================================================================================ U. S. SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549 FORM 10-KSB [X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934 For the fiscal year ended December 31, 2001. [_] TRANSITION REPORT UNDER SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934 For the transition period from ____________ to ___________. Commission File Number: 1-14896 NETWORK-1 SECURITY SOLUTIONS, INC. (Name of small business issuer in its Charter) DELAWARE 11-3027591 -------- ---------- (State or other jurisdiction (IRS Employer of incorporation) Identification Number) 1601 TRAPELO ROAD, RESERVOIR PLACE WALTHAM, MASSACHUSETTS 02451 ---------------------------- (Address of Principal Executive Offices) Issuer's telephone number : (781) 522-3400 Securities registered under Section 12(b) of the Exchange Act: Title of each class Name of each exchange on which registered ------------------- ----------------------------------------- Common Stock, $.01 par value Boston Stock Exchange Securities registered under Section 12(g) of the Exchange Act: None Check whether the issuer (1) filed all reports required to be filed by Section 13 or 15(d) of the Exchange Act during the past 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes [X] No [_] Check if there is no disclosure of delinquent filers in response to Item 405 of Regulation S-B contained in this form, and no disclosure will be contained, to the best of registrant's knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-KSB or any amendment to this Form 10-KSB. [ ] The issuer's revenues for its most recent fiscal year: $1,046,000. The aggregate market value of the voting stock of the registrant held by non-affiliates computed by reference to the price at which the stock was sold on March 25, 2002 was approximately $8,404,050. The number of shares of Common Stock outstanding as of March 25, 2002 was 7,677,680. Documents Incorporated by Reference: Certain portions of the Registrant's definitive proxy statement to be filed no later than April 30, 2002 pursuant to Regulation 14A are incorporated by reference in Items 9 through 12 of Part III of this Annual Report on Form 10-KSB. Transitional Small Business Disclosure Format (Check One): Yes [_] No [X] ================================================================================ PART I THIS ANNUAL REPORT ON FORM 10-KSB CONTAINS CERTAIN STATEMENTS WHICH ARE FORWARD-LOOKING STATEMENTS WITHIN THE MEANING OF THE SAFE HARBOR PROVISIONS OF SECTION 27A OF THE SECURITIES ACT OF 1933, AS AMENDED, AND SECTION 21E OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. ACTUAL RESULTS, EVENTS AND CIRCUMSTANCES (INCLUDING FUTURE PERFORMANCE, RESULTS AND TRENDS) COULD DIFFER MATERIALLY FROM THOSE SET FORTH IN SUCH STATEMENTS DUE TO VARIOUS RISKS AND UNCERTAINTIES, INCLUDING BUT NOT LIMITED TO, THOSE DISCUSSED IN THE SECTION ENTITLED "RISK FACTORS THAT MAY AFFECT FUTURE RESULTS" IN ITEM 1 OF THIS REPORT AS WELL AS THOSE RISKS DISCUSSED ELSEWHERE IN THIS REPORT. ITEM 1. DESCRIPTION OF BUSINESS. INTRODUCTION Network-1 Security Solutions Inc. (the "Company") develops, markets, licenses and supports a suite of security software products designed to prevent unauthorized access to critical information residing on networked servers, desktops and laptops. The Company's CyberwallPLUS family of security software products combines the benefits of firewall and intrusion detection technology with central management features to provide an enterprise-class layer of security protection directly on servers, desktops, wireless and mobile computers (the "end points"). The CyberwallPLUS family of security products compete in the emerging "end-point" security market. CyberwallPLUS delivers intrusion prevention through its firewall and intrusion detection capabilities, a unique combination of technologies that actively detects and blocks intrusions. CyberwallPLUS interrogates incoming and outgoing traffic on the host servers, desktops and laptops by using stateful inspection and behavior-based intrusion detection. The packet-filtering firewall blocks unauthorized access to any of the 65,000 ports on a computer and prevents the computer from launching attacks of its own directed at other networked computers. The access controls and intrusion filters enable security policy, which is optimized to the specific computer, and dramatically increases the machine's ability to deflect attacks or potential compromise. Centralized management features of CyberwallPLUS allow organizations to flexibly deploy and manage policies enterprise-wide. In addition to training and technical support services, the Company offers multi-year maintenance agreements to its customers. The Company's network of solution providers in the United States and internationally offer post-sales support services to ensure a client's successful deployment of the Company's products. The Company was incorporated under the laws of the State of Delaware in July 1990. The Company's executive offices are located at 1601 Trapelo Road, Reservoir Place, Waltham, Massachusetts 02451 and its telephone number is 781-522-3400. The Company's Web site can be found at www.network-1.com. 2 INDUSTRY BACKGROUND With the advent of the Internet, the availability of broadband technologies, and the rise in use of Web-based applications, organizations have opened the once closed corporate network to telecommuting and mobile employees, remote offices, customers and business partners. By leveraging the open, public Internet, the organization is extended beyond the traditional boundaries of the corporate network. As a result, organizations face increasing security threats that may compromise their critical information assets. Traditional perimeter security solutions, such as perimeter firewalls, can no longer effectively secure all of the network's resources. Organizations are employing virtual private network technology (VPN) which provides a cost effective means of transmitting confidential data over the Internet by utilizing various encryption and authentication technologies. However, the widespread use of VPN technology makes remote desktops and laptops a very valuable target allowing an authenticated and encrypted path directly into the corporate network. These VPN's, however, do not secure the end points (computers) which are still vulnerable to compromise and which can be used in other network based attacks. As a result, securing an organization's electronic assets has become a critical business imperative for organizations. IDC estimates that the overall market for security software will grow from $6.0 billion in 2001 to $14.6 billion by 2006. The increase in external traffic running across corporate networks has significantly raised the potential for malicious activity from hackers and other unauthorized users, with recreational hackers and disgruntled employees accounting for a large percentage of security breaches. The 2001 Computer Security Institute (CSI)/FBI study of enterprises and government agencies reported a 36% annual growth in losses from security breaches between 1997 and 2001, with 40% of such losses attributed to theft of proprietary information. The enormous impact of the "Nimda" and "Code Red" worms, which only targeted a handful of Web server vulnerabilities, reveals the prevalence of vulnerabilities to major attacks. The "Nimda" worm caused billions of dollars in damages and infected hundreds of thousands of servers. It spread by exploiting a known vulnerability in servers running Microsoft's Internet Information Server (IIS) Web Software. Although the "Nimda" worm attacked IIS servers, simply protecting servers is not an adequate strategy. One of the more exposed elements of the corporate technology environment is the corporate desktop and laptop where users load unauthorized software, leave passwords vulnerable, and fail to take adequate precautions on their own. The problem is compounded when the telecommuting or mobile user's laptop is infected while accessing the Internet from their "unprotected" home, hotel or airport connection, and then accessing the corporate network with their compromised laptop when they return to their workplace. Organizations face increasing security challenges as their organizations grow, become geographically distributed, and face increased regulatory pressures. Outside of the corporate data center, security around servers and PCs is less restrictive. Establishing and managing security policies for the broad-spectrum of network nodes is a challenging task, especially for multiple locations across Wide Area Networks (WANs). Organizations are beginning to recognize the need to provide an additional layer of protection for servers 3 and workstations storing or providing access to critical business assets that are a potential target for hackers. THE NETWORK-1 SOLUTION The CyberwallPLUS family of security software products represents the latest generation of our host-based security solution that integrates a powerful range of security techniques to actively