10-K405 1 g74958e10-k405.txt INTERNET SECURITY SYSTEMS, INC. -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549 --------------------- FORM 10-K (MARK ONE) [X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934 FOR THE FISCAL YEAR ENDED DECEMBER 31, 2001 OR [ ] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934 FOR THE TRANSITION PERIOD FROM ____________TO ____________
Commission file number 0-23655 INTERNET SECURITY SYSTEMS, INC. (Exact Name of Registrant as Specified in Its Charter) DELAWARE 58-2362189 (State or other jurisdiction of (I.R.S. Employer Identification No.) incorporation or organization) 6303 BARFIELD ROAD 30328 ATLANTA, GEORGIA (Zip code) (Address of principal executive offices)
Registrant's telephone number, including area code: (404) 236-2600 Securities registered pursuant to Section 12(b) of the Act: None Securities registered pursuant to Section 12(g) of the Act: COMMON STOCK, $0.001 PAR VALUE (Title of Class) Indicate by check mark whether the Registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes [X] No [ ] Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of Registrant's knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. [X] The aggregate market value of the voting stock held by non-affiliates of the Registrant, based upon the closing sale price of Common Stock on March 20, 2002 as reported on the NASDAQ National Market, was approximately $795 million (affiliates being, for these purposes only, directors, executive officers and holders of more than 5% of the Registrant's Common Stock). As of March 20, 2002, the Registrant had 48,206,241 outstanding shares of Common Stock. DOCUMENTS INCORPORATED BY REFERENCE Portions of the Proxy Statement for the Registrant's 2002 Annual Meeting of Stockholders are incorporated by reference into Part III of this Form 10-K. -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- FORWARD-LOOKING STATEMENTS This report contains forward-looking statements that involve risks and uncertainties. The statements contained in this report that are not historical statements of fact are forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking-statements include, among other things, statements regarding our expectations, beliefs, intentions or strategies regarding the future. All forward-looking statements included in this report are based on information available to us up to and including the date of this document, and we expressly disclaim any obligation to update or alter our forward-looking statements, whether as a result of new information, future events or otherwise. Our actual results could differ significantly from those anticipated in these forward-looking statements as a result of certain factors, including those set forth below, under "Management's Discussion and Analysis of Financial Condition and Results of Operations -- Risk Factors" and elsewhere in this report. PART I ITEM 1. BUSINESS INTRODUCTION OVERVIEW Internet Security Systems, Inc. ("ISS" or the "Company") (NASDAQ: ISSX) is a security software pioneer and global leader in information protection solutions dedicated to protecting online assets. This proactive line of defense protects networks, servers and desktops against an ever-changing spectrum of threats. Our security management solutions include software products, managed security services, and professional services made up of both consulting and training services. We offer a comprehensive line of products and services for enterprise, smaller enterprise, consumer and service provider customers. These threat protection solutions go beyond basic access control to deliver multiple layers of defense that detect, prevent and respond to threats to our customers' business operations. Our products are designed to meet the need for comprehensive, cost-effective detection, prevention and response arising from attacks, misuse and security policy violations. Our family of software products is a critical element of an active Internet and networking security program within today's world of global connectivity, enabling organizations to proactively monitor, detect and respond to risks to enterprise information. Our managed services offerings provide remote management of the industry's best-of-breed security technology including security assessment and intrusion detection systems, firewalls, virtual private networks (VPNs), anti-virus and URL filtering. We focus on serving as the trusted security provider to our customers by maintaining within our products the latest counter-measures to security risks, creating new innovative products, and providing professional and managed services. ISS was founded in 1994 and is headquartered in Atlanta, Georgia. The mailing address for our headquarters is 6303 Barfield Road, Atlanta, Georgia, 30328, and our telephone number at that location is (404) 236-2600. The ISS Web site can be found at www.iss.net. NETWORK ICE ACQUISITION Through our acquisition of Network ICE Corporation in June 2001 we added several key technologies that enhance our offerings. The BLACKICE(TM) product family introduced packet analysis to our market-leading REALSECURE(R) protection solution. Packet analysis is a complementary technique that allows improved analysis and accuracy in the identification of improper network activity. This and other core Network ICE innovations have already been incorporated into the RealSecure Protection System, with additional integration to continue throughout 2002. The BlackICE Defender application, now renamed BlackICE PC Protection, brought us our first true entry into the consumer market. This foothold marks the potential for future growth in the consumer market. This same desktop protection orientation also enhances our core business offerings by establishing cost- 1 efficient and capable protection solutions for fixed, remote mobile and wireless network connections and establishing competitive offerings for the smaller business market, an area not aggressively served by us in the past. INDUSTRY BACKGROUND GROWTH OF ONLINE ASSETS AND RISKS Online security is of growing importance to today's businesses, as more and more businesses rely on Internet-based technology to conduct day-to-day operations. Businesses continue to adopt Internet-based technologies to streamline operations and create new business opportunities. To capitalize on the benefits of the Internet, businesses continue to open their networks to business partners, customers, and their mobile workforce, significantly increasing the value and vulnerability of their online assets. The networks, servers and desktops that make online commerce work are inherently vulnerable to online threats. A threat is any tool or technique that can be used to damage the data stored on a network, server or desktop, or to compromise those resources for unauthorized use. The tools used to attack online resources and the sophistication of these threats continues to increase. At the same time, the technological sophistication needed to launch an attack continues to decrease. The more that organizations and consumers depend on networks to conduct business, the greater the risk of business interruption, negative publicity, theft of proprietary or private information, legal liability, and other costly business losses. The Computer Security Institute reported in the 2001 CSI/FBI Computer Crime and Security Survey conducted with the Federal Bureau of Investigation that 90% of the 186 respondents (primarily large corporations and government agencies) detected security breaches in a twelve-month period, with 64% acknowledging financial losses due to computer breaches. The 186 respondents reported $377,828,700 in losses. Regulatory requirements, merger and acquisition due diligence and insurability concerns are generating even broader awareness that information protection is a critical business need. ISS PROTECTION SOLUTIONS Our protection solutions provide protection against online threats. They provide proactive detection of active attacks against information resources, prevent unnecessary security vulnerabilities, and provide for rapid, appropriate response when a security event takes place. Our protection solutions help minimize our customers' risk from online threats. We believe that there are three key processes to manage online risk: - Identify security exposures and active threats, with responses appropriate to the severity of the risk and the potential for loss; - For larger organizations, implement scalable, centralized security management across complex infrastructure. For smaller organizations, utilize either an in-house software solution or managed security services (or both) to provide efficient oversight and control; and - Utilize a proactive source of security alerts, advisories and other security information services to counteract the dynamic nature of risk. These solutions can be an in-house solution, or part of a managed solution provided by ISS. Each solution often includes professional services or an education component. In response to this broad-based business need, we provide a wide range of proactive protection that spans networks, servers and individual desktops, all built around the need for comprehensive, cost-effective detection, prevention and response. These flexible solutions scale from individual PCs to multinational enterprises, with detection, prevention and response across the breadth of the threat spectrum. 2 MARKETS We provide products and services for specific markets, separated by size and technological sophistication. These markets are defined as enterprise, smaller enterprise, small office/home office ("SOHO"), consumer, service provider, and risk management. ENTERPRISE Enterprise market customers generally have revenues exceeding $500 million. Our enterprise software and services solutions provide proactive, centrally deployed and managed protection against online business interruption and loss, all designed to operate with minimal administration or interference with normal network operations. These comprehensive protection offerings merge network, server and desktop protection into an integrated threat management environment. This combination of software and services enables centralized management across multiple locations and network segments, including wireless networks, branch offices and mobile workers. Most importantly, our proactive approach keeps staff appraised on newly discovered security issues, ensuring that the protection solution is quickly and easily updated to account for newly evolved threats. Enterprise solutions include the REALSECURE(R) PROTECTION SYSTEM, a unique software offering that encompasses vulnerability assessment and threat detection, prevention and response across networks, servers and desktops, all coordinated through the REALSECURE(R) SITEPROTECTOR(TM) centralized management platform. In addition, our Managed Security Services extends this protection strategy through managed security offerings and expert 24/7 management, for situations where additional flexibility and support are required. Extensive professional services and emergency response provide an appropriate, effective security solution, regardless of business environment. SMALLER ENTERPRISE In addition, we provide a full range of security solutions that provide enterprise-quality protection for smaller enterprises, ranging in size from roughly $50 million to $500 million in annual revenue. These solutions are also based on the RealSecure Protection System to provide integrated intrusion detection and response, vulnerability assessment, policy compliance, and data collection and analysis, all coordinated through the RealSecure SiteProtector centralized management platform. Managed Security Services extends this protection strategy through managed security offerings and expert 24/7 management, for situations where additional flexibility and support are required. Finally, the SECURE STEPS(SM) program provides scalable, affordable risk management solutions based on Internet Security Systems' Managed Security Services that are intended to establish the security practices necessary to obtain insurance coverage for online business operations. SOHO AND CONSUMER Small office/home office and consumer customers require a security solution that is as cost effective and easy-to-use as possible. Internet Security Systems' BLACKICE(TM) products provide comprehensive, cost-effective firewall and intrusion protection solutions designed specifically for remote workers, telecommuters or consumers in smaller office environments. These applications combine firewall, intrusion protection and report management into a straightforward, and cost-effective protection solution. BlackICE protection products are widely available through retail and online outlets. SERVICE PROVIDER We provide best-of-breed technology and a proven track record in network security management for service providers looking to establish online security as part of a broad-based, Internet-oriented business solution. We partner with service providers that want to resell managed security services and are seeking a well-known, credible and stable partner in the security industry, an established ability to bring partners to market, and a comprehensive services portfolio. 3 Our advanced security management software solutions, extensive experience protecting customer networks, and unique ability to collect and analyze threat trends from around the world in our Global Threat Operations Center (GTOC) allow us to partner with organizations looking to bundle a security management component within a broader set of business services. RISK MANAGEMENT Online business operations, like their physical counterparts, require careful risk management practices. However, traditional security and insurance offerings do not address unique online risks. Secure Steps delivers critical security solutions designed for organizations needing an integrated, cost-efficient online risk management solution. Participation in Secure Steps mitigates the risk to underwriters and is intended to pre-qualify businesses for third-party cyber-insurance coverage for online business operations. We do not ourselves sell insurance coverage or any other insurance services. We also have other specialized security assessment programs that help organizations with self-managed security ascertain that their security practices are suitable for cyber-insurance programs. Secure Steps is a specialized set of managed security services that adds comprehensive recovery and security forensics to document and analyze security events should a breach occur. When combined with cyber-insurance coverage, Secure Steps is an important component of a broad-based enterprise risk management strategy. PRODUCTS AND SERVICES ENTERPRISE PROTECTION The RealSecure Protection System, the core of our enterprise protection offerings, significantly improves protection across networks, servers and desktops, while reducing complexity and cost. This unique solution integrates intrusion detection and response, vulnerability assessment, policy compliance, and data collection and analysis, all coordinated through the RealSecure SiteProtector centralized management structure. Key components include: REALSECURE NETWORK PROTECTION -- Provides a wide range of specialized protection sensors for networks and gateways, all tightly integrated into a centralized operational and management framework. RealSecure Network Sensor -- Provides intelligent, automated integration of threat assessment, intrusion detection, active blocking and data analysis within a self-contained, remotely managed application. RealSecure for Nokia Appliance -- Provides powerful, automated, real time intrusion protection for computer networks through an easily deployed, appliance-style solution. RealSecure Sentry -- Real-time intrusion detection available in standard, full duplex, multiport and gigabit configurations that recognize and respond to suspicious behavior on any network segment. RealSecure Guard -- An inline intrusion protection filter designed specifically for mission critical connections that protects across network segments. REALSECURE SERVER PROTECTION -- Defends servers and applications against unauthorized access and a broad array of threats by combining intrusion detection and response with firewall capabilities. RealSecure Server Protector -- Provides intelligent, automated integration of threat assessment, intrusion detection, active blocking and data analysis for servers within a self-contained, remotely managed application. REALSECURE DESKTOP PROTECTION -- Guards fixed, remote and mobile corporate desktops against unauthorized access and a broad array of threats by combining intrusion detection and response with firewall capabilities and virtual private network (VPN) compatibility. 4 RealSecure Desktop Protector (formerly BlackICE Agent for Workstations) -- Provides intelligent, automated integration of threat assessment, intrusion detection, active blocking and data analysis for desktops within a self-contained, remotely managed application. REALSECURE SITEPROTECTOR -- Scalable, centralized security deployment, management and reporting for enterprise RealSecure deployments that significantly reduce demands on staff and other operational resources. REALSECURE SITEPROTECTOR SECURITY FUSION MODULE -- Uses advanced data correlation and analysis to rapidly and automatically derive the likelihood of a successful attack from aggregated vulnerability assessment information. VULNERABILITY ASSESSMENT In addition to the RealSecure Protection System, we also offer security assessment and policy compliance solutions for proactive measurement of online risk. These comprehensive and complimentary offerings include: INTERNET SCANNER(R) -- Provides comprehensive network vulnerability assessment for measuring online risk. SYSTEM SCANNER(TM) -- Ensures policy compliance and detects vulnerabilities that leave servers open to compromise. DATABASE SCANNER(R) -- Assesses online business risks by identifying security exposures in leading database applications. WIRELESS SCANNER(TM) -- Provides automated detection and security analyses of mobile networks utilizing 802.11b WLAN (Wi-Fi) access points and clients. SOHO AND CONSUMER PRODUCTS We offer powerful, affordable solutions providing fast, accurate protection for a wide range of information protection needs for the SOHO and consumer product markets. Our products include: BLACKICE PC PROTECTION -- Provides comprehensive personal firewall and intrusion protection for individual PCs. BLACKICE SERVER PROTECTION -- Provides comprehensive firewall and intrusion protection capabilities for individual servers. X-FORCE(TM) SERVICES The X-Force organization, our leading group of security experts dedicated to proactive counter intelligence and public education, delivers timely, accurate information for anyone interested in protecting online assets against attack or misuse. This proactive approach suffuses all our offerings, from research and development to products and services, including publicly available information and product support Our X-Force organization delivers breaking information on threats through three complementary online publications: Security Advisories, Security Alerts and Security Alert Summaries. Security Advisories contain new vulnerability research developed by the X-Force itself, as well as solutions to manage or resolve the threat. Security Alerts are timely compilations of threat information, both from us and from other, external resources. Finally, Security Alert Summaries are weekly publications containing short descriptions of security issues identified and researched during the past week. Each issue in the Alert Summary is linked to detailed information in the online X-Force Database. The X-Force organization begins this process through our Global Threat Operations Center. This specialized threat intelligence facility collects security trend information from five state-of-the-art Security Operations Centers operating on three continents to analyze the nature and severity of any threat in real-time. 5 The X-Force then proactively helps deliver our solutions to market via alerts, advisories, product updates, professional services, emergency response and 24/7 remotely managed security services. X-Force threat intelligence consists of both global and local primary source overviews of evolving threats. This information may be sorted by specific geography, business sector, operating system or attack technique, allowing anyone interested in information protection to evaluate global threat conditions as part of their own security operations. All our service offerings use X-Force threat intelligence as a differentiator, whether as part of a professional services consulting engagement, managed security services, SECUREU(TM) education offerings or customer support. In addition, X-Force research and development quickly and easily integrates into Internet Security Systems' software solutions via self-installing X-PRESS UPDATE(TM) product enhancements. MANAGED SECURITY SERVICES ISS Managed Security Services offers online protection for organizations lacking the time, expertise or appropriate internal resources to secure critical information resources. Our services include: MANAGED INTRUSION PROTECTION SERVICE -- Unobtrusively monitors client servers and network traffic for potential threats, and prevents attacks or misuse from damaging online information resources. MANAGED FIREWALL SERVICE -- Flexible, remotely managed firewall service that delivers cost-effective protection without requiring an in-house solution. HIGH AVAILABILITY MANAGED FIREWALL SERVICE -- Remotely managed firewall that utilizes a robust architecture to maximize uptime for critical business operations. CLIENT VPN SERVICE -- Extends our managed firewall offerings by establishing secured network resources for remote operations including users, partners, vendors and customers. MANAGED SITE-TO-SITE VPN SERVICE -- Leverages our managed firewall services to create efficient trust relationships for online business operations acting across multiple networks. MANAGED ANTIVIRUS SERVICE -- Delivers complete 24/7 gateway protection against malicious email, file transfer and Web traffic for networks. MANAGED REMOTE SCANNING -- Performs remotely managed, scheduled and on-demand assessments of the network perimeter. Uses the Internet Scanner(TM) application to pinpoint vulnerabilities and recommend fixes. MANAGED WEB FILTERING -- Allows organizations to monitor access to Internet resources and specific Web addresses to ensure appropriate usage of network bandwidth. MANAGED SECURITY SERVICES CUSTOMER PORTAL -- Complements our Managed Security Services offerings by providing customers with a powerful, interactive information reporting and analysis tool for maintaining effective security practices. PROFESSIONAL SERVICES Our professional services combine our extensive intellectual capital, best-of-breed technology and experienced security experts to help organizations plan and implement sound security management solutions. Our standards-based methodology covers the complete security management lifecycle, including assessment, design, deployment, management, and support. ASSESS X-Force Penetration Test -- A network attack simulation event in which security experts attempt to break into a network mimicking the techniques used by malicious attackers. Available in three variations: Light Perimeter, Full Perimeter and Internal. 6 Information Security Assessment -- Comprehensive evaluation of security posture from an external and internal perspective, including an in-depth evaluation of a client's security architecture, policies and procedures, threats and vulnerabilities, and technical security controls and mechanisms. Wireless Network Security Assessment -- Security assessment of wireless network environments including both assessment and penetration testing. Application Security Assessment -- Review and evaluation of application security from the client and server perspectives. DESIGN Protection Policy Development -- Designed to help a client design and adopt an information protection policy that reflects its business objectives, environment and culture. Solutions Deployment Planning -- Designed to help a client understand the architecture of its existing and future networks. Our security specialists work with client staff to determine and plan the most effective and strategic locations in which to install our solutions, how to best implement them with minimal impact on current network operations, and how to plan for the ongoing management and maintenance of the security solution. Network Security Architecture Design -- Our security professional's assist a client in developing a network security architecture design based on assessment requirements and industry best practices. DEPLOY Internet Security Systems Solutions Deployment -- Installation, configuration and tuning for our vulnerability assessment, intrusion detection and enterprise security management solutions. MANAGE Emergency Response Services -- Our professional services staff combines leading security research with real-world incident response experience to help organizations prepare for, and respond immediately to, information security breaches. Vulnerability Remediation Services -- Our experienced professional services staff work with a client to plan and implement vulnerability remediation. Staff Augmentation & Support -- Designed for organizations in which: - A fully managed solution is not an option, but onsite management from a security expert is needed. - Security engagement needs are not clearly defined, but onsite management from a security expert would be beneficial. - Additional support is needed while the organization is in the process of hiring an individual for a security role. EDUCATION & TRAINING Our SecureU education services offer hands-on, real-world security management and certification training. SecureU's content rich materials and experienced instructors educate security professionals with courses delivered in classrooms located around the world as well as through on-site, customized programs. By developing and maintaining internal staff knowledge, organizations can maximize the return on their security investments. 7 SUPPORT We provide ongoing product support services under license agreements. Maintenance contracts are typically sold to customers for a one-year term at the time of the initial product license and may be renewed for additional periods. Under our maintenance agreements with our customers, we provide, without additional charge, telephone support, documentation, our X-Force Security Alerts, X-Press Updates, product updates and error corrections. Customers with current maintenance agreements may download product updates from our Web site. We believe that providing a high level of customer service and technical support is necessary to achieve rapid product implementation, which, in turn, is essential to customer satisfaction and continued license sales and revenue growth. Accordingly, we are committed to recruiting and maintaining a high-quality technical support team. A team of dedicated engineers trained to answer questions on the installation and usage of our products provides telephone and email support worldwide, 24 hours a day, seven days a week (including holidays), from our corporate office in Atlanta. Customers in Asia can also contact ISS Technical Support in the Philippines or Tokyo during local business hours. The ISS Support Team located in San Mateo, California provides email support to our consumer customer base. In the United States and internationally, our resellers provide telephone support to their customers with additional technical assistance from us. For our managed services security solutions, customer support is available for several offerings up to 24 hours a day, seven days a week. Support is offered via phone, email or secure Web form and includes access to an online knowledge base as well as direct contact with qualified support personnel. GEOGRAPHIC SEGMENTS We provide our security management solutions in three geographic areas: the Americas (United States, Canada and Latin America), EMEA (Europe, Middle East and Africa) and Asia/Pacific Rim. These geographic areas represent our three reportable segments. The accounting policies of the reportable geographic segments are the same as described in the summary of significant accounting policies in our financial statements and are applied consistently across the segments. Revenues, as a percent of total revenues, for each segment are as follows:
