Filed by LGL Systems Acquisition Corp. pursuant to Rule 425 under the Securities Act of 1933 and deemed filed pursuant to Rule 14a-12 under the Securities Exchange Act of 1934 Subject Company: LGL Systems Acquisition Corp. Commission File No. 333-256129

Sidoti & Company, LLC Member FINRA & SIPC NR Price Target: $15 Price: $10.04 Risk Rating: M Note: We calculate full year F2022 based on the assumed post-acquisition share count. EPS is based on a Non-GAAP calculation that adjusts for one-time items and stock based compensation as an expense. Sum of quarterly EPS may not equal full year total due to rounding and/or change in share count. NR = Not Rated. Risk Ratings: H = Highly risky; M = Moderately risky.
Year F2014 F2015 F2016 F2017 F2018 F2019 F2020 F2021 F2022E F2023E
Rev.(Mil.) N/A N/A N/A N/A N/A N/A $23.2 $29.2 $52 4 $110.1
GAAP EPS N/A N/A N/A N/A N/A N/A ($0.89) ($1.03) ($0.44) ($0.70)
Description: IronNet Cybersecurity Inc. (www.ironnet.com) develops advanced software and data analysis solutions to identify suspicious behavior on corporate and government networks. The company was founded in 2014 and is headquartered in McLean, VA.
LGL Systems Acquisition Corp. has entered into a merger agreement with IronNet Cybersecurity, Inc. LGL Systems Acquisition Corp. (NASDAQ: DFNS) is a publicly listed special purpose acquisition company (SPAC) with about $173 million cash in trust. DFNS plans to combine with privately-held IronNet Cybersecurity. The boards of both companies have unanimously approved the transaction, which now requires the approval of stockholders and targets a 3Q:21 close. For our analysis, we assume shareholder approval and no redemptions from DFNS holders. Hence, we view DFNS shares as an attractive opportunity to invest in IronNet.
If the proposed merger is approved, DFNS holders will own 14.5% of IronNet. The projected breakdown of post-transaction IronNet translates to current DFNS holders owning
14.5%, PIPE participants 10%, and existing IronNet insiders about 72%. The PIPE is
projected to raise $125 million of additional capital for the post-merger IronNet. According to the terms of the transaction, IronNet is valued at an EV of about $930 million, assuming a
$10 share price. The financial tables above the text on page one, the estimated metrics in the
table to the right, and the financial models in tables pages one, two, and three, reflect our estimates and projections for IronNet Cybersecurity. Figures in the Key Statistics table to the right that are not estimates (as designated with an E), reflect current metrics for LGL Systems Acquisition Corp.
IronNet introduces a two-pronged paradigm shift in network security. IronNet delivers a combination of next generation detection and scoring of suspicious activity in real-time, while also providing a platform to share knowledge of common malicious activity across a network of customers to foster fast collaboration of cybersecurity experts at different companies. The improved detection, known as network detection and response (NDR), incorporates data traveling within the network and data traveling in/out of the network applying advanced machine learning and behavioral algorithms to pull insights that may not otherwise be identified. The combination of strong threat detection and the collaborative network of customers is, to our knowledge, novel and unique today.
Building a coordinated response to emerging cybersecurity threats could be a key to detecting malicious behavior and thwarting widespread damage in an era of seemingly never-ending breaches. IronNet highlighted that its customers were able to detect malicious behavior around the SolarWinds hack in May 2020, over six months before it became widely known and reported. Companies and government agencies that fell victim to the breach faced an advanced Nation State adversary that operated for months without being noticed.
Matthew Galinko (212) 894-3338 (mgalinko@sidoti.com)
Key Statistics* Analysts Covering 1 Market Cap (Mil) $220 Enterprise Value $216 52-Week Range (NYSE) 11-10 5-Year EPS CAGR N/A Avg. Daily Trading Volume 106,000 Shares Out (Mil) 21.563 Float Shares (Mil) 16.550 Insider Ownership 4% Institutional Holdings 79% Annualized Dividend Nil Dividend Yield N/A FCF Per Share (F2023E) ($0.68) FCF Yield (2022E) -6.8% Net Cash Per Share (F2023E) $2.52 Price to Book Value 1.5x Return on Equity (F2023E) NM Total Debt to Capital 0% Interest Coverage Ratio N/A Short Interest % 0.5% Short Interest Days To Cover 1.0 Russell 2000 2,131 Russell 2000 - Last 12 Months 44.6% DFNS - Last 12 Months -1.1% 19-Jul-2018 to 19-Jul-2021 (Daily) LGL Systems Acquisition Corp. Class A Required disclosures appear on page 9 Analyst certification appears on page 12 1177 Avenue of the Americas ? 5th Floor New York, NY 10036 Phone: 212-297-0001 www.sidoti.com

The malware was distributed through trusted channels and highlighted a major potential attack vector that may not be possible to effectively secure. Improved detection and structured communication of useful threat data allows IronNet’s users to respond quickly to concerning activity, and we think could be the difference between thwarting a bad actor in time and having sensitive data exfiltrated.
The operating plan is to increase sales quickly and reinvest back into the business. Management’s financial plan is to scale revenue to about $290 million by F2025 (from $29.2 million in F2021). Supporting that growth is a surge in operating expenses to about $323 million (from $77.5 million in F2021), comprised of sales and marketing spending growth from $30 million to $172 million and expanding R&D from $26 million to $95 million. Feature and functionality expansion should help to increase the value of renewing customers. Management may explore other potential use cases for its detection algorithm and expertise, with one such solution already in the market to identify potential digital ad fraud.
We think the balance sheet is adequate to rapidly scale the business against what we think is a sizable opportunity. IronNet is expected to have about $266.5 million in cash after the acquisition process is completed. The company’s published financial plan is to burn through about $190 million of that balance by the end of F2025, although we think M&A could accelerate the need to tap capital markets. Note that the company should have about 13.8 million in outstanding warrants with an $11.50 exercise price at closing, which we model could raise about $150 million of additional cash if conditions for exercise are met. Given our price target for IronNet above the warrant strike price, we model the warrants are exercised at the end of F2022. With a projected gross margin from predominantly recurring revenue of around 75%, we think the company could turn profitable and self-supporting far sooner than we model in F2027 with a more moderate revenue growth target, should access to capital become less certain. We model net cash of $269.6 million ($2.26 per share) in 3Q:22, which we expect to decrease to $222.1 million ($1.61 per share) by the end of F2026 with a share count of 138.8 million, assuming the warrants exercised and about 1 million shares in deferred stock awards at $13 are realized.