detect and block intrusions thereby providing effective "end-point" security. CyberwallPLUS combines the benefits of firewall and intrusion detection technology with central management features to provide an enterprise-class layer of robust security protection directly on Microsoft Windows-based servers, desktops, wireless and mobile computers. The Company's distributed intrusion prevention software is a bi-directional layer of defense that protects the network from the host machine, as well as protecting the host machine from the network, regardless of whether the source of attack is inside or outside the organization. CyberwallPLUS also protects mobile and wireless computers even when they connect to networks outside the organization's control. The Company's CyberwallPLUS family of host intrusion prevention products operates on Windows 9x, Windows NT, Windows 2000, and Windows XP operating system platforms. The CyberwallPLUS suite of products was first introduced in January 1999, evolving from the Company's FireWall/Plus suite of security software products and prior practice in security consulting and forensics. The Company's perimeter firewall product continues to be available in IP and multi-protocol versions. The Company's applications address an organization's need for solutions that improve information security in today's Internet-enabled technology environments. Designed to reduce the total cost of ownership, the Company's solutions deploy without difficulty, offer local or remote centralized management features, integrate easily into existing management infrastructures, and complement existing security investments. The Company's solution starts out by inhibiting intruders from even discovering computer assets with "stealth mode", a technique that gives the appearance that no system is present at a given IP address. Fine-grained access control, bi-directional protection and stateful packet inspection typically found in high-end perimeter firewalls combine with powerful intrusion detection and prevention capabilities to add a critical second layer of defense behind existing perimeter firewalls. CyberwallPLUS's centralized policy management enables detailed security policies to be formulated, distributed, and monitored, maximizing IT security resources. The logging features are designed to meet the requirements for legal forensic evidence as well as timely alerts. CyberwallPLUS coexists or interoperates easily with many other security and management components, including virus checkers, enterprise monitoring systems, and enterprise VPNs. 4 STRATEGY The Company's goal is to become a leading provider of host security solutions for multi-layer defense of critical business processes. Key components of the Company's strategy include: EXTEND TECHNOLOGY IN HOST INTRUSION PREVENTION. The Company's technology enables it to offer complete and cost-effective host intrusion prevention for Windows environments. By continuing the evolution of the Company's core technology platform, the Company expects to extend its stateful packet inspection, intrusion detection and prevention capabilities. The Company has expanded its development resources in 2002 to provide additional host-based security and enterprise-scale management technologies. EXPAND SALES CHANNELS. The Company's sales strategy requires establishing multiple indirect sales and marketing channels in the United States and internationally. During the fourth quarter of 2001, the Company embarked on an aggressive effort to extend its sales reach through indirect channels, such as value-added resellers, system integrators, and original equipment manufacturers (OEMs). In the U.S. this has been accomplished by establishing relationships with leading systems integrators and consultants, including Siemens Business Systems and CompuCom Systems, Inc. In addition, the Company will continue its efforts to expand its sales and marketing channels in 2002, with the addition of more partners, improved channel effectiveness via co-marketing and joint selling programs, and further development of sales and technical training initiatives. ENHANCE STRATEGIC RELATIONSHIPS FOR COMPLEMENTARY TECHNOLOGIES. As a critical component of any organization's multi-layered security infrastructure, intrusion prevention solutions must operate efficiently and seamlessly with other security products. In order to increase market awareness and distribution, as well as ensure co-existence that delivers customer benefits, the Company will increase its efforts to cultivate technology, marketing and sales synergies with vendors of complementary technologies - including VPNs, anti-virus solutions, file integrity applications, and more. EXPAND STRATEGIC RELATIONSHIPS WITH KEY INFRASTRUCTURE PROVIDERS. Effective security architecture is inextricably linked to the clear identification of the infrastructure to be protected and the relevant threats - requiring close partnerships with infrastructure vendors to develop optimized security solutions. In addition to extending the Company's relationships with leading vendors of systems, software and networking infrastructure, the Company will attempt to establish relationships with emerging infrastructure technology vendors. The Company's marketing strategy includes targeting emerging application segments where security is becoming more important. In October 2001 the Company signed a ten (10) year Licensing and Distribution Agreement which established a co-development, marketing and distribution sales relationship with FalconStor Software, Inc. ("FalconStor") (Nasdaq; FALC), a storage networking company, to develop versions of CyberwallPLUS that are optimized for FalconStor's IPStor storage management suite. 5 CONTINUE INTERNATIONAL EXPANSION. In late 2001 the Company expanded its marketing efforts beyond the United States to Europe and Asia. The Company has recently expanded its sales force with the objective of gaining broad international market acceptance of the Company's security solutions. Internationally, the Company will attempt to execute a systematic program to recruit and grow its business with local channel partners. LEVERAGE KEY REFERENCE ACCOUNTS IN SELECTED VERTICAL MARKETS. The Company has targeted its marketing and direct sales efforts at organizations within several key vertical markets where security is the utmost priority due to new consumer privacy regulations, sensitivity of data residing on remote-accessed networks, and a high percentage of mobile/remote workers. The positive references garnered from this installed customer base offers the Company an opportunity to expand our market penetration within those critical industries. In addition, these reference accounts will serve as references for other like-sized, security sensitive organizations. PRODUCTS AND SERVICES The Company maintains two classes of CyberwallPLUS products - host intrusion prevention solutions and network and perimeter firewall solutions - each with a corresponding central manager module. HOST INTRUSION PREVENTION. The Company's host solutions control access to desktops, laptops, and servers. The Company released three revisions of CyberwallPLUS host products, culminating with the release of version 7.2 in February 2002. The product suite includes: CYBERWALLPLUS FOR DESKTOPS AND LAPTOPS. CYBERWALLPLUS-WS runs on Windows 9x, Windows NT/2000, and Windows XP client systems and provides a necessary complement to mail-only antivirus scanners. The packet-filtering firewall blocks unauthorized access to any of the 65,000 ports on the end point (computer), and prevents that computer from launching any attacks of its own directed at other network resources. The combination of firewall and intrusion detection technology is comparable to robust perimeter security technology, but optimized for an end point computer. CYBERWALLPLUS-WS also ensures that a computer operates in stealth mode, making it invisible to scanning programs typically used by hackers to locate computers on the network. In addition, at the option of the network administrator, CYBERWALLPLUS-WS can be operated in silent mode so that the computer user does not have access to the product and thus can not make any changes to its configuration. CYBERWALLPLUS FOR SERVERS. The CYBERWALLPLUS-SV server edition is intended for all Microsoft application, database, or infrastructure servers to provide a layer of local self-defense against unauthorized access. Remote access to public servers such as Web servers, Microsoft Exchange Server mail servers, or even Intranet and database servers creates vulnerability in an organization's protection scheme. The access controls and intrusion filters enable security policy which is optimized to the specific server, and dramatically increases its ability to deflect attacks or compromise. 