percentage of total revenue, the decreases in both GAAP and non-GAAP operating loss percentages were driven by a decline in operating expense percentage, as revenue increased at a higher rate than such expenses during fiscal 2014. Operating loss on a GAAP basis for fiscal 2014 and fiscal 2013 includes $37.2 million and $27.8 million, respectively, in amortization of intangibles and purchase accounting adjustments.

Net Loss

During fiscal 2014, our net loss on a GAAP basis increased 7% to $44.5 million, driven by an increase in GAAP operating loss during the period. Excluding the impact of purchase accounting adjustments and amortization of intangibles, net loss on a non-GAAP basis declined 12% during fiscal 2014 to a net loss of $21.5 million, primarily due to the decrease in non-GAAP operating loss during the period.

 

69


Table of Contents

Liquidity, Capital Commitments and Contractual Cash Obligations

Overview

Following this offering, our capital structure and sources of liquidity will change significantly from our historical capital structure as described below. Before the completion of this offering, we have operated as a wholly-owned subsidiary of Dell Inc. We believe that our cash on hand, which includes the proceeds from the sale of the convertible notes discussed below, our accounts receivable and the estimated net proceeds from this offering will provide us with sufficient liquidity to fund our business and meet our obligations for at least 12 months. Our future capital requirements will depend on many factors, including our rate of revenue growth, the rate of expansion of our workforce, the timing and extent of our expansion into new markets, the timing of introductions of new functionality and enhancements to our solutions, potential acquisitions of complementary businesses and technologies, and the continuing market acceptance of our solutions. We may need to raise additional capital or incur indebtedness to continue to fund our operations in the future or to fund our needs for less predictable strategic initiatives, such as acquisitions. In addition to our existing $30 million revolving credit facility from Dell, sources of financing may include arrangements with unaffiliated third parties, depending on the availability of capital, the cost of funds and lender collateral requirements.

Selected Measures of Liquidity and Capital Resources

Certain relevant measures of our liquidity and capital resources are as follows:

 

   

October 30,
2015,

   January 30,
2015
     January 31,
2014
 
    (unaudited)    (in thousands)  

Cash and cash equivalents

 

$ 39,451

   $ 6,669       $ 2,426   

Accounts receivable, net

 

$ 83,681

   $ 70,907       $ 47,160   

At October 30, 2015, our principal sources of liquidity consisted of cash and cash equivalents of $39.5 million and accounts receivable of $83.7 million. Our cash and cash equivalents balance for the fiscal years presented is impacted by cash payments and receipts from Dell.

We invoice our clients based on a variety of billing schedules. In general, we bill approximately 45% of our recurring revenue in advance and approximately 55% on either a monthly or quarterly basis. Invoiced accounts receivable are usually collected over a period of 30 to 90 days. As of October 30, 2015, our accounts receivable, net was $83.7 million, compared to $70.9 million, as of January 30, 2015. The increase in accounts receivable, net was due primarily to timing of billings during the period. We regularly monitor our accounts receivable for collectability, particularly in markets where economic conditions remain uncertain. As of October 30, 2015 and January 30, 2015, the allowance for doubtful accounts was $3.3 million and $1.1 million, respectively. The increase in the allowance for doubtful accounts was attributable to growth in international revenues and the resulting impact of longer-aged international receivables. Based on our assessment, we believe we are adequately reserved for expected credit losses. We monitor the aging of our accounts receivable and continue to take actions to reduce our exposure to credit losses.

Revolving Credit Facility

On November 2, 2015, SecureWorks, Inc., our wholly-owned subsidiary, entered into a revolving credit agreement with a wholly-owned subsidiary of Dell Inc. under which we have obtained a one-year $30 million senior unsecured revolving credit facility. Under the facility, up to $30 million principal amount of borrowings may be outstanding at any time. The maximum amount of borrowings may be increased by up to an additional $30 million by mutual agreement. The proceeds from loans made under the facility will be used for general corporate purposes. The facility will first be available for borrowings on the date on which we and the underwriters for this offering enter into an underwriting agreement establishing the price of our Class A common stock to be sold in the offering. The facility is not guaranteed by us or any of our subsidiaries.

 

70


Table of Contents

Each loan made under the revolving credit facility will accrue interest at an annual rate equal to the applicable London interbank offered rate plus 1.60%. Amounts under the facility may be borrowed, repaid and reborrowed from time to time during the term of the facility. We will be required to repay in full all of the loans outstanding, including all accrued interest, and the facility will terminate upon a change of control of us or following a transaction in which SecureWorks, Inc. ceases to be a direct or indirect wholly-owned subsidiary of our company. The credit agreement contains customary representations, warranties and events of default.

Cash Flows

Our combined statements of cash flows for the following periods were derived from the accounting records of Dell and us. Through the second quarter of fiscal 2016, Dell funded our operating and investing activities as needed and transferred our excess cash at its discretion, but it has advised us that it does not intend to do so in future periods. These cash transfers are reflected as a component of net parent investment within the combined statements of financial position, and, accordingly, are classified as a change in cash from financing activities in our combined statements of cash flows.

As of October 30, 2015 and January 30, 2015, accrued and other liabilities was $30.2 million and $16.1 million, respectively. This increase was primarily driven by the timing of net parent investment activity as we prepare to become a stand-alone public company. The increase also was attributable to additional compensation-related accruals as we continued to make investments in our headcount.

Because we did not manage working capital independently from Dell for the past three fiscal years, the following summary of our combined statements of cash flows do not purport to reflect what our cash flows would have been if we had operated as a stand-alone public company during the periods presented.

 

     Nine Months Ended  
     October 30,
2015
     October 31,
2014
 
     (in thousands)  
     (unaudited)  

Net change in cash provided by (used in):

     

Operating activities

   $ (6,195    $ 6,405   

Investing activities

     (7,007      (4,115

Financing activities

     45,984         7,568   
  

 

 

    

 

 

 

Change in cash and cash equivalents

   $ 32,782       $ 9,858   
  

 

 

    

 

 

 

 

    Operating Activities. Cash used by operating activities totaled $6.2 million during the first nine months of fiscal 2016, compared to cash generated from operating activities of $6.4 million during the first nine months of fiscal 2015. This decline in operating cash flows was primarily attributable to a greater net loss during the first quarter of fiscal 2016, adjusted for non-cash items.

 

    Investing Activities. Cash used by investing activities totaled $7.0 million and $4.1 million during the first nine months of fiscal 2016 and fiscal 2015, respectively. For the periods presented, investing activities consisted of capital expenditures for property and equipment to support data center and facility infrastructure. Aggregate capital expenditures for fiscal 2016 are currently expected to total approximately $15 million.

 

    Financing Activities. Cash flows from financing activities totaled $46.0 million and $7.6 million during the first nine months of fiscal 2016 and fiscal 2015, respectively. Financing activities for the first nine months of fiscal 2016 included $22.5 million cash proceeds from our sale of the convertible notes and $24.4 million in cash transfers from Dell. Financing activities for the first nine months of fiscal 2015 consisted entirely of cash transfers from Dell.

 

71


Table of Contents

In the table below, we have combined the fiscal 2014 operating results for the predecessor and successor periods for comparative purposes.

 

     Fiscal Year Ended  
     Successor      Combined      Predecessor  
     January 30,
2015
     January 31,
2014
     February 1,
2013
 
     (in thousands)  

Net change in cash provided by (used in):

        

Operating activities

   $ 2,232       $ (8,609    $ 2,160   

Investing activities

     (9,542      (6,201      (20,825

Financing activities

     11,553         11,171         18,117   
  

 

 

    

 

 

    

 

 

 

Change in cash and cash equivalents

   $ 4,243       $ (3,639    $ (548
  

 

 

    

 

 

    

 

 

 

 

    Operating Activities. Cash provided by operating activities totaled $2.2 million during fiscal 2015, compared to cash used in operating activities of $8.6 million during fiscal 2014. This improvement in operating cash flows was attributable primarily to an improvement in net income and, to a lesser extent, an increase in non-cash expenses such as depreciation, amortization and overhead allocations. For fiscal 2014, cash used in operating activities totaled $8.6 million, compared to cash provided by operating activities of $2.2 million during fiscal 2013. This increase in cash flow used in operating activities was primarily attributable to unfavorable changes in working capital due to the timing of receipts and payments from Dell in the ordinary course of business.

 

    Investing Activities. Cash used in investing activities totaled $9.5 million, $6.2 million and $20.8 million during fiscal 2015, fiscal 2014 and fiscal 2013, respectively. For the periods presented, investing activities consisted of capital expenditures for property and equipment to support data center and facility infrastructure.

 

    Financing Activities. Cash flows provided by financing activities totaled $11.6 million, $11.2 million and $18.1 million during fiscal 2015, fiscal 2014 and fiscal 2013, respectively. Financing activities for the periods presented consisted entirely of cash transfers from Dell.

Contractual Cash Obligations

The following table summarizes our contractual cash obligations at January 30, 2015:

 

            Payments Due by Period  
     Total      Fiscal
2016
     Fiscal
2017
     Fiscal
2018
     Fiscal
2019
     Fiscal 2020
and thereafter
 
     (in thousands)  

Contractual cash obligations:

                 

Operating leases

   $ 13,197       $ 2,916       $ 2,796       $ 2,614       $ 2,632       $ 2,239   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Contractual cash obligations

   $ 13,197       $ 2,916       $ 2,796       $ 2,614       $ 2,632       $ 2,239   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

 

    Operating Leases. We lease property and equipment and office space under non-cancellable leases. Certain of these leases obligate us to pay taxes, maintenance and repair costs. As we expand our global operations, we may enter into additional operating leases.

 

    Purchase Obligations. As an indirect wholly-owned subsidiary of Dell Inc., any purchase obligations we entered into during fiscal 2015 were contractual obligations of Dell as of January 30, 2015. As a stand-alone company, we may enter into purchase commitments with vendors or contractors, subject to our operational needs.

 

72


Table of Contents

Convertible Notes

In the third quarter of fiscal 2016, we sold convertible notes in the aggregate principal amount of $22.5 million. Each convertible note matures on February 3, 2017, unless the maturity date is extended by mutual consent of the holder of the convertible note and us. The convertible notes accrue interest at an annual rate of 5%, all of which is payable on the maturity date. In accordance with the terms of the convertible notes, upon the closing of this offering, the convertible notes will automatically convert into shares of our Class A common stock at a conversion price per share equal to 80% of the initial public offering price per share. No accrued interest will convert into Class A common stock upon any such automatic conversion.

Off-Balance Sheet Arrangements

As of October 30, 2015, we were not subject to any obligations pursuant to any off-balance sheet arrangements that have or are reasonably likely to have a material effect on our financial condition, results of operations or liquidity.

Segment Information

We have one primary business activity, to provide our clients with intelligence-driven information security solutions. Our chief operating decision maker, who is our President and Chief Executive Officer, makes operating decisions, assesses performance and allocates resources on a consolidated basis. Accordingly, we operate our business as a single reportable segment.

Critical Accounting Policies

We prepare our financial statements in conformity with GAAP. The preparation of financial statements in accordance with GAAP requires certain estimates, assumptions, and judgments to be made that may affect our consolidated financial statements. Accounting policies that have a significant impact on our results are described in “Notes to Audited Combined Financial Statements—Note 2—Significant Accounting Policies.” The accounting policies discussed in this section are those that we consider to be the most critical. We consider an accounting policy to be critical if the policy is subject to a material level of judgment and if changes in those judgments are reasonably likely to materially impact our results.

Revenue Recognition. We derive revenue primarily from two sources: (1) subscription revenue related to managed security and threat intelligence solutions; and (2) professional services, including security and risk consulting and incident response solutions.

Revenue is considered realized and earned when persuasive evidence of an arrangement exists, delivery has occurred or services have been rendered, the fee to its customer is fixed and determinable and collection of the resulting receivable is reasonably assured.

 

    Multiple-Element Arrangements

Our professional services contracts are typically sold separately from our subscription-based solutions. For subscription offerings, revenue arrangements typically include subscription security solutions, hardware that is essential to the delivery of the solutions, and maintenance agreements. The nature and terms of these multiple deliverable arrangements will vary based on the customized needs of our clients. A multiple-element arrangement is separated into more than one unit of accounting if both of the following criteria are met:

 

    the item has value to the client on a stand-alone basis; and

 

    if the arrangement includes a general right of return relative to the delivered item and delivery or performance of the undelivered item is considered probable and substantially in our control.

 

73


Table of Contents

If these criteria are not met, the arrangement is accounted for as a single unit of accounting, which would result in revenue being recognized ratably over the contract term or being deferred until the earlier of the date such criteria are met or the date the last undelivered element is delivered. If these criteria are met for each element, consideration is allocated to each deliverable based on its relative selling price.

 

    Subscription-Based Solutions

Subscription-based solutions arrangements typically include security solutions, the associated hardware appliance, up-front installation fees and maintenance agreements, which are all typically deferred and recognized over the life of the related agreement. The hardware appliance contains software components that do not provide customers with the right to take possession of software licenses supporting the solutions. Therefore, software is considered essential to the functionality of the associated hardware, and, accordingly, is excluded from the accounting guidance that is specific to the software industry. We have determined that the hardware appliance included in the subscription-based solutions arrangements does not have stand-alone value to the customer and is required to access our Counter Threat Platform. The related maintenance agreements support the associated hardware and similarly do not have stand-alone value to the customer. Therefore, we recognize revenue for these arrangements as a single unit of accounting. The revenue and any related costs for these deliverables is recognized ratably over the contract term, beginning on the date the solution is made available to clients. Amounts that have been invoiced, but for which the above revenue recognition criteria have not been met, are included in deferred revenue.

We have determined that we are the primary obligor in any arrangements that include third-party hardware sold in connection with our solutions, and, accordingly, we recognize this revenue on a gross basis.

 

    Professional Services

Our professional services consist primarily of fixed-fee and retainer based contracts. Revenue from these engagements is recognized under the proportional performance method of accounting. Revenue from time and materials-based contracts is recognized as costs are incurred at amounts represented by the agreed-upon billing amounts.

Intangible Assets Including Goodwill. Identifiable intangible assets with finite lives are amortized on a straight-line basis over their estimated useful lives. Finite-lived intangible assets are reviewed for impairment on a quarterly basis. Goodwill and indefinite-lived intangible assets are tested for impairment on an annual basis in the third fiscal quarter, or sooner if an indicator of impairment occurs. To determine whether goodwill and indefinite-lived intangible assets are impaired, we first assess certain qualitative factors. Based on this assessment, if it is determined more likely than not that the fair value of a reporting unit is less than its carrying amount, we perform the quantitative analysis of the goodwill impairment test. We have determined that we have a single goodwill reporting unit, and, accordingly, for the quantitative analysis, we compare the fair value of this goodwill reporting unit to its carrying values. Based on the results of the annual impairment test, the fair value of our reporting unit exceeded carrying value and no impairment of goodwill or indefinite-lived intangible assets existed at October 30, 2015.

Stock-Based Compensation. For the predecessor periods presented, our compensation programs included grants under Dell’s share-based payment plans. Subsequent to Dell’s going-private transaction, substantially all option awards outstanding at the time of the transaction were cashed out with a one-time payment, and all outstanding restricted stock unit awards were converted into deferred cash awards. For the predecessor periods, compensation expense related to stock-based transactions was measured and recognized in the financial statements based on fair value. In general, the fair value of each option award was estimated on the grant date using the Black-Scholes option-pricing model and a single option award approach. This model requires that at the date of grant we determine the fair value of the underlying common stock, the expected term of the award, the expected volatility of

 

74


Table of Contents

the price of Dell’s common stock, risk-free interest rates and expected dividend yield of Dell’s common stock. The stock-based compensation expense, net of forfeitures, was recognized using a straight-line basis over the requisite service periods of the awards, which was generally four years. We estimated a forfeiture rate, based on an analysis of actual historical forfeitures, to calculate stock-based compensation expense.