We initiate coverage of LGL Systems Acquisition Corp. shares with a Moderately Risky rating and a price target of $15. We think IronNet is comparable to other next generation cybersecurity companies such as ZScaler (NASDAQ: ZS, NC), CrowdStrike (NASDAQ: CRWD, NC), and Carbon Black (acquired); the former two stocks trade at 44x EV/TTM sales and 27x EV/2022 sales, while Carbon Black was acquired for 8x trailing revenue. We think this aggressive peer group valuation reflects a high rate of revenue growth bringing innovative tools to market and is a good reference point against IronNet’s financial outlook. Given IronNet’s strategy of reinvesting gross profit into sales, marketing and engineering to maintain a high rate of revenue growth and market share capture, it will likely not be possible to value the company on earnings or EBITDA metrics for the foreseeable future. We apply a 10x multiple to our F2025 revenue estimate of $291.0 million to derive a $15 price target. This calculation applies a 15% discount rate, adds $241.3 million of projected net cash, and uses 136.7 million as the share count. We use a moderately risky rating due to the strong capital position anticipated after the transaction is closed.
Company Overview
LGL Acquisition Corp (NASDAQ: DFNS) is a publicly listed special purpose acquisition company that priced its IPO in November 2019 and announced its target, IronNet Cybersecurity, on March 15, 2021. Both DFNS and IronNet boards approved the transaction and is pending shareholder approval. DFNS holds about $173 million cash in a trust. The shareholder vote is not yet scheduled, although the company targets a 3Q:21 closing.
IronNet was founded in 2014 by Retired General Keith Alexander, who was Director of the NSA and the first commander of the U.S. Cyber Command. In our opinion, Gen. Alexander is uniquely positioned to understand the flaws in the country’s posture toward cyber defense. He specifically identified the slow speed of communication around active threats as a key risk.
IronNet’s first patents were filed in 2014, and the initial NDR product, IronDefense, was launched in 2016; IronDome, the collective defense platform, went live with initial customers in 2018.
The SPAC IPO and the PIPE should serve the dual purpose of giving IronNet access to sufficient capital to scale its sales force and engineering operation to capture a material share of the large addressable market, while also better establishing the brand.
IronNet currently operates in a Co-CEO structure, with William Welch bringing industry experience to accompany Gen. Alexander’s technical expertise. Mr. Welch was previously the President and COO of Duo Security prior to its acquisition by Cisco (NASDAQ: CSCO, NC) in late 2018. He joined Zscaler as global VP of sales and Chief Revenue Officer in 2015 and left as COO. We think Mr. Welch’s C-level experience at two next generation cybersecurity companies offers a strong basis for driving commercialization of IronNet. Chief Revenue Officer Sean Foster was previously Chief Revenue Officer of ForcePoint, the successor to web filtering leader Websense, which added network security and data loss prevention tools after being taken private in
2013. Mr. Foster also spent time as VP of Global Sales at
HPE Security.
We think IronNet’s C-Suite combines high level operating, sales, and technical expertise spanning public and private sector backgrounds, which fits the company’s strategy of filling a void in cyber threat information sharing across organizational boundaries.

Detection And Distribution: A Cybersecurity
One- Two Punch
We think IronNet operates on the theory that cybersecurity breaches will happen to everybody, and that beyond good hygiene and best practices, being able to detect, identify, and squelch malicious activity before it exfiltrates sensitive data is a crucial, as yet inadequately achieved step. IronNet shines a spotlight at malicious activity by using a “big data” approach to detection.
IronNet ingests network packet metadata through probes on a customer network, as well as data from endpoint and firewall security solutions in the network, applying a series of behavioral and machine learning algorithms to the data to discover anomalous behavior that may be the result of malicious activity. IronNet’s approach can discover network activity that would not be detected by traditional signatures that seek known patterns.
IronNet’s software scores the threat level of the signals it detects and gives customers a tool to explore and manage the threats. The company highlighted 4.6 million alerts unmasked in 2020. That pool was reduced to about
15,000 high risk alerts, of which half were shared across the collaborative IronDome platform.
When customers opt into the IronDome network, anonymized detection data is shared across customer dashboards. The dashboard shows which alerts are common to other companies participating in the IronDome network and gives participants a way to share notes on the issue. If common suspicious activity is detected across multiple companies or organizations, there could be valuable insight to share around mitigating or preventing spread. To the extent that high risk detections will be investigated by the customer’s security team, sharing could allow a reduction in duplicative work. The sharing concept likely speeds awareness of attacks in process, which we surmise can help to mitigate damages. The combination of the advanced detection of known and unknown threats with collaborative processing and management of the incidents could bring visibility to advanced threats months before they would traditionally be uncovered.
The Information Systems Security Association (ISSA) publishes an annual survey, with 70% of organizations reporting a skill shortage in cybersecurity teams, imperiling their ability to effectively protect and respond to threats. We think IronNet’s design could drive greater efficiency in cybersecurity teams.
Competitive Landscape
We think IronNet competes primarily with companies that combine endpoint and network data to identify active threats in a category called Network Detection and Response (NDR). Examples of such companies include:
DarkTrace (LON: DARK, NC) was listed on the London Stock Exchange in April 2021 after being founded in 2013 with the aim to use machine learning to help detect and respond to cyber-attacks. Like IronNet, the company
goes a step further than looking for known threats based on signatures, by examining a broader array of data and relying on advanced computer intelligence and algorithms to look for anomalies. DarkTrace does not have a collaborative defense platform.
Vectra AI, Inc. is a private company founded in 2012 to detect cyberattacks on infrastructure and provide more advanced tools for security analysts to investigate threats. The company is backed by private equity.