1999 2000 2001 ---- ---- ---- Americas.................................................... 84% 79% 71% EMEA........................................................ 11 13 15 Asia/Pacific Rim............................................ 5 8 14
PRODUCT DEVELOPMENT We develop our products to operate in heterogeneous computing environments. Products are compatible with other vendors' products across a broad range of platforms, including HP-UX, IBM AIX, Linux, Sun Solaris, and Microsoft Windows. We have incorporated a modular design in our products to permit plug-and-play capabilities, although customers often use our professional services or our strategic partners to install and configure products for use in larger or more complex network systems. We employ a three-pronged product development strategy to achieve our goal of providing comprehensive security coverage for monitoring, detection and response. First, we provide regular security updates to our products that are based on our vulnerability and threat database. These updates are usually provided as part of separate maintenance agreements sold with the product license. Second, we continue to develop best-of-breed security products to protect networks, servers, and desktops. New products, and existing products such as Internet Scanner, RealSecure, and BlackICE PC Protection are updated approximately every four to six months to add new features and improve functionality. Third, to complement our existing products and provide more comprehensive network security coverage, we are expanding existing products by developing additional enterprise-level security management products, including RealSecure SiteProtector. These products will help customers protect their networks, servers and 8 desktops by continuously measuring and analyzing the status of their security, monitoring and protecting from security risks in real time across the enterprise network. These RealSecure enterprise products operate with our existing products, allowing modular implementation. Expenses for product development were $20.4 million, $31.3 million, and $35.4 million in 1999, 2000, and 2001, respectively. All product development activities are conducted at either our principal offices in Atlanta or at our research and development facilities in San Mateo, California, Sunnyvale, California, Southfield, Michigan and Reading, England. At December 31, 2001, 263 personnel were employed in product development teams. Our personnel include members of the Computer Security Institute, Forum for Incident Response and Security Technicians (FIRST), Georgia Tech Industrial Partners Association, Georgia Tech Information Security Center and the International Computer Security Association (ICSA), enabling us to actively participate in the development of industry standards in the emerging market for network and Internet security systems and products. PRICING We use a range of fee structures to license our products, depending on the type of product and the intended use. We license our vulnerability assessment products, Internet Scanner, System Scanner and Database Scanner based on the number of devices being assessed. The pricing scheme is scalable, providing low entry points for departmental users without limiting our revenue potential from customers with large networks. Pricing for our threat detection and response products, including the RealSecure line of sensors/detectors as well as the BlackICE products, is based on the number of copies deployed on the network. Thus, licensing fees for our products are ultimately determined by the size of the customer's network, as size dictates the number of devices to be assessed or the number of copies to be deployed. Management software is sold on a capacity basis. The license fee for the management software is determined by the size of the sensor/detector and scanner purchase. This capacity-based pricing structure addresses the needs of large and small customers and provides customers with the ability to license as much management as they require. In addition to license fees, customers customarily purchase maintenance agreements in conjunction with their initial purchase of a software license, with annual maintenance fees typically equal to 20% of the product's license fee. Maintenance agreements include annually renewable telephone support, product updates, access to our X-Force Security Alerts and error corrections. Our continuing research into new security risks and resulting product updates provide significant ongoing value. We provide customers with a regular stream of security updates, known as X-Press Updates, as part of this maintenance agreement. X-Press Updates serve to keep our products up to date with the latest vulnerabilities and threats that are present in Internet environments. As a result, a substantial majority of our customers renew their maintenance agreements. We have historically sold fully-paid perpetual licenses with a renewable annual maintenance agreement and, more recently, have licensed our products on a subscription basis, including maintenance, for one or two year periods and are exploring other alternatives for customers desiring longer term arrangements or multi-year commitments. Customers who use our products to provide information technology assessment services are offered subscription license agreements, typically with a one year term. Monitoring fees for managed security services are determined by the complexity of the monitoring arrangement and by the number of devices being monitored. The pricing is scalable, allowing for customers to start with basic security monitoring services and expand as the business grows. Our professional services fees are calculated either on a fixed-fee basis or an hourly standard rate per consultant and discounted based on the scope of the engagement, market sector and geographical territory. Educational services are calculated on a per-class basis. CUSTOMERS As of December 31, 2001, Internet Security Systems has more than 9,000 business customers, and maintained operations in 22 countries. No customer accounted for more than 10% of our consolidated revenues in 1999, 2000 or 2001. Target customers include both public and private sector organizations, as well as consumers, that use Internet protocol enabled information systems. Business customers represent a broad 9 spectrum of organizations within diverse sectors, including financial services, technology, telecommunications, government, and information technology services. SALES AND MARKETING Sales Organization Our sales organization is divided regionally among the Americas, EMEA (Europe, Middle East and Africa) and the Asia/Pacific regions. In the Americas, we market our products primarily through our direct sales organization augmented by our indirect channels, including security consultants, resellers, OEMs and systems consulting and integration firms. The direct sales organization for the Americas consists of regionally based sales representatives and sales engineers, and a telesales organization, located in Atlanta. We maintain a number of domestic sales offices in various cities throughout the United States and in Canada, Mexico and Brazil. As of December 31, 2001, we employed approximately 284 people in the Americas direct sales and professional services organization. The regionally based direct sales representatives focus on opportunities with large organizations. Included as part of the sales organization, is a channel management group that drives incremental revenue through selected partners and acts as the liaison between the direct sales representatives and the channel partners. In the EMEA and Asia/Pacific regions, the substantial portion of our sales occurs through authorized resellers. Internationally we have established regional sales offices in several countries in Europe as well as in Egypt, Australia and Japan. Personnel in these offices are responsible for market development, including managing our relationships with resellers, assisting them in winning and supporting key customer accounts, acting as a liaison between the end user and our marketing and product development organizations, and providing consulting and training services. As of December 31, 2001, approximately 345 employees were located in our European and Asia/Pacific regional offices. We expect to continue to expand our field organization into additional countries in these regions. SecurePartner(TM) Program We maintain the SECUREPARTNER(TM) program to train and support security consulting practices, systems integrators and resellers who match our products with their own complementary products and services. By reselling our solutions, these partners provide additional value for specific market and industry segments, while maintaining our ongoing commitment to quality software and customer satisfaction. There are three different levels of reseller opportunities: - Premier Partners. Premier Partners are typically security consultants, value-added resellers (VARs) and systems integrators with focused security practices. Many Premier Partners are experienced in the sales and implementation of leading firewall, authentication and encryption technologies. Premier Partners maintain the highest level of resales. These partners leverage their expertise with our vulnerability assessment and intrusion detection products. Premier Partners receive direct distribution of our products, sales and technical training, access to market development funds, use of our Web site for placing orders, monthly SecurePartner email newsletters, security information from the ISS X-Force and other partner-only communications, access to the ISS Partner Resource Center Web site and a listing on our Partner Web page(s). - Authorized Partners. Authorized Partners generally consist of organizations that provide security focused consulting and/or integration services. Authorized Partners are also required to maintain a specified level of resales, albeit at a more modest level than Premier Partners. Authorized Partners can take advantage of many of the same benefits that Premier Partners enjoy, including purchasing products directly from ISS, sales and technical training, Web site access in order to place orders, partner-only communications, and a listing on our Partner Web page(s). - Registered Partners. Unlike Premier Partners and Authorized Partners, Registered Partners are not required to maintain an ISS Certified Engineer on their staffs or to maintain any specified level of 10 resales. Registered Partners receive partner-only communications, marketing and sales support, and may purchase products directly from us, including through our online Web order system. Marketing Programs We conduct a number of marketing programs to support the sale and distribution of our products. These programs are designed to inform existing and potential end-user customers and resellers about the capabilities and benefits of our products. Marketing activities include: - Press relations and education; - Publication of technical and educational articles in both print and online media, through our white papers, and through our own print and online newsletters and/or magazines; - Participation in industry tradeshows; - Product/technology conferences and seminars; - Competitive analysis; - Sales training; - Advertising and development and distribution of marketing literature; and - Maintenance of our Web site. A key element of this marketing strategy is to establish our products, services and information security methodologies as the leading approach for information protection and security management for the enterprise, smaller enterprise, small office/home office, consumer, service provider and risk management markets. We have implemented a multi-faceted awareness program to leverage the use of corporate, product and service brands to increase acceptance of our offerings through relationships with various channel partners: - Strategic Resellers. Although we have numerous resellers, certain of these relationships have generated significant leverage for us in targeted markets. Our strategic resellers provide broad awareness of our brands through enhanced marketing activity, access to large sales forces, competitive control points and access to larger strategic customer opportunities. - Consultants. The use of our products by security consultants not only generates revenue from the license sold to the customer, but also provides us with leads to potential end users with a concern for network security. - OEMs. Agreements with original equipment manufacturers ("OEMs") enable OEMs to incorporate our products into their own product offerings to enhance their security features and functionality. We receive royalties or other consideration from OEM vendors and increased acceptance of our products under these arrangements, which, in turn, are intended to promote sales of our other products to the OEM's customers. We typically enter into written agreements with resellers, consultants, managed service providers, Internet service providers and OEMs. These agreements generally do not provide for firm dollar commitments from the parties, but are intended to establish the basis upon which the parties will work together to achieve mutually beneficial objectives. COMPETITION The market for information security, including software products, professional services, training services and managed security services is intensely competitive, and we expect competition to increase in the future. We believe that the principal competitive factors affecting the market for information security include security effectiveness, manageability, technical features, performance, ease of use, price, scope of product offerings, professional services capabilities, distribution relationships and customer service and support. Although we believe that our solutions generally compete favorably with respect to such factors, we cannot guarantee that 11 we will compete successfully against current and potential competitors, especially those with greater financial resources or brand name recognition. INTELLECTUAL PROPERTY AND TRADEMARKS We rely primarily on patent, copyright and trademark laws, trade secrets, confidentiality procedures and contractual provisions to protect our intellectual property and other proprietary rights. We have obtained one United States patent and have 15 patent applications under review in the United States and certain foreign jurisdictions. We also believe that the technological and creative skills of our personnel, new product developments, frequent product enhancements, our name recognition, our professional services capabilities and delivery of reliable product maintenance are essential to establishing and maintaining a technology leadership position. We cannot assure you that our competitors will not independently develop technologies that are similar to ours. We generally license our software products to end users in object code (machine-readable) format. Certain customers have required us to maintain a source-code escrow account with a third-party software escrow agent, and a failure by us to perform our obligations under any of the related license and maintenance agreements, or our insolvency, could result in the release of our product source code to such customers. The standard form license agreement for our software products allows the end user to use our products solely on the end user's computer equipment for the end user's internal purposes, and the end user is generally prohibited from sublicensing or transferring the products. Despite our efforts to protect our intellectual property, unauthorized parties may attempt to copy aspects of our products or to obtain and use information that we regard as proprietary. Policing unauthorized use of our products is difficult. While we cannot determine the extent to which piracy of our software products occurs, we expect software piracy to become a persistent problem. In addition, the laws of some foreign countries do not protect our proprietary rights to the extent of the laws of the United States and many foreign countries do not enforce these laws as diligently as U.S. government agencies and private parties. Internet Security Systems, the Internet Security Systems logo, System Scanner, Wireless Scanner, Online Scanner, SiteProtector, ADDME, AlertCon, ActiveAlert, FireCell, FlexCheck, Secure Steps, SecurePartner, SecureU, X-Force and X-Press Update are trademarks and service marks, and Internet Scanner, Database Scanner and RealSecure registered trademarks, of Internet Security Systems, Inc. Network ICE, the Network ICE logo and ICEpac are trademarks, BlackICE a licensed trademark, and ICEcap a registered trademark, of Network ICE Corporation, a wholly owned subsidiary of Internet Security Systems, Inc. Other trademarks and trade names mentioned are marks and names of their owners as indicated. EMPLOYEES As of December 31, 2001, we had 1,205 employees, of whom 263 were engaged in product research and development, 271 were engaged in sales, 235 were engaged in customer service and support, 175 were engaged in professional services, 72 were engaged in marketing and business development and 189 were engaged in administrative functions. We believe that we have good relations with our employees. ITEM 2. PROPERTIES In November 1999 we signed an eleven and one-half year lease for our Atlanta headquarters and research and development facility. This facility consists of approximately 240,000 square feet that we began occupying in varying phases beginning in November 2000. Annual minimum payments under the lease increase as occupied space increases, with total minimum payments due under the lease of approximately $64 million over the lease term. We lease additional office space in Chicago, Illinois; Sunnyvale, California; San Mateo, California; Southfield, Michigan; Denver, Colorado; New York City, New York; Boca Raton, Florida and Washington, D.C., as well as small executive suites in a number of United States cities. In addition, we lease office space in Buenos Aires, Argentina; Sao Paulo and Rio, Brazil; Brussels, Belgium; London and Reading, England; Paris, 12 France; Stuttgart, Germany; Stockholm and Helsinborg, Sweden; Milan and Padova, Italy; Madrid, Spain; Zurich, Switzerland; Amsterdam, Netherlands; Sydney, Australia; Manila, Philippines; and Tokyo, Japan. We believe that our existing facilities and Atlanta headquarters are adequate for our current needs and that additional space will be available as needed. ITEM 3. LEGAL PROCEEDINGS Beginning on September 28, 2001, the Company and certain of its officers and directors were named as defendants in several lawsuits alleging violations of the federal securities laws, including Sections 10(b) and 20(a) of the Securities Exchange Act of 1934, as amended, and Rule 10b-5 thereunder. As of March 27, 2002, six such actions have been filed in the United States District Court for the Northern District of Georgia. The complaints, which are substantially similar in nature, purport to be brought on behalf of a class of investors who purchased the Company's stock during the period from April 5, 2001 through August 14, 2001 (the "Class Period"). The complaints generally allege that the Company and the individual defendants violated the anti-fraud provisions of the federal securities laws and caused the Company's stock to trade at artificially high prices by making misrepresentations relating to the Company's financial condition and prospects during the Class Period. The complaints seek damages in an unspecified amount. The Company anticipates that all six of these actions, along with any other similar actions, which may hereafter be filed, will be consolidated into a single case. No answer or other responsive papers are yet due from the defendants. The Company believes that it has meritorious defenses and intends to defend the actions vigorously. ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS No matter was submitted to a vote of our shareholders during the fourth quarter of 2001. 13 PART II ITEM 5. MARKET FOR REGISTRANT'S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS Our Common Stock is quoted on the NASDAQ National Market under the symbol "ISSX". The following table lists the high and low per share sales prices for the Common Stock as reported by the NASDAQ National Market for the periods indicated:
2001: HIGH LOW ----- ------ ------ First Quarter............................................... $80.19 $25.25 Second Quarter.............................................. 62.46 19.75 Third Quarter............................................... 51.49 8.35 Fourth Quarter.............................................. 38.85 9.42
2000: HIGH LOW ----- ------- ------ First Quarter............................................... $141.00 $46.25 Second Quarter.............................................. 116.00 58.00 Third Quarter............................................... 108.75 51.13 Fourth Quarter.............................................. 102.94 58.81
As of March 20, 2002, there were 48,206,241 shares of our Common Stock outstanding held by 302 stockholders of record. We have never declared nor paid cash dividends on our capital stock. We intend to retain any earnings for use in our business and do not anticipate paying any cash dividends in the foreseeable future. Our Board of Directors will determine future dividends, if any. In June 2001, we issued approximately 4,311,000 shares of Common Stock as consideration for all the issued and outstanding stock of privately held Network ICE Corporation. We also assumed all of the outstanding Network ICE stock options, which totaled approximately 289,000 shares of ISS common stock. These shares were issued in a transaction exempt from registration under the Securities Act of 1933, as amended. 14 ITEM 6. SELECTED CONSOLIDATED FINANCIAL DATA The financial data set forth below for each of the three years in the period ended December 31, 2001 and as of December 31, 2000 and 2001 has been derived from the audited consolidated financial statements appearing elsewhere in this Annual Report on Form 10-K. The financial data for the years ended December 31, 1997 and 1998 and as of December 31, 1997 1998 and 1999, has been derived from audited financial statements not included herein. This data should be read in conjunction with the consolidated financial statements and notes thereto, and with Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations.