Loss Contingencies. We are subject to the possibility of various losses arising in the ordinary course of business. We consider the likelihood of loss or impairment of an asset or the incurrence of a liability, as well as our ability to reasonably estimate the amount of loss, in determining loss contingencies. An estimated loss contingency is accrued when it is probable that an asset has been impaired or a liability has been incurred and the amount of loss can reasonably be estimated. We regularly evaluate current information available to us to determine whether such accruals should be adjusted and whether new accruals are required. Third parties have in the past asserted, and may in the future assert, claims or initiate litigation related to exclusive patent, copyright, and other intellectual property rights to technologies and related standards that are relevant to us. If any infringement or other intellectual property claim made against us by any third party is successful, or if we fail to develop non-infringing technology or license the proprietary rights on commercially reasonable terms and conditions, our business, operating results and financial condition could be materially and adversely affected.

New Accounting Pronouncements

Revenue from Contracts with Customers. In May 2014, the Financial Accounting Standards Board, or the FASB, issued Accounting Standards Update, or ASU, No. 2014-09, “Revenue from Contracts with Customers.” The update gives entities a single comprehensive model to use in reporting information about the amount and timing of revenue resulting from contracts to provide goods or services to customers. The proposed ASU, which would apply to any entity that enters into contracts to provide goods or services, would supersede the revenue recognition requirements in Topic 605, Revenue Recognition, and most industry-specific guidance throughout the Industry Topics of the Codification. The update is effective for us beginning in the first quarter of the fiscal year ending February 1, 2019. We are evaluating the impact of this guidance on our consolidated financial statements.

Going Concern – Disclosure of Uncertainties about an Entity’s Ability to Continue as a Going Concern. In August 2014, the FASB issued new guidance requiring companies to evaluate at each reporting period whether there are conditions or events that raise substantial doubt about the company’s ability to continue as a going concern within one year after the financial statements are issued. Additional disclosures will be required if management concludes that substantial doubt exists. This guidance is effective for us beginning in the first quarter of the fiscal year ending February 2, 2018. We do not expect this new guidance to impact our consolidated financial statements.

Balance Sheet Classifications of Deferred Taxes. In November 2015, the FASB issued an amendment to its accounting guidance related to balance sheet classification of deferred taxes in ASU 2015-17. The amendment requires that deferred tax liabilities and assets be classified as noncurrent in the statement of financial position, thereby simplifying the current guidance that requires an entity to separate deferred liabilities and assets into current and noncurrent amounts. The amendment will be effective for us beginning in the first quarter of fiscal 2018. We are currently evaluating the impact of this guidance.

Quantitative and Qualitative Disclosures About Market Risk

Our results of operations and cash flows have been and will continue to be subject to fluctuations because of changes in foreign currency exchange rates, particularly changes in exchange rates between the U.S. dollar and the Euro, the British Pound, the Romanian Leu and the Canadian Dollar, the currencies of countries where we currently have our most significant international operations. Our expenses in international locations are generally denominated in the currencies of the countries in which our operations are located.

As our international operations grow, we may begin to use foreign exchange forward contracts to partially mitigate the impact of fluctuations in net monetary assets denominated in foreign currencies.

 

75


Table of Contents

BUSINESS

Our Mission

Our mission is to secure our clients by providing exceptional intelligence-driven information security solutions.

Overview

We are a leading global provider of intelligence-driven information security solutions exclusively focused on protecting our clients from cyber attacks. We have pioneered an integrated approach that delivers a broad portfolio of information security solutions to organizations of varying size and complexity. Our solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real time, prioritize and respond rapidly to security breaches and predict emerging threats. The solutions leverage our proprietary technologies, processes and extensive expertise in the information security industry which we have developed over 16 years of operations. Our flexible and scalable solutions support the evolving needs of the largest, most sophisticated enterprises staffed with in-house security experts, as well as small and medium-sized businesses and government agencies with limited in-house capabilities and resources. As of October 30, 2015, we served over 4,100 clients across 61 countries. Our success in serving our clients has resulted in consistent recognition of our company as a market leader by industry research firms such as IDC and Forrester. Gartner has recognized us as a Leader in its “Magic Quadrant for Managed Security Services” from 2007 to 2014.

Organizations rely on information technologies to make their businesses more productive and effective. These technologies are growing in complexity and often include a combination of on-premise, cloud and hybrid environments which are connected to multiple networks and are increasingly accessed via mobile devices. As a result, protecting information from cyber threats has become progressively more challenging, IT security budgets are growing and cybersecurity has become a critical priority for senior executives and boards of directors. At the same time, cyber attacks, which are growing in frequency and sophistication, are increasingly initiated by cyber criminals, nation states and other highly skilled adversaries intent on misappropriating information or inflicting financial and reputational damage. The challenge of information security is compounded by the proliferation of new regulations and industry-specific compliance requirements mandating that organizations maintain the integrity and confidentiality of their data.

These increasing cybersecurity challenges have created a large and fragmented market for IT security products and services. We believe that many organizations that use these products and services remain vulnerable to cyber attacks because they rely on a collection of uncoordinated “point” products that address specific security issues but fall short in identifying and defending against next-generation cyber threats. In addition, many organizations lack sufficient internal cybersecurity expertise to keep pace with the rapidly evolving threat landscape. As a result, these organizations engage the support of information security services providers as part of their IT security strategy. Traditional information security services vendors, however, often fail to satisfy the IT security needs of organizations. Traditional information security services offered by telecommunications providers, security product vendors, large IT outsourcing firms and small regional providers often lack a broad perspective on the threat landscape, are unable to scale their services to match organizations’ data processing requirements, fail to provide actionable security information, focus only on a subset of organizations’ security needs or have limited deployment options.

Our intelligence-driven information security solutions offer an innovative approach to prevent, detect, respond to and predict cybersecurity breaches. Through our managed security offerings, we provide global insight and visibility into malicious activity, enabling our clients to detect and effectively remediate threats quickly. Threat intelligence, which is typically deployed as part of our managed security offerings, delivers early warnings of vulnerabilities and threats along with actionable information to help prevent financial or reputational losses, regulatory violations or other damage. Through security and risk consulting, we advise clients on a broad range of security and risk-related matters, such as how to design and build strategic security programs, assess and test security capabilities and meet regulatory compliance requirements. Incident response, which is typically

 

76


Table of Contents

deployed along with security and risk consulting, minimizes the impact and duration of security breaches through proactive client preparation, rapid containment and thorough event analysis followed by effective remediation.

Our proprietary Counter Threat Platform constitutes the core of our intelligence-driven information security solutions. This platform is purpose-built to provide us with global visibility into the threat landscape and a powerful perspective on our clients’ network environments. Every day, from our clients across the globe, it aggregates as many as 150 billion “network events,” which are events that possibly indicate anomalous activity or trends on a client’s network. Our platform analyzes these events with sophisticated algorithms to discover malicious activity and deliver security countermeasures, dynamic intelligence and valuable context regarding the intentions and actions of cyber adversaries. The platform leverages our intelligence gained over 16 years of processing and handling network events, the exclusive research on emerging threats and attack techniques conducted by our Counter Threat Unit research team and the extensive experience and deep understanding of the nature of cyber threats of our highly trained security analysts. We incorporate this intelligence into the platform on a real-time basis to provide additional context regarding “security events” or “threat events,” which represent malicious activity potentially compromising the security of a network, and to enhance the quality of the actionable security information we provide. The improved intelligence increases the value and drives broader adoption of our solutions, which in turn enables us to analyze yet more security information generated by a larger client base and increase the effectiveness of our protective and incident measures. This self-reinforcing cycle generates a powerful network effect and is instrumental in driving market leadership of our intelligence-driven solutions.

We believe that our singular focus on providing a comprehensive portfolio of information security solutions makes us a trusted advisor and an attractive partner for our clients. This focus enables us to pursue a go-to-market strategy that addresses the diverse needs of our clients around the world. Our flexible deployment model allows us to support the evolving needs of the largest, most sophisticated enterprises staffed with in-house security experts, as well as small and medium-sized businesses and government agencies with limited in-house capabilities and resources. Our vendor-neutral approach enables our clients to enhance their evolving IT security infrastructure, appliances and “best of breed” technologies with our solutions and capabilities, which provide our clients with both a comprehensive and highly effective security defense strategy.

Our growth strategy is to continue growing our business by maintaining and extending our technology leadership, expanding and diversifying our client base, deepening our existing client relationships, and attracting and retaining top talent. To build on our technological advantages, we will continue to innovate and invest in research and development. To expand and diversify our global client base, both domestically and internationally, we intend to continue investing in our direct sales force, further develop our strategic and distribution relationships and pursue opportunities across a broad range of industries. We also will continue to invest in our account management, marketing initiatives and client support to help clients realize greater value from their existing solutions and to drive incremental sales. Because highly skilled information security professionals are critical to delivering industry-leading security expertise to our clients, we intend to continue seeking to attract and retain top talent by offering our employees a client-first culture and a robust training and development program.

We have experienced significant growth since our inception. We generate revenue from our managed security solutions and threat intelligence solutions through subscription-based arrangements, which provide us with a highly visible and recurring revenue stream, as well as revenue from our security and risk consulting engagements through fixed-price and retainer-based contracts. Our total revenue was $262.1 million in fiscal 2015, $205.8 million in fiscal 2014 and $172.8 million in fiscal 2013, for annual growth of 27% and 19%, respectively. For the first nine months of fiscal 2016 and fiscal 2015, our total revenue was $245.4 million and $190.7 million, respectively, representing a 29% growth rate. Our subscription revenue was $207.2 million in fiscal 2015, $170.2 million in fiscal 2014 and $145.1 million in fiscal 2013, for annual growth of 22% and 17%, respectively. For the first nine months of fiscal 2016 and fiscal 2015, our subscription revenue totaled $195.6 million and $149.9 million, representing a 30.5% growth rate. We incurred net losses of $38.5 million in fiscal 2015, $44.5 million in fiscal 2014 and $41.5 million in fiscal 2013. For the first nine months of fiscal 2016 and fiscal 2015, we incurred net losses of $57.5 million and $29.5 million, respectively.

 

77


Table of Contents

Industry Background

Organizations of all sizes are using new information technologies to make their businesses more productive and effective.

Organizations of all sizes rely on information technologies to make their businesses more productive and effective. Modern IT infrastructures are growing in complexity and often include a combination of on-premise, cloud and hybrid environments connected to multiple networks that support thousands or even millions of connected devices. In addition, the adoption of mobile computing allows organizations to use data-rich applications with file-sharing and collaboration capabilities to access critical business information from various devices and locations. The widespread adoption of these advanced IT architectures, along with the rapid growth of connected devices and new ways of delivering IT services, enables organizations to benefit from business applications that are more powerful and easier to deploy, use and maintain.

This rapidly evolving IT environment is increasingly vulnerable to frequent and sophisticated cyber attacks.

Although innovative IT services delivery models and business applications yield significant benefits, the constantly evolving landscape of applications, modes of communication and IT architectures makes it increasingly challenging for businesses to protect their critical business assets from cyber threats. New technologies heighten security risks by increasing the number of ways a threat actor can attack a target by giving users greater access to important business networks and information and by facilitating the transfer of control of underlying applications and infrastructure to third-party vendors. According to PricewaterhouseCoopers LLP, the number of detected security incidents increased by 48% from 28.9 million in 2013 to 42.8 million, or an average of over 117,000 attacks every day, in 2014.

Cyber attacks have become more sophisticated as well as more frequent. In recent years, attacks have evolved from computer viruses written by amateur hackers intent on disrupting targeted sites or attracting attention into highly complex and targeted attacks led by cyber criminals, nation states and other highly skilled adversaries intent on stealing information or causing financial and reputational damage. Both external and internal threat actors continually and rapidly update their tactics to maintain an advantage against advances in IT security defenses. These adversaries are launching an ever increasing number of attacks that are difficult to detect and remediate and that leverage next-generation techniques such as:

 

    zero-day attacks, which are attacks that exploit previously unknown vulnerabilities in software;

 

    polymorphic malware, which is advanced malware that changes form while retaining its malicious functionality, making it significantly harder to detect;

 

    strategic web compromises, in which attackers target and compromise websites their intended victims frequently use, such as third-party vendor websites;

 

    targeted phishing attacks, which deploy malicious e-mails or other communications tailored to appear legitimate to targeted categories of users;

 

    sandbox, firewall and anti-malware evasion, which encompasses a variety of methods that threat actors can employ to avoid detection by standard security defenses; and

 

    distributed denial-of-service attacks, which attempt to make a computer or network resource unavailable to its intended users.

The severe economic and reputational impact of attacks, coupled with growing regulatory burdens, makes cybersecurity defense increasingly a priority for senior management and boards of directors.

In the wake of numerous recent high-profile data breaches, organizations are increasingly aware of the financial and reputational risks associated with IT security vulnerabilities. IT security budgets are growing and cybersecurity has become a critical priority for senior executives and boards of directors. Even with senior-level

 

78


Table of Contents

attention, we believe that the cybersecurity programs of most organizations do not rival the persistence, tactical skill and technological prowess of today’s cyber adversaries. As a result, cyber attacks are successfully breaching organizations’ networks at alarming rates. Security breaches can be highly public and result in reputational damage and legal liability as well as large losses in productivity and revenue. Many organizations are particularly concerned about attacks that attempt to misappropriate sensitive and valuable business information, such as intellectual property, strategy documents, private communications and customer data. In addition, terrorists and nation states increasingly engage in cyber warfare and often target critical public infrastructure, such as power grids and transportation networks. The losses from attacks on business organizations and governmental institutions are growing. In a report published in 2014, the Center for Strategic and International Studies estimated that global losses from cyber crime reached over $400 billion annually.

Adding to the urgency of the IT security challenge, new regulations and industry-specific compliance requirements direct organizations to design, implement, document and demonstrate controls and processes to maintain the integrity and confidentiality of information transmitted and stored on their systems. These security mandates include requirements imposed under the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act of 1996, or HIPAA, and Health Information Technology for Economic and Clinical Health, or HITECH, Act for the healthcare industry, the Gramm-Leach-Bliley Act for the financial services industry, the North American Electric Reliability Corporation Critical Infrastructure Protection, or NERC CIP, Cyber Security Standards, the Federal Information Security Management Act of 2002, or FISMA, and the Payment Card Industry Data Security Standard, or PCI DSS.

The traditional cybersecurity approach of using numerous “point” products often fails to detect threats and block attacks.

The information systems of many organizations are vulnerable to breach because they rely on a collection of uncoordinated security products that address security in a piecemeal fashion rather than in a proactive and coordinated manner. Many of these are “point” products, which attempt to address specific information security risks instead of providing an integrated and comprehensive solution. Today, many organizations choose from a range of specialized products and services, which include intrusion detection and prevention systems, traditional firewalls, next-generation firewalls, web application firewalls, advanced malware protection, anti-virus protection, web and application security filters, messaging security, and identity and access management, as well as security hardware and software that resides on the devices directly operated by users, such as computers, smartphones and tablets, which are referred to as the “endpoint.”

An effective cyber defense strategy requires the coordinated deployment of multiple products and services tailored to an organization’s specific security needs. As the number of point products deployed by an organization grows, however, the challenges of integrating and managing the related devices and applications also grow. Further, point products primarily address security issues in a reactive manner, employing passive auditing or basic blocking techniques, and often lack integration and intelligent monitoring capabilities and management within a common framework necessary to provide effective information security throughout an organization. Consequently, even when deployed concurrently, these security products frequently fall short in defending against the growing volume and variety of cyber threats.

Identifying and hiring qualified security professionals is a significant challenge for many organizations.