ExtraHop is a privately held company founded in 2007 to provide network data collection and analysis to identify and resolve performance issues. We think the company launched its first NDR solution in 2018, building from the data collection and analytics intelligence and knowledge. Like others in the category, ExtraHop does not have a collaborative defense platform, to our knowledge.
We think it is difficult to compare the detection capabilities of the multiple companies providing NDR products and services, given the sophistication of the tools and threats they seek. In our view, a common thread to next generation cybersecurity tools is the move into behavioral algorithms to find anomalies, although we note IronNet’s management has stated that competitors use a signature- based detection, before applying machine learning algorithms, potentially limiting visibility into unknown threats.
Cybersecurity Threat Landscape
The SolarWinds Sunburst hack, which also encompassed Microsoft (NASDAQ: MSFT, NC) and VMware (NYSE: VMW, NC), began around March 2020, but was not disclosed or reported on until December 2020. SolarWinds provides advanced network management tools, installing probes on corporate networks that monitor network health and status.
Sending software updates is standard procedure for companies selling enterprise software, and there are methods for ensuring that the update payload transmitted over the internet is not tampered with. In the case of the SolarWinds attack, hackers breached the distribution system and validated tampered updates, allowing an infectious payload to be delivered under the guise of a trusted channel, as neither the sender nor user suspected or noticed such activity.
Traditional cyber-attacks tend to exploit critical flaws in software, allowing hackers to gain entry and begin chipping away at defenses from within a network. The SolarWinds/SUNBURST attack exploited legitimate and trusted software distribution channels. This was described as a “supply chain” attack and drew on inherent trust between a software company and its users. We do not think it is feasible for every software update to undergo rigorous analysis by the user. On July 2, 2021, Kaseya (private), which provides management software used by Managed Service Providers (MSP), pushed a tampered update to users, causing more than 1,000 companies to be infected with ransomware.

Recent approaches to improving network security leave exploitable gaps that sophisticated attackers can leverage. NDR solutions function in those gaps to improve visibility.
In summary, basic security measures such as keeping insecure interfaces protected from internet traffic via firewall, securing data transmission with encryption, keeping network facing software patched, and enforcing strong user credentials are now inadequate to counter threats and stop all breaches. There are a myriad and growing number of alternate strategies to breach even a strongly secured network for a determined, well- resourced adversary.
IronNet’s Go-To-Market Approach
IronNet’s customer acquisition strategy centers on winning the most influential customer(s) in a peer group that can encourage or induce adoption to other companies in its field of influence. The concept of collaboration and threat intelligence sharing between industry peers could tip the scale in consolidating the NDR market across a large portion of verticals if strategic customer wins prove successful.
Deeper account penetration combined with feature expansion and up selling cornerstone customer accounts, which totaled 27 as of the end of 1Q:F22, could drive higher value renewals. Management projected a net retention rate of 100% in F2022, rising to 120% by F2025. If accurate, early customer wins should indicate steady long-term growth.
Recent Results
Historical financials are relatively limited for an emerging growth company going public through a SPAC process. Only the 1Q:F22 and 1Q:F21 quarters have been reported, as well as F2020 and F2021 We also note the company’s fiscal year ends January, where F2021 ended January 2021.
IronNet reported F2021 revenue of $29.2 million, growing
26% over $23.2 million in F2020. The company’s annualized recurring revenue (ARR) was $26 million in F2021, up from $15 million in F2020, suggesting a portion of F2020’s revenue was non-recurring, perhaps software license. The company fully transitioned to a recurring revenue model in F2021. The reported average contract length is 3.2 years.
A gross margin of 76% in F2021 improved from 72% year over year. Operating expenses of $77.5 million in F2021 were comprised of 39% sales and marketing, 33% R&D, and about 27% G&A.
Management disclosed an LTV/CAC ratio of 5.1x; in other words, the long-term value of a customer is estimated at over 5x the cost of acquisition. Although the math is not apples to apples, if the company spent $30.4 million in F2021 sales and marketing to increase ARR by $11 million, and the average contract is three years, the company should generate at least $33 million revenue,
exceeding the customer acquisition cost. However, with management’s assumption of the 5.1x LTV/CAC and the fixed element of S&M expenses that will amortize across a larger customer base as revenue scales up, the optics of S&M expenses higher than revenue in the near term begin to make economic sense.
IronNet’s F2021 operating loss of $55.3 million widened from $48.4 million year over year, as investment in sales and marketing nearly doubled, and non-GAAP net loss widened to $55.3 million (from $47.7 million).
Consolidated 1Q:22 revenue declined $0.5 million or 7% year over year, attributed to lower professional services revenue, which is typically lumpy. Software revenue grew about 14% year over year, although subscription software revenue grew 79% and accounted for 99% of total software revenue in 1Q:F22.
Earnings Outlook
IronNet reports with a fiscal year ending January, where the calendar January 2021 quarter corresponds to
4Q:F21. IronNet has compared its model to cybersecurity peer Crowdstrike, which is expected to transition to breakeven and profitable operations as revenue exceeds around $500 million.
We project F2022 revenue of $52.4 million, up 79% year over year, with a gross margin of about 72.3% producing
$37.8 million of gross profit up 70.3% year over year. We model a revenue mix of about 91% subscription software and the rest professional services. We model operating expenses to grow 16%. We anticipate the operating loss widens to about $53 million and adjusted EBITDA to $48 million (from $55 million and $54 million, respectively).
We expect the late-F2022 capital raise as IronNet completes its process to achieve a public listing supports an acceleration in operating expense investment in F2023. We anticipate revenue growth of 110% in F2023 is nearly matched by 93% growth in operating expenses, with 134% growth in sales and marketing leading the way. We expect operating losses widen to $94.5 million and adjusted EBITDA to $83.8 million.
For F2023-F2026, we model average revenue growth of about 69%, reaching about $400 million by the end of the period. We think operating expenses will decline as a proportion of revenue to about 98% by F2026 from about
158% in F2023, owing to the operating leverage we expect to emerge, despite continuing investment in growth. We anticipate the adjusted EBITDA loss to narrow from $83.8 million in F2023 to $57.3 million by F2026. We model about 1% in annual growth in shares outstanding, excluding warrant exercises.