6 CYBERWALLPLUS CENTRAL MANAGER. CYBERWALLPLUS-CM, a management application enabling control and monitoring of multiple CyberwallPLUS installations, responds to an organization's need to easily and centrally manage and maintain the Company's solution distributed across the corporate network. Complementing existing management environments, CyberwallPLUS offers local, remote, and centralized management; policy deployment and management; logging and reporting to existing management systems; and centralized license deployment and license inventory capabilities. NETWORK AND PERIMETER FIREWALLS. The Company also offers a set of network and perimeter firewalls to complete a layered network defense strategy. The Company released two revisions of CyberwallPLUS firewall products, culminating with the release of version 6.2 in July 2001. The product suite includes: CYBERWALLPLUS INTERNET PROTOCOL. Designed to protect a computer network from Internet attacks and intrusions, CYBERWALLPLUS-IP installs as either a transparent bridge or router on the network perimeter. CYBERWALLPLUS-IP, an ICSA (International Computer Security Association) certified product, thwarts malicious attacks originating on either side of the network through its advanced firewall and active intrusion detection/prevention capabilities. The network security software runs on Windows NT/2000 systems configured with two Ethernet interfaces and features an advanced packet filter engine that provides fine-grained network access controls, sophisticated intrusion detection and prevention algorithms, and detailed traffic audit logs. CYBERWALLPLUS MULTI-PROTOCOL. Ideally suited for internal network security, CYBERWALLPLUS-MP is a high-speed local area network (LAN) segment firewall controlling access between internal networks. It operates as a two-port Ethernet bridge and supports hundreds of IP and non-IP protocols. It provides network administrators with the network access controls and intrusion detection tools needed to secure multi-protocol Ethernet LANs from outside attacks. Network-1's solutions contain the following features or attributes: ADVANCED PACKET FILTERING SYSTEM. CyberwallPLUS provides both inbound and outbound packet filtering; passing traffic based on network access rules. These rules restrict packet flow, protecting the network and the systems connected to the network from unnecessary and potentially malicious traffic. 7 STATEFUL PACKET INSPECTION AND DYNAMIC PORT ALLOCATION. CyberwallPLUS examines packets to determine whether or not to pass the packet based on the state of the connection. Should the state of the connection be other than anticipated, CyberwallPLUS will not pass the packet to the destination because the packet is not considered stateful. Stateful inspection is also necessary for dynamic port allocation. With dynamic port allocation, certain protocols may request the one-time opening of a subsidiary connection on additional ports that are opened and closed when the application requires them, yet blocked when not in use. Through Stealth mode operation, CyberwallPLUS will not respond to requests on blocked ports, thus making it more difficult for attackers to "fingerprint" or detect the computer for attack, rather than responding to an unauthorized query with a "connection not allowed" message which would reveal the existence of the computer on the network. SILENT MODE. Silent mode allows the CyberwallPLUS product to operate without the local user interface present. In enterprise deployments, this gives central administrators control over configuration, policy, and monitoring of host systems without involving or disturbing the end user. CENTRALIZED MANAGEMENT. Enterprise environments benefit from CyberwallPLUS's scalable creation of groups of individual hosts and the distribution of policies and licenses across a large number of machines. Multiple industry standard logging formats are supported to enhance the integration of CyberwallPLUS with existing enterprise management systems. CUSTOMIZED SECURITY POLICIES. Security policies may be customized for individual departments, and individual systems and personnel within the network. In addition, CyberwallPLUS allows the creation and tailoring of templates to support custom applications, protocols, and non-standard port configurations. EASE OF USE. CyberwallPLUS was designed to be easily installed, configured and managed by a network or system manager with minimal security skills through an intuitive user interface. To facilitate implementation, CyberwallPLUS comes pre-programmed with a wide variety of frequently used default security policies (templates) which require the customer to simply select one of the rule sets and save the selection. The Company's solutions are licensed on a per-machine basis, with licenses for individual systems, or license packs with volume price breaks for multiple systems, as well as site licenses, where applicable. The Company adds to the completeness of its solution by offering professional training, multi-year product maintenance agreements, and 5/10 technical support plans. Deployment services are offered through the Company's worldwide network of channel partners. 8 SALES, MARKETING AND DISTRIBUTION The Company's objective is to develop a channel-centric sales strategy. In the U.S., the Company directly markets its products through a field sales organization supported by inside sales representatives. The Company also indirectly markets its products through regional value-added resellers (VARs) who offer complementary technologies, including specialized government resellers, and national integrators who have a focus or practice in security. Internationally, the Company's network of regional/country resellers or distributors provides sales interface with prospective customers. DIRECT SALES. The Company`s direct marketing efforts target medium and large-scale Microsoft Windows-centric enterprises with a large percentage of mobile or remote employees in financial services, healthcare, higher education, and government agencies or suppliers. The Company's sales professionals qualify, develop and pursue leads based on a variety of marketing awareness and lead generation programs, including event marketing, online advertising, and direct mail, as well as downloaded product trials from its corporate Web site. The first objective of the field sales staff is to develop end user opportunities through a combination of on-site and remote interactions with the prospect. The second objective of the field sales staff is to recruit, cultivate and support indirect channel partners. The Company's domestic sales staff is mainly located at corporate headquarters in Waltham, Massachusetts, with the exception of field sales personnel in the western United States. The Company intends to continue to aggressively expand its international operations to address the rapid global adoption of distributed computing environments. Many foreign countries do not have laws recognizing network intrusion or misuse as a crime or the resources to enforce such laws if they do exist. As a consequence, the Company believes that organizations in such countries will have greater need for effective security solutions. The Company plans to expand in those regions where businesses, governments and other institutional users are using distributed networks and the Internet for their mission-critical needs. In the first quarter of 2002, the Company established its Asia Pacific operations which are headquartered in Shanghai, China. These operations will provide product development, sales, marketing and customer support in the Asia Pacific region. INDIRECT SALES. The Company currently has relationships with 19 national, regional and local resellers and systems integrators. In addition, the Company currently has relationships with 17 international system integrators, VARs, resellers and distributors including, among others, the following countries: Japan, United Kingdom, Italy, Germany, Finland, Norway, Canada, Singapore, Russia, Argentina, Peru, Dominican Republic, Antigua, Australia, Switzerland and Saudi Arabia. The Company's agreements with resellers generally grant the right to market the Company's products in specified territories on a non-exclusive basis, are terminable on short notice and do not prohibit the reseller from selling products that are competitive with the Company's products. The Company has signed reseller agreements with several leading VARs and integrators, most notably Siemens Business Services, Inc. and CompuCom Systems, Inc. 9 Channel partners may be classified as: SYSTEM INTEGRATORS. System integrators add significant value to mutual customers by providing outsourced IT management services for deploying, managing and maintaining security infrastructure technology. The Company will continue to attempt to expand the breadth and depth of existing relationships, while also making efforts to sign new system integrators to assist the Company in vertical or geographical expansion. REGIONAL VARS. The regional and/or vertical focus of the Company's VARs is important for the Company's continued presence in small and medium-sized enterprises as well as the government sector in the U.S. Internationally, VARs have provided the backbone of the Company's sales and marketing presence in the local markets. The