The difficulty in providing effective information security is exacerbated by the highly competitive environment for identifying, hiring and retaining qualified information security professionals. According to annual surveys of IT professionals conducted by Enterprise Strategy Group from 2012 to 2015, information security was consistently the most commonly cited area where organizations had a problematic shortage of IT skills. In a survey issued by Ponemon Institute in 2015, 45% of respondent organizations stated that they believed the inability to hire and retain qualified staff was a factor that could hinder or stall improvements in the cybersecurity posture of an organization, making this the leading factor identified by the respondents.

 

79


Table of Contents

As a result, organizations engage information security services vendors to integrate, monitor and manage their point products to enhance their defense against cyber threats.

Because many organizations cannot adequately protect their networks from cyber threats, they are augmenting their IT security strategies to include information security services. Traditional information security services vendors include telecommunications providers that offer information security services as an adjunct to their IT infrastructure hosting services, security product vendors that provide managed security and consulting services focused primarily on their own products, large IT outsourcing firms that maintain an information security services practice within a larger organization, and local and regional specialist providers. By using information security services from these types of vendors, organizations seek to decrease their vulnerability to security breaches, increase the efficacy of their existing investments in security products and free their own IT staff to focus on other responsibilities.

Traditional information security services vendors, however, often fail to satisfy the IT security needs of organizations, many of which seek the advantages of our solutions.

Despite significant expenditures, many organizations have not been able to realize the full benefits of information security products and services. Organizations that currently engage traditional information security services vendors encounter the following challenges:

Lack of Global Visibility and Insight into Cyber Threats. Many traditional information security vendors serve smaller client bases in limited geographic areas and narrow industry sectors and, therefore, lack broad insight into the identities, intentions, techniques and strategies of cyber adversaries that operate across international boundaries and target multiple industries. In addition, many of the traditional information security services vendors have limited ability to gather and process sufficient quantities of security data. This limited view of the global threat environment reduces the vendor’s ability to identify security threats and defend against cyber attacks, particularly attacks by sophisticated threat actors.

Lack of Scalability. Many traditional information security services vendors lack the technology platform necessary to keep pace with the explosive growth in the volume of alerts, logs, messages and other security events resulting from the rapid proliferation of security appliances in organizations’ networks. Billions of daily network events must be processed, analyzed and archived in an efficient and timely manner to provide effective information security. In addition, the heavy reliance of existing information security services vendors on human input and interaction to drive information security intelligence decreases the efficacy of their research and remediation capabilities and limits their ability to scale their services to meet the data processing requirements of larger organizations.

Lack of Actionable Security Information. Traditional information security services vendors often generate information that is difficult for client IT security teams to act upon. Specifically, the security information generated may:

 

    be too voluminous and complex;

 

    be untimely or insufficiently predictive;

 

    lead to falsely positive results by identifying normal activity as anomalous or malicious; or

 

    lack actionability because it fails to predict the severity of the attack, provide insight into the intentions of attackers or indicate appropriate countermeasures.

Narrowly Focused Solutions. Many traditional information security services vendors focus their offerings on specific stages of a cyber attack and often limit their services to support only their own IT security products. For example, some network firewall vendors provide services that exclusively monitor firewall log data and respond only to specific and related incidents. These vendors, however, offer limited support for third-party firewalls or other security appliances. This approach creates significant complexity and cost, and ultimately results in less effective protection. Substantial manual effort also is needed to deploy, configure, integrate, maintain and upgrade products and services.

 

80


Table of Contents

Limited and Inflexible Service Delivery Options. Many traditional information security services vendors offer to engage with clients only in a rigid, predefined manner. For example, some vendors offer only fully outsourced security appliance management, which does not allow the client’s in-house staff to retain administrative control. In some instances, traditional security services vendors may not be capable of integrating their solutions with, or accommodating a client’s desire to use, the client’s existing IT security infrastructure. In other cases, traditional vendors may offer a limited range of security services, such as management and monitoring services, but not consulting or incident response services. As a result of these limited and inflexible service delivery models, many traditional information security services vendors fail to meet the needs of clients across a broad array of industries and sizes.

In part as a result of the failure of many traditional information security services providers to satisfy the pressing need for scalable, integrated and intelligence-driven information security solutions, organizations of all sizes are engaging us to help improve their defensive posture and manage their day-to-day exposure to cyber threats.

Our Market Opportunity

We operate in a rapidly expanding market for information security services. Gartner estimates that the size of the combined Enterprise Security Services IT Outsourcing and consulting services markets was $25.0 billion in 2013 and expects it to grow at a compound annual growth rate of 11% to $47.4 billion in 2019. Further, Gartner estimates the managed security services IT Outsourcing market at $10.7 billion in 2013 and expects it to grow to $24.6 billion in 2019, representing a compound annual growth rate of 15%. Gartner also estimates the security consulting services market at $14.2 billion in 2013 and expects it to grow to $22.8 billion in 2019, for a compound annual growth rate of 8%. Frost & Sullivan estimates that sales of managed security services were $6.9 billion globally and $1.8 billion in North America in 2013, and expects sales to grow to $12.8 billion globally and $3.3 billion in North America in 2018, representing a compound annual growth rate of 12% and 13%, respectively.

Our Solutions

We are a leading global provider of intelligence-driven information security solutions exclusively focused on protecting our clients from cyber attack. Our solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real time, respond rapidly to security breaches and predict emerging threats. Our solutions can support the evolving needs of the largest, most sophisticated enterprises staffed with in-house security experts, as well as small and medium-sized businesses and government agencies with limited in-house capabilities and resources. By deploying our solutions, organizations can fill gaps in their cyber defenses resulting from their previous reliance on various uncoordinated point products.

Our integrated suite of solutions includes:

 

    Managed security, through which we provide our clients global visibility and insight into malicious activity in their network environments, enabling them to detect and remediate threats quickly and effectively through the application of our deep security expertise

 

    Threat intelligence, through which we deliver early warnings of vulnerabilities and threats and provide actionable security intelligence intended to address these problems before they result in financial or reputational damage, regulatory violations, legal liability or other damage

 

    Security and risk consulting, through which we advise our clients on a variety of information security and risk-related matters, such as how to design and build strategic security programs, assess and test security capabilities and meet regulatory compliance requirements

 

    Incident response, through which we help our clients rapidly analyze, contain and remediate security breaches to minimize their duration and impact

 

81


Table of Contents

LOGO

Our Counter Threat Platform constitutes the core of our intelligence-driven information security solutions and provides our clients with a powerful integrated perspective regarding their network environments and security threats. Our platform aggregates as many as 150 billion daily network events from our clients across the globe and analyzes these events with sophisticated algorithms to detect malicious activity and deliver security countermeasures, dynamic intelligence and valuable context regarding the intentions and actions of cyber adversaries. The timely analysis and routing of this security information enable our solutions to assess risk in real time and allows us to respond rapidly to our clients worldwide. The platform leverages our intelligence gained over 16 years of processing and handling network events, the exclusive research on emerging threats and attack techniques conducted by our Counter Threat Unit research team, or CTU, and the extensive experience and deep understanding of the nature of cyber threats of our highly trained security analysts. As a result, we believe that we frequently are among the first organizations to identify new cyber attack techniques and develop countermeasures to remediate them. We apply these countermeasures to our platform as well as to other proprietary technologies to enable clients to proactively prevent and detect security compromises. For example, as of October 30, 2015, our proprietary network intrusion detection and prevention appliance, the iSensor, deployed over 7,500 countermeasures and the resulting signatures generated, on average, approximately 120 million security alerts daily. We also constantly monitor the efficacy and accuracy of these countermeasures to enhance their effectiveness and adaptability across all our solutions.

Our counter threat operations centers, or CTOCs, employ highly trained security analysts who leverage their extensive experience and deep understanding of cyber threats to identify, diagnose and respond quickly to security events. We incorporate the exclusive research developed by the CTU and the intelligence and security information provided by our CTOC analysts into the platform as continuous feedback to further enrich the quality of the security intelligence and deliver predictive and adaptive protection for our clients. This improved intelligence enhances the value and drives broader adoption of our solutions, which in turn enables us to analyze yet more security information generated by a larger client base, thus increasing the effectiveness of the solutions we provide.

Key Capabilities of Our Solutions

The key capabilities of our solutions include:

Global Visibility. We have global visibility into the cyber threat landscape through our more than 4,100 managed security clients across 61 countries as of October 30, 2015, including large enterprises and small and

 

82


Table of Contents

medium-sized businesses operating in diverse industries and U.S. state and local government agencies. As a result, we gain real-time insights that enable us to predict, detect and respond to threats quickly and effectively. We also identify threats originating within a particular geographic area or relating to a particular industry and proactively leverage this threat intelligence to protect other clients against these threats.

Scalable Platform with Powerful Network Effects. Our proprietary Counter Threat Platform analyzes as many as 150 billion daily network events from our clients across the globe and in multiple industries. The platform features a multi-tenant, distributed architecture that enables our software to run on a single platform while providing simultaneous access to multiple users and facilitates not only efficient and cost-effective processing of these events, but also meaningful real-time risk assessment and rapid response. A key component of the platform, the Multi-Purpose Logic Engine, enables the platform to automate processing of an increasing percentage of events—over 99% as of October 30, 2015—without the need for human intervention. As a result, although the number of network events analyzed through our solutions doubles approximately every 16 months, the number of events requiring our certified security analysts to assess a potential threat remains relatively constant. As our client base increases, our platform is able to analyze more events, and the intelligence derived from the additional events makes the platform more effective, which in turn drives broader client adoption and enhances the value of the solutions to both new and existing clients.

Contextual and Predictive Threat Intelligence. Our proprietary and purpose-built technology analyzes and correlates billions of network events using advanced analytical tools and sophisticated algorithms to generate threat intelligence. This intelligence is augmented by our Counter Threat Unit research team, which conducts research into threat actors, uncovers new attack techniques, analyzes emerging threats and evaluates the risks posed to our clients. Applying this intelligence across our solutions portfolio provides clients with deeper insights and enriched context regarding tactics, techniques and procedures employed by those threat actors.

Integrated, Vendor-Neutral Approach. Our solutions are designed to monitor alerts, logs and other messages across multiple stages of the threat lifecycle by integrating a wide array of proprietary and third-party security products. Our vendor-neutral approach enables clients to use their existing IT security infrastructure and to enhance it with our solutions. This approach also allows us to aggregate events from a wide range of security and network devices, applications and endpoints to enhance our understanding of clients’ networks and increase the effectiveness of our monitoring solutions.

Flexible Solution and Delivery Options. Our intelligence-driven information security solutions were purpose-built to serve a broad array of evolving client needs, regardless of a client’s size or the complexity of its security infrastructure. Our clients may subscribe to our full suite of solutions, which provide an integrated solution, or elect to subscribe to any of our individual solutions. The Counter Threat Platform is highly flexible, allowing us to tailor our solutions to a client’s unique environment, and can be configured to identify specific security events of concern to an organization. Clients also can choose how much control they will maintain over their IT security infrastructure by selecting among our fully managed, co-managed or monitored delivery options. Our solutions are scalable to support large enterprises, but also can be packaged into turnkey solutions for small and medium-sized businesses and government agencies. Our flexible approach enables clients to tailor our solutions to reduce large and risky investments and costly implementations that are characteristic of traditional solutions, and to ensure quick and easy deployment.

Our Competitive Strengths

We are a global leader in providing intelligence-driven information security solutions that protect organizations against advanced cyber attacks. We believe that the following key competitive advantages will allow us to maintain and extend our leadership position:

A Leader in Intelligence-Driven Information Security Solutions. We are a global leader in providing intelligence-driven information security solutions. As of October 30, 2015, we protect over 4,100 managed security clients across 61 countries from increasingly advanced and harmful security threats. Given the

 

83


Table of Contents

significant potential financial and reputational damage to organizations from security vulnerabilities and breaches, we believe that we have become a mission-critical provider of information security solutions to many of the large enterprises, small and medium-sized businesses and U.S. state and local government agencies we serve. Gartner has recognized us as a Leader in its “Magic Quadrant for Managed Security Services” from 2007 to 2014. In addition, we have been recognized as a leader by “The Forrester Wave™: Managed Security Services: North America, Q4 2014” and by the “IDC MarketScape: Worldwide Managed Security Services 2014 Vendor Assessment.” We also have received accolades from SC Magazine, which has named us “Managed Security Service Provider of the Year” seven times in the United States and twice in Europe over the past ten years. Our position as a technology and market leader enhances our brand and enables us to influence organizations’ purchasing decisions as they look for a comprehensive solution from a reputable vendor.

Purpose-Built, Proprietary Technology. At the core of our solutions is the proprietary technology platform we have developed during our 16 years of operations. This platform, which we call the Counter Threat Platform, facilitates the discovery of malicious activity in our clients’ environments through data collection, aggregation and advanced analysis. It also enables the delivery of security intelligence in the form of countermeasures, dynamic intelligence and valuable context regarding the cyber threat landscape. The Counter Threat Platform features a multi-tenant, distributed architecture purpose-built for efficient and cost-effective analysis. It incorporates analysis performed by our Counter Threat Unit research team in conjunction with advanced analytics and our proprietary Threat Intelligence Management System to collect, correlate and analyze billions of daily network events and data points and generates enriched security intelligence on threat actor groups and global threat indicators. Security professionals in our counter threat operations centers also use this intelligence as valuable context to help them understand our clients’ environments and quickly identify, diagnose and respond to security breaches. Elements of these technologies and processes are protected by our know-how and by our patents and pending patent applications.

Specialist Focus and Expertise. Since our founding, we have built our company, technology and culture with a singular focus on protecting our clients by delivering intelligence-driven information security solutions. We believe this continued focus reinforces our differentiation from:

 

    telecommunications and network providers, which we believe lack the security focus required for domain-specific research and development;

 

    IT security product companies, which we believe may not provide vendor-neutral comprehensive solutions; and

 

    local and regional information security solutions providers, which we believe have a limited view of the global threat environment and cannot provide the comprehensive and integrated suite of information security solutions we offer.

Strong Team Culture. We believe that our client-first culture and corporate mission to be the global leader in intelligence-driven information security solutions gives us a significant advantage over our competitors. At our company, the fight against sophisticated and malicious cybersecurity threats is a personal one, and we take great pride in helping our clients protect their critical business data and processes. We dedicate significant resources to ensure that our culture and brand reflect this exclusive focus on protecting our clients. Further, in a highly competitive hiring environment for IT security personnel, our culture enhances our ability to hire, develop and inspire talented security professionals. We believe that our culture and strong technology leadership are key drivers of our employee retention rate, which in fiscal 2015 averaged approximately 90% across all functions within our organization.

Seasoned Management Team and Extensive IT Security Expertise. We have a highly experienced and tenured management team with extensive IT security expertise and a record of developing successful new technologies and solutions to help protect our clients. Our President and Chief Executive Officer, Michael R. Cote, has presided over our company’s growth since 2002, and our global go-to-market leader, our global

 

84


Table of Contents

engineering leader and our Chief Technology Officer each have served with us for over ten years. In addition, as of October 30, 2015, our CTU research team included industry-recognized experts with an average of over ten years of IT security experience.

Our Growth Strategy

Our goal is to be the global leader of intelligence-driven information security solutions. To pursue our growth strategy, we seek to:

Maintain and extend our technology leadership: We intend to enhance our leading intelligence-driven integrated suite of solutions by adding complementary solutions that strengthen the security posture of our clients by investing in research and development and hiring personnel with extensive IT security expertise. We also will continue to invest in our global threat research capabilities, particularly in existing dynamic threat areas and emerging areas that affect mobile communication, cloud computing, data sciences, the Internet of Things and other applications to address the changing security needs of our clients. For example, we intend to build a portfolio of solutions that can be delivered and integrated into infrastructure-as-a-service environments and address regional privacy-related data storage requirements as an increasing number of our clients look to develop and host applications in cloud-based environments.