YEAR ENDED DECEMBER 31, -------------------------------------------------- 1997 1998 1999 2000 2001 ------- ------- -------- -------- -------- (AMOUNTS IN THOUSANDS, EXCEPT PER SHARE AMOUNTS) CONSOLIDATED STATEMENT OF OPERATIONS DATA: Revenues...................................... $25,425 $57,088 $116,487 $194,975 $223,559 Merger costs.................................. -- -- 2,329 -- -- Write-off of lease obligation................. -- -- -- -- 1,072 Charge for in-process research and development................................. -- 802 -- -- 2,910 Amortization of goodwill...................... -- 77 318 479 26,505 Amortization of intangibles and stock-based compensation................................ -- 153 674 674 5,227 Operating income (loss)....................... (3,469) (6,105) 2,700 20,569 (24,158) Other income, including Japan IPO gain........ -- -- -- -- 15,132 Net income (loss)............................. $(3,306) $(3,893) $ 7,490 $ 18,315 $(15,458) ======= ======= ======== ======== ======== Basic net income (loss) per share............. $ (0.18) $ (0.12) $ 0.19 $ 0.44 $ (0.34) ======= ======= ======== ======== ======== Diluted net income (loss) per share........... $ (0.18) $ (0.12) $ 0.17 $ 0.41 $ (0.34) ======= ======= ======== ======== ========
DECEMBER 31, -------------------------------------------------- 1997 1998 1999 2000 2001 ------- ------- -------- -------- -------- (AMOUNTS IN THOUSANDS) CONSOLIDATED BALANCE SHEET DATA: Working capital............................... $ 1,523 $53,157 $127,135 $145,133 $149,080 Goodwill, less accumulated amortization....... -- 3,094 2,775 3,167 197,060 Total assets.................................. 13,816 84,724 184,845 240,240 500,984 Redeemable, convertible preferred stock....... 8,878 -- -- -- -- Stockholders' equity.......................... 4,468 66,505 155,153 188,389 426,935
15 ITEM 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS The following discussion should be read in conjunction with the Consolidated Financial Statements and related Notes thereto included elsewhere in this document. Except for the historical financial information, the matters discussed in this document may be considered "forward-looking" statements. Such statements include declarations regarding our intent, belief or current expectations. Such forward-looking statements are not guarantees of future performance and involve a number of risks and uncertainties. Actual results may differ materially from those indicated by such forward-looking statements as a result of certain factors, including, but not limited to, those set forth under the "Risk Factors" heading below. OVERVIEW We are a global leader in information protection solutions dedicated to protecting online assets. Our proactive line of defense protects networks, servers and desktops against an ever-changing spectrum of threats, with a comprehensive line of products and services designed specifically for the particular needs of enterprise, smaller enterprise, consumer and service provider markets. These threat protection solutions go beyond basic access control to deliver multiple layers of defense that detect, prevent and respond to threats prior to those threats causing damage to our customers' business operations. We provide a wide range of proactive protection that spans networks, servers and individual desktops, built around the need for comprehensive, cost-effective detection, prevention and response arising from attacks, misuse and security policy violations, all while ensuring the confidentiality, privacy, integrity and availability of proprietary information. Our family of products is a critical element of an active Internet and networking security program within today's world of global connectivity, enabling organizations to proactively monitor, detect and respond to risks to enterprise information. Our line of products is designed specifically for the particular needs of enterprise, smaller enterprise, consumer and service provider markets. Our managed services offerings currently provide remote management of the industry's best-of-breed security technology including security assessment and intrusion detection systems, firewalls, VPNs, anti-virus and URL filtering software. We focus on serving as the trusted security provider to our customers by maintaining within our existing products the latest counter-measures to security risks, creating new innovative products based on our customers' needs and providing professional and managed services. CRITICAL ACCOUNTING POLICIES The consolidated financial statements were prepared in conformity with accounting principles generally accepted in the United States. As such, management is required to make certain estimates, judgments and assumptions they believe are reasonable based upon the information available. These estimates and assumptions affect the reported amounts of assets and liabilities at the date of the financial statements and the reported amounts of revenues and expenses during the periods presented. The significant accounting policies which management believes are the most critical to aid in fully understanding and evaluating our reported financial results include the following: Revenue recognition Revenue is recognized under Statement of Position ("SOP") 97-2 as modified by SOP 98-9, when the following criteria have been met: - persuasive evidence of an arrangement exists; - delivery has occurred or services have been rendered; - price is fixed and determinable; and - collection is probable. 16 We recognize perpetual license revenues from ISS developed products upon (i) delivery of software or, if the customer has evaluation software, delivery of the software key and (ii) issuance of the related license, assuming that no significant vendor obligations or customer acceptance rights exist. Where payment terms are extended over periods greater than 12 months, revenue is recognized as such amounts are billable. Product sales consist of (i) appliances sold in conjunction with ISS licensed software and (ii) software developed by third party-partners, combined in some instances with associated hardware appliances and partner maintenance services. These sales are recognized upon shipment to the customer. License sales of enterprise and small enterprise products are generated both through a direct sales force and through resellers. License sales of small office/home office and consumer products are made through a distributor to retail establishments and are sold directly to customers via the Internet. License revenue for sales made through resellers and distributors are recognized only when the product is delivered to the end user. Annual renewable maintenance is a separate component of each perpetual license agreement for ISS products with revenue recognized ratably over the maintenance term. Subscription revenues include maintenance, term licenses, and managed service arrangements. Term licenses allow customers to use our products and receive maintenance coverage for a specified period, generally 12 months. We recognize revenues from these term agreements ratably over the subscription term. Security monitoring services of information assets and systems are part of managed services and are recognized as such services are provided. Professional services revenues include consulting services and training. Consulting services, typically billed on a time-and-materials basis, assist in the successful deployment of our products within customer networks, the development of customers' security policies and the assessment of security policy decisions. We recognize such professional services revenues as the related services are rendered. Multiple element arrangements can include any combination of hardware, software or services. When some elements are delivered prior to others in an arrangement, revenue is deferred until the delivery of the last element unless there is all of the following: - vendor specific objective evidence (VSOE) of fair value of the undelivered elements; - the functionality of the delivered elements is not dependent on the undelivered elements; - delivery of the delivered elements represents the culmination of the earnings process Our historical rate of return for our software products is negligible. We offer demonstration software available via download from our website that allows potential customers to see the functionality of the products on their own networks. We did not have any transactions in 1999, 2000 or 2001 involving reciprocal arrangements where goods or services were purchased from an organization at the same time that we licensed software or provided services to that organization. Allowance for doubtful accounts Our sales are global, including companies located in the United States, Europe, Latin America and the Asia/Pacific regions. We perform periodic credit evaluations of our customer's financial condition and do not require collateral. Credit risk with respect to trade accounts receivable are limited due to the large number of entities that comprise the Company's customer base. We provide for estimated credit losses as such losses become probable and such losses have been within management's expectations. While credit losses have historically been within management's expectations and the provisions established, we cannot guarantee that we will continue to experience the same credit loss rates we have in the past. If the financial condition of our customers were to deteriorate, resulting in an impairment of their ability to make payments, additional allowances may be required. Impairment of goodwill We have significant intangible assets related to goodwill. We periodically evaluate acquired businesses for potential impairment. Our judgments regarding the existence of impairment indicators are based on legal factors, market conditions and operational performance of our acquired businesses. Future events could cause 17 us to conclude that impairment indicators exist and that goodwill associated with our acquired business is impaired. Any resulting impairment could have a material adverse impact on our financial statements and results of operations. During the year ended December 31, 2001 we did not record any impairment losses related to goodwill. ACQUISITIONS We believe that our total solutions approach will grow all of our revenue categories. This includes our products and managed services offerings, as well as maintenance and professional services and training. While we expect the expansion of these product and service offerings to originate primarily from internal development, our strategy includes acquiring products, technologies and service capabilities that fit within our strategy and that potentially accelerate the timing of the commercial introduction of such products and technologies. On June 5, 2001, we acquired 100% of the outstanding stock of Network ICE Corporation, a privately held corporation based in San Mateo, California ("Network ICE"). Network ICE was a leading developer of desktop intrusion protection technology and highly scalable security management systems. The merger was accounted for as a purchase and, accordingly, the operating results of Network ICE are included in the consolidated financial statements of ISS from the date of acquisition. Substantially all of the aggregate purchase price of $237.6 million was allocated to goodwill, with the remainder allocated to identified intangibles, including in-process research and development, developed technology, customer relationships, and to deferred compensation related to stock options assumed. Two acquisitions, ISYI and Seguranca Ativa de Redes Internet e Sistemas Ltda ("SARIS") were completed in the third quarter of 2000. ISYI is a leader in advanced network security monitoring services in the Italian market and an early provider of remote security monitoring services. The ISYI transaction has been accounted for using the pooling-of-interests method; however, this transaction was not material to ISS's consolidated operations and financial position and, therefore, our operating results have not been restated for this transaction. Our operating results include the results of operations of ISYI since the date of acquisition. The SARIS transaction has been accounted for using the purchase method of accounting and accordingly our operating results include the results of operations of SARIS since the date of acquisition. Acquisitions of Netrex, Inc. and NJH Security Consulting were completed in the third quarter of 1999. Netrex was a leading provider of remote, security monitoring services. NJH Security Consulting included a technology foundation to provide an outsourced solution for the automatic detection and management of customers' security risks using ISS software solutions. This technology was incorporated into our managed security service offerings. These transactions were accounted for using the pooling-of-interests method of accounting. Our consolidated financial statements have been restated for all periods presented to include the results of Netrex. The acquisition of NJH Security Consulting was not material to our consolidated operations and financial position and, therefore, the operating results of ISS have not been restated for this transaction. The operating results of ISS include the results of operations of NJH since the date of acquisition. We have experienced significant annual revenue growth year-after-year. Except for our quarter ended June 30, 2001 decrease from the previous quarter ended March 31, 2001, we have had consistent quarterly increases over the last five years in measuring sequential quarterly revenues. The third and fourth quarters ended September 30, 2001 and December 31, 2001 showed sequential quarterly revenue growth over the second quarter ended June 30, 2001. Many factors effect financial performance, and past performance is no assurance of similar future performance. We expect, in the long-term, to continue to expand our domestic and international sales and marketing operations; increase our investment in product development including our proprietary threat and vulnerability database and managed services capabilities; seek acquisition candidates with products, technologies or services capabilities complimentary to our solutions; and improve our internal operating and financial infrastructure in support of our strategic goals and objectives. At the same time, we will adjust our organization size in light of current economic conditions. Due to the decrease in revenues for the quarter ended June 30, 2001, we resized our operations during the third quarter of 2001, resulting in personnel reductions and expected decreases in various operating expenses, with emphasis also on controlling discretion- 18 ary spending and capital expenditures. While we believe in the long-term success of our business solutions, our prospects must be considered in light of the recent experience, risks and difficulties that are frequently encountered by companies in new and rapidly evolving markets. See "Risk Factors". RESULTS OF OPERATIONS The following table sets forth our consolidated historical operating information, as a percentage of total revenues, for the periods indicated:
YEAR ENDED DECEMBER 31, ------------------------- 1999 2000 2001 ----- ----- ----- Consolidated Statement of Operations Data: Product licenses and sales............................... 63% 62% 55% Subscriptions............................................ 21 21 30 Professional services.................................... 16 17 15 --- --- --- Total revenues................................... 100 100 100 --- --- --- Cost of revenues: Product.................................................. 16 12 6 Subscriptions and services............................... 16 19 23 --- --- --- Total cost of revenues........................... 32 31 29 Research and development................................... 18 16 16 Sales and marketing........................................ 37 35 41 General and administrative................................. 8 7 9 Write-off of lease obligation.............................. -- -- 1 Charge for in-process research and development............. -- -- 1 Merger costs............................................... 2 -- -- Amortization of goodwill................................... -- -- 12 Amortization of intangibles & stock based compensation..... 1 -- 2 --- --- --- Total costs and expenses......................... 98 89 111 --- --- --- Operating income (loss).................................... 2% 11% (11)% === === ===
REVENUES Product licenses and sales Product licenses and sales, including perpetual licenses and sales of partner software and hardware appliances, continued to be the primary source of revenue generation at 63% of total revenues in 1999, 62% in 2000 and 55% in 2001. The decrease in product licenses and sales as a percentage of total revenues over the past two years is primarily due to the decrease in the sales of third-party products. We made several changes in 2000 and 2001 that impacted the level of sales of third-party products. Primarily, this movement away from direct sales of third-party products was a conscious effort to simplify our business by focusing on our own ISS solutions. The business of selling third-party products arose from our Netrex acquisition in 1999. Although we have de-emphasized sales of third party products, we continue it as part of our managed security services offerings. Additionally, we modified our agreement with Nokia, a maker of appliances that work in conjunction with ISS RealSecure software and certain Checkpoint software. We previously purchased and resold these Nokia appliances with ISS RealSecure software, but now the sale of the Nokia appliances occurs primarily through Nokia resellers, with the sale of ISS RealSecure software directly by us or through our resellers to our customers. This change lowered our sales because the Nokia appliances component of sales is now occurring through Nokia resellers. License sales of enterprise and small enterprise products are generated both through a direct sales force and through resellers. When our resellers generate sales, revenues are recognized when the end user sale has occurred, which is identified through electronic delivery of a software key that is necessary to operate the product. 19 License sales of small office/home office and consumer products are made through distributors to retail establishments and are sold directly to customers via the Internet. License revenue for sales made through our distributors is recognized only when the product is sold to the end user. We continue to add functionality to our product family, providing network, server and desktop-based solutions, as well as to our security management applications. In the second quarter of 2001, the acquisition of Network ICE added desktop intrusion detection and highly scalable security management systems to the family. Additionally, we announced our pervasive protection platform strategy to converge intrusion detection and security assessment technologies into one system for enhanced accuracy and simplified management. In the third quarter of 2001, we released several enhancements to our product offerings that included our pervasive protection platform strategy and incorporated some technology from the Network ICE product set. In the fourth quarter of 2001, we initiated a controlled release of RealSecure SiteProtector 1.0, the first version of our new security management platform, and Security Fusion Module 1.0, the first automated security intelligence module for RealSecure SiteProtector. A controlled release consists of shipping the software to selected customers. We did a full launch of RealSecure SiteProtector 1.0 and Security Fusion Module 1.0 during the first quarter of 2002. These improvements as well as planned new offerings are intended to provide our customers with more powerful and easier-to-use solutions for security management across the enterprise. Subscriptions Subscriptions revenue represented 21% of total revenues in 1999 and 2000, and increased to 30% of total revenues in 2001. Subscription revenues consist of maintenance, term licenses of product usage and security-monitoring fees for managed services offerings. The increase in subscriptions revenue as a percentage of total revenues was primarily due to maintenance, the largest component, which grew from 12% of total revenues in 1999 to 13% in 2000 and to 20% in 2001. This growth is due to a high level of maintenance contract renewals and the continuing increase of our software client base that generate maintenance revenues. Managed services grew to 6% of total revenues in the year 2001, as compared with 4% in the years 2000 and 1999. Professional Services Professional services revenue represented 16% of total revenues in 1999 increasing to 17% in 2000 and decreasing to 15% in 2001. In 1999 and 2000 we continued to build our service capabilities to address demand from our customers for security consulting and implementation services. During 2001, professional services as a percentage of total revenues decreased as a result of reduced customer spending as entities curtailed costs in the second half of 2001. Further contributing to this decline in 2001 was a narrowing of our consulting offerings to focus on services that directly contribute to our protection platform strategy. We also decreased the number of training classes related to third-party products and increased our emphasis on courses related to ISS solutions. Geographic regions Geographically, we derived the majority of our revenues from sales to customers within the Americas region; however, international operations continued to be a significant contributor to revenues and a growing percentage of the business. Revenues by region represented the following percentages of total revenues:
1999 2000 2001 ---- ---- ---- Americas.................................................... 84% 79% 71% EMEA........................................................ 11% 13% 15% Asia/Pacific Rim............................................ 5% 8% 14%