Company will continue to pursue these relationships in 2002. OEMS. The Company has established several OEM relationships with vendors who market, sell and support the Company's solutions. The Company's CyberwallPLUS products are currently bundled with NEC's Fault Tolerant Server. Furthermore, FalconStor intends to offer the Company's technology solutions with its storage management product suite in the first half of 2002. ISV/CO-MARKETING PARTNERS. The Company continues to seek partnerships with companies whose technologies are complementary. In addition to sales and marketing initiatives, the Company also may work on technical integration of its products to provide seamless co-existence or other benefits to mutual customers. FALCONSTOR LICENSE AND DISTRIBUTION AGREEMENT Simultaneously with the closing of the Company's October 2001 private offering of $6,765,000 of securities (See "Management's Discussion and Analysis or Plan of Operation" at page 24 hereof), the Company entered into a ten (10) year License and Distribution Agreement with FalconStor, pursuant to which FalconStor has the right to distribute the Company's product offerings in its indirect and OEM channels. As part of the Agreement, FalconStor paid the Company a non-refundable advance of $500,000 against future royalty payments (See "Management's Discussion and Analysis or Plan of Operations" at page 24). MARKETING The Company's marketing mission is two-fold - create awareness of the Company's product offerings with the Company's target audience through broad-reach communications programs, and generate leads for sales and channel partners through direct marketing efforts. The Company has engaged in print and online advertising promotions, and maintains an active public relations program. Through these vehicles, the Company attempts to reach the widest-range audience to educate and promote its security solutions. The Company's targeted marketing programs, such as event sponsorships and exhibitions, direct mail (paper and email), and online advertising allow the Company to customize its messages to the specific market segments and/or buyers of its products, and are most effective in not only informing prospects about its products features and benefits, but also generating the most qualified leads for channel partners. The Company 10 also pursues co-marketing activities with strategic and indirect channel partners. The Company plans to devote additional resources to marketing its corporate and product brands in 2002. CUSTOMERS The Company's customers represent a wide range of industries and institutions, both commercial and government, which consider networked-data resources to be among the most important assets within their organizations. As of December 31, 2001 the Company had licensed one or more of its products to 530 customers. New customers during 2001 include: The National Institute of Health, Pennsylvania Supreme Court, University of Washington, The Fuji Bank, Ltd., Bristol Meyers Squibb, and Bank of Finland. During the year ended December 31, 2001 revenue from the University of Washington and Pacific InfoTech (China) Ltd. accounted for 15% and 14% of the Company's revenues, respectively. During the years ended December 31, 2001 and 2000, revenue from international customers (licenses and service to foreign end users and international distributors) accounted for 21% and 11% of our revenues, respectively. Strategic Alliances The Company continues to actively seek strategic alliances to offer complementary benefits to its mutual customers and prospective customers while expanding the sales and marketing reach of its solutions. The Company has focused on two classes of strategic alliances: INFRASTRUCTURE VENDORS. The Company's co-marketing and distribution relationships focus on generating revenue by being the preferred vendor for securing the partner's infrastructure. In 2001 the Company established such relationships with NEC (fault tolerant servers) and FalconStor (storage networking). SECURITY SOLUTIONS VENDORS. The co-marketing and technology integration relationships the Company has secured ensures technology compatibility and extends the reach of its CyberwallPLUS solutions. These partners include authentication, public key encryption (PKI), VPN, and security management solution vendors. In addition, the Company remains actively involved with industry standards organizations, including ICSA (International Computer Security Association), IETF (Internet Engineering Task Force), and ASP (Application Service Provider) Industry Consortium. COMPETITION The market for host intrusion prevention solutions is characterized by intense competition and rapidly changing business conditions, customer requirements and technologies. The Company expects competition to continue to increase both from existing competitors and emerging companies. Management believes that the Company's ability to compete depends on many factors both within and beyond its control, including: 11 o the effectiveness, performance, reliability, features, price, and ease-of-use of the Company's CyberwallPLUS product line as compared with the product offerings of competitors; o the Company's ability to attract and retain key strategic relationships with indirect channel partners and technology partners; o the Company's ability to expand its domestic and international sales operations; and o the timing and market acceptance of new solutions and enhancements to existing solutions developed by the Company and its competitors. EXISTING COMPETITION The Company views its competition in several classes as follows: HOST INTRUSION PREVENTION FOR SERVER SYSTEMS RUNNING MICROSOFT WINDOWS NT/2000. The Company's principal competitors include operating system (OS) intercept vendors Entercept Security Technologies and Okena, Inc.; and host intrusion detection system (IDS) vendors Internet Security Systems, Inc., Enterasys Networks, Inc., Symantec Corporation and NFR Security, Inc. Since there is a wide array of server operating systems, as well as the types of threats (operating system, application, network, file, etc.) that can exist, no one solution is used independently. However, Management believes that the Company's solution is differentiated by its longevity in the server protection arena, and its unique technology approach to server security. HOST INTRUSION PREVENTION FOR ENTERPRISE DESKTOPS/LAPTOPS RUNNING MICROSOFT WINDOWS 9X, WINDOWS NT/2000, OR WINDOWS XP. The Company competes primarily with personal firewall vendors, such as Internet Security Systems, Inc. (NetworkICE acquisition), Symantec Corporation, Zone Labs, Inc., InfoExpress, Inc. and Sygate Technologies, Inc. VPN/Firewall vendors, such as Check Point Software Technologies Ltd. and InfoExpress, Inc.; and Host IDS vendors, such as Internet Security Systems, Inc. NETWORK AND PERIMETER FIREWALL PRODUCTS. The Company's primary source of competition is Check Point Software Technologies Ltd., Symantec Corporation, SonicWall, Inc., and WatchGuard Technologies, Inc. FUTURE COMPETITION. The Company may face competition in the future from new market entrants or established security infrastructure companies who have not previously entered the market for host intrusion prevention solutions. Most of the Company's current and potential competitors have longer operating histories, greater name recognition, larger installed customer bases and possess substantially greater financial, technical, marketing and other competitive resources than the Company. As a result, the Company's competitors may be able to adapt more quickly to new or emerging technologies or attacks, changes in customer requirements and devote greater resources to the promotion and sale of their products than the Company. While the 12 Company believes that its CyberwallPLUS products do not compete against manufacturers of other categories of security products (such as encryption and authentication products), potential customers may perceive the products of such other companies as substitutes for the Company's products. In addition, certain of the Company's competitors may determine for strategic reasons to consolidate, to substantially lower the price of their network security products or to bundle their products with other products, such as hardware or other enterprise software products. Accordingly, it is possible that new competitors and alliances among competitors may emerge and rapidly acquire significant market share. The Company's current and potential competitors may develop products that may be more effective than the Company's current or future products, or the Company's products may be rendered obsolete or less marketable by evolving technologies or changing consumer demands, or the Company may otherwise be unable to compete successfully. Increased competition for firewall and CyberwallPLUS products may result in price reductions, reduced gross margins and may adversely effect the Company's ability to gain market share, any of which would adversely effect the Company's business, operating results and financial condition. PRODUCT