Expand and diversify our client base: The information security solutions market is large and growing. We believe our intelligence-driven solutions provide us with a significant opportunity to acquire new clients by augmenting their existing in-house security capabilities or displacing their incumbent security solutions vendors. Our client base has grown approximately 28% from approximately 3,200 managed security clients as of February 1, 2013 to over 4,100 managed security clients as of October 30, 2015. We intend to continue to expand and diversify our client base, both domestically and internationally, by investing in our direct sales force, developing our strategic and distribution relationships, pursuing opportunities across a broad range of industries and adding complementary solutions, such as those serving cloud-based environments. We also intend to continue increasing our geographic footprint to further enhance our deep insight into the global threat landscape and our ability to deliver comprehensive threat intelligence to our clients. As we grow our client base, existing clients benefit from the network effects derived from the increasing set of global and diverse security events we observe, thus driving both the value of our solutions and further client adoption.

Deepen our existing client relationships: To maintain and grow our revenue under our subscription-based model, we must achieve and maintain high levels of client renewals. In each of fiscal 2014 and fiscal 2015, we retained approximately 90% of our managed security clients. In addition, we believe the strong relationships and high client satisfaction we maintain with our base of over 4,100 managed security clients as of October 30, 2015 present a significant opportunity for us to drive incremental sales. As clients recognize benefits from one of our solutions, our platform enables easy adoption and integration of additional solutions. Moreover, as clients become familiar with our extensive expertise and the value of our solutions, we seek to convert one-time consulting engagements into longer-term recurring engagements by cross-selling our information security solutions. As of October 30, 2015, approximately 50% of our professional services clients also subscribed to our managed security solutions. We will continue to invest in our account management, marketing initiatives and client support programs in seeking to achieve high client renewal rates, help clients realize greater value from their existing solutions and encourage them to expand their use of our solutions over time.

Attract and retain top talent: Highly skilled IT security professionals are critical to delivering best-in-class security expertise to our clients. We will continue to invest in attracting and retaining top talent to support our existing information security offerings as well as develop new capabilities. Our technology leadership, brand, exclusive focus on information security, client-first culture and robust training and development program have enabled us to attract and retain highly talented professionals with a passion for building a career in the information security industry. As a result, as of January 30, 2015, approximately 21% of our employees had served with us for over five years, while our overall employee retention rate in fiscal 2015 averaged approximately 90% across all functions within our organization.

 

85


Table of Contents

Our Clients

As of October 30, 2015, we had over 4,100 managed security clients across 61 countries. Our clients as of that date included 28% of the companies in the Fortune 100 for 2015 and 26% of the companies in the Fortune 1,000 for 2015. In addition, in fiscal 2015, over 1,400 organizations contracted with us for security and risk consulting. As of October 30, 2015, approximately 50% of our professional services clients also subscribed to our managed security solutions.

We serve clients in a broad range of industries, including the financial, manufacturing, technology, retail, insurance, utility and healthcare sectors. In fiscal 2015, financial services clients accounted for 38% of our revenue, and manufacturing clients accounted for 16% of our revenue. No other industry accounted for 10% or more of our fiscal 2015 revenue. Annualized revenue for our financial services clients, manufacturing clients and services clients as of October 30, 2015, as measured by client subscription-based contracts, was approximately 32%, 18% and 10%, respectively, of our total annualized revenue as of such date. No other industry accounted for 10% or more of our total annualized revenue as of such date. Some of our solutions have been deemed to be mission-critical functions of our financial institution clients that are regulated by one or more member agencies of the Federal Financial Institutions Examination Council. We therefore are subject to examination by the member agencies of the FFIEC. The agencies conduct periodic reviews of our operations to identify existing or potential risks associated with our operations that could adversely affect our financial institution clients, evaluate our risk management systems and controls, and determine our compliance with applicable laws that affect the solutions we provide to financial institutions. A sufficiently unfavorable review could result in our financial institution clients not being allowed, or not choosing, to continue using our solutions.

We market our information security solutions to organizations of all sizes, including large enterprise clients and small and medium-sized business. For fiscal 2015, we derived approximately 62% of our revenue from our large enterprise clients, approximately 33% from our small and medium-sized business clients and approximately 5% from other clients, such as U.S. state and local government agencies. We define large enterprise clients as organizations with annual revenue exceeding $500 million or financial institution clients with assets exceeding $2 billion, and small and medium-sized business clients as organizations with annual revenue of $500 million or less or financial institution clients with assets equal to or less than $2 billion. Our largest client, Bank of America, N.A., accounted for 12% of our fiscal 2015 revenue. No other client accounted for 10% or more of our annual revenue in any of our last three fiscal years.

Sales to clients located outside the United States contributed approximately 12% of our fiscal 2015 revenue, approximately 12% of our fiscal 2014 revenue and approximately 8% of our fiscal 2013 revenue. For information about our non-U.S. revenues and assets, see “Notes to Audited Combined Financial Statements—Note 8—Supplemental Combined Financial Information.”

We believe that we have been able to develop deep and meaningful long-term client relationships. If our clients are separated into cohorts based on the fiscal year in which they first started using our managed security solutions, those clients for cohorts before our acquisition by Dell in fiscal 2012 have provided relatively stable monthly recurring revenues in subsequent periods, and those clients for cohorts after the acquisition have provided stable or increasing monthly recurring revenues in subsequent periods. Our average annualized monthly recurring revenue per managed security client, as measured for the last month of each fiscal period, has grown from $56,000 in fiscal 2013 to $64,000 in fiscal 2014, $72,000 in fiscal 2015 and $83,000 in the third quarter of fiscal 2016. The ratio of (a) the lifetime value of a managed security client, which we define as average gross profit per managed security client divided by our managed security client turnover rate, to (b) our managed security client acquisition costs, which we define as sales and marketing expense divided by the number of new managed security clients for the relevant period, has remained relatively constant over the past three fiscal years and was approximately 3.6:1 in fiscal 2015. Further, as we help our clients realize increased value from their existing solutions, we have been able to deepen our client relationships and encourage our clients to broaden their use of our solutions over time. For example, our top 25, 100 and 500 managed security clients, as measured by their subscription-based contracts on an

 

86


Table of Contents

annualized basis as of July 31, 2015, now spend more than 2.2 times, 2.2 times and 1.9 times as much on our solutions as they did in their initial purchases.

Client Case Studies

The following case studies present examples of how some of our clients have benefited from successful deployments of our solutions. In each case below, the client deployed our solutions on a company-wide basis.

Financial Institution: Adoption of Our Threat Intelligence Solutions Displacing an Incumbent and Driving Expansion of Solutions Over Time

Challenge: A large regional bank needed to protect the financial and personal data for its customers across the United States while ensuring compliance with industry and regulatory mandates. The bank’s security staff sought assurance that the security provider’s threat intelligence and financial industry expertise would be sufficient to help protect the bank’s customers. The bank’s existing security service provider was unable to provide adequate intelligence on a consistent basis concerning the threats targeting the bank, while we succeeded in proactively providing this information even though we were not under contract at the time.

Benefits of Our Solutions: The bank switched from its existing service provider to us after our Counter Threat Unit researchers initially provided intelligence concerning distributed denial-of-service attacks targeting the bank. The client deployed our monitored firewall, managed Intrusion Detection System and security monitoring solutions and subscribed to our global threat intelligence solution. Our security consultants also conducted penetration testing and “red team” tests to evaluate the client’s security defenses, while the client brought in special operations researchers from our Counter Threat Unit for a targeted threat hunting engagement to look for signs of attacker presence in the client’s environment. Realizing that response is an integral part of any security program, the client also adopted our incident response retainer solution. As the relationship matured, the client consulted with us to create a counter threat operations center staffed by our security consultant residents, and has come to view us as a trusted advisor and our security experts, including the researchers of the Counter Threat Unit, as an extension of its own security team. The bank has been a client since December 2012.

Manufacturing/Healthcare Company: Broad Portfolio of Information Security Solutions Providing Sophisticated Protection to Client Operating on a Global and Complex Scale

Challenge: A global health products manufacturer operating on a complex scale wanted to ensure that its intellectual property was protected at all times from sophisticated threats.

Benefits of Our Solutions: The manufacturer chose to work with us in May 2014 to address multiple facets of its security program. The client’s complex network footprint and security requirements have encouraged it to draw on many features of our broad portfolio of information security solutions. The client currently uses our Firewall, Intrusion Detection System and Vulnerability Management solutions and is evaluating additional advanced protection options to minimize the time-to-detection window. In addition, the client utilizes our security residency solutions to provide expert resources to manage its Vulnerability Management program and its endpoint management program. Our security consultant residents directly engage with, and have direct access to, Counter Threat Unit researchers and counter threat operations center analysts.

We also provide threat intelligence tailored for the client that feeds the client’s processes and gives its leaders and staff analysts and our security consultant residents timely information on threats that may directly impact the client’s operations. Committed to response preparedness, the client engages our incident response professionals for advanced tabletop exercises that improve their ability to respond rapidly to any type of threat. As a result of our global visibility and deep insights into countering sophisticated threats, our security experts were able to work closely with the client to construct a multi-year roadmap for the future development of its security program and operations.

 

87


Table of Contents

Large Financial Services Company: Our Vendor-Neutral Approach Correlating Security Information Across a Variety of Security Environments and Providing a Single, Integrated View Through Our Portal

Challenge: A financial services company with approximately $2 billion in annual revenue experienced rapid growth that exposed it to increasingly frequent and sophisticated cyber attacks. In addition to facing growing security threats, the client used a variety of security appliances with separate dashboards (or interfaces reporting data gathered by the appliances) that made it difficult for the understaffed in-house IT security team to correlate various pieces of security information in order to identify security breaches. The client had purchased a single sign-on security product, which is software enabling users to access all authorized applications with a single user name and password, to solve issues stemming from multiple passwords for various employee systems, but the IT team lacked the resources and expertise to deploy the product.

Benefits of Our Solutions: The client initially asked our security and risk consulting team for advice on how to implement the single sign-on product the client had purchased. Our team responded with an extensive research consultation and, after helping the client implement the single sign-on product, developed a trusted advisory relationship with the client. This relationship progressed as the client recognized the benefit of our extensive expertise and explored adopting some of our other solutions. The client then decided to expand its use of our solutions, deploying our threat intelligence and security and risk consulting solutions, as well as several managed security solutions, including security monitoring, Vulnerability Management, managed iSensor, managed firewall and Managed Intrusion Prevention System. By deploying these solutions, the client gained the ability to correlate security appliance information and events across different security environments, as well as the ability to view all relevant security information through our integrated portal. The company has been a client since June 2012.

Communications Provider: Threat Intelligence Consulting Leading to Incident Response and Managed Security Engagements, Including Early Adoption of Multiple Newly Launched Solutions

Challenge: A global communications provider wanted to protect its intellectual property from potential industrial espionage threats.

Benefits of Our Solutions: The provider had used us in the past to analyze and consult on a sample of malware it had detected. During this assignment, the client realized the power of our threat intelligence developed by the Counter Threat Unit research team. Our visibility into the global threat landscape and the expertise of our Counter Threat Unit researchers convinced the client to adopt an even more proactive approach to its security and to subscribe to our managed security solutions, including our managed iSensor, security monitoring, monitored firewall and Vulnerability Management solutions. The client also adopted our incident response retainer solution for the rapid analysis, containment and remediation of any future security incidents to minimize their duration and impact.

The client has been interested in evaluating our new capabilities as they have become available in order to maintain the most advanced security protection for its intellectual property. Consequently, it was an early adopter of our Advanced Endpoint Threat Detection, or AETD, solution. The rapid time-to-detection combined with detailed information on activities taking place on servers, laptops and workstations provided by the AETD solution can greatly diminish the hours and resources required for any incident response. Because the client is interested in further shortening its time-to-detection window, it has continued to participate in testing our new platforms and solutions. The provider has been a client since November 2012.

Healthcare Network Provider: Our Integrated Suite of Solutions Strengthening the Security Posture of the Client While Also Ensuring Effective Regulatory Compliance

Challenge: A healthcare network provider that was experiencing substantial growth in the number of patients served recognized that its increasingly large database of patient information made the provider a more

 

88


Table of Contents

attractive target for a cyber threat actor. HIPAA compliance mandates and the client’s provision of services to a number of government customers increased the importance of maintaining a strong security posture during this period of growth. The client’s leadership team assessed its current security posture, which was largely maintained internally, and determined that it could more rapidly achieve the required level of protection by engaging a third party.

Benefits of Our Solutions: The company selected us over a major competing vendor because our threat intelligence capabilities and ability to deliver a range of solutions across multiple layers of security enabled us to provide a more comprehensive solution to meet the client’s needs.

We initially provided the client with a broad range of managed security solutions that encompassed managed iSensor, Managed Intrusion Prevention System, managed firewall, monitored firewall, security monitoring, Vulnerability Management with “threat prioritization,” log retention and AETD. The client also subscribed to our global threat intelligence solution, incorporating feeds from the solution into its security information and event management platform. By leveraging our integrated solutions, the client has been able to quickly strengthen its security posture while also ensuring effective compliance with regulatory requirements. Since the initial engagement in February 2015, the client has doubled its use of our security monitoring and AETD solutions and continues to explore with us other potential additions to its security architecture.

Gas and Convenience Store Chain: Security and Risk Consulting Leading to Adoption of Managed Security

Challenge: A large gas and convenience store chain realized that non-compliance with the PCI Data Security Standard, or PCI DSS, resulting in an information security breach could attract heavy fines and penalties that would significantly affect its financial results. The retailer needed a thorough evaluation of its IT environment and compliance with PCI DSS by a vendor who could understand its proprietary business and operating model.

Benefits of Our Solutions: Leveraging an existing relationship with our parent company, Dell, the client engaged our security and risk consulting compliance experts. Our security consultant performed an onsite PCI DSS gap analysis to assess the state of the client’s current environment. Our consultant also reviewed the client’s PCI DSS scanning reports of externally facing IT systems, such as point-of-sale servers, to detect and remediate vulnerabilities. The client retained us for additional solutions, including log retention, Vulnerability Management and the use of our client portal, to obtain a streamlined but comprehensive view into log and scanning results. The client recognized that its deployment of our solutions freed up valuable IT resources it could then focus on core areas of its business. Our trusted relationship with the client continued to develop and resulted in the client further expanding its utilization of our solutions to include Security Awareness Training. The retailer has been a client since July 2011.

 

89


Table of Contents

Our Technology Platform

We utilize the key components of our infrastructure described below to deliver our intelligence-driven information solutions to our clients.

 

LOGO

Counter Threat Platform

Our proprietary Counter Threat Platform was purpose-built to be the foundation of our information security solutions. It has a multi-tenant, distributed architecture that enables our software to run on a single platform while providing simultaneous access to multiple users. The platform collects, aggregates, correlates and analyzes billions of daily network events from our extensive client base, and uses sophisticated algorithms to detect malicious activity and deliver security countermeasures, dynamic intelligence and valuable context regarding the intentions and actions of cyber adversaries. The timely analysis and routing of this security information enables our solutions to assess risk in real time and allows us to report rapidly to our clients worldwide. The platform is highly flexible, permitting us to tailor our solutions to a client’s unique environment, and can be configured to identify specific security events of interest to a particular client. Our platform was designed to be vendor-neutral. As a result, it can aggregate events from a wide range of security and network devices, applications and endpoints.

The platform leverages our intelligence gained over 16 years of processing and handling network events to provide insight into how attacks are initiated and spread across our clients’ networks. The platform also applies security intelligence based on millions of threat indicators continuously gathered by our Counter Threat Unit research team through in-depth analysis of the cyber threat environment. This team conducts research into emerging threat actors and new attack tactics, and develops countermeasures that we apply to the platform to enable our clients proactively to prevent and detect compromises of their security. Our ability to see more security incidents along with the applied intelligence acts as an early warning system that enables our security analysts to proactively alert clients, apply protections and respond quickly with appropriate context. The more security events we see, the more accurate our protections are and the more accurately we can respond.