Balance Sheet and Cash Flow
IronNet expects to close the SPAC transaction with about
$270 million in balance sheet cash, between conversion from the trust and a $10 expected pricing of the PIPE, net of closing fees.

The company’s financial model projects cash burn coinciding with the income statement losses at least for the next five years; extrapolating beyond five years, we think IronNet could hit FCF breakeven in the 7-10 year range with revenue reaching $500-$600 million. We model net cash of about $270 million ($2.26 per share) the first quarter after the transaction closes. There are about 13.8 million warrants outstanding with an $11.50 strike price, potentially contributing about $150 million of cash when exercised, assuming the capital is retained. We expect net cash of $338.9 million ($2.52 per share) at the end of F2023, $287.1 million ($2.12 per share) at the end of F2024, and $241.3 million ($2.77 per share) at the end of F2025. Given a scenario where the warrants are not exercised, we model $82.6 million ($0.61 per share) at the end of F2025. Risks The SPAC transaction may not be approved by shareholders. Shareholders have yet to vote and could decide against completing the transaction. If the acquisition process fails to be completed, our estimates are null and void. This report is written under the assumption that the acquisition will be completed. Management’s financial outlook forecasts several years of net losses and cash burn to achieve a high growth rate, which could necessitate dilutive capital raises. We think management views the NDR market as ripe for widespread adoption with significant lifetime value of a customer well beyond the customer acquisition cost. However, access to capital markets at a favorable valuation is not a foregone conclusion. The market for NDR is competitive. There are multiple companies with competing NDR products, and although a technical edge could win in a competition between vendors, IronNet is far from a household brand and we think is years from developing sales coverage that comprehensively reaches the target market. We also think the complexity of deploying these tools could make switching costs expensive and installations durable, making scaling quickly a necessity. Should IronNet fail to identify a high-profile attack, customer renewals might become more difficult to achieve. NDR technology adds to a stack of cybersecurity tools, processes, services, and best practices that enterprises already deploy. Cybersecurity threats evolve to evade defenses, and although we think tools tend to accumulate rather than be replaced, the relative value and pricing could decline over time. IronNet has not gone through a significant renewal cycle. The typical customer contract is currently about three years and the company began accelerating customer acquisition in 2020. Financial projections depend in part on successful renewals and expansion, and the lack of a completed renewal cycle provides limited visibility. IronNet reports a material weakness in internal controls over financial reporting. The company noted it lacked a sufficient number of personnel to design and maintain controls over journal entries, preparing and reviewing account reconciliations, and IT systems for preparing financial statements. The company instituted plans to address the weaknesses and we think the influx of capital and growing scale of the business will resolve these issues. Valuation We view IronNet’s peer group as primarily including next generation cybersecurity players that drive significant revenue growth rates through healthy uptake of market leading products. Companies` such as Zscaler and CrowdStrike created recurring revenue business models that foster customer stickiness, allowing aggressive investment in customer acquisition to generate large lifetime values, while sacrificing near-term profitability to seize large market opportunities before competitors can enter and post material gains. ZScaler and CrowdStrike trade at an average EV/Sales multiple of 22x based on C2022 consensus revenue estimates. In contrast, Splunk trades at 9x and Carbon Black, Inc. was acquired by Dell Technologies, Inc. for about 7x forward revenue in 2019. CrowdStrike traded around 10- 15x forward revenue for the first few quarters following its IPO before ascending to the 25x we see today. We initiate coverage of DFNS shares with a Moderately Risky rating and a $15 price target. Our price target is based on a revenue multiple of 10x the F2025 revenue estimate of $291.0 million, discounted at a rate of 15% to which we add $241.3 million of projected net cash, and then divide by a projected share count of 136.7 million. The share count projection assumes the exercise of outstanding warrants into stock. Our moderate risk rating reflects our view that the company will be sufficiently capitalized after closing the transaction to invest in growth and likely reach a scale to fund through operations. Exhibit 1: Comp Valuation Table ($ in millions, except per share data) Name Ticker Rating Mkt. Cap EV Sales (TTM) Sales (2022E) EV/Sales (TTM) EV/Sales (2022E) CrowdStrike Holdings CRWD NC $56,543 $45,853 $481 $1,848 95.2 24.8 Palo Alto Networks PANW NC $37,928 $24,527 $2,900 $5,004 8.5 4.9 Zscaler ZS NC $30,316 $16,327 $303 $897 53.9 18.2 Splunk SPLK NC $21,971 $27,204 $2,359 $3,068 11.5 8.9 Average 42.3 14.2 IronNet Cybersecurity, Inc.* IRNT NR $1,193 $926 $29 $110 31.7 8.4 *IronNet market cap, EV, and resulting multiples are based on projected metrics after the deal is closed. NC=Not Covered by Sidoti & Company, NR=Not Rated Sources: Company reports, Factset, Sidoti & Compay, LLC. Estimates

Table 1: IronNet Income Statement ($ in millions, except per share data) Total revenue Software, subscription, and support revenue Professional services revenue Total cost of revenue Cost of product, subscription, and support Cost of service revenue Gross profit Research and development Sales and marketing General and administrative Total operating expenses Operating income (EBIT) EBITDA Adjusted EBITDA Interest income/expense Other income/expense Earnings before taxes Provision for income taxes Net income (GAAP) EPS (GAAP, Basic) EPS (Non-GAAP) Basic shares outstanding Diluted shares outstanding % yoy change Total revenue N/A N/A 25.9% -7.2% N/A N/A N/A 79.4% 185.9% 134.0% 98.0%81.5% 110.3% Software N/A N/A 24.7% 13.8% N/A N/A N/A 92.5%190.0% 140.0% 100.0% 85.0% 114.6% Service N/A N/A 32.4%-83.8% N/A N/A N/A 7.6%80.0%80.0%80.0%50.0%68.2% Gross margin N/A N/A 33.7% -11.6% N/A N/A N/A 67.1% 204.1% 137.0% 100.3% 84.4%114.7% R&D N/A N/A 0.0% -7.1% N/A N/A N/A 35.9% 58.7% 93.9% 43.2%47.3%58.5% S&MN/A N/A 0.0% -13.1% N/A NA N/A 14.5% 104.0% 134.0% 133.1% 157.7% 134.1% G&A N/A N/A 0.0% -1.4% N/A N/A N/A -6.2% 43.4% 104.8% 85.6%103.3% 82.0% Total operating expenses N/A