Revenues in EMEA and Asia/Pacific Rim grew from 1999 to 2001 due to geographical expansion in their regions and a level of economic recovery in some of the Asia/Pacific Rim region. The Americas revenue decreased from 2000 to 2001 as a percent of total revenue due to the reduction in sales of third party products. This business arose in 1999 from our acquisition of Netrex that operated only in the United States. Additionally, a more difficult macro-economic condition existed in 2001 in the United States. 20 The financial data for each segment can be found in Note 10 to the Consolidated Financial Statements in Item 14. COSTS AND EXPENSES In the quarter ended September 30, 2001, we resized the business as the result of disappointing sales results in the quarter ended June 30, 2001. This included personnel reductions in all areas of the business and decreases in various operating expenses, with emphasis also on controlling discretionary spending and capital expenditures. The severance costs, contract termination and office consolidation costs incurred in the third quarter of 2001 related to these activities are included in the appropriate expense categories and totaled approximately $2.1 million. Cost of product licenses and sales Cost of product licenses and sales consists of several components. Costs associated with licensing our products are minor. Substantially all of the cost of product licenses and sales represents payments to partners for their products that we integrate with our products or directly sell to our customers in providing a single solution source. Costs of product revenues as a percentage of total revenues decreased from 16% in 1999 to 12% in 2000 and to 6% in 2001, as sales of partner software and hardware appliances represented a lower percentage of total revenues. This decrease was primarily the result of a reduction in sales of third party products. The continued decrease as a percent of revenue is consistent with our movement away from the direct sales of third-party products, except where related to ISS managed services. Cost of subscription and services Cost of subscription and services includes the cost of our technical support personnel who provide assistance to customers under maintenance agreements, the security operations center ("SOC") costs of providing managed security monitoring services and the costs related to consulting and training. These costs as a percentage of total revenues were 16% in 1999, 19% in 2000 and 23% in 2001. The percentage increases year-over-year are a result of our significant commitment to subscription and services revenues. We expanded our managed security offering capabilities in terms of automated systems, number of managed security operations centers and personnel resources. We made an increased investment in automated systems and personnel resources for our Asia/Pacific SOC, which began operating in the third quarter of 2001, and in our United States SOC to handle anticipated growth. We added professional services capabilities and more automated technical support programs over the last year. As we narrowed the scope of our professional service and training offerings in the latter half of 2001, we took actions to reduce personnel in the consulting and training groups to achieve appropriate gross margins at expected revenue levels. Research and development Research and development expenses consist of salary and related costs of research and development personnel, including costs for employee benefits, and depreciation on computer equipment. These costs include those associated with maintaining and expanding the X-Force, our internal team of security experts. We also increased the number of our development personnel focused on our best-of-breed products, enterprise applications, managed services offerings and research for future product offerings, including the addition of approximately 20 engineers from the June 2001 Network ICE acquisition. We increased these expenditures, as we believe primary research and product development and managed service offerings are essential ingredients for retaining our leadership position in the market. Accordingly, research and development expenses increased in absolute dollars from $20.4 million in 1999 to $31.3 million in 2000 and to $35.4 million in 2001. These costs represented 18% of total revenues in 1999, and 16% in both 2000 and 2001. We continue to integrate the Network ICE technologies into our technologies under the leadership of our Vice President of Engineering and Development, the former chief executive officer of Network ICE. Our personnel reduction actions in the third quarter of 2001 included our development group, and we expect these costs to decrease as a percentage of revenues in future quarters through controlled growth relative to our planned revenue 21 expansion. We will continue to seek more leverage in the research and development area while continuing to invest in the enhancement of current technologies and the development of new technologies. Sales and marketing Sales and marketing expenses consist primarily of salaries, travel expenses, commissions, advertising, maintenance of our Website, trade show expenses, costs of recruiting sales and marketing personnel and costs of marketing materials. Sales and marketing expenses were $43.1 million in 1999, $68.0 million in 2000 and $92.0 million in 2001. Sales and marketing expenses decreased as a percentage of total revenues from 37% in 1999 to 35% in 2000, primarily due to the greater levels of productivity achieved by our sales force. The increase to 41% in 2001 is the result of several factors. More difficult economic conditions in 2001 resulted in increased sales and marketing efforts in order to achieve our targets, especially after our disappointing results for the second quarter of 2001. We incurred severance costs in the third quarter of 2001 as a result of our headcount reduction. Finally, sales of third party products, which carry a lower sales commission rate, decreased. While it is our expectation to gain leverage in our sales and marketing costs in the future, this will be largely dependent on economic and competitive conditions in future periods. General and administrative General and administrative expenses of $9.2 million in 1999, $14.5 million in 2000 and $20.4 million in 2001, represented approximately 8% in 1999, 7% in 2000 and 9% in 2001, of our total revenues. General and administrative expenses consist of personnel-related costs for executive, administrative, finance and human resources, information systems and other support services costs, and legal, accounting and other professional service fees. The increase in these expenses from 1999 to 2000 and from 2000 to 2001 is partially attributable to our efforts, through additional employees and systems, to enhance our management's ability to obtain and analyze information about our domestic and international operations, and to support a larger employee base, as well as the expansion of our facilities. In November 2000 we began occupying our corporate headquarters in Atlanta and moved the balance of our Atlanta personnel in the first quarter of 2001, incurring expenses associated with the move. The third quarter of 2001 included severance, contract termination and office consolidation costs that caused general and administrative costs to increase in this period. Write-off of lease obligation In the first quarter of 2001, we completed the relocation of our Atlanta personnel into our corporate headquarters. We recorded a $1.1 million charge resulting from the write-off of the remaining lease obligation on our previous Atlanta headquarters office space. This non-recurring expense originated in the first quarter of 2001, as available subleased space in the area grew substantially in the quarter as the result of layoffs, closures and consolidations, reducing the prospects of subleasing our old space. Charge for in-process research and development We have reflected a charge of $2.9 million in 2001 for the write-off of in-process research and development costs associated with the Network ICE acquisition in June 2001. In-process research and development had not reached technological feasibility based on identifiable technological risk factors which indicated that even though successful completion was expected, it was not assured at the acquisition date and was immediately charged to operations. Merger costs Merger costs of $2.3 million in 1999 represented the direct out-of-pocket costs incurred in connection with two acquisitions accounted for using the pooling method of accounting -- Netrex, Inc. and NJH Security Consulting. These costs were principally investment advisor, legal and accounting fees. Direct out of pocket costs incurred for other acquisitions accounted for using the purchase method of accounting were included as a part of the total acquisition cost. 22 Amortization We incurred amortization expense of $319,000 in 1999, $480,000 in 2000 and $26.5 million in 2001 related to goodwill and $674,000 in 1999 and 2000 and $5.2 million in 2001 related to intangible assets and stock based compensation, resulting from acquisitions accounted for under the purchase method of accounting. The significant increase from 2000 to 2001 of amortization expense resulted from our June 2001 acquisition of Network ICE. Under the recently issued Financial Accounting Standards for Business Combinations and Goodwill and Other Intangible Assets, beginning January 1, 2002, goodwill will no longer be amortized but will be subject to periodic tests for impairment. Interest income Net interest income increased from $5.9 million in 1999 to $8.4 million in 2000, and decreased to $6.3 million in 2001. The increase between 1999 and 2000 resulted primarily from an increase in the amount of cash invested in interest bearing securities due to our secondary public offering. The decrease in interest income from 2000 to 2001 resulted from lower market rates of interest on debt securities. The market rate of interest paid on investment quality commercial paper and similar investments dropped from approximately 6.5% during 2000 to approximately 2% at the end of 2001. As a result, interest income decreased despite a increase in cash and cash equivalents and interest bearing marketable securities. Minority interest Minority interest totaled $336,000 in 2001. Minority interest represents the portion of earnings that would be distributed to shares not held by us if the Asia Pacific subsidiary declared a dividend equal to its earnings. In March 2001 we sold approximately 2% of the outstanding shares of our Asia/Pacific Rim subsidiary to employees and key partners. In September 2001, our Asia Pacific subsidiary sold newly issued shares equal to approximately 10% of its previously outstanding shares in its initial public offering on the Japan over-the counter market. Other income Other income includes a subsidiary IPO gain of $13.6 million from an initial public offering on the Japan over-the-counter market by our subsidiary responsible for Asia and Pacific Rim operations. We believe that the IPO will provide more visibility of this operation in its marketplace, in addition to providing funds for the expansion of the business. Other income also includes non-recurring other income of $1.6 million generated from the March 2001 sale of approximately 2% of the outstanding shares of our Asia/Pacific Rim subsidiary to employees and key partners. These income amounts represent the difference between proceeds received and the underlying basis in the stock less the minority interest in such gains. In anticipation of the IPO, options were granted in the subsidiary as a means of retaining key employees. The price for the shares and exercise price for the options was established based on a valuation of the subsidiary by an independent appraisal firm. Foreign currency exchange gain (loss) The exchange loss of $136,000 in 1999 and $331,000 in 2000 and the exchange gain of $175,000 in 2001 are a result of fluctuations in currency exchange rates between the U.S. Dollar and other currencies, primarily the Euro and the Japanese Yen and changes in value of assets and liabilities that are denominated in foreign currencies. Provision for income taxes We recorded a provision for income taxes of $976,000 in 1999, $10.3 million in 2000 and $12.5 million in 2001. These provisions included taxes for Japanese and European operations and the results of Netrex following our August 1999 merger. Prior to the merger, Netrex profits were taxed at the shareholder level. In 1999, we utilized loss carryforwards to offset tax expense that would otherwise be recorded on profits from certain operations for 1999. As of December 31, 1999 substantially all loss carryforwards that would 23 reduce future income tax expense related to United States operations had been utilized. While income tax expense was recorded on domestic income in 2000 and 2001, taxes payable were reduced by deductions related to the employee exercise of stock options. The tax benefit for the use of these stock option deductions was recorded as additional paid-in capital. As of December 31, 2001 we had a net operating loss carryforward of approximately $84 million related to stock option deductions. The tax benefit for this carryforward will be recorded as additional paid-in-capital when it is realized. We also have approximately $2.4 million of research and development tax credit carryforwards, which expire between 2011 and 2020 and foreign tax credit carryforwards of $1.0 million that expire in 2006. Quarterly Results of Operations The following table sets forth certain unaudited consolidated quarterly statement of operations data for the eight quarters ended December 31, 2001, as well as such data expressed as a percentage of our total revenues for the periods indicated. This data has been derived from unaudited consolidated financial statements that, in our opinion, include all adjustments, consisting only of normal recurring adjustments, necessary for a fair presentation of such information when read in conjunction with our consolidated financial statements and related notes appearing elsewhere in this document. As a result of the risks associated with the new and rapidly evolving market that we serve, the operating results for any quarter below are not necessarily indicative of results for any future period.
2000 2001 ---------------------------------------- ------------------------------------------- MAR. JUN. SEPT. DEC. MAR. JUN. SEPT. DEC. 31 30 30 31 31 30 30 31 ------- ------- ------- ------- ------- -------- -------- -------- (AMOUNTS IN THOUSANDS) CONSOLIDATED STATEMENT OF OPERATIONS DATA: Revenues: Product and license sales.................... $24,778 $26,331 $31,770 $36,824 $36,176 $ 28,088 $ 27,435 $ 30,686 Subscriptions.............. 8,089 9,537 10,938 13,142 15,136 15,460 17,663 18,428 Professional services...... 6,424 8,349 9,079 9,714 9,843 8,162 7,636 8,846 ------- ------- ------- ------- ------- -------- -------- -------- 39,291 44,217 51,787 59,680 61,155 51,710 52,734 57,960 Costs and expenses: Cost of revenues........... 11,988 13,039 16,409 17,988 18,382 17,064 14,189 14,512 Research and development... 6,802 7,566 8,449 8,499 8,315 8,940 9,276 8,882 Sales and marketing........ 14,284 15,658 17,406 20,684 21,634 23,913 23,449 23,005 General and administrative........... 2,884 3,491 3,429 4,677 4,511 5,085 5,509 5,337 Write-off of lease obligation............... 1,072 -- -- -- Charge for in-process research and development.............. -- -- -- -- -- 2,910 -- -- Amortization of goodwill... 80 80 119 202 198 3,930 11,393 10,984 Amortization of intangibles and stock based compensation............. 168 168 168 168 168 1,146 2,213 1,700 ------- ------- ------- ------- ------- -------- -------- -------- Total costs and expenses........... 36,206 40,002 45,982 52,216 54,280 62,988 66,029 64,420 Operating income (loss)...... 3,085 4,215 5,805 7,464 6,875 (11,278) (13,295) (6,460) Interest income, net......... 1,868 2,070 2,253 2,224 1,958 1,792 1,524 976 Minority interest............ -- -- -- -- -- -- (156) (180) Other income, including Japan IPO gain................... -- -- -- -- 1,638 -- 13,620 (126) Foreign currency exchange gain (loss)................ (126) 95 (463) 163 (251) (31) (163) 620 ------- ------- ------- ------- ------- -------- -------- -------- Income (loss) before income taxes...................... 4,827 6,380 7,595 9,851 10,220 (9,517) 1,530 (5,170) Provision for income taxes... 1,757 2,299 2,740 3,542 3,679 (3,907) 7,618 5,131 ------- ------- ------- ------- ------- -------- -------- -------- Net income (loss)............ $ 3,070 $ 4,081 $ 4,855 $ 6,309 $ 6,541 $ (5,610) $ (6,088) (10,301) ======= ======= ======= ======= ======= ======== ======== ========
24
2000 2001 ---------------------------------------- ------------------------------------------- MAR. JUN. SEPT. DEC. MAR. JUN. SEPT. DEC. 31 30 30 31 31 30 30 31 ------- ------- ------- ------- ------- -------- -------- -------- (AMOUNTS IN THOUSANDS) AS A PERCENTAGE OF TOTAL REVENUES: Revenues: Product and license sales.................... 63% 59% 61% 62% 59% 54% 52% 53% Subscriptions.............. 21% 22% 21% 22% 25% 30% 34% 32% Professional services...... 16% 19% 18% 16% 16% 16% 14% 15% ------- ------- ------- ------- ------- -------- -------- -------- 100% 100% 100% 100% 100% 100% 100% 100% Costs and expenses: Cost of revenues........... 31% 30% 32% 30% 30% 33% 27% 25% Research and development... 17% 17% 16% 14% 14% 17% 18% 15% Sales and marketing........ 36% 35% 34% 35% 35% 46% 45% 40% General and administrative........... 7% 8% 7% 8% 7% 10% 10% 9% Write-off of lease obligation............... -- -- -- -- 2% -- -- -- Charge for in-process research and development.............. -- -- -- -- -- 6% -- -- Amortization of goodwill... -- -- -- -- -- 8% 22% 19% Amortization of intangibles and stock based compensation............. -- -- -- -- -- 2% 4% 3% ------- ------- ------- ------- ------- -------- -------- -------- Total costs and expenses........... 92% 91% 89% 88% 89% 122% 125% 111% ------- ------- ------- ------- ------- -------- -------- -------- Operating income (loss).... 8% 9% 11% 12% 11% (22%) (25%) (11%) ======= ======= ======= ======= ======= ======== ======== ========
LIQUIDITY AND CAPITAL RESOURCES Our financial position remained strong throughout 2001 despite the economic downturn. Our cash and cash equivalents increased from $66.2 million at December 31, 2000 to $108.0 million at December 31, 2001. Marketable securities investments, which are all highly rated debt obligations with maturities greater than 3 months to maturity but less than 9 months decreased from $65.9 million at December 31, 2000 to $55.1 million at December 31, 2001. During fiscal 2001 we met our working capital needs and capital equipment needs with cash provided by operations. Cash provided by operations in 2001 totaled $39.4 million compared to $20.5 million in 2000 and $11.8 million in 1999. Accounts receivable decreased $9.3 million compared to increases of $28.7 million in 2000 and $10.2 million in 1999. These changes were primarily the result of changes in sales levels in the fourth quarter of the respective periods, increasing from 1999 to 2000 and decreasing from 2000 to 2001. We measure our accounts receivable management by our daily sales outstanding (DSO). This is a measurement of accounts receivable divided by billings in the quarter, represented by the sum of revenues plus the change in the deferred revenues liability account balance. This measurement was 63, 77 and 78 days at December 31, 1999, 2000 and 2001, respectively. Our investing activities of $12.2 million in 2001 included the purchase of $116.8 million of intermediate term marketable securities, primarily interest-bearing government obligations and commercial paper, offset by net proceeds from the maturity of marketable securities of $127.3 million. We invest excess cash in short and intermediate term investments, depending on our projected cash needs for operations, capital expenditures and other business purposes. The marketable securities investments are limited to highly rated debt obligations that have only a remote risk of loss of principal. We also invested in equipment totaling $31.7 million as we provided existing and new personnel with the computer hardware and software environment necessary to perform their job functions, expanded our managed security services infrastructure, and incurred leasehold improvement costs for our new headquarters. We expect a reduced level of equipment investment in 2002 because the initial phase of our headquarters facility is completed and the growth in our employment has slowed. In addition, the net proceeds of $16.5 million on the sales of stock of our Japan subsidiary IPO was an investing activity source of cash. Our financing activities provided $16.2 million of cash in 2001, which consisted of proceeds of $14.0 million from the exercise of stock options by our employees and $2.2 million of proceeds from the issuance of common stock through our Employee Stock Purchase Plan. 25 At December 31, 2001, we had $163.2 million of cash and cash equivalents and marketable securities, consisting primarily of money market accounts and investment grade commercial paper. An additional $12.5 million of commercial paper investments are pledged as collateral for stand-by letters of credit related to the operating leases of our facilities and are shown on the balance sheet as restricted cash. We believe that such cash and cash equivalents and marketable securities will be sufficient to meet our working capital needs and capital expenditures for the foreseeable future. Furthermore, we are not aware of any trends, events, or uncertainties that are reasonably likely to result in any significant change to our liquidity. From time to time we evaluate possible acquisition and investment opportunities in businesses, products or technologies that are complimentary to ours. In the event we determine to pursue such opportunities, we may use our available cash and cash equivalents. Pending such uses, we will continue to invest our available cash in investment grade, interest-bearing investments. We do not have any off-balance sheet financing arrangements or any relationships with "structured finance" or "special purpose" entities. Other than our non-cancelable operating leases for office space, we do not have any contractual obligations that would impact our liquidity. Our payment for operating leases is secured by three stand-by letters of credit totaling approximately $10,600,000. The stand-by letters