 

90


Table of Contents

The Counter Threat Platform is supported by the following proprietary technologies:

 

    Counter Threat Appliance. Our Counter Threat Appliance performs several of the important functions of the Counter Threat Platform. The Counter Threat Appliance is a physical or virtual appliance deployed in a client’s data center, branch office or cloud environment, or our own data center. This technology supports a wide range of security and network devices, applications and endpoints to collect information on the client environment, perform analytics and report to our counter threat operations centers. The Counter Threat Appliance establishes secure non-intrusive communications to transmit data back to our data centers, where the Counter Threat Platform performs additional analysis to determine where to route security events.

 

    Multi-Purpose Logic Engine. Our Multi-Purpose Logic Engine is an analytics engine that leverages our broad visibility into the global threat environment and applied intelligence from the Counter Threat Unit to identify security incidents of interest. The engine intelligently processes billions of daily network events into actionable information, providing valuable context to our security analysts to help inform their analysis of the security incidents and shorten the client’s response time.

 

    Foresee. Foresee, our behavioral and self-learning technology, identifies malicious events through the use of signature, reputation and a variety of other classifiers. Foresee calculates a score representing the probability and degree of confidence that a particular event or a collection of events is malicious. Foresee learns which events are malicious or non-malicious based on ongoing feedback from our certified security analysts, and applies machine-learning analysis techniques for the discovery of previously unknown threats.

 

    Very Large Database. Our Very Large Database efficiently and cost-effectively collects, processes and stores billions of structured and unstructured data elements, which help us to identify new security threats, provide valuable context to our security analysts and enable CTU researchers to perform historical threat analysis.

 

    Threat Intelligence Management System, or TIMS. We manage structured and unstructured data in TIMS. TIMS collects, correlates and analyzes billions of data points to catalogue threat actors and generate threat indicators applied across our solutions. The data points are sourced from our managed security clients, malware, social media, honeypots (or traps set to detect or counteract attempts at unauthorized use of information systems), open source intelligence, hunting and incident response engagements, strategic relationships and priority research.

 

    Catalog for Artifacts and Signal Extraction or CASE. CASE is a repository and a set of tools for the dynamic analysis of malware to catalogue its behaviors and generate threat indicators. CASE feeds threat indicators determined from the analysis of malware into TIMS.

 

    Attacker Database. Our Counter Threat Unit research team maintains a patented process for generating a proprietary Attacker Database that contains IP addresses and domain names of servers hosting exploits and malware, command and control servers, and other known malicious infrastructure. We apply this information to our Counter Threat Platform and iSensor to provide client protections across our solutions.

 

    Portal. Powered by integrated intelligence and analytics tools, the portal delivers real-time information to client executives, managers and security professionals and provides insights that help clients make better security decisions. It also facilitates real-time communication between clients and our security analysts, measures the effectiveness of a client’s security profile using asset-based and risk-weighted analyses, supports regulatory compliance requirements and enables a visualization of point-in-time, comparative and historical security trends across multiple security metrics. Within the portal, users can use familiar drag-and-drop techniques to easily render customized dashboards and layouts for use in visualizing threat intelligence, and to generate customizable on-demand and automated reports. Our portal is accessible via web and mobile applications as well as via custom-built applications that leverage our application program interfaces.

 

91


Table of Contents

Counter Threat Operations Center Automation

We have developed several technologies integrated into the Counter Threat Platform to automate operations within our counter threat operations centers, where our security professionals identify, diagnose and respond to security information.

 

    Threat Analytics Portal. We present threat information to our certified security analysts in a custom-built graphical user interface. This interface supports the delivery of high-quality security analysis of threats targeting or occurring within a client’s network environment. Visualization enables our security analysts quickly to detect patterns and to determine in real time relationships of security incidents within a client environment and across our entire client base. Our security analysts have access to all data collected from client environments and intelligence from our Counter Threat Unit to provide them with the context necessary to inform their analysis and to help them determine whether they should communicate information about a security incident to a client.

 

    Ticket Management. Our ticket management system is based on Information Technology Infrastructure Library principles and delivers security monitoring and device management solutions to clients. A sophisticated and configurable workflow provides incident, change and problem management in a leveraged-service delivery model to enable our counter threat operations centers to handle a higher volume of work with consistent quality.

 

    Management and Monitoring Tools. In order effectively to manage and monitor our infrastructure at client sites and our data centers, we rely on a suite of purpose-built software applications to facilitate the full lifecycle management of all software and configuration deployments and updates, efficient management and troubleshooting, and monitoring of the health and availability of devices.

Other Enabling Technologies

iSensor. Many of our clients use our proprietary network intrusion detection and prevention appliance, the iSensor. iSensor eliminates malicious inbound and outbound traffic in real time by performing in-line deep packet inspection (which is an examination of packet data as the data pass through the device for viruses, intrusions or other threats) and applying countermeasures from the Counter Threat Unit.

RedCloak. RedCloak, our endpoint threat detection software, allows us to apply our threat intelligence to the endpoint to reduce the amount of time required to detect a compromise of security and reduce the effort required to respond. RedCloak also allows us to prevent a compromise by developing strategic countermeasures that interdict tactics used by threat actors.

Third-Party Technologies. Our intelligence-driven information security solutions are designed to monitor alerts, logs and other messages across multiple stages of the threat lifecycle. In deploying these solutions, we integrate a wide array of proprietary and third-party security products. Our technology supports firewalls from market-leading vendors including Cisco Systems, Inc., Palo Alto Networks, Inc., Check Point Software Technologies Ltd., Juniper Networks, Inc., Fortinet, Inc. and Dell SonicWall, intrusion prevention systems from vendors such as Intel Corp. (McAfee), and web application firewalls from vendors such as Imperva, Inc., F5 Networks, Inc. and Citrix Systems, Inc.

Further, we maintain alliance partnerships with key technology providers who deliver capabilities we see as valuable in keeping our clients secure. These partnerships involve technology licensing, joint technology development, integration, research cooperation, co-marketing and sell-through arrangements. Key technology partners include Qualys, Inc., Risk I/O, Inc., Cisco Systems, Inc. (Sourcefire), Lastline, Inc., TIBCO Software Inc. (LogLogic), Bit9, Inc. (Carbon Black), Wombat Security Technologies, Inc. and Global Learning Systems, LLC. The principal technologies we license from some of these providers provide us with the following capabilities we integrate into our solutions:

 

    Qualys – vulnerability management

 

92


Table of Contents
    Risk I/O – vulnerability management

 

    Cisco (Sourcefire) – network security

 

    Lastline – malware detection and protection

 

    TIBCO (LogLogic) – log management

 

    Bit9 (Carbon Black) – endpoint security

 

    Wombat Security – security awareness training

 

    Global Learning Systems – security awareness training

We license the technologies under agreements that generally have terms ranging from one to five years, subject to renewal in most cases either upon notice of renewal or upon failure by us or the provider to give notice of termination to the other party. The provider generally may terminate any license upon advance notice to us of between 90 and 270 days. The technology partner license agreements generally provide for post-termination support, transition and wind-down periods that are intended to limit any disruption to our business that could result from a license termination. We generally are required under the agreements to make licensing payments in the form of fees or royalties at a discount off the list price, although some agreements also include volume or tiered pricing.

Our Offerings

We offer an integrated suite of intelligence-driven information security solutions. Our clients may subscribe to our full suite of solutions or elect to subscribe to various combinations of our individual solutions. All of our solutions are enabled by our Counter Threat Platform and our large team of skilled security experts.

Managed Security

We offer a broad range of managed security solutions, including those highlighted below.

Security Monitoring. Security appliances, systems and servers generate extensive logs, alerts and other messages every day. This raw information must be continuously monitored, correlated and analyzed in order to identify security events of actual concern while generating a minimal number of falsely positive results. Our security monitoring solution collects, correlates and analyzes logs, alerts and other messages generated by most leading security technologies and critical information assets, on a 24/7 basis, to identify anomalies and respond to threats in real time. This solution functions either on a stand-alone basis or in concert with client-owned security information and event management platforms.

Advanced Malware Protection and Detection. Our advanced malware protection and detection solution, or AMPD, provides a layer of defense against emerging zero-day threats for enterprise and medium-sized organizations. AMPD uses next-generation sandboxing technology with full-system emulation to execute and analyze malware within a controlled environment, and draws on our vast threat intelligence data pool and our expert threat analysis teams. AMPD’s combination of deep intelligence capabilities developed by the Counter Threat Unit and advanced technology permits our clients to see, rapidly analyze and accurately diagnose zero-day vulnerabilities, and to obtain focused guidance that expedites threat remediation.

Advanced Endpoint Threat Detection. Advanced endpoint threat detection, or AETD, improves situational awareness and visibility through proprietary endpoint intelligence developed by the Counter Threat Unit. AETD is a fully managed security solution that monitors the state of endpoints, which include Windows servers, laptops and desktops, for threat indicators, investigates events to determine their severity, accuracy and context, and quickly escalates critical events to the client’s attention indicating that an endpoint may be compromised.

 

93


Table of Contents

Firewall and Next-Generation Firewall Solutions. Firewalls provide critical information necessary to identify and evaluate security events. We provide an array of firewall solutions ranging from the collection, organization and reporting of firewall information to the full management of a client’s firewall by our security analysts, including rule-set changes and overall configuration of the device for optimal performance. Our experts hold certifications from leading vendors and have significant experience with the relevant technologies, enabling us to provide solutions to support market-leading vendors in various types of environments. Our firewall management solutions ease the adoption of next-generation firewall technology through policy-based control over applications, users and content, device provisioning and deployment, and immediate response to security events.

Managed Web Application Firewall Solutions. Web application firewalls are designed specifically to protect applications that deliver critical services via Internet web protocols. These firewalls block certain connections while permitting others based on the configuration of the firewall in order to ensure that only legitimate traffic reaches protected applications. Web application firewalls are increasingly utilized to address various compliance mandates, including the PCI DSS. Our managed web application firewall solution assists clients with the end-to-end management of these complex devices, from initial configuration and periodic policy changes to patching, updating and full-time monitoring of system health and performance.

Managed Intrusion Detection System, or IDS, and Intrusion Prevention System, or IPS, Solutions. IDS and IPS technologies can provide a highly effective layer of security. We provide a wide range of solutions to enable our clients to realize the benefits from these technologies, and effectively identify threats faster. Our solutions include security monitoring, performance and availability management, device upgrades and patch management, policy and signature management, integration of Counter Threat Unit intelligence and use of our proprietary iSensor device. We manage leading vendors’ IDS and IPS products as well as our iSensor.

Vulnerability Management. Our Vulnerability Management solution, which is fully managed and maintained by a dedicated vulnerability management team, encompasses the two solutions described below.

 

    Managed Vulnerability Scanning. A vulnerability scan is designed to alert an organization to potential exposures and vulnerabilities in its network. As part of our solution, we perform internal and external scan audits across network devices, servers, databases and other assets in on-premise and cloud environments.

 

    Managed Web Application Scanning. Applications that deliver services via the web are the lifeblood of business-to-business and business-to-consumer e-commerce. A vulnerability scan can alert an organization to potential exposures and weaknesses in these web-based applications before a threat actor exploits those weaknesses. Our managed web application scanning solution performs deep and accurate scans of web applications that are hosted on client premises or in cloud environments. These scans search for vulnerabilities specific to the web protocols that are foundational to web applications. Our solution also supports the ability to log into web applications and discover vulnerabilities that may lie behind the login page.

Log Retention Solutions. We offer comprehensive log aggregation, retention, searching and reporting solutions. Log retention enables our clients to satisfy various compliance obligations, which require full log retention from critical IT systems to ensure the integrity of confidential data, and to conduct forensic investigations. Our log retention solution provides support for a wide range of sources, allowing the capture and aggregation of millions of logs generated every day by critical information assets such as servers, routers, firewalls, databases, applications and other systems of the log retention appliance.

Managed Policy Compliance. To assist clients in improving their security and compliance with regulatory mandates, our managed policy compliance solution ensures that the configurations of clients’ critical systems are known, tracked and comply with pre-established security guidelines. Our solution consists of two key components, consisting of software that automatically retrieves the configurations of critical systems and

 

94


Table of Contents

compares them to pre-established configuration targets, and a library of more than 5,000 security and compliance-driven configuration checks across three systems. Our solution helps clients establish configuration targets, set up the scans, monitor the output and report on the results.

Delivery Options for Managed Security

Our managed security clients can choose how much control they maintain over their IT security infrastructure by selecting among our fully managed, co-managed or monitored solution delivery options. Our solutions are designed to be flexible and scalable to complement the evolving security needs of our clients. Our clients often migrate between the different delivery options in response to their changing needs as well as to the changing threat landscape.

Fully Managed. With our fully managed delivery options, we assume control of a client’s security technology so the client can focus on running its business rather than becoming a security administrator. Clients selecting fully managed delivery obtain all of the benefits of our monitored delivery option, including access to our on-demand Counter Threat Platform. In addition, our team of security analysts will monitor and manage a client’s security technology or selected devices, proactively update that security infrastructure to protect against emerging threats, identify vulnerabilities, ensure that the devices are properly configured with our latest countermeasures, and block or respond to immediate threats in accordance with the client’s escalation protocol. We believe that our fully managed solutions provide clients with increased security protection based on our best practices and security expertise applied across our client base, as well as improved operational efficiency by removing the overhead costs associated with managing security technology.

Co-Managed. Clients often deploy our managed solutions on a co-managed basis as an extension of their security personnel. The co-managed delivery option enables the client to retain control over its security infrastructure to the extent that it prefers to do so, and enables its security staff to work with our experts as a team while maintaining full access and visibility into the management process. This option is particularly suitable for organizations that already possess in-house security expertise, but that seek to remove the burden of managing devices from their staff so they can focus on more strategic security initiatives.

Monitored. Clients selecting our monitored solutions obtain access to our on-demand Counter Threat Platform through our web-based portal, plus real-time monitoring and analysis by our security analysts of events collected from security and network devices and applications. Our monitored solutions enhance our clients’ security position by providing them with a holistic view of their security activity, valuable context from our team of security analysts and comprehensive reporting to demonstrate regulatory compliance. Our ability to see more security incidents across our entire client base along with our threat intelligence acts as an early warning system which benefits clients by proactively alerting them to potential threats, applying protections and helping them respond quickly. The more we see, the more accurate our protections are, and the more accurately we can respond. Through our monitored solutions, we leverage our on-demand Counter Threat Platform to correlate information from many devices and applications, providing security analysts with the context they need to reduce significantly falsely positive results and alert clients to actual threats against their organizations.

In general, our managed delivery options require our security professionals to be directly involved with our client’s security technology, and, accordingly, the cost to service these delivery options is generally higher than the cost to service monitored delivery options. Over the last three fiscal years, we have generated the majority of our managed security solutions revenue from either fully managed or co-managed delivery options. Our future success depends on our ability to efficiently manage the costs of our security offerings and to price our security solutions in an effective manner.

 

95


Table of Contents

Threat Intelligence

Powered by our Counter Threat Unit research team, threat intelligence delivers early warnings and actionable intelligence that enables rapid protection against threats and vulnerabilities before they affect an organization. Threat intelligence typically is deployed as part of our managed security offerings, but also may be offered separately.

Global Threat Intelligence. Our global threat intelligence solutions provide proactive, actionable intelligence tailored to an organization’s environment, including clear, concise threat and vulnerability analysis, detailed remediation information and recommendations, consultation with our threat experts, on-demand access to extensive threat and vulnerability databases, malware analysis upon request, intelligence feeds and integration with our other solutions for correlation and unified reporting.

Borderless Threat Monitoring. Our borderless threat monitoring solution delivers organizations with timely and actionable security intelligence that provides them with insight into threat activities that may exist beyond the edge of their network. This solution proactively informs organizations of network threat indicators that apply to their particular network environment and allows them to manage the threat in accordance with their escalation protocol.