RESEARCH AND DEVELOPMENT The security software market is dynamic, characterized by rapid changes in technology and customer requirements, new product introductions and enhancements, and emerging industry standards. The Company devotes significant time and resources to analyzing and responding to changes in the industry, such as changes in operating systems, application software, security standards and networking software. In addition, the Company continuously monitors evolving customer requirements because it believes that a customer-driven development strategy will enable the Company to continue to broaden its products and feature sets. The Company's research and development department is responsible for the design, development and release of the Company's products, and is focused on the continuous evolution of the Company's products. Organized into development, quality assurance, and documentation disciplines, the research and development team works closely with sales, marketing, and customer support in order to better understand market needs and user requirements. A full time development team located at the Company's Waltham, Massachusetts headquarters has the primary responsibility for product development and technology direction, which is augmented by staff located at the Company's Shanghai, China operations center. Consultants are sometimes retained to address specific areas of expertise on a limited basis. During the years ended December 31, 2001 and 2000, the Company's total product development costs, including the costs capitalized after technological feasibility has been reached, were $2,522,000, and $1,808,000, respectively. CUSTOMER SERVICE AND SUPPORT One-year maintenance subscriptions are typically sold with software licenses, and optional multi-year maintenance subscriptions are available thereafter. The Company provides customer technical support as a component of its annual maintenance subscriptions, which includes phone, email, and Web-based support. The Company's telephone and email support services are available Monday through Friday between the 13 hours of 8am and 6pm eastern standard time in the United States. The Company's corporate Web site contains a wealth of support information, such as frequently asked questions, configuration documents and service pack download. Support services provide installation and configuration assistance, as well as product troubleshooting for the term of the maintenance agreement. Additionally, fee-based on-site, Web-based, or regional training programs are also available. PROPRIETARY RIGHTS The Company's success is substantially dependent on its proprietary technologies. The Company does not hold any patents and relies on copyright and trade secret laws, non-disclosure agreements with employees, consultants, distributors and customers, including "shrink wrap" license agreements that are not signed by the customer, and technical measures to protect the ideas, concepts and documentation of the Company's proprietary technologies and know-how. Such methods may not afford complete protection, and there can be no assurance that third-parties will not independently develop substantially equivalent or superior technologies or obtain access to the Company's technologies, ideas, concepts and documentation. In addition, confidentiality agreements between the Company and its employees, distributors or customers may not provide meaningful protection for the Company's proprietary information in the event of any unauthorized use or disclosure. Any inability to protect the Company's proprietary technologies could have a material adverse effect on the Company. Furthermore, the Company may be subject to additional risk as it enters into transactions in countries where intellectual property laws are not well developed or are poorly enforced. Legal protection of the Company's rights may be ineffective in such countries. On June 19, 2001, the Company was issued a U.S. trademark registration (reg. no. 2,462,262) for the mark CyberwallPLUS for computer products. Although we are not aware of any challenges to our rights to use this trademark, there can be no assurance that the use of this mark would be upheld if challenged. Although the Company believes that its technologies and products have been developed independently and do not infringe upon the proprietary rights of others, there can be no assurance that the Company's technologies and products do not infringe and that third parties will not assert infringement claims against the Company in the future. The Company is not aware of any patent infringement charge or any violation of other proprietary rights claimed by any third party relating to the Company or its products. As the number of security products being offered continues to increase, the functionality of such products may further overlap, which could result in increased infringement claims by software developers, including infringement claims against the Company with respect to future products. The Company may not be able to modify its products or obtain a license in a timely manner, upon acceptable terms and conditions. In addition, the Company may not have the financial or other resources necessary to defend a patent infringement or other proprietary rights infringement action. Failure to do any of the foregoing could have a material adverse effect on the Company, including possibly requiring it to cease marketing its products. 14 EMPLOYEES As of March 25, 2002, the Company had 39 full time employees. None of the Company's employees are represented by a labor union or are subject to a collective bargaining agreement. The Company has not experienced any work stoppages and considers its relationships with its employees to be good. Competition with respect to the recruitment of highly qualified personnel in the software industry is intense and many of the Company's competitors have significantly greater resources than the Company. The Company's ability to attract and assimilate new personnel will be critical to the Company's performance and there can be no assurance that the Company will be successful in attracting or retaining the personnel it requires to enhance its products, develop new products and conduct its operations successfully. RISK FACTORS THAT MAY AFFECT FUTURE RESULTS The Company operates in a rapidly changing and highly competitive environment that involves a number of risks, some of which are beyond the Company's control. The following discussion highlights the most material of the risks. WE HAVE A HISTORY OF LOSSES AND IF WE DO NOT ACHIEVE PROFITABILITY, WE MAY NOT BE ABLE TO CONTINUE OUR BUSINESS IN THE FUTURE. We have incurred substantial operating losses since our inception, which has resulted in an accumulated deficit of $34,517,000 as of December 31, 2001. For the years ended December 31, 2001 and 2000, we incurred net losses of $5,872,000 and $4,789,000, respectively. Since December 31, 2001, we have continued to incur substantial operating losses. We have financed our operations primarily through the sales of equity and convertible debt securities as well as the sale of our professional services business in February 2000. Our expense levels are high and our revenues are difficult to predict. We anticipate incurring additional losses until we increase our client base and revenues. We may never achieve or sustain significant revenues or profitability. If we are unable to achieve increased revenues, we will continue to have losses and may not be able to continue our operations. WE COULD BE REQUIRED TO CUT BACK OR STOP OPERATIONS IF WE ARE UNABLE TO RAISE OR OBTAIN NEEDED FUNDING. We anticipate, based on our currently proposed plans and assumptions (including the timetable of, costs and expenses associated with, and success of, our marketing efforts), that our current cash position and projected revenues from operations, will more likely than not be sufficient to satisfy our operations and capital requirements through December 31, 2002. There can be no assurance, however, that such funds will not be expended prior thereto due to unanticipated changes in economic conditions or other unforeseen circumstances. In the event our plans change, or our assumptions change or prove to be inaccurate (due to unanticipated expenses, difficulties, delays or otherwise), or our projected revenues otherwise prove to be insufficient to fund our working capital 15 requirements, we could be required to seek additional financing sooner than currently anticipated. We have no current arrangements with respect to any additional financing. Consequently, there can be no assurance that any additional financing will be available to us when needed, on commercially reasonable terms or at all. Any inability to obtain additional financing when needed would have a material adverse effect on our operations, requiring us to curtail and possibly cease operations. WE HAVE NOT ACHIEVED SUBSTANTIAL REVENUE FROM SOFTWARE SALES. We have had only limited sales of our products. Our total revenues for software licenses for the years ended