of credit are annually renewable over the duration of the applicable leases. We do not anticipate utilizing these stand-by letters of credit to provide any liquidity needs. RISK FACTORS Forward-looking statements are inherently uncertain as they are based on various expectations and assumptions concerning future events and are subject to known and unknown risks and uncertainties. Our forward-looking statements should be considered in light of the following important risk factors. Variations from our stated intentions or failure to achieve objectives could cause actual results to differ from those projected in our forward-looking statements. We undertake no obligation to update publicly any forward-looking statements for any reason, even if new information becomes available or other events occur in the future. We Operate in a Rapidly Evolving Market We began operations in 1994 and achieved profitability in 1999. We operate in a new and rapidly evolving market and must, among other things: - respond to competitive developments; - continue to upgrade and expand our product and services offerings; and - continue to attract, retain and motivate our employees. We cannot be certain that we will successfully address these risks. As a result, we cannot assure our investors that we will be able to continue to operate profitably in the future. Our Future Operating Results Will Likely Fluctuate Significantly As a result of our limited operating history, we cannot predict our future revenues and operating results. However, we do expect our future revenues and operating results to fluctuate due to a combination of factors, including: - the growth in the acceptance of, and activity on, the Internet and the World Wide Web, particularly by corporate, institutional and government users; - the extent to which the public perceives that unauthorized access to and use of online information are threats to network security; - the volume and timing of orders, including seasonal trends in customer purchasing; - our ability to develop new and enhanced product and managed service offerings and expand our professional services capabilities; 26 - our ability to provide scalable managed services offerings through our partners in a cost effective manner; - foreign currency exchange rates that affect our international operations; - product and price competition in our markets; and - general economic conditions, both domestically and in our foreign markets. We increasingly focus our efforts on sales of enterprise-wide security solutions, which consist of our entire product suite and related professional services, and managed security services, rather than on the sale of component products. As a result, each sale may require additional time and effort from our sales and support staff. In addition, the revenues associated with particular sales vary significantly depending on the number of products licensed by a customer, the number of devices used by the customer and the customer's relative need for our professional services. Large individual sales, or even small delays in customer orders, can cause significant variation in our license revenues and results of operations for a particular period. The timing of large orders is usually difficult to predict and, like many software and services companies, many of our customers typically complete transactions in the last month of a quarter. We cannot predict our operating expenses based on our past results. Instead, we establish our spending levels based in large part on our expected future revenues. As a result, if our actual revenues in any future period fall below our expectations, our operating results likely will be adversely affected because very few of our expenses vary with our revenues. Because of the factors listed above, we believe that our quarterly and annual revenues, expenses and operating results likely will vary significantly in the future. Our ability to provide timely guidance and meet the expectations of investors, industry analysts and brokerage firms with respect to our operating and financial results is impacted by the tendency of a majority of our sales to be completed in the last month of a quarter. We may not be able to determine whether we will experience material deviations from guidance or expectations until the end of a quarter. We Must Attract and Retain Personnel While Competition for Personnel in Our Industry is Intense Competition in recruiting personnel in the software, network consulting and managed services industries is intense. We believe our future success will depend in part on our ability to recruit and retain highly skilled engineering, technical, consulting, marketing, sales and management personnel. To accomplish this, we believe we must provide competitive compensation, including stock options that may require additional stockholder approval for increased availability. Without sufficient available stock options, our ability to attract and retain personnel may be impaired. We Face Intense Competition in Our Market The market for network security monitoring, detection and response solutions is intensely competitive, and we expect competition to increase in the future. We cannot guarantee that we will compete successfully against our current or potential competitors, especially those with significantly greater financial resources or brand name recognition. Our chief competitors generally fall within one of five categories: - internal information technology departments of our customers and the consulting firms that assist them in formulating security systems; - relatively smaller software companies offering relatively limited applications for network and Internet security; - large companies, including Symantec Corp., Cisco Systems, Inc., Network Associates, Inc., Enterasys Networks, Inc. and Bindview Development Corp., that sell competitive products and offerings, as well as other large software companies that have the technical capability and resources to develop competitive products; 27 - software or hardware companies like Cisco Systems, Inc. that could integrate features that are similar to our products into their own products; and - small and large companies with competitive offerings to components of our managed services offerings. Mergers or consolidations among these competitors, or acquisitions of small competitors by larger companies, would make such combined entities more formidable competitors to us. Large companies may have advantages over us because of their longer operating histories, greater name recognition, larger customer bases or greater financial, technical and marketing resources. As a result, they may be able to adapt more quickly to new or emerging technologies and changes in customer requirements. They can also devote greater resources to the promotion and sale of their products than we can. In addition, these companies have reduced and could continue to reduce, the price of their security monitoring, detection and response products and managed security services, which increases pricing pressures within our market. Several companies currently sell software products (such as encryption, firewall, operating system security and virus detection software) that our customers and potential customers have broadly adopted. Some of these companies sell products that perform the same functions as some of our products. In addition, the vendors of operating system software or networking hardware may enhance their products to include the same kinds of functions that our products currently provide. The widespread inclusion of comparable features to our software in operating system software or networking hardware could render our products obsolete, particularly if such features are of a high quality. Even if security functions integrated into operating system software or networking hardware are more limited than those of our software, a significant number of customers may accept more limited functionality to avoid purchasing additional software. For the above reasons, we may not be able to compete successfully against our current and future competitors. Increased competition may result in price reductions, reduced gross margins and loss of market share. We Face Rapid Technological Change in Our Industry and Frequent Introductions of New Products Rapid changes in technology pose significant risks to us. We do not control nor can we influence the forces behind these changes, which include: - the extent to which businesses and others seek to establish more secure networks; - the extents to which hackers and others seek to compromise secure systems; - evolving computer hardware and software standards; - changing customer requirements; and - frequent introductions of new products and product enhancements. To remain successful, we must continue to change, adapt and improve our products in response to these and other changes in technology. Our future success hinges on our ability to both continue to enhance our current line of products and professional services and to introduce new products and services that address and respond to innovations in computer hacking, computer technology and customer requirements. We cannot be sure that we will successfully develop and market new products that do this. Any failure by us to timely develop and introduce new products, to enhance our current products or to expand our professional services capabilities in response to these changes could adversely affect our business, operating results and financial condition. Our products involve very complex technology, and as a consequence, major new products and product enhancements require a long time to develop and test before going to market. Because this amount of time is difficult to estimate, we have had to delay the scheduled introduction of new and enhanced products in the past and may have to delay the introduction of new products and product enhancements in the future. The techniques computer hackers use to gain unauthorized access to, or to sabotage, networks and intranets are constantly evolving and increasingly sophisticated. Furthermore, because new hacking techniques 28 are usually not recognized until used against one or more targets, we are unable to anticipate most new hacking techniques. To the extent that new hacking techniques harm our customers' computer systems or businesses, affected customers may believe that our products are ineffective, which may cause them or prospective customers to reduce or avoid purchases of our products. Risks Associated with Our Global Operations The expansion of our international operations includes our presence in dispersed locations throughout the world, including throughout Europe and the Asia/Pacific and Latin America regions. Our international presence and expansion exposes us to risks not present in our U.S. operations, such as: - the difficulty in managing an organization spread over various countries located across the world; - compliance with, and unexpected changes in, a wide range of complex regulatory requirements in countries where we do business; - increased financial accounting and reporting burdens and complexities and potentially adverse tax consequences; - excess taxation due to overlapping tax structures; - fluctuations in foreign currency exchange rates resulting in losses or gains from transactions and expenses denominated in foreign currencies; - reduced protection for intellectual property rights in some countries; and - export license requirements and restrictions on the export of certain technology, especially encryption technology and trade restrictions. Despite these risks, we believe that we must continue to expand our operations in international markets to support our growth. To this end, we intend to establish additional foreign sales operations, expand our existing offices, hire additional personnel, expand our international sales channels and customize our products for local markets. If we fail to execute this strategy, our international sales growth will be limited. Our Networks, Products and Services May be Targeted by Hackers Like other companies, our websites, networks, information systems, products and services may be targets for sabotage, disruption or misappropriation by hackers. As a leading network security solutions company, we are a high profile target. Although we believe we have sufficient controls in place to prevent disruption and misappropriation, and to respond to situations, we expect these efforts by hackers to continue. If these efforts are successful, our operations, reputation and sales could be adversely affected. We Must Successfully Integrate Acquisitions As part of our growth strategy, we have and may continue to acquire or make investments in companies with products, technologies or professional services capabilities complementary to our solutions. When engaging in acquisitions, we could encounter difficulties in assimilating new personnel and operations into our company. These difficulties may disrupt our ongoing business, distract our management and employees, increase our expenses and adversely affect our results of operations. These difficulties could also include accounting requirements, such as amortization of goodwill or in-process research and development expense. We cannot be certain that we will successfully overcome these risks with respect to any of our recent or future acquisitions or that we will not encounter other problems in connection with our recent or any future acquisitions. In addition, any future acquisitions may require us to incur debt or issue equity securities. The issuance of equity securities could dilute the investment of our existing stockholders. We Depend on Our Intellectual Property Rights and Use Licensed Technology We rely primarily on copyright and trademark laws, trade secrets, confidentiality procedures and contractual provisions to protect our proprietary rights. We have obtained one United States patent and have 29 fifteen patent applications under review. We also believe that the technological and creative skills of our personnel, new product developments, frequent product enhancements, our name recognition, our professional services capabilities and delivery of reliable product maintenance are essential to establishing and maintaining our technology leadership position. We cannot assure you that our competitors will not independently develop technologies that are similar to ours. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or to obtain and use information that we regard as proprietary. Policing unauthorized use of our products is difficult. While we cannot determine the extent to which piracy of our software products occurs, we expect software piracy to be a persistent problem. In addition, the laws of some foreign countries do not protect our proprietary rights to as great an extent as do the laws of the United States and many foreign countries do not enforce these laws as diligently as U.S. government agencies and private parties. ITEM 7A. QUANTITATIVE AND QUALITATIVE DISCLOSURES ABOUT MARKET RISK INTEREST RATE SENSITIVITY The primary objective of our investment activities is to preserve principal while at the same time maximizing the income we receive from our investments without significantly increasing risk. Some of the securities that we have invested in may be subject to market risk. This means that a change in prevailing interest rates may cause the principal amount of the investment to fluctuate. For example, if we hold a security that was issued with a fixed interest rate at the then-prevailing rate and the prevailing interest rate later rises, the market value of our investment will probably decline. To minimize this risk, we maintain our portfolio of cash equivalents and marketable securities in a variety of relatively short-term investments, including commercial paper and overnight repurchase agreements. As of December 31, 2001, $23,237,000 of our securities mature in more than three months and $1,387,000 of our securities mature in more than six months. RISK ASSOCIATED WITH FOREIGN EXCHANGE RATES ISS is subject to foreign exchange risk as a result of exposures to changes in currency exchange rates. Our foreign operations are, for the most part, naturally hedged against exchange rate fluctuations since both revenues and expenses of each foreign affiliate are denominated in the same currency. As a result, an unfavorable change in the exchange rate for any particular foreign subsidiary would result in lower revenues and expenses with regards to operating results, and lower assets and liabilities with regards to the balance sheet. Therefore, we do not engage in formal hedging activities, but we do periodically review the potential impact of this risk to ensure that the risk of significant potential losses remains minimal. ITEM 8. CONSOLIDATED FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA See the index to Consolidated Financial Statements at Item 14 ITEM 9. CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND FINANCIAL DISCLOSURE None. 30 PART III ITEM 10. DIRECTORS AND EXECUTIVE OFFICERS OF THE REGISTRANT The information required by this Item is incorporated by reference to our definitive Proxy Statement for the annual meeting of stockholders to be held on May 29, 2002 (the "'Proxy Statement") under the sections captioned "Proposal 1 -- Election of Directors," "Executive Compensation -- Directors and Executive Officers" and "Compliance with Section 16(a) of the Securities Exchange Act of 1934." ITEM 11. EXECUTIVE COMPENSATION The information required by this Item is incorporated by reference to the Proxy Statement under the section captioned "Executive Compensation." ITEM 12. SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT The information required by this Item is incorporated by reference to the Proxy Statement under the section captioned "Principal Stockholders." ITEM 13. CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS The information required by this Item is incorporated by reference to the Proxy Statement under the section captioned "Executive Compensation -- Certain Transactions with Management." 31 PART IV ITEM 14. EXHIBITS, FINANCIAL STATEMENT SCHEDULES AND REPORTS ON FORM 8-K (a) The following documents are filed as part of this Form 10-K: 1. Consolidated Financial Statements. The following consolidated financial statements of Internet Security Systems, Inc. are filed as part of this Form 10-K on the pages indicated:
PAGE ---- INTERNET SECURITY SYSTEMS, INC. Report of Independent Auditors.............................. 34 Consolidated Balance Sheets as of December 31, 2000 and 2001...................................................... 35 Consolidated Statements of Operations for the Years Ended December 31, 1999, 2000 and 2001.......................... 36 Consolidated Statements of Stockholders' Equity for the Years Ended December 31, 1999, 2000 and 2001.............. 37 Consolidated Statements of Cash Flows for the Years Ended December 31, 1999, 2000 and 2001.......................... 38 Notes to Consolidated Financial Statements.................. 39 2. Consolidated Financial Statement Schedules: Schedule II -- Valuation and Qualifying Accounts............ 55
Schedules other than the one listed above are omitted as the required information is inapplicable or the information is presented in the consolidated financial statements or related notes. 3. Exhibits. The exhibits to this Annual Report on Form 10-K have been included only with the copy of this Annual Report on Form 10-K filed with the Securities and Exchange Commission. Copies of individual exhibits will be furnished to stockholders upon written request to the Company and payment of a reasonable fee.
EXHIBIT NUMBER DESCRIPTION OF EXHIBIT ------- ---------------------- 2.1 -- Agreement and Plan of Merger by and among Internet Security Systems, Inc., ISS Acquisition Corp. II, Network ICE Corporation and certain selling shareholders of Network ICE Corporation incorporated by reference to Form 10-Q for Quarter Ending March 31, 2001. 3.1 -- Restated Certificate of Incorporation (filed as Exhibit 3.1 to the Company's Quarterly Report on Form 10-Q, dated November 14, 2000 and incorporated by reference herein). 3.2 -- Bylaws (filed as Exhibit 3.2 to the Company's Registration Statement on Form S-1, Registration No. 333-44529 (the "Form S-1") and incorporated by reference herein). 4.1 -- Specimen Common Stock certificate (filed as Exhibit 4.1 to the Form S-1 and incorporated by reference herein). 4.2 -- See Exhibits 3.1 and 3.2 for provisions of the Certificate of Incorporation and Bylaws of the Company defining the rights of holders of the Company's Common Stock. 4.3 -- 1999 Network ICE Stock Option Plan, incorporated by reference to Exhibit 4.1 to Form S-8, Registration No. 333-62658, filed on June 8, 2001. 4.4 -- Restated 1995 Stock Incentive Plan (as amended and restated as of May 23, 2001) incorporated by reference to Exhibit 4.2 to Form S-8, Registration No. 333-62658, filed June 8, 2001. 4.5 -- Netrex, Inc. 1998 Stock Plan incorporated by reference to Exhibit 99.15 to Form S-8, Registration Statement No. 333-89563, filed October 22, 1999. 10.1 -- Stock Exchange Agreement dated December 9, 1997 (filed as Exhibit 10.4 to the Form S-1 and incorporated by reference herein).
32
EXHIBIT NUMBER DESCRIPTION OF EXHIBIT ------- ---------------------- 10.2 -- Forms of Non-Employee Director Compensation Agreement, Notice of Stock Option Grants and Stock Option Agreement (filed as Exhibit 10.6 to the Form S-1 and incorporated by reference herein). 10.3 -- Form of Indemnification Agreement for directors and certain officers (filed as Exhibit 10.8 to the Form S-1 and incorporated by reference herein). 10.4 -- Lease for Atlanta headquarters and research and development facility (filed as Exhibit 10.10 to the Company's Annual Report on Form 10-K, dated March 30, 2000 and incorporated by reference herein) 10.5 -- Letter Agreement dated August 18, 2000 with Lawrence Costanza (filed as Exhibit 10.14 to the Company's Annual Report on Form 10-K, dated March 30, 2001 and incorporated by reference herein) 21.1* -- Subsidiaries of the Company. 23.1* -- Consent of Ernst & Young LLP. 24.1* -- Power of Attorney, pursuant to which amendments to this Annual Report on Form 10-K may be filed, is included on the signature page contained in Part IV of the Form 10-K.