N/A 0.0% -7.9% N/A N/A N/A 16.0% 70.7% 112.5% 86.8% 101.4% 93.0%EBITN/A N/A 0.0% -6.7% N/A N/A N/A -4.6% 32.0% 97.2% 75.9% 122.4% 77.8% % of revenue Software 85.3% 78.5% 84.6% 96.2% 90.0% 90.0% 90.0% 90.8% 97.6% 92.3% 90.9% 91.7% 92.6% Professional Services14.7% 21.5% 15.4% 3.8% 10.0% 10.0% 10.0% 9.2% 2.4% 7.7% 9.1% 8.3% 7.4% Gross Margin 71.6% 73.1% 76.0% 69.6%71.0% 71.0% 71.0% 70.8% 74.1% 71.9% 71.8% 72.2% 72.3% Software 70.2%71.6%78.1% 71.4%75.0%75.0%75.0%74.5%75.0%75.0%75.5%75.5%75.3% Professional Services 79.4%78.7%64.4% 23.3%35.0%35.0%35.0%34.4%35.0%35.0%35.0%35.0%35.0% R&D114.7% 108.0% 88.4% 108.1% 70.0% 65.0% 53.0% 66.9%60.0% 58.0% 47.0% 43.0% 50.5% S&M 77.2% 119.7% 104.1% 112.1% 75.0% 62.0% 50.0% 66.5% 80.0% 75.0% 73.0% 71.0%74.0% G&A 88.4% 84.5% 72.9% 89.7% 40.0% 32.0% 25.0% 38.2% 45.0% 35.0% 30.0% 28.0% 33.0% Total operatingexpenses 280.2% 312.2% 265.4% 309.9% 185.0% 159.0% 128.0% 171.6% 185.0% 168.0% 150.0% 142.0% 157.5% EBIT 208.6% -239.1% -189.4% -240.3% -114.0% -88.0% -57.0% -100.8% -110.9% -96.1% -78.2% -69.8% -85.2% EBITDA -204.2%-233.3% -185.4% -236.7% -111.3% -86.1% -55.4% -98.6% -109.3% -94.9% -77.2% -69.0% -84.1% Notes:Adjusted EBITDA deducts stock based compensation and other non-recurring expenses from EBITDA Non-GAAP Net income deducts stock based compensation and other non-recurring expenses from GAAP net income Model reflects IronNet Cybersecurity’s fiSources: Company reports and Sidoti & Company, LLC estimates.

LGL SYSTEMS ACQUISITION CORP. CLASS A Table 2: IronNet Cash Flow Statement ($ in millions, except per share data) Net loss Depreciation and amortization Disposal of property and equipment Bad debt expense Employee stock compensation Accounts receivable Deferred costs Inventory Prepaid expenses and other current assets Deposits and other assets Contract assets Accounts payable Accrued expenses Income tax payable Deferred rent Deferred revenue Net cash provided by operating activities Purchases of property and equipment Proceeds from the sale of fixed assets Purchases of investments Sale of investments Proceeds from maturity of investments Net cash provided by investing activities Proceeds from issuance of series B preferred stock Proceeds from issuance of common stock Proceeds from trust Proceeds from borrowing of PPP loan Proceeds from stock subscription Proceeds from warrant exercise Net cash provided by financing activities Effect of exchange rates on cash and equivalents (0.0) (0.0) 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 Net change in cash and equivalents (13.9) 33.5 20.7 (12.6) (0.6) 256.8 161.0 404.6 (35.1) (8.1) (21.9) (32.2) (97.2) Cash and equivalents, beginning of period 24.7 10.8 10.8 31.5 19.0 18.3 275.2 31.5 436.2 401.0 393.0 371.1 436.2 Cash and equivalents, end of period 10.8 44.3 31.5 19.0 18.3 275.2 436.2 436.2 401.0 393.0 371.1 338.9 338.9 FCF (49.8) (14.3) (43.6) (12.9) (0.6) 6.8 2.3 (4.4) (29.5) (8.1) (21.9) (32.2) (91.6) FCF/Share ($0.91) ($0.27) ($0.80) ($0.24) ($0.01) $0.06 $0.02 ($0.04) ($0.22) ($0.06) ($0.16) ($0.24) ($0.68) Sidoti & Company, LLC 7

LGL SYSTEMS ACQUISITION CORP. CLASS A Table 3: IronNet Balance Sheet ($ in millions, except per share data) Cash and equivalents Accounts receivable Unbilled receivable Related party receivable and loan receivables Account and loan receivables Investments Inventory Deferred costs Prepaid warranty Prepaid expenses and other current assets Total current assets Deferred costs Property and equipment, net Prepaid warranty Deposits and other assets Total assets Accounts payable Accrued expenses Deferred revenue Deferred rent Short-term PPP loan Income tax payable Other current liabilities Total current liabilities Deferred rent Deferred revenue Long-term PPP loan Other long-term liabilities Total liabilities Total shareholders’ equity Total liabilities and shareholders’ equity 3.3 2.9 4.2 3.3 3.9 5.6 14.2 18.8 27.4 0.1 0.1 0.1 5.6 5.6 5.6 0.1 0.1 0.1 0.7 0.7 0.7 4.7 6.7 8.2 6.4 9.0 11.1 27.3 33.5 31.7 0.1 0.1 0.1 0.0 0.0 0.0 0.1 0.1 0.1 0.7 0.7 0.7 Metrics and Ratios Net cash 10.8 26.0 13.4 12.8 269.6 430.6 401.0 393.0 371.1 338.9 Net cash per share $0.20 $0.48 $0.25 $0.11 $2.26 $3.60 $3.00 $2.93 $2.77 $2.52 DSO 18.9 20.3 5.8 20.7 20.7 20.7 20.7 20.7 20.7 20.7 Sources: Company reports and Sidoti & Company, LLC estimates. Sidoti & Company, LLC 8

Appendix Required Disclosures Required Disclosures LGL Systems Acquisition Corp. Class A (DFNS-$10.04) NR Price Target: $15 Risk Rating: M Risks The SPAC transaction may not be approved by shareholders. Shareholders have yet to vote and could decide against completing the transaction. If the acquisition process fails to be completed, our estimates are null and void. This report is written under the assumption that the acquisition will be completed. Management’s financial outlook forecasts several years of net losses and cash burn to achieve a high growth rate, which could necessitate dilutive capital raises. We think management views the NDR market as ripe for widespread adoption with significant lifetime value of a customer well beyond the customer acquisition cost. However, access to capital markets at a favorable valuation is not a foregone conclusion. The market for NDR is competitive. There are multiple companies with competing NDR products, and although a technical edge could win in a competition between vendors, IronNet is far from a household brand and we think is years from developing sales coverage that comprehensively reaches the target market. We also think the complexity of deploying these tools could make switching costs expensive and installations durable, making scaling quickly a necessity. Should IronNet fail to identify a high-profile attack, customer renewals might become more difficult to achieve. NDR technology adds to a stack of cybersecurity tools, processes, services, and best practices that enterprises already deploy. Cybersecurity threats evolve to evade defenses, and although we think tools tend to accumulate rather than be replaced, the relative value and pricing could decline over time. Exhibit 1: Comp Valuation Table ($ in millions, except per share data) Name Ticker Rating Mkt. Cap EV Sales (TTM) Sales (2022E) EV/Sales (TTM) EV/Sales (2022E) CrowdStrike Holdings CRWD NC $56,543 $45,853 $481 $1,848 95.2 24.8 Palo Alto Networks PANW NC $37,928 $24,527 $2,900 $5,004 8.5 4.9 Zscaler ZS NC $30,316 $16,327 $303 $897 53.9 18.2 Splunk SPLK NC $21,971 $27,204 $2,359 $3,068 11.5 8.9 Average 42.3 14.2 IronNet Cybersecurity, Inc.* IRNT NR $1,193 $926 $29 $110 31.7 8.4 *IronNet market cap, EV, and resulting multiples are based on projected metrics after the deal is closed. NC=Not Covered by Sidoti & Company, NR=Not Rated Sources: Company reports, Factset, Sidoti & Compay, LLC. Estimates IronNet has not gone through a significant renewal cycle. The typical customer contract is currently about three years and the company began accelerating customer acquisition in 2020. Financial projections depend in part on successful renewals and expansion, and the lack of a completed renewal cycle provides limited visibility.