December 31, 2001 and 2000 were $809,000 and $978,000, respectively. OUR REVENUES DEPEND ON SALES OF OUR CYBERWALLPLUS PRODUCTS AND WE ARE UNCERTAIN WHETHER THERE WILL BE BROAD MARKET ACCEPTANCE OF THESE PRODUCTS. Our revenue growth for the foreseeable future is dependent upon increased sales of our CYBERWALLPLUS family of software products. Since the introduction of our CYBERWALLPLUS suite of products in January 1999 through December 31, 2001, license revenue from our CyberwallPLUS products was only $1,977,000. Our future financial performance will depend upon the successful introduction and customer acceptance of our CyberwallPLUS products as well as the development of new and enhanced versions of this product. Revenue from products such as CYBERWALLPLUS depend on a number of factors, including the influence of market competition, technological changes in the network security market, our ability to design, develop and introduce enhancements on a timely basis and our ability to successfully establish and maintain distribution channels. If we fail to achieve broad market acceptance of our CYBERWALLPLUS products, it would have a material adverse effect on our business, operating results and financial condition. WE NEED TO ATTRACT AND RETAIN HIGHLY QUALIFIED TECHNICAL, SALES, MARKETING, DEVELOPMENT AND MANAGEMENT PERSONNEL. Our success depends on our ability to attract, train and retain highly qualified technical, sales, marketing, development and management personnel. There is considerable and often intense competition for the services of such personnel. We may not be able either to retain our existing personnel or acquire additional qualified personnel as and when needed. If we are unable to hire and retain such personnel, our business, operating results and financial condition could be materially adversely affected. CONTROL BY BARRY RUBENSTEIN, WHEATLEY AFFILIATES AND FALCONSTOR SOFTWARE, INC. Barry Rubenstein, Wheatley Partners II, L.P. and other affiliated and related entities and parties (the "Wheatley Parties") currently own 32% of our outstanding voting stock (exclusive of any securities owned by FalconStor). In addition, FalconStor currently owns 15.9% of our outstanding voting stock. Barry Rubenstein owns 15.5% of the outstanding voting securities of FalconStor and other Wheatley affiliates own an additional 6.1% of the 16 outstanding voting securities of FalconStor. Accordingly, Barry Rubenstein and the Wheatley Parties together with FalconStor currently own 47.9% of our outstanding voting securities (and beneficially own options and warrants to purchase an additional 28.2% of our outstanding voting securities) and as a result of their aggregate holdings would have the ability to control the outcome of all matters submitted to a vote of our stockholders including the election of directors, amendments to our Certificate of Incorporation and approval of mergers and a sale of substantially all of our assets. Such consolidation of voting power could also have the effect of delaying, deterring or preventing a change in control of our company that might be beneficial to other stockholders. WE REQUIRE THE CONSENT OF THE HOLDERS OF SERIES E PREFERRED STOCK FOR CERTAIN CORPORATE ACTION. In connection with our private offering of Series E Preferred Stock and warrants completed in October 2001, we agreed that so long as the holders of the outstanding shares of Series E Preferred Stock own at least 10% of our outstanding voting stock, we will not take certain actions without the consent of Wheatley Partners II, L.P., the designee of the holders of Series E Preferred Stock and one of our principal stockholders. Such actions requiring the consent of Wheatley Partners II, L.P. include, among others, (i) issuing securities other than securities to be issued under our stock option plan, (ii) incurring debt in excess of $250,000, (iii) entering into a merger, acquisition or sale of substantially all of our assets and (iv) taking any action to amend our Certificate of Incorporation or By-laws that could in any way adversely affect the rights of the holders of the Series E Preferred Stock. Accordingly, the holders of Series E Preferred Stock may not consent to certain actions that we may consider to be in our best interest and the best interest of the holders of Common Stock. For more information regarding the rights and preferences of the Series E Preferred Stock, see our Current Report on Form 8-K filed with the SEC on October 12, 2001. WORLD INSTABILITY - TERRORISM. The terrorist attacks on September 11, 2001 in the United States and the declaration of war by the United States against terrorism has created significant instability and uncertainty in the world which may continue to have a material adverse effect on world financial markets, including financial markets in the United States. In addition, such adverse political events may have an adverse impact on economic conditions in the United States. Unfavorable economic conditions in the United States may have an adverse effect on our financial operations including, but not limited to, our ability to expand the market for our products, obtain necessary financing, enter into strategic relationships and effectively compete in the network security market. OUR INABILITY TO ENTER INTO STRATEGIC RELATIONSHIPS WITH INDIRECT CHANNEL PARTNERS COULD HAVE A MATERIAL ADVERSE EFFECT ON US. As part of our sales and marketing efforts, we are seeking to develop strategic relationships with indirect channel partners, such as original equipment manufacturers and resellers. We have limited financial, personnel and other resources to undertake extensive marketing activities ourselves. Therefore, our prospects will depend on our ability to 17 develop and maintain strategic marketing relationships with indirect channel partners and their ability to market and distribute our products. If we are unable to enter into and maintain such arrangements or if such arrangements do not result in the successful commercialization of our products, then this could have a material adverse effect on our business, operating results and financial condition. WE MAY NOT BE ABLE TO SUCCESSFULLY COMPETE IN THE NETWORK SECURITY MARKET. The network security market is characterized by intense competition and rapidly changing business conditions, customer requirements and technologies. The principal competitive factors affecting the market for network security products include security effectiveness, scope of product offerings, name recognition, product features, distribution channels, price, ease of use and customer service and support. Most of our current and potential competitors have longer operating histories, greater name recognition, larger installed customer bases and possess substantially greater financial, technical and marketing and other competitive resources than us. As a result, our competitors may be able to adapt more quickly to new or emerging technologies and changes in customer requirements or to devote greater resources to the promotion and sale of their products than we may. In addition, certain of our competitors may determine for strategic reasons to consolidate, to substantially lower the price of their network security products or to bundle their products with other products, such as hardware or other enterprise software products. Our current and potential competitors may develop products that may be more effective than our current or future products or that render our products obsolete or less marketable. Increased competition for network security products may result in price reductions and reduced gross margins and may adversely effect our ability to gain market share, any of which would adversely affect the Company's business, operating results and financial condition. WE MAY NOT BE ABLE TO ADEQUATELY PROTECT OUR PROPRIETARY TECHNOLOGY, WHICH COULD RESULT IN LOWER REVENUES AND/OR PROFITS. We do not hold any patents and rely on copyright and trade secret laws, non-disclosure agreements and contractual provisions to protect our proprietary technology. These methods afford only limited protection. Despite the precautions we take, unauthorized parties may attempt to copy or otherwise obtain and use our proprietary technologies, ideas, know-how and other proprietary information without authorization or may independently develop technologies similar or superior to our technologies. Policing unauthorized use of our products may be difficult and costly. Also, the laws of some foreign countries do not protect our proprietary rights as much as the laws of the United States. We are unable to predict whether our means of protecting our proprietary rights will be adequate. We believe that our technologies have been developed independent of others. Nevertheless, third parties may assert infringement claims against us and our technologies may be determined to infringe on the intellectual property rights of others. We could become liable for damages, be required to modify our technologies or obtain a license if our technologies are determined to infringe upon the intellectual property rights of others. 