--------------- * Identifies those filed with this Form 10-K. (b) Reports on Form 8-K No reports on Form 8-K were filed in the quarter ended December 31, 2001. 33 REPORT OF INDEPENDENT AUDITORS Board of Directors Internet Security Systems, Inc. We have audited the accompanying consolidated balance sheets of Internet Security Systems, Inc. (formerly ISS Group, Inc.) as of December 31, 2000 and 2001, and the related consolidated statements of operations, stockholders' equity , and cash flows for each of the three years in the period ended December 31, 2001. Our audits also included the financial statement schedule listed in the Index at Item 14(a). These financial statements and schedule are the responsibility of the Company's management. Our responsibility is to express an opinion on these financial statements and schedule based on our audits. We conducted our audits in accordance with auditing standards generally accepted in the United States. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion. In our opinion, the financial statements referred to above present fairly, in all material respects, the consolidated financial position of Internet Security Systems, Inc. (formerly ISS Group, Inc.) at December 31, 2000 and 2001, and the consolidated results of its operations and its cash flows for each of the three years in the period ended December 31, 2001, in conformity with accounting principles generally accepted in the United States. Also, in our opinion, the related financial statement schedule, when considered in relation to the basic financial statements taken as a whole, presents fairly in all material respects the information set forth therein. /s/ Ernst & Young LLP Atlanta, Georgia January 21, 2002 34 INTERNET SECURITY SYSTEMS, INC. CONSOLIDATED BALANCE SHEETS
DECEMBER 31, --------------------------- 2000 2001 ------------ ------------ ASSETS Current assets: Cash and cash equivalents................................. $ 66,210,000 $108,038,000 Marketable securities..................................... 65,938,000 55,129,000 Accounts receivable, less allowance for doubtful accounts of $1,188,000 and $2,563,000, respectively............. 56,358,000 50,259,000 Inventory................................................. 2,275,000 1,768,000 Prepaid expenses and other current assets................. 5,717,000 6,018,000 ------------ ------------ Total current assets.............................. 196,498,000 221,212,000 Property and equipment: Computer equipment........................................ 20,199,000 31,043,000 Office furniture and equipment............................ 9,958,000 20,872,000 Leasehold improvements.................................... 6,609,000 17,835,000 ------------ ------------ 36,766,000 69,750,000 Less accumulated depreciation............................. 13,673,000 25,254,000 ------------ ------------ 23,093,000 44,496,000 Restricted marketable securities............................ 12,500,000 12,500,000 Goodwill, less accumulated amortization of $876,000 and $27,381,000, respectively................................. 3,167,000 197,060,000 Other intangible assets, less accumulated amortization of $1,500,000 and $4,644,000, respectively................... 3,346,000 19,722,000 Other assets................................................ 1,636,000 5,994,000 ------------ ------------ Total assets...................................... $240,240,000 $500,984,000 ============ ============ LIABILITIES AND STOCKHOLDERS' EQUITY Current liabilities: Accounts payable.......................................... $ 4,200,000 $ 3,553,000 Accrued expenses.......................................... 15,490,000 20,440,000 Deferred revenues......................................... 31,675,000 48,139,000 ------------ ------------ Total current liabilities......................... 51,365,000 72,132,000 Other non-current liabilities............................... 486,000 1,917,000 Commitments and contingencies Stockholders' equity: Preferred stock; $.001 par value; 20,000,000 shares authorized, none issued or outstanding................. -- -- Common stock; $.001 par value; 120,000,000 shares authorized, 42,415,000 and 47,871,000 shares issued and outstanding, respectively.............................. 42,000 48,000 Additional paid-in capital................................ 172,985,000 430,449,000 Deferred compensation..................................... (86,000) (1,985,000) Accumulated other comprehensive loss...................... (745,000) (2,312,000) Retained earnings......................................... 16,193,000 735,000 ------------ ------------ Total stockholders' equity........................ 188,389,000 426,935,000 ------------ ------------ Total liabilities and stockholders' equity........ $240,240,000 $500,984,000 ============ ============
See accompanying notes. 35 INTERNET SECURITY SYSTEMS, INC. CONSOLIDATED STATEMENTS OF OPERATIONS
YEAR ENDED DECEMBER 31, ------------------------------------------ 1999 2000 2001 ------------ ------------ ------------ Revenues: Product licenses and sales....................... $ 74,050,000 $119,703,000 $122,385,000 Subscriptions.................................... 24,141,000 41,706,000 66,687,000 Professional services............................ 18,296,000 33,566,000 34,487,000 ------------ ------------ ------------ 116,487,000 194,975,000 223,559,000 Costs and expenses: Cost of revenues: Product licenses and sales.................... 18,842,000 22,653,000 13,439,000 Subscriptions and professional services....... 18,858,000 36,771,000 50,708,000 ------------ ------------ ------------ Total cost of revenues........................ 37,700,000 59,424,000 64,147,000 Research and development......................... 20,412,000 31,316,000 35,413,000 Sales and marketing.............................. 43,124,000 68,032,000 92,001,000 General and administrative....................... 9,230,000 14,481,000 20,442,000 Write-off of lease obligation.................... -- -- 1,072,000 Charge for in-process research and development... -- -- 2,910,000 Merger costs..................................... 2,329,000 -- -- Amortization of other intangibles and stock-based compensation.................................. 674,000 674,000 5,227,000 Amortization of goodwill......................... 318,000 479,000 26,505,000 ------------ ------------ ------------ 113,787,000 174,406,000 247,717,000 ------------ ------------ ------------ Operating income (loss)............................ 2,700,000 20,569,000 (24,158,000) Interest income, net............................... 5,902,000 8,415,000 6,250,000 Minority interest.................................. -- -- (336,000) Other income, including Japan IPO gain............. -- -- 15,132,000 Foreign currency exchange (loss) gain.............. (136,000) (331,000) 175,000 ------------ ------------ ------------ Income (loss) before income taxes.................. 8,466,000 28,653,000 (2,937,000) Provision for income taxes......................... 976,000 10,338,000 12,521,000 ------------ ------------ ------------ Net income (loss).................................. $ 7,490,000 $ 18,315,000 $(15,458,000) ============ ============ ============ Basic net income (loss) per share of Common Stock............................................ $ 0.19 $ 0.44 $ (0.34) ============ ============ ============ Diluted net income (loss) per share of Common Stock............................................ $ 0.17 $ 0.41 $ (0.34) ============ ============ ============ Weighted average shares: Basic............................................ 39,996,000 41,892,000 45,649,000 ============ ============ ============ Diluted.......................................... 43,691,000 45,099,000 45,649,000 ============ ============ ============
See accompanying notes. 36 INTERNET SECURITY SYSTEMS, INC. CONSOLIDATED STATEMENTS OF STOCKHOLDERS' EQUITY
RETAINED COMMON STOCK ADDITIONAL COMPREHENSIVE EARNINGS -------------------- PAID-IN DEFERRED INCOME (ACCUMULATED SHARES AMOUNT CAPITAL COMPENSATION (LOSS) DEFICIT) ---------- ------- ------------ ------------ ------------- ------------ Balance at December 31, 1998....... 37,028,000 $37,000 $ 76,152,000 $ (662,000) $ 142,000 $(9,164,000) Comprehensive income (loss): Net income...................... 7,490,000 Translation adjustment.......... Issuance of Common Stock: Secondary public offering....... 2,778,000 3,000 77,361,000 Exercise of stock options....... 1,033,000 1,000 3,948,000 Pooling-of-interests............ 141,000 -- 6,000 164,000 Subchapter S distributions of a pooled entity................... (657,000) Amortization of deferred compensation.................... 374,000 ---------- ------- ------------ ----------- ----------- ----------- Balance at December 31, 1999....... 40,980,000 41,000 157,467,000 (288,000) 100,000 (2,167,000) Comprehensive income (loss): Net income...................... 18,315,000 Translation adjustment.......... (845,000) Issuance of Common Stock: Exercise of stock options....... 1,367,000 1,000 5,507,000 Employee stock purchase plan.... 39,000 1,634,000 Pooling-of-interests............ 29,000 45,000 Amortization of deferred compensation.................... 202,000 Tax benefit related to employee options......................... 8,377,000 ---------- ------- ------------ ----------- ----------- ----------- Balance at December 31, 2000....... 42,415,000 42,000 172,985,000 (86,000) (745,000) 16,193,000 Comprehensive loss: Net loss........................ (15,458,000) Translation adjustment.......... (1,567,000) Issuance of Common Stock: Exercise of stock options....... 1,108,000 2,000 14,012,000 Employee stock purchase plan.... 75,000 -- 2,267,000 Acquisition..................... 4,311,000 4,000 227,815,000 (6,231,000) Repurchased 38,478 shares of common stock................... (38,000) -- (45,000) Amortization of deferred compensation.................... 2,169,000 Adjustment to deferred compensation for terminated employees....................... (2,163,000) 2,163,000 Tax benefit related to employee options......................... 15,578,000 ---------- ------- ------------ ----------- ----------- ----------- Balance at December 31, 2001....... 47,871,000 $48,000 $430,449,000 $(1,985,000) $(2,312,000) $ 735,000 ========== ======= ============ =========== =========== =========== COMPREHENSIVE TOTAL INCOME STOCKHOLDERS' (LOSS) EQUITY ------------- ------------- Balance at December 31, 1998....... $ 66,505,000 Comprehensive income (loss): Net income...................... $ 7,490,000 7,490,000 Translation adjustment.......... (42,000) (42,000) ------------ $ 7,448,000 ============ Issuance of Common Stock: Secondary public offering....... 77,364,000 Exercise of stock options....... 3,949,000 Pooling-of-interests............ 170,000 Subchapter S distributions of a pooled entity................... (657,000) Amortization of deferred compensation.................... 374,000 ------------ ------------ Balance at December 31, 1999....... 155,153,000 Comprehensive income (loss): Net income...................... $ 18,315,000 18,315,000 Translation adjustment.......... (845,000) (845,000) ------------ $ 17,470,000 ============ Issuance of Common Stock: Exercise of stock options....... 5,508,000 Employee stock purchase plan.... 1,634,000 Pooling-of-interests............ 45,000 Amortization of deferred compensation.................... 202,000 Tax benefit related to employee options......................... 8,377,000 ------------ ------------ Balance at December 31, 2000....... 188,389,000 Comprehensive loss: Net loss........................ $(15,458,000) (15,458,000) Translation adjustment.......... (1,567,000) (1,567,000) ------------ $(17,025,000) ============ Issuance of Common Stock: Exercise of stock options....... 14,014,000 Employee stock purchase plan.... 2,267,000 Acquisition..................... 221,588,000 Repurchased 38,478 shares of common stock................... (45,000) Amortization of deferred compensation.................... 2,169,000 Adjustment to deferred compensation for terminated employees....................... Tax benefit related to employee options......................... 15,578,000 ------------ Balance at December 31, 2001....... $426,935,000 ============
See accompanying notes. 37 INTERNET SECURITY SYSTEMS, INC. CONSOLIDATED STATEMENTS OF CASH FLOWS
YEAR ENDED DECEMBER 31, ------------------------------------------- 1999 2000 2001 ------------ ------------- ------------ OPERATING ACTIVITIES Net income (loss)........................................... $ 7,490,000 $ 18,315,000 $(15,458,000) Adjustments to reconcile net income (loss) to net cash provided by operating activities: Depreciation.............................................. 3,989,000 6,329,000 11,302,000 Amortization of goodwill.................................. 318,000 479,000 26,505,000 Amortization of intangibles and stock based compensation............................................ 674,000 674,000 5,227,000 Accretion of discount on marketable securities............ (1,176,000) (1,088,000) 355,000 Minority interest......................................... -- -- 336,000 Charge for in-process research and development............ -- -- 2,910,000 Other non-cash expense.................................... 327,000 166,000 86,000 Income tax benefit from exercise of stock options......... -- 8,377,000 8,159,000 Gain on sale of subsidiary stock.......................... -- -- (15,252,000) Changes in assets and liabilities, excluding the effects of acquisitions: Accounts receivable..................................... (10,241,000) (28,679,000) 9,346,000 Inventory............................................... (425,000) (1,802,000) 507,000 Prepaid expenses and other assets....................... (1,312,000) (4,664,000) (3,015,000) Accounts payable and accrued expenses................... 3,303,000 7,900,000 443,000 Deferred revenues....................................... 8,822,000 14,520,000 7,903,000 ------------ ------------- ------------ Net cash provided by operating activities.......... 11,769,000 20,527,000 39,354,000 ------------ ------------- ------------ INVESTING ACTIVITIES Acquisitions, net of cash received.......................... -- (1,262,000) (7,495,000) Purchases of marketable securities.......................... (55,517,000) (141,097,000) (116,843,000) Net proceeds from maturity of marketable securities......... -- 132,940,000 127,297,000 Purchase of restricted marketable securities................ (12,500,000) -- -- Purchases of property and equipment......................... (6,356,000) (20,291,000) (31,682,000) Net proceeds from sale of subsidiary stock.................. -- -- 16,529,000 ------------ ------------- ------------ Net cash used in investing activities.............. (74,373,000) (29,710,000) (12,194,000) ------------ ------------- ------------ FINANCING ACTIVITIES Payments on long-term debt and capital leases............... (526,000) (993,000) -- Capital transactions of merged entity....................... (1,107,000) -- -- Proceeds from exercise of stock options..................... 3,949,000 5,507,000 14,013,000 Proceeds from employee stock purchase plan.................. -- 1,634,000 2,267,000 Repurchase of stock......................................... -- -- (45,000) Net proceeds from public offerings.......................... 77,364,000 -- -- ------------ ------------- ------------ Net cash provided by financing activities.......... 79,680,000 6,148,000 16,235,000 ------------ ------------- ------------ Foreign currency impact on cash............................. (42,000) (845,000) (1,567,000) ------------ ------------- ------------ Net increase (decrease) in cash and cash equivalents........ 17,034,000 (3,880,000) 41,828,000 Cash and cash equivalents at beginning of year.............. 53,056,000 70,090,000 66,210,000 ------------ ------------- ------------ Cash and cash equivalents at end of year.................... $ 70,090,000 $ 66,210,000 $108,038,000 ============ ============= ============ SUPPLEMENTAL CASH FLOW DISCLOSURE Interest paid............................................... $ 33,000 $ 50,000 $ -- ============ ============= ============ Capital lease obligations incurred.......................... $ 329,000 $ -- $ -- ============ ============= ============ Income taxes paid........................................... $ 47,000 $ 446,000 $ 2,273,000 ============ ============= ============
38 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS DECEMBER 31, 2001 1. SIGNIFICANT ACCOUNTING POLICIES DESCRIPTION OF BUSINESS The business of Internet Security Systems, Inc. and its subsidiaries ("ISS") is focused on protecting networks, servers and desktops against an ever changing spectrum of threats, with a comprehensive line of products and services designed specifically for the particular needs of enterprise, smaller enterprise, consumer and service provider markets. Internet Security Systems, Inc. (formerly ISS Group, Inc.) was incorporated in the State of Delaware on December 8, 1997 to be a holding company for Internet Security Systems, Inc., a Georgia company incorporated in 1994 to design, market, and sell computer network security assessment software. ISS's shares are traded on the NASDAQ National Market under the ticker symbol "ISSX". In addition, ISS has various other subsidiaries in the United States, Europe and the Asia/Pacific regions with primary marketing and sales responsibilities for ISS's products and services in their respective markets. ISS is organized as, and operates in, a single business segment that provides products, technical support, managed security services and consulting and training services as components of providing security management solutions. ISS is organized around geographic areas: the Americas (United States, Canada and Latin America), EMEA (Europe, Middle East and Africa) and Asia/Pacific Rim. These geographic areas represent our three reportable segments. Certain prior year amounts have been reclassified to conform to current year presentation. BASIS OF CONSOLIDATION The consolidated financial statements include the accounts of Internet Security Systems, Inc. and its majority-owned subsidiaries. All significant intercompany and investment accounts and transactions have been eliminated in consolidation. FOREIGN CURRENCY TRANSLATIONS The functional currency of our foreign subsidiaries is the local currency. Assets and liabilities denominated in foreign currencies are translated using the exchange rate on the balance sheet dates. The translation adjustments resulting from this process are shown separately as a component of stockholders' equity. Revenues and expenses are translated using average exchange rates for the period. Transaction gains and losses are included in results of operations. USE OF ESTIMATES The preparation of financial statements in conformity with accounting principles generally accepted in the United States requires management to make estimates and assumptions that affect the amounts reported in the financial statements and accompanying notes. Actual results may differ from those estimates, and such differences may be material to the consolidated financial statements. 39 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 1. SIGNIFICANT ACCOUNTING POLICIES -- (CONTINUED) REVENUE RECOGNITION Revenue is recognized under Statement of Position ("SOP") 97-2 as modified by SOP 98-9, when the following conditions have been met: - persuasive evidence of an arrangement exists; - delivery has occurred or services have been rendered; - price is fixed and determinable; and - collection is probable ISS recognizes its perpetual license revenue upon (i) delivery of software or, if the customer has evaluation software, delivery of the software key, and (ii) issuance of the related license, assuming no significant vendor obligations or customer acceptance rights exist. Where payment terms extend over periods greater than twelve months, revenue is recognized as such amounts are billable. Product sales consist of (i) appliances sold in conjunction with ISS licensed software and (ii) software developed by third party-partners, combined in some instances with associated hardware appliances and partner maintenance services. These sales are recognized upon shipment to the customer. License sales of enterprise and small enterprise products are generated both through a direct sales force and through resellers. License sales of small office/home office and consumer products are made through a distributor to retail establishments and are sold directly to customers via the Internet. License revenue for sales made through resellers and distributors are recognized only when the product is delivered to the end user. Subscriptions revenues include maintenance, term licenses and security monitoring services. Annual renewable maintenance is a separate component of perpetual license agreements for which the revenue is recognized ratably over the maintenance contract term. Term licenses allow customer use of the product and maintenance for a specified period, generally twelve months, for which revenues are also recognized ratably over the contract term. Security monitoring services of information assets and systems are a part of managed services and are recognized as such services are provided. Professional services revenues include consulting services and training. Consulting services, typically billed on a time-and-materials basis, assist in the successful deployment of our products within customer networks, the development of customers' security policies and the assessment of security policy decisions. Professional services revenues are recognized as the related services are rendered. Multiple element arrangements can include any combination of hardware, software or services. When some elements are delivered prior to others in an arrangement, revenue is deferred until the delivery of the last element unless there is all of the following: - vendor specific objective evidence (VSOE) of fair value of the undelivered elements; - the functionality of the delivered elements is not dependent on the undelivered elements; - delivery of the delivered elements represents the culmination of the earnings process COSTS OF REVENUES Costs of revenues include the costs of products and services. Cost of products represents the cost of product sales, which are incurred upon recognition of the associated product revenues. Cost of services includes the cost of the technical support group who provide assistance to customers with maintenance agreements, the operations center costs of providing managed services and the costs related to the professional services and training staff. 40 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 1. SIGNIFICANT ACCOUNTING POLICIES -- (CONTINUED) CASH AND CASH EQUIVALENTS Cash equivalents include all highly liquid investments with maturities of three months or less when purchased. Such amounts are stated at cost, which approximates market value. MARKETABLE SECURITIES Investment in marketable securities consists of debt instruments of U.S. government agencies and corporate commercial paper. All such marketable securities have a maturity of less than nine months. These investments are classified as available-for-sale and reported at fair market value. The amortized cost of securities classified as available-for-sale is adjusted for amortization of premiums and accretion of discounts to maturity. Such amortization is included in interest income. Unrealized gains and losses on available-for-sale securities were immaterial for 2000 and 2001. Realized gains and losses, and declines in value judged to be other-than-temporary are included in net securities gains (losses) and are included in results of operations. Interest and dividends on securities classified as available-for-sale are included in interest income. CONCENTRATIONS OF CREDIT RISK Product revenues are concentrated in the software industry, which is highly competitive and rapidly changing. Significant technological changes in the industry or customer requirements, or the emergence of competitive products with new technologies or capabilities could adversely affect operating results. In addition, fluctuations of the U.S. dollar against foreign currencies or changes in local regulatory or economic conditions could adversely affect operating results. Financial instruments that potentially subject ISS to significant concentrations of credit risk consist principally of cash and cash equivalents, marketable securities and accounts receivable. ISS maintains cash and cash equivalents in short-term money market accounts with three financial institutions and in short-term, investment grade commercial paper. Marketable securities consist of United States government agency securities and investment grade commercial paper. ISS's sales are global, primarily to companies located in the United States, Europe, Latin America and the Asia/Pacific regions. ISS performs periodic credit evaluations of its customer's financial condition and does not require collateral. Accounts receivable are due principally from large U.S. companies under stated contract terms. ISS provides for estimated credit losses as such losses become probable. Such losses have been within management's expectations. FAIR VALUE OF FINANCIAL INSTRUMENTS The carrying amounts reported in the balance sheets for cash and cash equivalents, marketable securities, accounts receivable and accounts payable approximate their fair values. PROPERTY AND EQUIPMENT Property and equipment are stated at cost less accumulated depreciation. Depreciation is computed using the straight-line method for financial reporting purposes over the estimated useful lives of the assets (primarily three years). 41 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 1. SIGNIFICANT ACCOUNTING POLICIES -- (CONTINUED) INVENTORY Inventory consists of finished goods purchased for resale and is recorded at the lower of cost or market. GOODWILL AND INTANGIBLES The major classes of intangible assets, including goodwill (excess of cost over acquired net assets), at December 31, 2000 and 2001 are as follows:
LIFE 2000 2001 ---- ---------- ------------ Goodwill............................................. 10 $4,043,000 $ 4,043,000 Goodwill (Network ICE acquisition)................... 5 -- 220,398,000 Less accumulated amortization........................ (876,000) (27,381,000) ---------- ------------ $3,167,000 $197,060,000 ========== ============ Core technology...................................... 8 $3,853,000 $ 3,853,000 Developed technology................................. 5 778,000 17,808,000 Work force........................................... 6 215,000 215,000 Customer relationships............................... 3 -- 2,490,000 ---------- ------------ 4,846,000 24,366,000 Less accumulated amortization........................ (1,500,000) (4,644,000) ---------- ------------ $3,346,000 $ 19,722,000 ========== ============
Goodwill and other intangible assets are amortized using the straight-line method over the estimated useful lives indicated. They are reviewed for impairment whenever events indicate that their carrying amount may not be recoverable. In such reviews, undiscounted cash flows associated with their carrying value are compared with their carrying values to determine if a write-down to fair value is required. RESEARCH AND DEVELOPMENT COSTS Research and development costs are charged to expense as incurred. ISS has not capitalized any such development costs under Statement of Financial Accounting Standards ("SFAS") No. 86, Accounting for the Costs of Computer Software to Be Sold, Leased, or Otherwise Marketed, because the costs incurred between the attainment of technological feasibility for the related software product through the date when the product is available for general release to customers has been insignificant. ADVERTISING COSTS ISS incurred advertising costs of $1,312,000 in 1999, $2,175,000 in 2000 and $2,636,000 in 2001, which are expensed as incurred and are included in sales and marketing expense in the statements of operations. STOCK BASED COMPENSATION Accounting for Stock-Based Compensation ("SFAS 123"), establishes accounting and reporting standards for stock based employee compensation plans. As permitted by SFAS 123, ISS continues to account for stock-based compensation in accordance with APB Opinion No. 25, Accounting for Stock Issued to Employees, and has elected the pro forma disclosure alternative of SFAS 123. 42 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 1. SIGNIFICANT ACCOUNTING POLICIES -- (CONTINUED) ACCOUNTING FOR SALES OF STOCK BY A SUBSIDIARY When a subsidiary of the Company sells shares of its stock at an amount different than the Company's carrying value for the subsidiary's stock, the Company records the difference as a gain or loss in the consolidated statements of operations, if the transaction meets the following conditions: (1) the sale of such shares is not a part of a broader corporate reorganization contemplated or planned by the Company; (2) the Company does not intend to spin-off the related subsidiary to shareholders; (3) reacquisition of shares is not contemplated at the time of issuance; and (4) the subsidiary is not a newly-formed, non-operating entity, a research and development start-up or development stage entity, or an entity whose ability to continue in existence is in question. The Company accounts for sales that do not meet these criteria as capital transactions. INCOME (LOSS) PER SHARE Basic net income (loss) per share (see Note 9) was computed by dividing net income (loss) by the weighted average number of shares outstanding of Common Stock. Diluted net income per share was computed by dividing net income by the weighted average shares outstanding, including common equivalents (when dilutive). RECENTLY ISSUED ACCOUNTING STANDARDS In August 2001, the Financial Accounting Standards Board issued Statement of Financial Accounting Standards No. 144 ("SFAS 144"), "Accounting for the Impairment or Disposal of Long-Lived Assets." This statement addresses financial accounting and reporting for the impairment or disposal of long-lived assets and supercedes SFAS 121. SFAS 144 is effective for fiscal years beginning after December 15, 2001. The Company expects to adopt SFAS 144 as of January 1, 2002 and is currently assessing the impact of the pronouncement on the consolidated financial statements. In July, 2001, the Financial Accounting Standards Board issued Statement of Financial Accounting Standard No. 142, ("SFAS 142"), "Accounting for Goodwill and Other Intangibles". Under SFAS 142, goodwill and indefinite lived intangible assets are no longer amortized, but are reviewed annually (or more frequently if impairment indicators arise) for impairment. Separable intangible assets that are not deemed to have an indefinite life will continue to be amortized over their useful lives. Companies are required to immediately adopt the amortization provisions of SFAS 142 as it relates to goodwill and intangible assets acquired after June 30, 2001. With respect to goodwill and intangible assets acquired prior to July 1, 2001, companies are required to adopt SFAS 142 in their fiscal year beginning after December 15, 2001. The Company anticipates adopting SFAS 142 in accordance with the provisions of the statement. SFAS 142 may not be applied retroactively. Substantially all of the Company's goodwill balance of $197.1 million as of December 31, 2001, was recorded in June of 2001, in conjunction with the acquisition of Network ICE. The goodwill balance is being amortized over five years. The impact of the adoption as it relates to goodwill, which exists currently, is to eliminate amortization of goodwill expense beginning with the year ending December 31, 2002. In 2001, amortization of goodwill totaled $26.5 million. In June 2001, the Financial Accounting Standards Board issued Statement of Financial Accounting Standard No. 141, ("SFAS 141"), "Business Combinations." This statement eliminates the pooling method of accounting for all business combinations initiated after June 30, 2001 and addresses the initial recognition and measurement of goodwill and other intangible assets acquired in a business combination. SFAS 141 will be adopted for business combinations initiated after June 30, 2001. 43 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 2. BUSINESS COMBINATIONS AND ASSET ACQUISITIONS On June 5, 2001, ISS acquired 100% of the outstanding stock of Network ICE Corporation, a privately held corporation based in San Mateo, California ("Network ICE"). Network ICE is a leading developer of desktop intrusion protection technology and highly scalable security management systems. ISS issued approximately 4,311,000 shares of ISS common stock for all of the outstanding Network ICE common stock and assumed all of the outstanding Network ICE stock options resulting in approximately 289,000 additional ISS shares being reserved for outstanding grants under the Network ICE Stock Plan . The combined fair value of common stock issued, options assumed and acquisition costs was approximately $237.6 million based on the average closing price of our common stock on the merger agreement date of April 30, 2001 and the two days before and after April 30, 2001. Acquisition costs of approximately $8 million consist primarily of financial advisory, legal and accounting fees. The Company adopted a plan to restructure Network ICE whereby 46 Network ICE employees were terminated over a six-month period following the acquisition. As such $1.8 million of severance costs were included in the acquisition costs for severance related to these terminations. At December 31, 2001 all such terminations and related severance payments had been completed. Amounts paid out under such severance arrangements totalled $1.8 million. The merger was accounted for as a purchase and, accordingly, the operating results of Network ICE are included in the consolidated financial statements of ISS from the date of acquisition. The adjusted aggregate purchase price was allocated based on a valuation report from an independent appraisal of the Network ICE intangibles and in-process research and development as follows: Net tangible liabilities of Network ICE..................... $ (4,020,000) In-process research and development......................... 2,910,000 Customer Relationships...................................... 2,490,000 Technology.................................................. 17,030,000 Deferred income taxes....................................... (7,418,000) Deferred compensation....................................... 6,231,000 Goodwill.................................................... 220,398,000 ------------ $237,621,000 ============
The tangible assets of Network ICE acquired in the merger consisted primarily of cash, accounts receivable and fixed assets. The liabilities of Network ICE assumed in the merger consisted primarily of accounts payable and accrued expenses and deferred revenue. In-process research and development of approximately $2.9 million had not reached technological feasibility based on identifiable technological risk factors, which indicated that even though successful completion was expected, it was not assured as of the acquisition date and was immediately charged to operations. Accordingly, under current accounting standards, such amount was expensed. The purchase price in excess of tangible assets, tangible liabilities and identifiable intangible assets has been allocated to goodwill and is being amortized over the estimated useful life of 5 years. 44 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 2. BUSINESS COMBINATIONS AND ASSET ACQUISITIONS -- (CONTINUED) The following table summarizes pro forma results of operations as if the acquisition of Network ICE was concluded as of the beginning of the periods presented. The adjustments to the historical data reflect the following (i) amortization of goodwill and intangibles, (ii) write off of in-process research and development, and (iii) deferred stock compensation. This pro forma information is not necessarily indicative of what combined operations would have been if ISS had control of such combined businesses for the periods presented.
DECEMBER 31, -------------------------- 2000 2001 ----------- ----------- (AMOUNTS IN THOUSANDS, EXCEPT PER SHARE AMOUNTS) Revenue..................................................... $204,887 $229,276 Net loss.................................................... $(35,352) $(41,846) Basic and diluted net loss per share of Common Stock........ $ (0.77) $ (0.92)
In August 2000, ISS acquired privately-held ISYI of Padova, Italy. ISYI is a leader in advanced network security services in the Italian market place and an early provider of remote security monitoring services. In exchange for all the outstanding stock of ISYI, approximately 29,100 shares of ISS common stock were issued in a transaction exempt from registration under the Securities Act of 1933. The transaction was accounted for using the pooling-of-interests method of accounting; however, this transaction was not material to ISS's consolidated operations and financial position and, therefore, the operating results of ISS have not been restated for this transaction. The operating results of ISS include the results of operations of ISYI since the date of acquisition. In August 2000, ISS formed a Brazilian subsidiary, Internet Security Systems Ltda, to affect the acquisition of Seguranca Ativa de Redes Internet e Sistemas Ltda ("SARIS") for cash of $5,000. SARIS was formed in 1999 in order to create and implement a security methodology for the Brazilian market. The transaction was accounted for using the purchase method of accounting. Goodwill of $977,000 related to the purchase was recorded and is being amortized using the straight-line method over 24 months. The operating results of ISS include the results of operations of SARIS since the date of acquisition. In August 1999, ISS acquired Netrex, Inc., a leading provider of remote, security monitoring services of digital assets, in a transaction that was accounted for as a pooling-of-interests. To affect the business combination, ISS issued approximately 2,450,000 shares of ISS stock in exchange for all of the outstanding stock of Netrex. Additionally, options outstanding under the Netrex Stock Plan were assumed by ISS resulting in approximately 510,000 additional ISS shares being reserved for outstanding grants under the Netrex Stock Plan. The consolidated financial statements of ISS, including share and per share data, have been restated for all periods presented to include the results of Netrex with all intercompany transactions with ISS eliminated in such restatement. 45 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 2. BUSINESS COMBINATIONS AND ASSET ACQUISITIONS -- (CONTINUED) Revenues and net income of the separate companies that includes periods preceding the Netrex merger were as follows:
1999 ------------ Total revenues ISS...................................................... $ 74,204,000 Netrex................................................... 42,283,000 ------------ Total revenues, as reported...................... $116,487,000 ============ Net income............................................... ISS...................................................... $ 7,326,000 Netrex................................................... 164,000 ------------ Combined................................................. $ 7,490,000 Business combination expenses.............................. 2,329,000 Pro forma income tax expense............................... (368,000) ------------ Pro forma net income....................................... $ 9,451,000 ============
Pro forma net income reflects adjustments to net income to record an estimated provision for income taxes for each period presented assuming Netrex was a taxpaying entity and excludes merger costs. In September 1999, ISS acquired privately held NJH Security Consulting ("NJH"), which was based in Atlanta, Georgia. NJH is a consulting firm focused on providing information security services to organizations worldwide. Approximately 142,000 shares of ISS common stock were issued in exchange for all of the outstanding stock of NJH. The transaction was accounted for using the pooling-of-interests method of accounting; however, this transaction was not material to ISS's consolidated operations and financial position and, therefore, the operating results of ISS were not restated for this transaction. The operating results of ISS include the results of operations of NJH since the date of acquisition. The consolidated statements of operations include merger costs of $2,329,000 in 1999 that represent the direct out-of-pocket costs associated with the Netrex and NJH business combinations. These costs were principally investment advisor, legal and accounting fees. 3. MARKETABLE SECURITIES The following is a summary of available-for-sale marketable securities as of December 31:
2000 2001 ----------- ----------- Unrestricted: U.S. corporate commercial paper....................... $65,938,000 $53,144,000 Debt instruments of U.S. government agencies.......... -- 1,985,000 Restricted: U.S. corporate commercial paper....................... 12,500,000 12,500,000 ----------- ----------- $78,438,000 $67,629,000 =========== ===========
As of December 31, 2000 and 2001 the cost of marketable securities approximated fair value. The contractual maturities of all of these investments were less than one year as of December 31, 2001. Marketable 46 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 3. MARKETABLE SECURITIES -- (CONTINUED) securities of $12,500,000 are restricted as of December 31, 2001 as collateral for letters of credit issued in relation to operating leases for facilities. 4. STOCK OPTION PLANS ISS's Incentive Stock Plan (the "Plan") provides for the granting of qualified or nonqualified options to purchase shares of ISS's Common Stock. Under the Plan, at December 31, 2001 there are 12,539,377 shares reserved for future issuance which increases automatically on the first trading day of each year by an amount equal to 3% of the number of shares of Common Stock outstanding on the last trading day of the preceding year. An additional 160,000 shares have been reserved for non-statutory options issued in 1997 to non- employee directors. In June 2001, as a result of acquisition of Network ICE, the Company assumed all outstanding Network ICE stock options. Each Network ICE stock option assumed is subject to the same terms and conditions as the original grant and generally vest over four years and expires ten years from the date of grant. Each option was adjusted at a ratio of 0.13529 shares of ISS common stock for each one share of Network ICE common stock. A summary of ISS's stock option activity is as follows:
1999 2000 2001 ---------------------- ---------------------- ---------------------- WEIGHTED WEIGHTED WEIGHTED AVERAGE AVERAGE AVERAGE NUMBER OF EXERCISE NUMBER OF EXERCISE NUMBER OF EXERCISE SHARES PRICE SHARES PRICE SHARES PRICE ----------- -------- ----------- -------- ----------- -------- Outstanding at beginning of year.............. 5,205,000 $5.35 5,067,000 $13.58 5,252,000 $36.54 Granted..................................... 1,719,000 33.94 2,253,000 67.88 1,663,000 32.15 Exercised................................... (1,033,000) 3.81 (1,366,000) 4.63 (1,108,000) 12.65 Canceled.................................... (884,000) 15.45 (702,000) 33.61 (1,092,000) 46.52 Assumed..................................... 60,000 3.51 -- -- 289,000 14.79 ----------- ----------- ----------- Outstanding at end of year.................... 5,067,000 13.58 5,252,000 36.54 5,004,000 36.98 =========== =========== =========== Exercisable at end of year.................... 2,693,000 3.00 1,430,000 13.24 1,386,000 22.74 =========== =========== =========== Weighted average fair value of options granted during the year............................. $ 29.01 $ 59.25 $ 27.76 =========== =========== ===========
All Network ICE options assumed by ISS were included in the purchase price based on their fair value. The intrinsic value of the unvested options has been allocated to deferred compensation and is being amortized over the remaining vesting period of the related options. Deferred compensation recorded in June 2001 was approximately $6.2 million. Amortization of this deferred compensation was $2,083,000 in 2001. 47 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 4. STOCK OPTION PLANS -- (CONTINUED) The following table summarizes information about stock options outstanding at December 31, 2001:
OPTIONS FULLY OPTIONS OUTSTANDING VESTED AND EXERCISABLE ---------------------------- ---------------------------- NUMBER OF WEIGHTED NUMBER OPTIONS AVERAGE EXERCISABLE WEIGHTED OUTSTANDING AT REMAINING AT AVERAGE DECEMBER 31, CONTRACTUAL DECEMBER 31, EXERCISE RANGE OF EXERCISE PRICES 2001 LIFE 2001 PRICE ------------------------ -------------- ----------- ----------------- -------- $.08-.49........................... 64,000 4.85 64,000 $ 0.20 $.50-3.99.......................... 516,000 6.02 504,000 3.33 $4.00-11.99........................ 839,000 8.32 173,000 6.41 $12.00-24.99....................... 776,000 8.84 140,000 18.17 $25.00-54.99....................... 740,000 8.17 229,000 29.84 $55.00-69.99....................... 1,378,000 8.58 133,000 62.18 $70.00-85.63....................... 691,000 8.57 143,000 77.15