IronNet reports a material weakness in internal controls over financial reporting. The company noted it lacked a sufficient number of personnel to design and maintain controls over journal entries, preparing and reviewing account reconciliations, and IT systems for preparing financial statements. The company instituted plans to address the weaknesses and we think the influx of capital and growing scale of the business will resolve these issues. Valuation We view IronNet’s peer group as primarily including next generation cybersecurity players that drive significant revenue growth rates through healthy uptake of market leading products. Companies` such as Zscaler and CrowdStrike created recurring revenue business models that foster customer stickiness, allowing aggressive investment in customer acquisition to generate large lifetime values, while sacrificing near-term profitability to seize large market opportunities before competitors can enter and post material gains. ZScaler and CrowdStrike trade at an average EV/Sales multiple of 22x based on C2022 consensus revenue estimates. In contrast, Splunk trades at 9x and Carbon Black, Inc. was acquired by Dell Technologies, Inc. for about 7x forward revenue in 2019. CrowdStrike traded around 10-15x forward revenue for the first few quarters following its IPO before ascending to the 25x we see today. We initiate coverage of DFNS shares with a Moderately Risky rating and a $15 price target. Our price target is based on a revenue multiple of 10x the F2025 revenue estimate of $291.0 million, discounted at a rate of 15% to which we add $241.3 million of projected net cash, and then divide by a projected share count of 136.7 million. The share count projection assumes the exercise of outstanding warrants into stock. Our moderate risk rating reflects our view that the company will be sufficiently capitalized after closing the transaction to invest in growth and likely reach a scale to fund through operations. Sidoti & Company. Sidoti & Company, LLC is a licensed broker/dealer, and publishes research reports about some of the securities it follows. All research published by Sidoti & Company, LLC is based on public information, or on information fro m the company discussed in the report that that company is required to promptly make public . This report was prepared for market professionals and institutional investor customers. Market professionals and institutional investors should consider this report as only one factor in making their investment decisions. This report is for information purposes only and is not intended as an offer to sell or a solicitation to buy securities. This research report is not a substitute for the exercise of your independent judgment. Information contained herein is based on sources we believe to be reliable but we do not guarantee their accuracy. The stock rating on this report reflects the analyst’s recommendation based on a 12-month period. It should be presumed that the analyst who authored this report has had discussions with the subject company to ensure factual accuracy prior to publication. Sidoti does NOT own securities of the issuers described herein, and Sidoti does not make a market in any securities. Sidoti does not engage in, or receive compensation from, any investment banking or corporate finance-related activities with the company discussed in the report. Sidoti’s contracts with issuers protect Sidoti’s full editorial control of all research, timing of release of reports, and release from liability for negative reports. To ensure further independence, the company discussed in the report has agreed to a minimum coverage term of one Initiation Report and three Update Reports, which that company cannot unilaterally terminate earlier. Sidoti & Company, LLC takes steps to ensure analyst independence including setting fees in advance and utilizing analysts who must abide by the CFA Institute Code of Ethics and Standards of Professional Conduct. Each Sidoti & Company, LLC analyst has full discretion on the rating and revenue target based on his or her own due diligence. Analysts are paid in part based on overall profitability of Sidoti & Company, LLC. Such profitability is derived from a variety of sources and includes payments received from issuers of securities covered by Sidoti & Company, LLC for services described below. No part of analyst compensation was, or will be, directly or indirectly, related to the specific recommendations or views expressed i n any report or article. All issuers to be considered for research obtain the approval of a stock selection committee comprised of the Director of Research, the Chief Compliance Officer, and an independent outside person for screening applicants. Sidoti Company Sponsored Research Rating System The Sidoti & Company, LLC Company Sponsored Research rating system consists of “Moderately Risky” (M) and “Highly Risky” (H) ratings. “Moderately Risky” suggests companies, that while still subject to relatively high price volatility, are characterized by more stable and predictable cash flow, a more established operating history, and an operating environment that is somewhat less competitive with a potential for loss of principal. “Highly Risky” suggests high risk equities of companies with a short or unprofitable operating history, limited or less predictable revenues, very high risk associated with success, significant financial or legal issues, or a substantial risk/loss of principal. As of 07/20/21 and immediately prior to the publication of this report, Company Sponsored Research provides research on 27 companies, of which 22 (81%) are rated Moderately Risky and 5 (18%) are rated Highly Risky. Earnings targets and opinions concerning the composition of market sectors included in this report reflect analyst judgments as of this date and are subject to change without notice. A risk to our earnings targets is that the analyst’s estimates or forecasts may not be met. This report contains forward- looking statements, which involve risks and uncertainties. Actual results may differ significantly from such forward-looking statements. Factors that may cause such differences include, but are not limited to, those discussed in the “Risk Factors” section in the issuer’s SEC filings available in electronic format through SEC Edgar filings at www.sec.gov. Every company in the Microcap sector bears certain inherent risks and Sidoti & Company, LLC will not provide any company