Malware Code Analysis. Our malware code analysis solution focuses on reverse engineering malicious or unknown code identified in security events in order to provide an organization with a better understanding of the code’s behavior and its impact on the organization’s systems and information. Using advanced computer forensic tools and techniques, our security experts thoroughly dissect the code to determine its functionality, purpose, composition and source.

Enterprise Brand Surveillance. Our enterprise brand surveillance solution offers real-time monitoring of a range of intelligence outlets to identify developing threats from exposure of sensitive data, targeting by threat actors and risks to perception of the client’s brand. This solution provides our clients with live notifications delivered upon discovery of actionable intelligence. It also provides clients with context regarding potential threats and helps them to develop informed risk mitigation strategies.

Security and Risk Consulting

Our consulting organization provides expertise and analysis to help clients improve their security posture by comprehensively assessing security capabilities, designing and building robust security programs, preparing employees against cyber attacks, facilitating regulatory compliance and helping clients identify, prioritize and resolve the vulnerabilities that pose the greatest threat. We offer both project-based and long-term contracts, including retainer contracts sold together with our managed security engagements. For example, we may enter into a managed security contract bundled together with an incident response retainer.

Our team has extensive experience, supported by our Counter Threat Platform, conducting security, compliance and risk engagements across many industries and geographic areas, and under recent regulations and industry standards that impose security mandates. The professional services offered by the team include the following:

Technical Testing and Assessments. Our testing and assessment solutions provide clients with the knowledge, expertise and efficiency needed to conduct thorough security and risk evaluations of their environments. We offer testing and assessments that address logical, physical, technical and non-technical threats in order to identify gaps that create risk, construct a stronger security posture and meet compliance mandates. Our testing and assessments solutions include application security, network security and “red team” testing, which simulates cyber attacks using real-world tactics, techniques and procedures.

 

96


Table of Contents

Security and Governance Program Development. Our security and governance program development solutions provide our clients with security, risk and compliance expertise to help them develop strategic security and governance programs based on industry and observed best practices. These solutions include internal audit support and the development of corporate information security and computer security incident response security awareness programs.

Targeted Threat Hunting. The targeted threat hunting solution uses proprietary technology to search client networks to identify the presence of security compromises and entrenched threat actors operating in a client’s environment. The solution draws on our threat intelligence and extensive experience countering cyber adversaries.

Cloud Security. We help clients to deliver cloud-based services securely and to satisfy their compliance requirements. Our cloud security solutions include cloud security strategic consulting, cloud risk assessment, assurance testing of cloud deployments, incident response in cloud environments and cloud security architecture and design.

Security Awareness Training Solutions. Our security awareness training solutions help clients assess their current information security awareness training programs, design new programs with senior IT security advisors and provide specialized training to address areas of greatest concern. As part of our information security training solutions, we offer on-demand security training, security awareness needs assessment, security awareness program development, managed phishing and managed security awareness programs.

Security Design and Architecture Solutions. Our security design and architecture solutions help clients to clarify their information security priorities and identify their most vulnerable assets that require security monitoring, as well as to obtain a prioritized roadmap of upgrades to help with budgeting and determining resource requirements. Our solutions include security health check solutions, security architecture assessment solutions and security architecture and design consulting.

Security Residency Solutions. Our security residency solutions provide clients with security consultants who serve as extended members of their staff either on-site or remotely to extend and heighten an organization’s security expertise and capabilities. We offer several levels of resident security consultants, including executive, expert and technical consultants tailored to the security expertise and leadership our clients need. Residency solutions often are combined with managed security solutions in complex enterprise environments to enhance the value clients obtain from our solutions. Consulting residents align our solutions with the clients’ internal processes, integrate our data feeds into client applications and dashboards, and produce customized analytics and reporting. In addition, residents can assist clients with handling the security events identified by our managed security solutions.

Incident Response

Incident response typically is deployed along with security and risk consulting. The professionals who deliver incident response help clients rapidly analyze, contain and remediate security breaches to minimize their duration and impact.

Incident Management Proactive Solutions. Through our incident management proactive solutions, our security consultants work with clients to prepare them to respond quickly and effectively to a security incident. In providing these solutions, we feature both incident management risk assessment and response plan review and development solutions. Our incident management risk assessment solution evaluates a client’s ability to detect, resist and respond to a targeted or advanced threat and is designed to help our clients understand their exposure to these threats, including advanced persistent threats, or APTs, in order to reduce their risk of compromise. Our response plan review and development solution supports our clients in developing an effective computer security incident response plan, or CSIRP, based on IT security best practices, incorporating the latest threat intelligence tailored to the client’s specific needs.

 

97


Table of Contents

Incident Response Testing and Capability Analysis. Through real-world simulations, incident response testing and capability analysis tests and evaluates the effectiveness of an organization’s CSIRP and attack response procedures. We employ tabletop exercises to subject IT teams to simulated threats, such as cyber crime and APTs. The exercises demonstrate the ways a client’s systems and network can be breached and the critical actions required during a breach to contain a threat. We also offer an incident response retainer, through which our security experts can provide emergency incident response solutions within minutes of a reported breach.

Emergency Incident Response Solutions. Through our comprehensive range of incident response and management solutions, we seek to ensure that organizations experience minimal economic loss and operational disruption when a security incident occurs. Our security consultants work to minimize the duration and impact of any breach through incident management, surveillance, digital forensic analysis, malware analysis and reverse engineering.

Operations

Counter Threat Operations Centers

Our counter threat operations centers employ a highly trained team of security analysts who draw upon their extensive experience and deep insight into the global threat landscape, which they have developed in the daily monitoring of our clients’ security activity, to quickly identify, diagnose and respond to security information. These centers work together seamlessly to provide continuous operations around the clock, every day of the year, and are equipped with state-of-the-art video conferencing and voice communication technologies to facilitate close collaboration among team members.

As of October 30, 2015, we had four counter threat operations centers located worldwide. The centers enhance our global visibility and enable us to serve regional clients while also providing us with access to qualified information security professionals in the regions. Our CTOC locations are in Atlanta, Georgia, Chicago, Illinois, Providence, Rhode Island, and Edinburgh, Scotland. Additional personnel support our operations from locations in Australia, Japan and Romania.

Data Centers

As of October 30, 2015, we relied on two primary data centers to sustain our operations, each of which is capable of sustaining our operations individually. The data centers are located in Atlanta, Georgia and Quincy, Washington. The Atlanta data center is leased from a third party which exclusively serves us, while the Quincy data center is housed in a Dell-owned facility. A wide area network connecting all of our CTOCs and data centers, supported by diversely routed entry points, ensures that connectivity is highly available. In addition, the Atlanta and Quincy facilities are connected by a dedicated point-to-point dark fiber circuit for purposes of enabling high-performance Counter Threat Platform communications. Both facilities include redundant power plants, high-capacity backup power generators and redundant cooling systems.

Security Professionals

Security Analysts. Our security team consists of highly experienced and well-trained security analysts. Members of the team hold a variety of certifications and undergo a thorough technical screening process, personality assessment, criminal background check and reference check. As a condition of their continued employment, our security analysts must obtain and maintain the SANS Institute Global Information Assurance Certification, or GIAC, intrusion analyst certification. Members of the team also hold a variety of security industry and product certifications, including certifications as a Certified Information Systems Security Professional, or CISSP, a Cisco Certified Network Associate, or CCNA, a Cisco Certified Security Professional, or CCSP, a Check Point Certified Security Expert, or CCSE, a Check Point Certified Security Administrator, or CCSA, and a Microsoft Certified Solutions Expert, or MCSE. Our security analysts are available to our clients for consultation and provide on-demand security expertise to address current and critical information security issues.

 

98


Table of Contents

Counter Threat Unit—Threat Researchers. Our expert team of threat researchers, which we refer to as our Counter Threat Unit, identifies and analyzes emerging threats to evaluate the potential risk the threats pose to client environments and to develop countermeasures to protect clients’ critical information assets. Our threat researchers analyze activity across the Internet and in the Counter Threat Platform to uncover new attack techniques and threats. This process enables the Counter Threat Unit to identify emerging threats and develop countermeasures that protect our clients before these threats result in economic or reputational damage, regulatory risk or other adverse effects on an organization’s security posture. Applying this intelligence across our solutions portfolio provides our security analysts, security consultants and incident responders with deeper insight and enriched context regarding the tactics, techniques and procedures employed by threat actors, and facilitates faster, more precise and more effective delivery of solutions to clients. Unlike security research teams at many other providers, the Counter Threat Unit allocates considerable research attention to the detection and analysis of targeted threats rather than focusing solely on traditional generalized threats launched against a broad array of targets.

We believe our threat researchers are among the most proficient in the industry, with exceptional talent for malware analysis, reverse engineering, counter threat intelligence, forensics and cyber crime investigation. We believe that the Counter Threat Unit is frequently among the first to bring to market the identification of new exploit techniques and the analysis of emerging threats, and the expertise of team members is often sought by large enterprises, government agencies and media outlets. In 2014, our threat researchers were referred to in over 2,500 online article postings. In addition, the CTU maintains relationships with other prominent security organizations, such as the Forum of Incident Response Teams, or FIRST, the National Cyber-Forensics & Training Alliance, or NCFTA, the Microsoft Active Protections Program, the Financial Services Information Sharing and Analysis Center, and the National Health Information Sharing & Analysis Center, among others.

Our team members have diverse experience and backgrounds in the private security, military and intelligence communities. Various members formerly served with the U.S. Computer Emergency Readiness Team, the Army Global Network Operations Security Center, the U.S. Cyber Command, the Department of Defense, National Laboratories and the SANS Institute.

Sales and Marketing

Our sales and marketing organizations work together closely to drive revenue growth by enhancing market awareness of our solutions, building a strong sales pipeline and cultivating client relationships. We offer managed security and advanced threat intelligence on a subscription basis. We sell these solutions under contracts with initial terms that typically range from one to three years and, as of October 30, 2015, averaged two years in duration. We provide security and risk consulting primarily under fixed-price contracts, although we perform some engagements under variable-priced contracts on a time-and-materials basis.

As of October 30, 2015, we had 411 employees in our sales and marketing organization.

Sales

We sell our solutions to clients of all sizes primarily through our direct sales organization, supplemented by sales through our channel partners, which primarily include referral agents, regional value-added resellers and trade associations. Approximately 94% of our revenue in fiscal 2015 was generated through our direct sales force, in some cases in collaboration with members of Dell’s sales force, with the remaining portion generated through our channel partners. As of October 30, 2015, we maintained relationships with numerous channel partners. As part of our growth strategy, we seek to expand our distribution opportunities by entering into relationships with original equipment manufacturers, large systems integrators and other telecommunications providers. As we focus on further developing our distribution relationships, we expect that sales from channel partners will account for an increasing percentage of our future revenue.

 

99


Table of Contents

Of our employees as of October 30, 2015, 329 were dedicated to direct sales and 38 employees were dedicated to sales support. Our direct sales organization consists of insides sales and field sales personnel and solutions architects organized by core client segments and geography. We cultivate prospects through a broad range of sales tactics. Our sales strategy varies based on the size of the company and the target point-of-entry into an organization, which is primarily through chief information security officers or other IT leaders, including security executives, security specialists, compliance officers and IT generalists. Within North America, our direct sales organization has separate teams focused on the Global 500 companies, large enterprises, small and medium-sized businesses, and U.S. state and local government agencies. We believe that additional investment in our sales staff will provide long-term growth. Based on an analysis of our sales personnel who were given full booking sales targets and therefore became “quota-bearing sales persons” for the period of fiscal 2012 through fiscal 2015, it takes approximately one year before a new quota-bearing sales person achieves bookings commensurate with our long-term operating model goal.

We believe that our sales process differentiates us in the marketplace for information security solutions. The process typically begins by emphasizing the importance of educating key IT decision makers within a client organization with respect to the organization’s information security needs. We deliver a technical evaluation performed by a team that includes both highly trained sales personnel and security experts. This allows us to tailor the solution design, including the level of service and deployment options, to the organization’s specific security needs and to become its long-term advisor and partner. A typical large enterprise sales team includes an inside sales team that is responsible for developing sales leads, a direct sales team that is responsible for obtaining new clients and some cross-sales, an enterprise account management team that is responsible for renewals and some cross-sales, and security engineers who provide technical support to our sales personnel.

Sales of our solutions usually require lengthy sales cycles, which are typically three to nine months, but can exceed 12 months for larger clients. Sales to prospective clients involve educating organizations about our technical capabilities and the use and benefits of our solutions. Large clients considering significant deployments typically undertake a significant evaluation and acceptance process before subscribing to our solutions.

Since our acquisition by Dell in February 2011, we have marketed our solutions through Dell’s channel partners as well as through our own. As described under “Certain Relationships and Related Transactions— Operating and Other Agreements Between Dell or Denali and Us,” in connection with this offering, we have entered into agreements with Dell to preserve, and potentially expand, our existing commercial arrangements with Dell.

Marketing

Our marketing efforts seek to enhance our brand, expand our market awareness and build a strong sales pipeline. Our marketing team consists primarily of solutions marketing, field marketing, channel marketing and public relations functions.

We actively manage our public relations efforts and communicate directly with IT professionals and the media in an effort to promote our information security solutions and contribute to the business community’s ongoing examination and understanding of information security. We participate in industry trade shows and conferences, drive thought leadership in our industry, host webcasts, conduct online marketing activities and use various other marketing strategies to create awareness of our brand and offerings.

Of our employees as of October 30, 2015, 44 were dedicated to marketing.

Client Service, Training and Support

Client service, training and support are key elements of our commitment to provide superior client service. We have a comprehensive client service training and support program to communicate our commitment to client

 

100


Table of Contents

service and to enhance the value that our clients derive from our solutions. We ensure that each client has contact with us, other than through our security analysts, multiple times each year. For our clients with the largest deployments and service contracts, we provide additional levels of access to senior management, including an executive sponsor who meets with the client at least two times each year and advisors who consult in their specific areas of expertise.

We provide extensive education, training and support on the functionality of our solutions, so that our clients are able to fully utilize their benefits. Our client service training and support team provides dependable and timely resolution of client security concerns and technical inquiries, and our certified security analysts are continuously available to clients for consultation by telephone or e-mail and over the Internet through our portal. We regularly conduct client surveys to help us evaluate and develop our existing solutions and other solutions that we believe could enhance our client relationships.

Competition

The market for information security services is intensely competitive, and we expect competition to increase in the future. Changes in the threat landscape and the broader IT infrastructure have led to quickly evolving client requirements for protection from security threats and adversaries.

We compete primarily against the following four types of security services and product providers, some of which operate principally in the large enterprise market and others in the market for small and medium-sized businesses:

 

    global telecommunications and network services providers such as AT&T Inc., BT Group PLC, Verizon Communications Inc. and NTT Communications Corp.;

 

    providers of specialized or niche IT security products and services such as FireEye, Inc., Palo Alto Networks, Inc. and Symantec Corporation;

 

    diversified technology companies such as Cisco Systems, Inc., Hewlett Packard Enterprise Company, International Business Machines Corporation and Intel Corporation; and

 

    regional information security services providers that compete in the small and medium-sized businesses market with some of the features present in our information security solutions.

We believe that the principal competitive factors in our market include:

 

    global visibility into the threat landscape;

 

    ability to generate actionable intelligence based on historical data and emerging threats;

 

    scalability and overall performance of platform technologies;

 

    ability to integrate with, monitor and manage a variety of third-party products;

 

    ability to provide a flexible deployment option to cater to specific client needs;

 

    ability to attract and retain high-quality professional staff with information security expertise;

 

    brand awareness and reputation;

 

    strength of sales and marketing efforts;

 

    cost effectiveness;

 

    client service and support; and

 

    breadth and richness of threat intelligence, including history of data collection and diversity and geographic scope of clients.