Pro forma information regarding net income and net income per share is required by SFAS 123, which also requires that the information be determined as if ISS had accounted for its employee stock options granted subsequent to December 31, 1994 under the fair value method prescribed by that Statement. The fair value for options granted was estimated at the date of grant using the Black-Scholes option-pricing model. The following weighted average assumptions were used for 1999, 2000 and 2001, respectively: risk-free interest rates of 6.19%, 6.27% and 4.51%, respectively; no dividend yield; volatility factors of 1.25, 1.29 and 1.28 respectively; and an expected life of the options of 5 years. The Black-Scholes option valuation model was developed for use in estimating the fair value of traded options that have no vesting restrictions and are fully transferable. In addition, option valuation models require the input of highly subjective assumptions including the expected stock price volatility. Because employee stock options have characteristics different from those of traded options, and because the changes in the subjective input assumptions can materially affect the fair value estimate, in management's opinion, the existing models do not necessarily provide a reliable single measure of the fair value of its employee stock options. For purposes of pro forma disclosures, the estimated fair value of the option is amortized to expense over the options' vesting period. The following pro forma information adjusts the net income (loss) and net income (loss) per share of Common Stock for the impact of SFAS 123:
YEAR ENDED DECEMBER 31, ------------------------------------- 1999 2000 2001 -------- ----------- ------------ Pro forma net income (loss)............................ $743,000 $(8,003,000) $(43,433,000) ======== =========== ============ Pro forma net income (loss) per share.................. $ 0.02 $ (0.19) $ (0.95) ======== =========== ============
48 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 5. OTHER INCOME AND MINORITY INTEREST In September 2001 our Asia/Pacific Rim subsidiary sold newly issued shares in an initial public offering ("IPO") on the Japan over-the-counter market. These newly issued shares represented approximately 9% of the outstanding shares of our Asia/Pacific Rim subsidiary. Other income in 2001 includes a gain on the subsidiary IPO of $13.6 million from this initial public offering. Other income also includes $1.6 million generated from the March 2001 sale of approximately 2% of the outstanding shares of our Asia/Pacific Rim subsidiary to employees and key partners. These amounts represent the difference between proceeds received and the underlying basis in the stock less the minority interest in such gains. Minority interest totaled $336,000 in 2001. Minority interest represents the portion of earnings that would be distributed to shares not held by the Company if the Asia/Pacific Rim subsidiary declared a dividend equal to its earnings. 6. COMMITMENTS AND LITIGATION ISS has non-cancelable operating leases for facilities that expire at various dates through October 2011. In 1999, ISS entered into an 11 1/2-year lease for a new corporate headquarters, which it began to occupy in various stages in November 2000. Future minimum payments under non-cancelable operating leases with initial terms of one year or more consisted of the following at December 31, 2001:
OPERATING LEASES ----------- 2002....................................................... $12,343,000 2003....................................................... 9,902,000 2004....................................................... 8,438,000 2005....................................................... 7,803,000 2006....................................................... 6,659,000 Thereafter................................................. 38,041,000 ----------- Total minimum lease payments..................... $83,186,000 ===========
Rent expense was approximately $2,831,000, $4,939,000 and $6,806,000 for the years ended December 31, 1999, 2000 and 2001, respectively. Beginning on September 28, 2001, the Company and certain of its officers and directors were named as defendants in several lawsuits alleging violations of the federal securities laws, including Sections 10(b) and 20(a) of the Securities Exchange Act of 1934, as amended, and Rule 10b-5 thereunder. As of March 27, 2002, six such actions have been filed in the United States District Court for the Northern District of Georgia. The complaints, which are substantially similar in nature, purport to be brought on behalf of a class of investors who purchased the Company's stock during the period from April 5, 2001 through August 14, 2001 (the "Class Period"). The complaints generally allege that the Company and the individual defendants violated the anti-fraud provisions of the federal securities laws and caused the Company's stock to trade at artificially high prices by making misrepresentations relating to the Company's financial condition and prospects during the Class Period. The complaints seek damages in an unspecified amount. The Company anticipates that all six of these actions, along with any other similar actions, which may hereafter be filed, will be consolidated into a single case. No answer or other responsive papers are yet due from the defendants. The Company believes that it has meritorious defenses and intends to defend the actions vigorously. 49 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 7. INCOME TAXES For financial reporting purposes, the provision for income taxes includes the following components, all of which are current:
YEAR ENDED DECEMBER 31, ------------------------------------ 1999 2000 2001 -------- ----------- ----------- Federal income taxes............................ $730,000 $ 8,421,000 $ 8,899,000 State income taxes.............................. 149,000 691,000 696,000 Foreign income taxes............................ 97,000 1,226,000 2,926,000 -------- ----------- ----------- Total provision for income taxes...... $976,000 $10,338,000 $12,521,000 ======== =========== ===========
Pre-tax income (loss) attributable to foreign and domestic operations is summarized below:
YEAR ENDED DECEMBER 31, --------------------------------------- 1999 2000 2001 ---------- ----------- ------------ U.S. operations............................... $8,065,000 $26,226,000 $ 3,799,000 Japan operations.............................. 213,000 3,156,000 5,808,000 EMEA operations............................... 132,000 (437,000) (12,174,000) Other......................................... 56,000 (292,000) (370,000) ---------- ----------- ------------ $8,466,000 $28,653,000 $ (2,937,000) ========== =========== ============
A reconciliation of the provision for income taxes to the statutory federal income tax rate is as follows:
YEAR ENDED DECEMBER 31, -------------------------------------- 1999 2000 2001 ---------- ----------- ----------- Federal income taxes applied to pretax income (loss)....................................... $2,878,000 $10,029,000 $(1,028,000) State income taxes, net of federal income tax benefit...................................... 149,000 691,000 696,000 Alternative minimum tax........................ 230,000 -- -- Intangibles.................................... 209,000 57,000 9,170,000 Research and development tax credits........... (717,000) (1,104,000) (1,100,000) Merger expenses not deductible for tax purposes..................................... 792,000 -- -- S Corp earnings................................ (255,000) -- -- Foreign operations............................. 97,000 223,000 2,634,000 Deferred compensation.......................... -- -- 729,000 Write-off of in-process research and development.................................. -- -- 1,019,000 Other.......................................... -- 672,000 346,000 Change in valuation allowance.................. (2,407,000) (230,000) 55,000 ---------- ----------- ----------- $ 976,000 $10,338,000 $12,521,000 ========== =========== ===========
Deferred income taxes reflect the net income tax effects of temporary differences between the carrying amounts of assets and liabilities for financial reporting purposes and the amounts used for income tax 50 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 7. INCOME TAXES -- (CONTINUED) purposes. The net income tax effect has been computed using a combined statutory rate of 38% for federal and state taxes. Significant components of ISS's net deferred income taxes are as follows:
DECEMBER 31, --------------------------- 2000 2001 ------------ ------------ Deferred income tax liabilities: Amortization........................................... $ -- $ 5,913,000 Gain on Japan IPO...................................... -- 5,876,000 ------------ ------------ Total deferred income tax liabilities.......... -- 11,789,000 Deferred income tax assets: Depreciation........................................... 446,000 400,000 Accrued liabilities.................................... 206,000 122,000 Allowance for doubtful accounts........................ 329,000 853,000 Net operating loss carryforwards....................... 29,602,000 32,039,000 Foreign tax credit carryforwards....................... -- 1,000,000 Research and development tax credit carryforwards...... 2,440,000 4,487,000 ------------ ------------ Total deferred income tax assets............... 33,023,000 38,901,000 ------------ ------------ Net deferred tax income tax asset.............. 33,023,000 27,112,000 Less valuation allowance............................... (33,023,000) (27,112,000) ------------ ------------ Net deferred income tax assets................. $ -- $ -- ============ ============
For financial reporting purposes, a valuation allowance has been recognized to reduce the net deferred income tax assets to zero. In 2001, the change in valuation allowance is primarily a result of changes in deferred income tax assets and liabilities for which the related benefit or provision was charged to stockholders' equity. Therefore, such change in the valuation allowance is not included in the rate reconciliation above. ISS has not recognized any benefit from the future use of the deferred tax assets because management's evaluation of all the available evidence in assessing the realizability of the tax benefits of such loss carryforwards indicates that the underlying assumptions of future profitable operations contain risks that do not provide sufficient assurance to recognize such tax benefits currently. The net deferred income tax assets include approximately $33,023,000 and $27,112,000 at December 31, 2000 and 2001, respectively, of assets that were created by or are subject to valuation allowance as a result of stock option deductions. While income tax expense will be recorded on any future pre-tax profits from United States operations, these deferred tax assets would reduce the related income taxes payable. This reduction in income taxes payable in future periods would be recorded as additional paid-in capital. ISS has approximately $84,313,000 of net operating loss carryforwards for federal income tax purposes that expire in varying amounts between 2011 and 2021. The net operating loss carryforwards may be subject to certain limitations in the event of a change in ownership. ISS also has approximately $4,487,000 of research and development tax credit carryforwards that expire between 2011 and 2021 and foreign tax credit carryforwards of $1,000,000 that expire in 2006. 8. EMPLOYEE STOCK AND BENEFIT PLANS ISS sponsors a 401(k) plan that covers substantially all employees over 18 years of age. Participating employees may contribute up to 15% of their pre-tax salary, but not more than statutory limits. ISS matches 25% of participant contributions up to 3% of their pre-tax salary. Matching contributions were $196,000 in 2000 and $290,000 in 2001. Prior to 2000 ISS made no contributions to the plan. 51 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 8. EMPLOYEE STOCK AND BENEFIT PLANS -- (CONTINUED) Effective July 1, 1999 ISS implemented an employee stock purchase plan (the "Plan") for all eligible employees. Under the Plan, shares of ISS's Common Stock may be purchased at six-month intervals at 85% of the lower of the fair market value on the first or the last day of each six-month period. Employees may purchase shares with aggregate fair value up to 10% of their gross compensation during a six-month period. During 2000 employees purchased 39,000 shares at an average price of $41.44 per share and during 2001 employees purchased 75,000 shares at an average price of $30.40 per share. At December 31, 2001, 411,000 shares of ISS Common Stock were reserved for future issuance. 9. INCOME (LOSS) PER SHARE The following table sets forth the computation of basic and diluted net income (loss) per share:
YEAR ENDED DECEMBER 31, --------------------------------------- 1999 2000 2001 ---------- ----------- ------------ Numerator: Net income (loss)................................... $7,490,000 $18,315,000 $(15,458,000) ---------- ----------- ------------ Denominator: Denominator for basic net income (loss) per share -- weighted average shares.......................... 39,996,000 41,892,000 45,649,000 Effect of dilutive stock options.................... 3,695,000 3,207,000 -- ---------- ----------- ------------ Denominator for diluted net income (loss) per share -- weighted average shares................. 43,691,000 45,099,000 45,649,000 ---------- ----------- ------------ Basic net income (loss) per share..................... $ 0.19 $ 0.44 $ (0.34) ========== =========== ============ Diluted net income (loss) per share................... $ 0.17 $ 0.41 $ (0.34) ========== =========== ============
For the year ended December 31, 2001, 1,364,000 weighted average options were not included in the above calculations as their effect on loss per share was anti-dilutive. 10. SEGMENT AND GEOGRAPHIC INFORMATION ISS conducts business in one operating segment; namely providing information security management solutions. The Company does, however, prepare information for internal use on a geographic basis. This information consists of the operating results of each geographic segment. The segment operating costs reported internally generally consist of direct sales expenses, an executive team and infrastructure to support its employee and customer and partner base, and supporting billing and financial systems. Unallocated corporate expenses include research and development, general and administrative costs that support the global organization and amortization of intangibles, stock based compensation and goodwill. The accounting policies of the segments are the same as those described in the summary of significant accounting policies. There are no intersegment sales. Our chief executive officer and chief financial officer evaluate performance based on operating profit or loss from operations by segment. Assets and liabilities are not discretely allocated or reviewed by segment. In accordance with Statement of Financial Accounting Standards No. 131, "Disclosures about Segments of an Enterprise and Related Information", the Company has included a summary of the segment financial 52 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 10. SEGMENT AND GEOGRAPHIC INFORMATION --(CONTINUED) information reported internally. The geographic segments are the Americas, Europe, Middle East and Africa ("EMEA"), and the Asia/Pacific Rim.
AMERICAS EMEA ASIA/PAC UNALLOCATED TOTAL ------------ ----------- ----------- ------------ ------------ YEAR ENDED DECEMBER 31, 2001 REVENUES FROM EXTERNAL CUSTOMERS: Product licenses and sales................... $ 81,527,000 $18,284,000 $22,574,000 $ -- $122,385,000 Subscriptions................................ 53,654,000 8,020,000 5,013,000 66,687,000 Professional services........................ 24,421,000 6,971,000 3,095,000 -- 34,487,000 ------------ ----------- ----------- ------------ ------------ Total revenue.......................... 159,602,000 33,275,000 30,682,000 -- 223,559,000 COST OF REVENUES: Product licenses and sales................... 12,737,000 593,000 109,000 -- 13,439,000 Subscriptions and professional services...... 37,575,000 7,392,000 5,741,000 -- 50,708,000 ------------ ----------- ----------- ------------ ------------ Total cost of revenues................. 50,312,000 7,985,000 5,850,000 -- 64,147,000 OPERATING EXPENSES............................. 60,663,000 22,033,000 9,305,000 91,569,000 183,570,000 ------------ ----------- ----------- ------------ ------------ TOTAL EXPENSES................................. 110,975,000 30,018,000 15,155,000 91,569,000 247,717,000 ------------ ----------- ----------- ------------ ------------ SEGMENT OPERATING INCOME (LOSS)................ $ 48,627,000 $ 3,257,000 $15,527,000 $(91,569,000) $(24,158,000) YEAR ENDED DECEMBER 31, 2000 REVENUES FROM EXTERNAL CUSTOMERS: Product licenses and sales................... $ 91,516,000 $15,627,000 $12,560,000 $ -- $119,703,000 Subscriptions................................ 33,728,000 5,929,000 2,049,000 -- 41,706,000 Professional services........................ 27,348,000 4,358,000 1,860,000 -- 33,566,000 ------------ ----------- ----------- ------------ ------------ Total revenue.......................... 152,592,000 25,914,000 16,469,000 -- 194,975,000 COST OF REVENUES: Product licenses and sales................... 22,629,000 24,000 -- -- 22,653,000 Subscriptions and professional services...... 28,447,000 6,143,000 2,181,000 -- 36,771,000 ------------ ----------- ----------- ------------ ------------ Total cost of revenues................. 51,076,000 6,167,000 2,181,000 -- 59,424,000 OPERATING EXPENSES............................. 50,418,000 11,614,000 6,000,000 46,950,000 114,982,000 ------------ ----------- ----------- ------------ ------------ TOTAL EXPENSES................................. 101,494,000 17,781,000 8,181,000 46,950,000 174,406,000 ------------ ----------- ----------- ------------ ------------ SEGMENT OPERATING INCOME (LOSS)................ $ 51,098,000 $ 8,133,000 $ 8,288,000 $(46,950,000) $ 20,569,000 YEAR ENDED DECEMBER 31, 1999 REVENUES FROM EXTERNAL CUSTOMERS: Product licenses and sales................... $ 61,078,000 $ 8,307,000 $ 4,665,000 $ -- $ 74,050,000 Subscriptions................................ 20,623,000 2,843,000 675,000 -- 24,141,00 Professional services........................ 16,129,000 1,846,000 321,000 -- 18,296,000 ------------ ----------- ----------- ------------ ------------ Total revenue.......................... 97,830,000 12,996,000 5,661,000 -- 116,487,000 COST OF REVENUES: Product licenses and sales................... 18,842,000 -- -- -- 18,842,000 Subscriptions and professional services...... 16,967,000 1,891,000 -- -- 18,858,000 ------------ ----------- ----------- ------------ ------------ Total cost of revenues................. 35,809,000 1,891,000 -- -- 37,700,000 OPERATING EXPENSES............................. 33,910,000 5,998,000 3,216,000 32,963,000 76,087,000 ------------ ----------- ----------- ------------ ------------ TOTAL EXPENSES................................. 69,719,000 7,889,000 3,216,000 32,963,000 113,787,000 SEGMENT OPERATING INCOME (LOSS)................ $ 28,111,000 $ 5,107,000 $ 2,445,000 $(32,963,000) $ 2,700,000
53 INTERNET SECURITY SYSTEMS, INC. NOTES TO CONSOLIDATED FINANCIAL STATEMENTS -- (CONTINUED) 11. QUARTERLY FINANCIAL RESULTS (UNAUDITED) Summarized quarterly results for the two years ended December 31, 2000 and 2001 are as follows (in thousands, except per share data):
FIRST SECOND THIRD FOURTH ------- ------- ------- ------- 2000 by quarter: Revenues..................................... $39,291 $44,217 $51,787 $59,680 Operating income............................. 3,085 4,215 5,805 7,464 Net income................................... 3,070 4,081 4,855 6,309 Income per share: Basic........................................ $ 0.07 $ 0.10 $ 0.12 $ 0.15 Diluted...................................... $ 0.07 $ 0.09 $ 0.11 $ 0.14 2001 by quarter: Revenues..................................... $61,155 $51,710 $52,734 $57,960 Operating income (loss)...................... 6,875 (11,278) (13,295) (6,460) Net income (loss)............................ 6,541 (5,610) (6,088) (10,301) Income (loss) per share: Basic........................................ $ 0.15 $ (0.13) $ (0.13) $ (0.22) Diluted...................................... $ 0.15 $ (0.13) $ (0.13) $ (0.22)
Because of the method used in calculating per share data, the quarterly per share data will not necessarily total the per share data as computed for the year. 54 SCHEDULE II VALUATION AND QUALIFYING ACCOUNTS
BALANCE AT BEGINNING OF BALANCE AT YEAR PROVISION WRITE-OFFS END OF YEAR ------------ ---------- ---------- ----------- 1999 Allowance for Doubtful Accounts.............. $ 412,000 $ 554,000 $(118,000) $ 848,000 ========== ========== ========= ========== 2000 Allowance for Doubtful Accounts.............. $ 848,000 $ 556,000 $(216,000) $1,188,000 ========== ========== ========= ========== 2001 Allowance for Doubtful Accounts.............. $1,188,000 $1,596,000 $(221,000) $2,563,000 ========== ========== ========= ==========
55 SIGNATURES Pursuant to the requirements of the Section 13 or 15(d) of the Securities Exchange Act of 1934, the Registrant has duly caused this Report to be signed on its behalf by the undersigned, thereunto duly authorized. INTERNET SECURITY SYSTEMS, INC. By: /s/ RICHARD MACCHIA ------------------------------------ Richard Macchia Vice President and Chief Financial Officer By: /s/ MAUREEN RICHARDS ------------------------------------ Maureen Richards Corporate Controller Dated: April 1, 2002 POWER OF ATTORNEY KNOW ALL PERSONS BY THESE PRESENTS, that each person whose signature appears below hereby severally constitutes and appoints, Thomas E. Noonan, Richard Macchia and Maureen Richards, and each or any of them, his true and lawful attorney-in-fact and agent, each with the power of substitution and resubstitution, for him in any and all capacities, to sign any and all amendments to this Annual Report (Form 10-K) and to file the same, with exhibits thereto and other documents in connection therewith, with the Securities and Exchange Commission, hereby ratifying and confirming all that each said attorney-in-fact and agent, or his substitute or substitutes, may lawfully do or cause to be done by virtue hereof. Pursuant to the requirements of the Securities Exchange Act of 1934, this Report has been signed below by the following persons on behalf of the Registrant and in the capacities and on the dates indicated.
NAME TITLE DATE ---- ----- ---- /s/ THOMAS E. NOONAN Chairman, President and Chief April 1, 2002 ----------------------------------------------------- Executive (Principal Executive Thomas E. Noonan Officer) /s/ CHRISTOPHER W. KLAUS Chief Technology Officer, April 1, 2002 ----------------------------------------------------- Secretary and Director Christopher W. Klaus /s/ RICHARD MACCHIA Vice President and Chief April 1, 2002 ----------------------------------------------------- Financial Officer Richard Macchia /s/ RICHARD S. BODMAN Director April 1, 2002 ----------------------------------------------------- Richard S. Bodman /s/ ROBERT E. DAVOLI Director April 1, 2002 ----------------------------------------------------- Robert E. Davoli /s/ SAM NUNN Director April 1, 2002 ----------------------------------------------------- Sam Nunn
56
NAME TITLE DATE ---- ----- ---- /s/ KEVIN J. O'CONNOR Director April 1, 2002 ----------------------------------------------------- Kevin J. O'Connor /s/ DAVID N. STROHM Director April 1, 2002 ----------------------------------------------------- David N. Strohm
57