subject to those risks with a rating below moderate because stock in the Microcap segment of the market have many risks that are not as prevalent in Large-Cap, Blue Chips, or even Small-Cap stocks. Often it is these risks that cause Microcap stocks to trade at discounts to their peers. The most common of these risks is liquidity risk, which is typically caused by small trading floats and very low trading volume which can lead to large spreads and high volatility in stock price. In addition, Microcaps tend to have significant company specific risks that contribute to lower valuations. Investors need to be aware of the higher probability of financial default and higher degree of financial distress inherent in the Microcap segment of the market. Sidoti & Company policy is to update research reports as and when the Research Analyst and Research Management deem appropriate, based on developments with the issuer, the sector, or the market that may have a material impact on the research views or opinions stated therein. In addition, certain Research publications are intended to be updated on a regular periodic basis (weekly/monthly/quarterly/annual) and will ordinarily be updated with that frequency, unless the Research Analyst and Research Management determine that a different publication schedule is appropriate based on current conditions. Sidoti & Company Research does not provide individually tailored investment advice. Sidoti & Company Research has been prepared without regard to the circumstances and objectives of those who receive it. Sidoti & Company recommends that investors independently evaluate particular investments and strategies, and encourages investors to seek the advice of a financial adviser. The appropriateness of an investment or strategy will depend on an investor’s circumstances and objectives. The securities, instruments, or strategies discussed in Sidoti & Company Research may not be suitable for all investors, and certain investors may not be eligible to purchase or participate in some or all of them. Sidoti & Company Research is not an offer to buy or sell or the solicitation of an offer to buy or sell any security/instrument or to participate in any particular trading strategy. The value of and income from your investments may vary because of changes in interest rates, foreign exchange rates, default rates, prepayment rates, securities/instruments prices, market indexes, operational or financial conditions of companies or other factors. There may be time limitations on the exercise of options or other rights in securities/instruments transactions. Past performance is not necessarily a guide to future performance. Estimates of future performance are based on assumptions that may not be realized. If provided, and unless otherwise stated, the closing price on the cover page is that of the primary exchange for the subject company’s securities/instruments. These opinions may not fit to your financial status, risk and return preferences. For this reason, to make an investment decision by relying solely to this information stated here may not bring about outcomes that fit your expectations. The trademarks and service marks contained in Sidoti & Company Research are the property of their respective owners. Third-party data providers make no warranties or representations relating to the accuracy, completeness, or timeliness of the data they provide and shall not have liability for any damages relating to such data. Investors should consider Sidoti & Company Research as only a single factor in making their investment decision. For valuation methodology and risks associated with any recommendation, rating or price target referenced in this research report, please contact the Client Support Team as follows: US/Canada +1 212-453-7000. Alternatively you may contact your investment representative or Sidoti & Company Research at 1212 Avenue of the Americas, (Attention: Director of Research), New York, NY 10036 USA. Compensation. Sidoti & Company, LLC receives a flat fee of $40,000, renewable annually from the company discussed in Company Sponsored Research reports for the creation and dissemination of an Initiation Report and three Update Reports. The purpose of the fee is to subsidize the high costs of research and monitoring. Sidoti holds multiple conferences a year and charges a fee of $3,500 to $5,500 per conference to presenting companies depending on the event. Sidoti does not currently have a current investment banking services relationship with companies discussed in Company Sponsored Research Reports, or contemporaneously with any other companies discussed in other (Sidoti) Company Sponsored Research reports. Investment banking services, as defined under FINRA Rule 2241, include, among other things, acting as an underwriter in, or as a member of the selling group in, a securities underwriting. Sidoti’s role in any issuer’s investment banking transaction can be viewe d in that issuer’s filings at www.sec.gov. Sidoti has non-research employees who will seek compensation for brokerage commission revenue in connection with market trading the securities of this company. Sidoti & Company, LLC has received compensation for non-investment banking services on the Small-Cap Universe, and expects to receive additional compensation for non-investment banking services on the Small- Cap Universe, paid by issuers of securities covered by Sidoti & Company, LLC analysts. These non-investment banking services include investor relations services and software, financial database analysis, advertising services, brokerage services, advisory services, investment research, investment management, non-deal road shows, and attendance fees for conferences sponsored or co-sponsored by Sidoti & Company, LLC. Sidoti Analysts. Sidoti policy does not allow an analyst or a member of their household (i) to own, trade, or have any beneficial interest in any securities of any company that analyst covers, or (ii) serve as an officer or director of a covered company. Sidoti employees, including research analysts, receive compensation that is based in part upon the overall performance of the firm, including revenues generated by Sidoti’s investment banking and brokerage activities, but compensation is not directly related to investment banking or brokerage revenues. Sidoti maintains and enforces written policies and procedures reasonably designed to prevent any controlling persons, officers (or persons performing similar functions), or employees of Sidoti from influencing the activities of research analysts and the content