18 We may not be able to modify our technologies or obtain a license in a timely manner, if required, or have the financial or other resources necessary to defend an infringement action. We would be materially adversely effected if we fail to do any of the foregoing. WE CAN BE EXPOSED TO NUMEROUS POTENTIAL LIABILITY CLAIMS FOR DAMAGES AND, IF OUR INSURANCE DOESN'T ADEQUATELY COVER LOSSES, THIS COULD HAVE A MATERIAL ADVERSE EFFECT ON US. Since our products are used to prevent unauthorized access to and attacks on critical enterprise information, we may be exposed to potential liability claims for damage caused as a result of an actual or alleged failure of an installed product. We cannot assure you that the provisions in our standard license agreements designed to limit our exposure will be enforceable. Our personnel often gain access to confidential and proprietary client information. Any unauthorized use or disclosure of such information could result in a claim for substantial damages. We can give no assurances that our insurance policies will be sufficient to cover potential claims or that adequate levels of coverage will be available in the future at a reasonable cost. POSSIBLE DELISTING OF OUR SECURITIES FROM NASDAQ; RISKS RELATING TO LOW-PRICED STOCKS. Our common stock is listed on The Nasdaq Stock Market's SmallCap Market under the symbol "NSSI." In order for our common stock to continue to be listed on Nasdaq, however, we must comply with certain maintenance standards. In the event of a delisting, an investor could find it more difficult to dispose of or to obtain accurate quotations as to the market value of our common stock. In addition, if our common stock were to become delisted from trading on Nasdaq and the trading price of our common stock were to then be below $5.00 per share, our common stock could be considered a penny stock. SEC regulations generally define a penny stock to be an equity security that is not listed on Nasdaq or a national securities exchange and that has a market value of less than $5.00 per share, subject to certain exceptions. The SEC regulations would require broker-dealers to deliver to a purchaser of our common stock a disclosure schedule explaining the penny stock market and the risks associated with it. Various sales practice requirements are also imposed on broker-dealers who sell penny stocks to persons other than established customers and accredited investors (generally institutions). Broker-dealers must also provide the customer with current bid and offer quotations for the penny stock, the compensation of the broker-dealer and monthly account statements disclosing recent price information for the penny stock held in the customer's account. If our common stock is no longer traded on Nasdaq and becomes subject to the regulations applicable to penny stocks, investors may find it more difficult to obtain timely and accurate quotes and execute trades in our common stock. FAVORABLE LICENSE AND DISTRIBUTION AGREEMENT RECEIVED BY FALCONSTOR SOFTWARE, INC. On October 2, 2001, we entered into a License and Distribution Agreement with FalconStor pursuant to which FalconStor has the right to distribute, on a non-exclusive basis, our product offerings in its indirect and OEM channels. Simultaneously and 19 conditioned upon entering into the License and Distribution Agreement, FalconStor invested $2,300,000 in our private offering of $6,765,000 of preferred stock and warrants. (See "Management's Discussion and Analysis or Plan of Operation" at page 24). FalconStor currently owns 15.9% of our outstanding voting stock (27.4% assuming the exercise of currently exercisable warrants to purchase 2,169,870 shares of common stock). FalconStor, as the largest investor in the private offering, was able to negotiate terms (and may receive additional benefits in the future) with respect to the License and Distribution Agreement which would likely have not been available to other licensees and distributors who were not simultaneously making a significant investment in our securities. OUR OPERATING RESULTS MAY FLUCTUATE QUARTERLY AND IF THEY WERE BELOW THE EXPECTATIONS OF INVESTORS AND ANALYSTS, THE PRICE OF OUR STOCK WOULD LIKELY BE ADVERSELY EFFECTED. We anticipate significant quarterly fluctuations in our operations in the future, since our results are dependent on the volume and timing of orders, which are difficult to predict. Customers' purchasing patterns and budgeting cycles, as well as the introduction of new products, may also cause our operating results to fluctuate. Therefore, comparing quarterly operating results may not be meaningful and should not be relied on. Also, our operating results may be below analysts' and investors' expectations in some future quarters, which would likely have a material adverse effect on the price of our common stock. THE SIGNIFICANT NUMBER OF OPTIONS, WARRANTS AND CONVERTIBLE SECURITIES OUTSTANDING MAY ADVERSELY AFFECT THE MARKET PRICE FOR OUR COMMON STOCK. As of March 25, 2002, there are outstanding (i) options and warrants to purchase an aggregate of 12,681,964 shares of our common stock at exercise prices ranging from $.70 to $10.125, (ii) 3,032,951 shares of convertible preferred stock which are convertible at any time into 5,995,272 shares of our common stock and (iii) 1,570,776 additional shares of our common stock which may be issued in the future under our stock option plan. To the extent that outstanding options and warrants are exercised or preferred stock is converted, your percentage ownership will be diluted and any sales in the public market of the common stock underlying such options, warrants or convertible debt may adversely affect prevailing market prices for our common stock. WE HAVE A SIGNIFICANT AMOUNT OF AUTHORIZED BUT UNISSUED PREFERRED STOCK, WHICH MAY AFFECT THE LIKELIHOOD OF A CHANGE OF CONTROL IN OUR COMPANY. As of March 25, 2002, our Board of Directors has the authority, without further action by the stockholders, to issue 10,000,000 shares of preferred stock (of which only 231,054 shares of Series D Preferred Stock are outstanding and 2,801,897 shares of Series E Preferred Stock are outstanding) on such terms and with such rights, preferences and designations as our Board of Directors may determine. Such terms may include restricting dividends on our common stock, dilution of the voting power of our common stock or impairing the liquidation rights of the holders of our common stock. Issuance of such preferred stock, depending on the rights, preferences and designations thereof, may 20 have the effect of delaying, deterring or preventing a change in control. In addition, certain "anti-takeover" provisions in Delaware law may restrict the ability of our stockholders to authorize a merger, business combination or change of control. ITEM 2. DESCRIPTION OF PROPERTY The Company currently subleases approximately 9,000 square feet of office space in Waltham, Massachusetts, for its principal executive offices and 1,700 square feet of office space in Manchester, New Hampshire as a satellite development office. In addition, the Company leases approximately 2,200 square feet of office space in Shanghai, China as its Asia-Pacific operations office. On February 14, 2002 the Company agreed to a one (1) year extension of the lease for its executive offices which requires the Company to make payments of approximately $21,000 per month for the period ending February 2003. The lease for the satellite development office in Manchester, New Hampshire expires February 28, 2004 and requires the Company to make payments of approximately $2,100 per month during the term of the lease. The Company's lease for its office in in Shanghai, China expires January 31, 2003 and requires the Company to make payments of approximately $2,400 per month. ITEM 3. LEGAL PROCEEDINGS None ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS On November 27, 2001, the 2001 Annual Meeting of Stockholders of the Company (the "Annual Meeting") was held. At the Annual Meeting, the stockholders voted on the following proposals: 1. Election of Directors-- Each of Murray P. Fish, Corey M. Horowitz, Emanuel R. Pearlman, Jonathan Mark and Harry B. Schessel were re-elected as directors of the Company and each of the nominees received votes of 12,023,695 (For) and 8,107 (Withheld Authority). 2. Amendment to the Company's Certificate of Incorporation to increase (i) the number of authorized shares of Common Stock, $.01 per value per share, from 25,000,000 shares to 50,000,000 shares and (ii) the number of authorized shares of Preferred Stock, $.01 par value per share, from 5,000,000 shares to 10,000,000 shares. This proposal was adopted by the following stockholder vote: 8,826,640 shares were voted in favor, 25,000 shares were voted against and 2,000 shares abstained from voting. 3. Amendment to the Company's Amended and Restated 1996 Stock Option Plan to increase the number of shares of Common Stock available for issuance thereunder by 1,465,000 shares to an aggregate of 4,000,000 shares. This proposal was adopted by the following stockholder vote: 8,707,349 shares were voted in favor, 143,298 shares were voted against and 2,000 shares abstained from voting. 