 

101


Table of Contents

We believe that we generally compete favorably with our competitors on the basis of these factors as a result of the architecture, features and performance of our Counter Threat Platform, the quality of our threat intelligence, the security expertise within our organization, and the ease of integration of our solutions and platform with other technology infrastructures. However, many of our existing and potential competitors, particularly in the large enterprise market, have advantages over us because of their longer operating histories, greater brand name recognition, larger client bases, more extensive relationships within large commercial enterprises, more mature intellectual property portfolios and greater financial and technical resources.

Research and Development

We invest significant time and resources to maintain, enhance and add new functionality to our Counter Threat Platform and purpose-built technologies that are critical enablers of our solutions. Our research and development organization is responsible for the design, development and testing of all aspects of our suite of information security solutions. The members of the organization have deep security and software expertise and work closely with our product management and client service training and support teams to gain insights into clients’ environments for use in threat research, product development and innovations. The organization focuses its research on identifying next-generation threats and adversaries and developing countermeasures, which are continuously applied to our platform and used to respond to the rapidly evolving security threat landscape.

We believe that innovation and the timely development of new solutions are essential to meeting the needs of our clients and improving our competitive position. Several of the solutions we have released in the past year are the result of our internal SecureWorks Innovation Council, which we created with the goal of giving groups within our company a chance to solve difficult security issues under a defined leadership team and use the best ideas to develop new solutions. As our clients move their applications and data into third-party cloud environments, we will extend and integrate our solutions into these environments globally. In addition, point solutions we develop for clients during security and risk consulting engagements often are integrated into our portfolio of solutions and made available to our broader client base.

The majority of our research and development team is based in our offices in Atlanta, Georgia, Providence, Rhode Island, Pittsburgh, Pennsylvania, Edinburgh, Scotland, and Hyderabad, India. As of October 30, 2015, our research and development team employed 356 full-time members. Our research and development expenses were $32 million in fiscal 2015, $27 million in fiscal 2014 and $23 million in fiscal 2013. We plan to continue to commit significant resources to research and development.

Intellectual Property

Our intellectual property is an essential element of our business. To protect our intellectual property rights, we rely on a combination of patent, trademark, copyright, trade secret and other intellectual property laws as well as confidentiality, employee non-disclosure and invention assignment agreements.

Our employees and contractors involved in technology development are required to sign agreements acknowledging that all inventions, trade secrets, works of authorship, developments, processes and other intellectual property rights conceived or reduced to practice by them on our behalf are our property, and assigning to us any ownership that they may claim in those intellectual property rights. We have stringent internal policies regarding confidentiality and disclosure. Our client and resale contracts prohibit reverse engineering, decompiling and other similar uses of our technologies and require that our technologies be returned to us upon termination of the contract. We also require our vendors and other third parties who have access to our confidential information or proprietary technology to enter into confidentiality agreements with us.

Despite our precautions, it may be possible for third parties to obtain and use without our consent intellectual property that we own or otherwise have the right to use. Unauthorized use of our intellectual property by third parties, and the expenses we incur in protecting our intellectual property rights, may adversely affect our business.

 

102


Table of Contents

Our industry is characterized by the existence of a large number of patents, which leads to frequent claims and related litigation regarding patent and other intellectual property rights. In particular, large and established companies in the IT security industry have extensive patent portfolios and are regularly involved in both offensive and defensive litigation. From time to time, third parties, including some of these large companies as well as non-practicing entities, may assert patent, copyright, trademark and other intellectual property rights against us, our channel partners or our end-clients, which our standard license and other agreements obligate us to indemnify against such claims. Successful claims of infringement by a third party, if any, could prevent us from performing certain solutions, require us to expend time and money to develop non-infringing solutions, or force us to pay substantial damages (including, in the United States, treble damages if we are found to have willfully infringed patents), royalties or other fees.

Patents and Patent Applications

As of December 15, 2015, we owned 15 issued patents and nine pending patent applications in the United States and four issued patents and two pending patent applications outside the United States. The issued patents are currently expected to expire between 2019 and 2033. Although we believe that our patents as a whole are important to our business, we are not substantially dependent on any single patent.

We do not know whether any of our patent applications will result in the issuance of a patent or whether the examination process will require us to modify or narrow our claims, as has happened in the past with respect to certain claims. Any patents that may be issued to us may not provide us with any meaningful protection or competitive advantages, or may be contested, circumvented, found unenforceable or invalid, and we may not be able to prevent third parties from infringing them. See “Risk Factors—Claims by others that we infringe their proprietary technology could harm our business and financial condition” for additional information.

Trademarks and Copyrights

The U.S. Patent and Trademark Office has granted us federal registrations for some of our trademarks. Federal registration of trademarks is effective for as long as we continue to use the trademarks and renew our registrations. We also have obtained protection for some of our trademarks, and have pending applications for trademark protection, in the European Community and various countries. We may, however, be unable to obtain trademark protection for our technologies and brands, and any trademarks that may be issued in the future may not distinguish our solutions from those of our competitors.

We do not generally register any of our works of authorship, including software and source code, with the U.S. Copyright Office, but instead rely on the protection afforded to such works by U.S. copyright laws, which provide protection to authors of original works whether published or unpublished and whether registered or unregistered.

We have entered into a trademark license agreement with Dell Inc. under which Dell Inc. has granted us certain non-exclusive rights to market our solutions using the “DELL” trademark, solely in the form of “SECUREWORKS—A DELL COMPANY,” after this offering. See “Certain Relationships and Related Transactions—Operating and Other Agreements Between Dell or Denali and Us—Intellectual Property Agreements—Trademark License Agreement” for additional information about this agreement.

Facilities

As of October 30, 2015, our facilities consisted of our corporate headquarters, four counter threat operations centers, two primary data centers, and various other Dell facilities housing our research and development, marketing and sales functions, and administrative and IT operations support. We either lease these facilities or have the right to use them pursuant to service agreements, either with Dell or with other third parties. As of October 30, 2015, we did not own any facilities.

 

103


Table of Contents

Our corporate headquarters, as well as one of our counter threat operations centers and one of our data centers, is located in Atlanta, Georgia, where we lease facilities of approximately 141,228 square feet. As of October 30, 2015, we leased or licensed facilities for other counter threat operations centers in the following locations: Chicago, Illinois; Providence, Rhode Island; and Edinburgh, Scotland. Our employees also operate out of a number of Dell facilities around the globe pursuant to arrangements with Dell. For information about our facilities, see “Notes to Audited Combined Financial Statements—Note 5—Commitments and Contingencies.”

As we expand, we intend to lease or license additional sites, either from Dell or other third parties, for counter threat operations centers, sales offices and other functions. We believe that suitable additional facilities will be available on commercially reasonable terms to accommodate the foreseeable expansion of our operations.

For additional information about our facilities, see “—Operations—Counter Threat Operations Centers,” and “—Data Centers.”

Employees

As of October 30, 2015, we employed 2,013 full-time employees in the United States and 17 other countries, 405 of whom were based outside the United States. Of our employees, 609 were primarily engaged in security operations delivery, 318 in security consulting, 411 in sales and marketing, 356 in research and development and 319 in general and administrative functions.

None of our employees is represented by a labor organization or the subject of a collective-bargaining agreement.

Legal Proceedings

On April 26, 2013, SRI International filed a complaint in the United States District Court for the District of Delaware against us and Dell Inc. captioned “SRI International, Inc. v. Dell Inc. and SecureWorks, Inc., Civ. No. 13-737-SLR.” The complaint alleged that we and Dell Inc. are infringing and inducing the infringement of SRI International patent U.S. 6,711,615 covering network intrusion detection technology and SRI International patent U.S. 6,484,203 covering hierarchical event monitoring analysis. SRI International sought damages (including enhanced damages for alleged willful infringement), a recovery of costs and attorneys’ fees, and such other relief as the court deemed appropriate, and demanded a jury trial. We filed an answer to SRI International’s complaint which asserted affirmative defenses and counterclaims by us and Dell Inc., including that we do not infringe and do not induce the infringement of the asserted patents and that the asserted patents are invalid and unenforceable. In August 2015, SRI International and Dell Inc. entered into a settlement and license agreement under which SRI International granted to Dell Inc. and its affiliates (including us) a perpetual, fully paid-up, non-transferable, non-assignable or sub-licensable worldwide license under the patents subject to the litigation, Dell Inc. paid to SRI International a one-time lump sum of $7.5 million and the parties agreed to stipulate to dismissal with prejudice of all claims asserted by SRI International and dismissal without prejudice of all claims asserted by Dell Inc. or us in the litigation. Under the settlement and license agreement, if any affiliate of Dell Inc. (including us) ceases to be an affiliate of Dell Inc., that entity will retain its license under the agreement with SRI International, subject to certain terms and conditions as set out in the agreement with SRI International. The United States District Court for the District of Delaware dismissed the action in September 2015.

From time to time, we are involved in legal proceedings and subject to claims arising in the ordinary course of our business. Although the results of litigation and claims cannot be predicted with certainty, we currently believe that the resolution of these ordinary-course matters will not have a material adverse effect on our business, operating results, financial condition or cash flows. Even if any particular litigation is not resolved in a manner that is adverse to our interests, such litigation can have a negative impact on us because of defense and settlement costs, diversion of management resources from our business, and other factors.

 

104


Table of Contents

MANAGEMENT

Executive Officers and Directors

The following table sets forth information as of December 15, 2015 concerning our executive officers and individuals who currently serve on our board of directors or who will serve on our board of directors after the completion of this offering.

 

Name

  

Age

    

Position

Michael R. Cote

     54       President, Chief Executive Officer and Director

Tyler T. Winkler

     49       Vice President, Global Sales & Marketing

R. Wayne Jackson

     58       Chief Financial Officer

Michael S. Dell

     50       Chairman of the Board of Directors

Egon Durban

     42       Director

Pamela Daley

     63       Director Nominee

David W. Dorman

     61       Director Nominee

Mark J. Hawkins

     56       Director Nominee

William R. McDermott

     54       Director Nominee

James M. Whitehurst

     48       Director Nominee

Each executive officer serves at the discretion of the board of directors and holds office until the officer’s successor is duly elected and qualified, or until the officer’s earlier resignation or removal.

Additional information about our executive officers and directors is set forth below. In addition, we have described the experience, qualifications, attributes and skills of each director and director nominee that our board of directors considered in determining that such individual should serve on the board.

Michael R. Cote has served as our President and Chief Executive Officer and as a director since May 2015. He has served as our General Manager and as Vice President of Dell since our acquisition by Dell in February 2011. Upon or before the closing of this offering, Mr. Cote will cease to be a Vice President of Dell in order to focus exclusively on leading our company. Before our acquisition by Dell, Mr. Cote had served as our Chairman, President and Chief Executive Officer since February 2002. From January 2000 to January 2002, Mr. Cote was Chief Financial Officer of Talus Solutions, Inc., a pricing and revenue management software firm acquired in December 2000 by Manugistics Group, Inc., a public supply chain management software company. From February 1997 until September 1999, Mr. Cote served as Chief Operating Officer and Chief Financial Officer of MSI Solutions Inc., a web application development and systems integration company that was acquired in September 1999 by Eclipsys Corporation, a public healthcare software company. From April 1993 to January 1997, Mr. Cote served as the Chief Financial Officer of Medaphis Corporation, or Medaphis (subsequently acquired by Per-Se Technologies, Inc.), a provider of financial and administrative healthcare solutions, where he managed 36 acquisitions and four equity offerings. He served as the Controller of Medaphis from March 1992 until April 1993. Before March 1992, Mr. Cote held various positions at KPMG LLP, an independent registered public accounting firm. The board selected Mr. Cote to serve as a director because of his deep knowledge of our industry and 13 years of experience serving as our principal executive officer.

Tyler T. Winkler has served as our Vice President, Global Sales & Marketing since October 2014 and served as our Executive Director, Sales & Marketing from our acquisition by Dell in February 2011 until October 2014. Before our acquisition by Dell, Mr. Winkler had served as our Executive Vice President, Sales & Marketing since July 2005 and as our Senior Vice President, Sales & Marketing from May 2002 to July 2005. From October 2000 to May 2002, Mr. Winkler was Vice President of Sales for SafeNet, Inc., an information security company. Mr. Winkler began his career at ICARUS Corporation, a provider of knowledge-based engineering technologies, where he worked in positions ranging from sales representative to Vice President of Worldwide Sales & Marketing from 1992 to September 2000.

 

105


Table of Contents

R. Wayne Jackson has served as our Chief Financial Officer since July 2015. Before joining us, Mr. Jackson was a partner at PricewaterhouseCoopers, LLP, or PwC, an independent registered public accounting firm, since May 2003. At PwC, Mr. Jackson was the lead engagement partner for a number of the firm’s largest clients before his withdrawal from the firm in June 2015. In addition, he served as the global leader of the firm’s Entertainment and Media Group from June 2004 through June 2007. Mr. Jackson also served at PwC in a variety of roles between July 1979 and January 2000. From January 2000 to October 2002, Mr. Jackson was Chief Financial Officer and Senior Vice President of Concert Communications Services, a global joint venture created by AT&T Inc. and British Telecommunications plc, two global telecommunications companies. In his role as Chief Financial Officer of Concert, Mr. Jackson was responsible for all finance, treasury, budget, planning and forecast functions for the company. Mr. Jackson is a certified public accountant.

Michael S. Dell has served as a director and non-executive Chairman of the Board since December 11, 2015. He serves as Chairman of the Board and Chief Executive Officer of Dell Inc. and, since the closing of Dell Inc.’s going-private transaction in October 2013, Denali Holding Inc. He has held the title of Chairman of the Board of Dell Inc. since he founded the company in 1984. Mr. Dell also served as Chief Executive Officer of Dell Inc. from 1984 until July 2004 and resumed that role in January 2007. In 1998, Mr. Dell formed MSD Capital for the purpose of managing his and his family’s investments, and, in 1999, he and his wife established the Michael & Susan Dell Foundation to provide philanthropic support to a variety of global causes. He is an honorary member of the Foundation Board of the World Economic Forum and is an executive committee member of the International Business Council. He serves as a member of the Technology CEO Council and is a member of the U.S. Business Council and the Business Roundtable. He also serves on the governing board of the Indian School of Business in Hyderabad, India, and is a board member of Catalyst, Inc., a non-profit organization that promotes inclusive workplaces for women. In June 2014, Mr. Dell was named the United Nations foundation’s first Global Advocate for Entrepreneurship. See “—Settlement of SEC Proceeding with Mr. Dell” below for information about legal proceedings to which Mr. Dell has been a party. The board selected Mr. Dell to serve as a director because of his leadership experience as founder, chairman and Chief Executive Officer of Dell and his deep technology industry experience.

Egon Durban has served as a director since December 11, 2015. He has been a member of the boards of directors of Dell Inc. and Denali Holding Inc. since the closing of Dell Inc.’s going-private transaction in October 2013. Mr. Durban is a Managing Partner and Managing Director of Silver Lake, a global private equity firm. Mr. Durban joined Silver Lake in 1999 as a founding principal and is based in the firm’s Menlo Park office. He has previously worked in the firm’s New York office, as well as the London office, which he launched and managed from 2005 to 2010. Mr. Durban serves on the board of directors of Intelsat S.A., a communications services provider, and is Chairman of the Board of Directors of William Morris Endeavor Entertainment, an entertainment and media company. Previously, he served on the board of directors of Skype Global S.à.r.l., a communications services provider, was the Chairman of its operating committee, served on the supervisory board and operating committee of NXP B.V., a manufacturer of semiconductor chips, and served on the board of directors of MultiPlan Inc., a provider of healthcare cost management solutions. Mr. Durban currently serves on the board of directors of Tipping Point, a poverty-fighting organization that identifies and funds leading non-profit programs in the Bay Area to assist individuals and families in need. Before beginning his service with Silver Lake, Mr. Durban worked in the investment banking division of Morgan Stanley & Co. LLC, or Morgan Stanley, an investment banking firm. While at Morgan Stanley, Mr. Durban organized and led a joint initiative between the Corporate Finance Technology Group and the Mergers and Acquisitions Financial Sponsors Group to analyze and present investment opportunities in the technology industry. Previously, Mr. Durban had worked in Morgan Stanley’s Corporate Finance Technology and Equity Capital Markets groups. The board selected Mr. Durban to serve as a director because of his strong experience in technology and finance, extensive knowledge and years of experience in global strategic leadership and management of multiple companies, and his current service as a director of Dell Inc. and Denali.