of research reports prepared by the research analyst. Sidoti research analysts seek to have management of their covered companies meet with investors during non-deal road shows. Analysts’ compensation may be related to their success in scheduling non-deal road shows. This approach could be viewed as presenting potential conflicts of interest. Reprints of Sidoti & Company, LLC reports are prohibited without permission. Additional information is available upon request. For any further questions, please contact the Chief Compliance Officer at Sidoti. Analyst Certification. Matthew Galinko certifies that this report accurately reflects his/her personal views about the subject securities and issuers and that none of the research analyst’s compensation was, is or will be, directly or indirectly, related to the analyst’s specific recommendations or views contained in this research report Source Key Statistics data is sourced from FactSet Research Systems

Important Information and Where to Find It This report relates to a proposed transaction between LGL Systems Acquisition Corp. (“LGL”) and IronNet CyberSecurity, Inc. (“IronNet”). LGL has filed with the Securities and Exchange Commission (“SEC”) a registration statement on Form S-4 (the “Registration Statement”) that includes a proxy statement to be distributed to LGL’s stockholders in connection with LGL’s solicitation of proxies for the vote by LGL’s stockholders in connection with the proposed business combination and other transactions described in the Registration Statement, as well as a preliminary prospectus relating to the offer of LGL’s securities to be issued to IronNet’s stockholders in connection with the completion of the proposed business combination described in the Registration Statement. After the Registration Statement is declared effective, LGL will mail the definitive proxy statement/prospectus to stockholders of LGL as of a record date to be established for voting on the proposed business combination. LGL also will file other relevant documents from time to time regarding the proposed transaction with the SEC. INVESTORS AND SECURITY HOLDERS OF LGL ARE URGED TO READ THE PRELIMINARY PROXY STATEMENT/PROSPECTUS AND, ONCE AVAILABLE, THE DEFINITIVE PROXY STATEMENT/PROSPECTUS AND OTHER RELEVANT DOCUMENTS THAT HAVE BEEN OR WILL BE FILED BY LGL FROM TIME TO TIME WITH THE SEC CAREFULLY AND IN THEIR ENTIRETY WHEN THEY BECOME AVAILABLE BECAUSE THEY CONTAIN OR WILL CONTAIN IMPORTANT INFORMATION ABOUT THE PROPOSED TRANSACTION. Investors and security holders will be able to obtain free copies of the proxy statement/prospectus and other documents containing important information about LGL and IronNet once such documents are filed with the SEC, through the website maintained by the SEC at http://www.sec.gov. Copies of the documents filed with the SEC by LGL when and if available, can be obtained free of charge on LGL’s website at https://www.dfns.ai or by directing a written request to LGL Systems Acquisition Corp., 165 Liberty St., Suite 220, Reno, NV 89501 or to info@dfnsi.ai.
Participants in the Solicitation LGL and IronNet and their respective directors and executive officers, under SEC rules, may be deemed to be participants in the solicitation of proxies of LGL’s stockholders in connection with the proposed transactions. Information regarding the persons who may, under SEC rules, be deemed to be participants in the solicitation of proxies from LGL’s stockholders in connection with the proposed transactions described in the Registration Statement and the interests that such persons have in the proposed business combination are set forth in the proxy statement/prospectus included in the Registration Statement. No Offer or Solicitation This communication shall neither constitute an offer to sell or the solicitation of an offer to buy any securities, nor shall there be any sale of securities in any jurisdiction in which the offer, solicitation or sale would be unlawful prior to the registration or qualification under the securities laws of any such jurisdiction.

Forward Looking Statements This report includes “forward looking statements” within the meaning of the “safe harbor” provisions of the United States Private Securities Litigation Reform Act of 1995, including, without limitation, statements regarding IronNet’s business combination with LGL. When used in this report, the words “estimates,” “projected,” “expects,” “anticipates,” “forecasts,” “plans,” “intends,” “believes,” “seeks,” “may,” “will,” “should,” “future,” “propose” and variations of these words or similar expressions (or the negative versions of such words or expressions) are intended to identify forward-looking statements, including statements relating to IronNet’s future financial performance. These forward-looking statements are not guarantees of future performance, conditions or results, and involve a number of known and unknown risks, uncertainties, assumptions and other important factors, many of which are outside LGL’s or IronNet’s management’s control, that could cause actual results or outcomes to differ materially from those discussed in the forward- looking statements. Important factors, among others, that may affect actual results or outcomes include: the inability to complete the transactions contemplated by the proposed business combination; the inability to recognize the anticipated benefits of the proposed business combination, which may be affected by, among other things, the amount of cash available following any redemptions by LGL stockholders; the ability to meet the NYSE’s listing standards following the consummation of the transactions contemplated by the proposed business combination; costs related to the proposed business combination; IronNet’s ability to execute on its plans to develop and market new products and the timing of these development programs; IronNet’s estimates of the size of the markets for its products; the rate and degree of market acceptance of IronNet’s products; the success of other competing technologies that may become available; IronNet’s ability to identify and integrate acquisitions; the performance of IronNet’s products; potential litigation involving LGL or IronNet; and general economic and market conditions impacting demand for IronNet’s products. Other factors include the possibility that the proposed transaction does not close, including due to the failure to receive required security holder approvals, or the failure of other closing conditions. The foregoing list of factors is not exhaustive. You should carefully consider the foregoing factors and the other risks and uncertainties described under the heading “Risk Factors” in the Registration Statement, and other documents filed by LGL from time to time with the SEC. These filings identify and address other important risks and uncertainties that could cause actual events and results to differ materially from those contained in the forward-looking statements. Forward-looking statements speak only as of the date they are made. Readers are cautioned not to put undue reliance on forward-looking statements, and neither LGL nor IronNet undertake any obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.