 

106


Table of Contents

As discussed below under “—Board of Directors,” upon or before the completion of this offering we intend to appoint five director nominees to our board of directors. Additional information about each director nominee is set forth below.

Pamela Daley is retired. Before her retirement in January 2014 from General Electric Company, or GE, one of the world’s largest infrastructure and financial services companies, Ms. Daley served with GE in a number of roles, including Senior Vice President and Senior Advisor to the Chairman from April 2013 to January 2014, Senior Vice President of Corporate Business Development from August 2004 to March 2013 and Vice President and Senior Counsel for Transactions from 1991 to July 2004. As Senior Vice President for Corporate Business Development, Ms. Daley was responsible for GE’s merger, acquisition and divestiture activities worldwide. Before she joined GE in 1989 as Tax Counsel, Ms. Daley was a partner at Morgan, Lewis & Bockius, an international law firm, where she specialized in domestic and cross-border tax-oriented financings and commercial transactions. Ms. Daley also serves as a director of BlackRock, Inc., a global asset management company traded on the New York Stock Exchange, and BG Group plc, an international gas and oil company traded on the London Stock Exchange. The board selected Ms. Daley to serve as a director because of her significant experience in the areas of leadership development, international operations, transactions, business development and global strategy gained through her over 30 years of transactional experience and over 20 years as an executive with GE.

David W. Dorman has been a Founding Partner of Centerview Capital Technology, or Centerview, a private investment firm, since July 2013. Before his association with Centerview, Mr. Dorman served as a Senior Advisor and Managing Director to Warburg Pincus LLC, a global private equity firm, from October 2006 to May 2008, and in a number of positions with AT&T Corp, or AT&T, a global telecommunications company, from 2000 to 2006. Mr. Dorman joined AT&T as President in December 2000 and was named Chairman and Chief Executive Officer in November 2002, a position he held until November 2005, and served as President and Director of AT&T from November 2005 to January 2006. Before his appointment as President of AT&T, Mr. Dorman served as Chief Executive Officer of Concert Communications Services, a global venture created by AT&T and British Telecommunications plc, from 1999 to 2000, as Chief Executive Officer of PointCast Inc., a web-based media company, from 1997 to 1999 and as Chief Executive Officer and Chairman of Pacific Bell Telephone Company from 1994 to 1997. Mr. Dorman has served as Non-Executive Chairman of the Board of CVS Health Corporation (formerly known as CVS Caremark Corporation), a pharmacy healthcare provider, since May 2011. He also serves as a director of PayPal Holdings, Inc., or PayPal, an online payments system operator, and Yum! Brands Inc, a fast food restaurant company. Mr. Dorman became a board member of Motorola, Inc., a leading provider of business and mission critical communication products and services for enterprise and government customers, in July 2006, served as Non-Executive Chairman of the Board from May 2008 to May 2011 and retired from his board position May 2015. He served as a director of eBay, Inc., from May 2014 until July 2015 when he joined the board of directors of PayPal upon its separation from eBay, Inc., an e-commerce company, as well as a director of Scientific Atlanta, Inc., a manufacturer of cable television, telecommunications and broadband equipment, from 1998 until that company was acquired by Cisco Systems, Inc. in 2006. Mr. Dorman currently serves as a member of the board of trustees of the Georgia Tech Foundation. The board selected Mr. Dorman to serve as a director because of his expertise in management, finance and strategic planning gained through his extensive experience as a principal and founder of Centerview and as Chief Executive Officer of AT&T, and because of his public company board and committee experience.

Mark J. Hawkins is currently the Chief Financial Officer and Executive Vice President of Salesforce.com, Inc., a provider of enterprise cloud computing solutions with a focus on customer relationship management. He has served in that role since August 2014. Mr. Hawkins previously served as Chief Financial Officer, Executive Vice President and Principal Financial Officer of Autodesk, Inc., a provider of three-dimensional design, engineering and entertainment software, from April 2009 to July 2014. From April 2006 to April 2009, Mr. Hawkins served as Chief Financial Officer and Senior Vice President of Finance & Information Technology at Logitech International S.A., a global provider of personal computer and tablets accessories. From January 2000 to March 2006, Mr. Hawkins served as Vice President of Finance for Dell’s Worldwide Procurement and Logistics organization, as well as Vice

 

107


Table of Contents

President of Finance for Dell’s U.S. Home Segment. Before joining Dell, Mr. Hawkins spent nearly 19 years at Hewlett-Packard Company, a global information technology company, where he held a variety of finance and business management roles. Mr. Hawkins serves as a director of Plex Systems, Inc., a leader in cloud-based enterprise resource planning for manufacturers. The board selected Mr. Hawkins to serve as a director because of his experience of more than 30 years with leading finance organizations at global software and technology companies, as well as his expertise in finance, information technology and global operations.

William R. McDermott has served as Chief Executive Officer of SAP SE (formerly SAP AG), or SAP, a business software company that provides collaborative business solutions to companies of all sizes, since May 2014 and Executive Board Member of SAP since 2008. He served as Co-Chief Executive Officer of SAP from February 2010 to May 2014 and, before his service in that position, as President of Global Field Operations and Chief Executive Officer of SAP Americas & Asia Pacific Japan. Before joining SAP in 2002, Mr. McDermott served as Executive Vice President of Worldwide Sales & Operations at Siebel Systems, an e-business software company, and as President of Gartner, Inc., an information technology research and advisory firm. He spent 17 years at Xerox Corporation holding various senior management positions, including President of the U.S. Major Account Organization and Senior Vice President/General Manager of Xerox Business Systems. Mr. McDermott serves as a director of Under Armour, Inc., a performance apparel company dedicated to technologically advanced products, and ANSYS, Inc., a provider of engineering and simulation software and technologies. Mr. McDermott served on the board of directors of PAETEC Holding Corp., a competitive broadband communications company, from February 2007 until its acquisition by Windstream Corporation in November 2011. The board selected Mr. McDermott to serve as a director because his experience serving in top positions with large leading global software and technology companies for more than 20 years will permit him to contribute significant leadership, finance, international and operational expertise and insight to the board.

James M. Whitehurst is currently the President and Chief Executive Officer of Red Hat, Inc., the maker of Linux and other enterprise software, a position he has held since January 2008. Mr. Whitehurst previously served as Chief Operating Officer for Delta Air Lines, or Delta, from July 2005 to August 2007, and as Chief Network and Planning Officer of Delta from May 2004 to July 2005. From 2002 to 2004, Mr. Whitehurst served as Senior Vice President, Finance, Treasury & Business Development for Delta. Before joining Delta, Mr. Whitehurst held multiple positions at the Boston Consulting Group, a global management consulting firm. Mr. Whitehurst serves as a director of Red Hat and DigitalGlobe, Inc., a builder and operator of satellites for digital imaging. The board selected Mr. Whitehurst to serve as a director because his executive management experience within diverse business environments, including as Chief Executive Officer of Red Hat and as Chief Operating Officer for Delta, and his ability to provide valuable strategic advice and offer financial, managerial and international expertise to the board.

Settlement of SEC Proceeding with Mr. Dell

On October 13, 2010, a federal district court approved settlements by Dell Inc. and Mr. Dell with the SEC resolving an SEC investigation into Dell Inc.’s disclosures and alleged omissions before fiscal year 2008 regarding certain aspects of its commercial relationship with Intel Corporation and into separate accounting and financial reporting matters. Dell Inc. and Mr. Dell entered into the settlements without admitting or denying the allegations in the SEC’s complaint, as is consistent with common SEC practice. The SEC’s allegations with respect to Mr. Dell and his settlement were limited to the alleged failure to provide adequate disclosures with respect to Dell Inc.’s commercial relationship with Intel Corporation prior to fiscal year 2008. Mr. Dell’s settlement did not involve any of the separate accounting fraud charges settled by Dell Inc. and others. Moreover, Mr. Dell’s settlement was limited to claims in which only negligence, and not fraudulent intent, is required to establish liability, as well as secondary liability claims for other non-fraud charges. Under his settlement, Mr. Dell consented to a permanent injunction against future violations of these negligence-based provisions and other non-fraud based provisions related to periodic reporting. Specifically, Mr. Dell consented to be enjoined from violating Sections 17(a)(2) and (3) of the Securities Act and Rule 13a-14 under the Exchange Act, and from aiding and abetting violations of Section 13(a) of the Exchange Act and Rules 12b-20, 13a-1 and 13a-13 under the Exchange Act. In addition, Mr. Dell agreed to pay a civil monetary penalty of $4 million, which has been paid in full. The settlement did not include any restrictions on Mr. Dell’s continued service as an officer or director of Dell Inc.

 

108


Table of Contents

Board of Directors

Upon or before the completion of this offering, the director nominees identified above will begin their terms of service on the board of directors.

Under our restated charter, our board of directors may consist of a maximum of 15 directors. The number of authorized directors from time to time will be determined by our board of directors. Upon the completion of this offering, our board of directors will consist of eight directors and will be divided into the following three classes that will serve staggered three-year terms:

 

    Class I, whose initial term will expire at the first annual meeting of stockholders to be held after the completion of this offering;

 

    Class II, whose initial term will expire at the second annual meeting of stockholders to be held after the completion of this offering; and

 

    Class III, whose initial term will expire at the third annual meeting of stockholders to be held after the completion of this offering.

Mr. Cote and Mr. Dorman will serve as Class I directors, Ms. Daley, Mr. Durban and Mr. Whitehurst will serve as Class II directors and Mr. McDermott, Mr. Dell and Mr. Hawkins will serve as Class III directors. At each annual meeting of stockholders after the initial division of the board of directors into three classes, the successors to directors whose terms will expire on such date will serve from the time of their election and qualification until the third annual meeting following their election and until their successors are duly elected and qualified. The number of directors in each class may be changed only by resolution of a majority of the board of directors. Any additional directorships resulting from an increase in the number of directors will be distributed among the three classes so as to ensure that the classes are as nearly equal in number as the then-authorized number of directors permits.

Director Independence

Subject to an exemption available to a “controlled company,” the NASDAQ marketplace rules require that a majority of a listed company’s board of directors be composed of “independent directors,” as defined in those rules, and that such independent directors exercise oversight responsibilities with respect to director nominations and executive compensation. After the completion of this offering, we will qualify as a “controlled company” and will be able to rely on the controlled company exemption from these provisions. The marketplace rules define a “controlled company” as “a company of which more than 50% of the voting power is held by an individual, a group or another company.” As described elsewhere in this prospectus, after this offering, Denali will beneficially own shares of our Class B common stock representing more than 50% of the combined voting power of both classes of our outstanding common stock.

Even though we will qualify as a controlled company, we expect to have a majority of independent directors serving on our board of directors and, as described below, to have established fully independent compensation and nominating committees upon the completion of this offering. Our board of directors has determined as of the date of this prospectus that each of Ms. Daley, Mr. Dorman, Mr. Hawkins, Mr. McDermott and Mr. Whitehurst is an independent director as defined under the NASDAQ marketplace rules.

We are not required to maintain compliance with NASDAQ’s director independence requirements and may choose to change our board or committee composition or other arrangements in the future to manage our corporate governance in accordance with the controlled company exemption. If we cease to be a controlled company, we will be required to comply with NASDAQ’s corporate governance requirements applicable to listed companies generally, subject to a phase-in period during the first year after we cease to be a controlled company. Even though we will be a controlled company for purposes of the marketplace rules, we will have to comply with the requirements of those rules relating to the membership, qualifications and operations of the audit committee

 

109


Table of Contents

of the board of directors, including the requirement that, within the first year after the closing of this offering, the audit committee be composed of at least three directors who meet the independence requirements under the rules for membership on that committee.

Board Committees

Upon the completion of this offering, our board of directors will establish an audit committee, a compensation committee, and a nominating and corporate governance committee having the composition and responsibilities described below. At least three directors will serve on each committee, which will be composed solely of independent directors, as defined under the NASDAQ marketplace rules and, in the case of the audit committee, applicable SEC rules. Our board has adopted a written charter for each of the committees, copies of which will be posted on our website after this offering.

Audit Committee

Upon the completion of this offering, our audit committee will consist of Mr. Hawkins, who will serve as chairman, Ms. Daley and Mr. Dorman. Our board of directors has determined as of the date of this prospectus that Mr. Hawkins is an “audit committee financial expert” and independent of management within the meaning of SEC rules, that each proposed committee member meets the “financial literacy” requirement for audit committee members under the NASDAQ marketplace rules and that each proposed member will be independent under Exchange Act Rule 10A-3 and the NASDAQ standards applicable to the independence of audit committee members.

The audit committee’s primary responsibilities will include, among other matters:

 

    appointing, retaining, compensating and overseeing the work of our independent registered public accounting firm;

 

    reviewing with our independent registered public accounting firm the scope and results of the firm’s annual audit of our financial statements;

 

    overseeing the financial reporting process and discussing with management and our independent registered public accounting firm the interim and annual financial statements that we will file with the SEC;

 

    overseeing compliance with federal banking laws and regulations applicable to us in connection with the solutions we provide to financial institutions regulated by the member agencies of the FFIEC, including the FFIEC’s examination of our company;

 

    pre-approving all audit and permissible non-audit services to be performed by our independent registered public accounting firm;

 

    reviewing our accounting and financial reporting policies and practices and accounting controls, as well as compliance with legal and regulatory requirements;

 

    reviewing with our management the scope and results of management’s evaluation of our disclosure controls and procedures and management’s assessment of our internal control over financial reporting, including the related certifications to be included in the periodic reports we will file with the SEC; and

 

    establishing procedures for the confidential anonymous submission of concerns regarding questionable accounting, internal controls or auditing matters, or other ethics or compliance issues.

Compensation Committee

Upon the completion of this offering, our compensation committee will consist of Mr. Whitehurst, who will serve as chairman, Mr. Hawkins and Mr. McDermott. Our board of directors has determined as of the date of this prospectus that each proposed committee member will be independent under the NASDAQ standards applicable to the independence of compensation committee members.

 

110


Table of Contents

The compensation committee’s primary responsibilities will include, among other matters:

 

    annually reviewing and approving our executive compensations plans, programs and policies;

 

    annually reviewing and recommending all forms of compensation for our chief executive officer for approval by the board of directors;

 

    annually reviewing and approving all forms of compensation for our other executive officers and our non-employee directors;

 

    evaluating the need for, and provisions of, employment contracts or severance arrangements for our executive officers;

 

    acting as administrator of our equity incentive plans;

 

    reviewing director compensation for service on the board of directors and its committees at least once each year and recommending any changes to such compensation to the board of directors; and

 

    reviewing and discussing with the board of directors at least annually our management succession plans, as well as our leadership development strategies and executive retention and diversity strategies.

Nominating and Corporate Governance Committee

Upon the completion of this offering, our nominating and corporate governance committee will consist of Mr. McDermott, who will serve as chairman, Ms. Daley and Mr. Dorman. Our board of directors has determined as of the date of this prospectus that each proposed committee member will be independent under the NASDAQ standards applicable to the independence of nominating committee members.

The nominating and corporate governance committee’s primary responsibilities will include, among other matters:

 

    identifying and evaluating potential candidates to be considered for appointment or election to the board of directors;

 

    making recommendations to the board of directors regarding the selection and approval by the board of director nominees to be submitted for election by a stockholder vote;