21 4. Ratification of Accountants -- Richard A. Eisner & Company, LLP was ratified as independent auditors of the Company for the year ended December 31, 2001. This proposal was adopted by the following stockholder vote: 12,028,702 in favor, 1600 shares were voted against and 1500 shares abstained from voting. PART II ITEM 5. MARKET FOR COMMON EQUITY AND RELATED STOCKHOLDER MATTERS MARKET INFORMATION. The Company's Common Stock has traded since November 12, 1998 on the NASDAQ SmallCap Market under the symbol "NSSI." The following table sets forth, for the periods indicated, the range of the high and low closing bid prices for the Common Stock as reported on NASDAQ. Such prices reflect inter-dealer quotations, without retail mark-up, mark-down or commission and may not necessarily represent actual transactions. YEAR ENDED DECEMBER 31, 2001 HIGH LOW ---- --- Fourth Quarter $ 2.26 $ 1.10 Third Quarter $ 1.40 $ 0.43 Second Quarter $ 2.16 $ 0.91 First Quarter $ 4.375 $ 1.34375 YEAR ENDED DECEMBER 31, 2000 HIGH LOW ---- --- Fourth Quarter $ 5.25 $ 2.00 Third Quarter $ 8.8125 $ 4.00 Second Quarter $ 12.8125 $ 2.6872 First Quarter $ 23.875 $ 8.125 On March 25, 2002, the last sale price for the Common Stock as reported on NASDAQ was $1.31 per share. The number of record holders of the Company's Common Stock was 72 as of March 22, 2002. The Company believes that there are in excess of 1,700 beneficial owners of its Common Stock. DIVIDEND POLICY. The Company has never declared or paid any cash dividends on its Common Stock and does not intend to declare or pay cash or other dividends in the foreseeable future. The Board of Directors currently expects to retain any future earnings, if any, for use in the operation and expansion of its business. The declaration and payment of any future dividends will be at the discretion of the Board of Directors and will depend upon a variety of factors, including future earnings, if any, operations, capital requirements, the general financial condition of the Company, the preferences of any series of Preferred Stock, the general business conditions and future contractual restrictions on payment of dividends, if any. 22 RECENT ISSUANCES OF UNREGISTERED SECURITIES. On October 2, 2001 the Company completed a $6.765 million private offering consisting of 3,191,037 shares of Series E Preferred Stock and Warrants to purchase up to 6,882,074 of Common Stock pursuant to a Securities Purchase Agreement with fifty (50) investors. The purchase price for the shares of Series E Preferred Stock was $2.12 per share (equal to two (2) times the average closing price of the Company's Common Stock as reported on the Nasdaq Small Cap Market for the five (5) trading days prior to two (2) trading days before the closing). The Warrants issued in the private offering consisted of two (2) year warrants exercisable at $1.27 per share and an additional five (5) year warrant issued to FalconStor which is also exercisable at a $1.27 per share. Each share of Series E Preferred Stock is convertible into two (2) shares of Common Stock, subject to adjustment. As the largest investor in the offering, FalconStor received an additional warrant to purchase 500,000 shares of Common Stock at an exercise price of $1.27 per share. The shares of Series E Preferred Stock and Warrants were issued in reliance upon Section 4(2) of the Securities Act of 1933, as amended. On October 8, 2001, the Company issued to CMH Capital Management Corp. ("CMH") five (5) year warrants to purchase 250,000 shares of Common Stock at an exercise price of $1.48 per share, in consideration for consulting services rendered to the Company by CMH. ITEM 6. MANAGEMENT'S DISCUSSION AND ANALYSIS OR PLAN OF OPERATION THE FOLLOWING DISCUSSION AND ANALYSIS SHOULD BE READ IN CONJUNCTION WITH THE COMPANY'S FINANCIAL STATEMENTS, INCLUDING THE NOTES THERETO, INCLUDED ELSEWHERE IN THIS FORM 10-KSB. EXCEPT FOR THE HISTORICAL INFORMATION CONTAINED HEREIN, THIS DISCUSSION CONTAINS FORWARD-LOOKING STATEMENTS THAT INVOLVE RISKS AND UNCERTAINTIES, INCLUDING, BUT NOT LIMITED TO, THOSE DISCUSSED IN THE SECTION ABOVE ENTITLED "RISK FACTORS WHICH MAY AFFECT FUTURE RESULTS" IN ITEM 1 OF THIS REPORT AS WELL AS THOSE RISKS DISCUSSED IN THIS SECTION AND ELSEWHERE IN THIS REPORT. BECAUSE SUCH STATEMENTS INVOLVE RISKS AND UNCERTAINTIES, ACTUAL RESULTS MAY DIFFER MATERIALLY FROM THOSE EXPRESSED OR IMPLIED BY SUCH FORWARD-LOOKING STATEMENTS. OVERVIEW The Company develops, markets, licenses and supports a suite of security software products designed to prevent unauthorized access to critical information residing on networked servers, desktops and laptops. In January 1999, the Company introduced its CyberwallPLUS family of network security products. The Company has made only limited sales of its CyberwallPLUS product, upon which an evaluation of its prospects and future performance can be made. Such prospects must be considered in light of the risks, expenses and difficulties frequently encountered in the introduction of new products and the shift from research and product development to commercialization of products based 23 on rapidly changing technologies in a highly specialized and emerging market. The Company will be required to raise additional financing to fund its operations, significantly expand its product and development capabilities, introduce new products, introduce enhanced features to existing products, expand its in-house sales force, establish and maintain distribution channels through third-party vendors, increase marketing expenditures and attract additional qualified personnel. In addition, the Company must adapt to the demands of an emerging and rapidly changing computer network security market, intense competition and rapidly changing technology and industry standards. The Company may not be able to successfully address such risks, and the failure to do so would have a material adverse effect on the Company's business, results of operations and financial condition. To date, the Company has incurred significant losses and, at December 31, 2001, had an accumulated deficit of $34,517,000. In addition, since December 31, 2001, the Company has continued to incur significant operating losses. The Company expects to incur substantial operating expenses in the future to support its product development activities, as well as continue to expand its domestic and international sales activities and marketing capabilities. Management believes it currently has cash to fund its operations through December 31, 2002 (or earlier if the Company does not achieve certain revenue assumptions) (See "Liquidity and Capital Resources" on page 27 hereof). On October 2, 2001, the Company completed a $6.765 million private offering of Series E Preferred Stock and warrants pursuant to a Securities Purchase Agreement with investors (the "Financing"). In accordance with the Securities Purchase Agreement, an aggregate of 3,191,037 shares of Series E Preferred Stock were sold to investors at a price of $2.12 per share together with warrants to purchase 6,882,074 shares of Common Stock at an exercise price of $1.27 per share. Each share of Series E Preferred Stock is convertible into two (2) shares of Common Stock, subject to adjustment. As the largest investor ($2,300,000) in the Financing, FalconStor, a storage networking infrastructure software company, received an additional warrant to purchase 500,000 shares of the Company's Common Stock (the "Additional Warrant"). The shares underlying the Series E Preferred Stock and the warrants (including the Additional Warrant) issued in the Financing were registered pursuant to a Form S-3 Registration Statement which was declared effective by the SEC on February 12, 2002. Simultaneously with the closing of the Financing, the Company and FalconStor entered into a ten year Distribution and License Agreement pursuant to which FalconStor has the right to distribute the Company's product offerings in its indirect and OEM channels. As part of the Distribution and License Agreement, FalconStor paid the Company a non-refundable advance of $500,000 against future royalty payments of which, in accordance with accounting principles generally accepted in the United States of America, $350,000 has been accounted for as the purchase price of the Additional Warrant and this resulted in total proceeds allocated to the Financing of $7,115,000. During the period October 2001 through March 2002, the Company hired fifteen (15) employees, including a new Chief Executive Officer and President (see below), a Senior Vice President of Marketing and Business Development, a Vice President of Channel Development and a Vice President and General Manager - Asia Pacific. The aggregate annual salaries for the fifteen (15) new employees is $904,300. 24 On March 11, 2002, the Company hired Richard Kosinski as Chief Executive Officer and President pursuant to a two (2) year Employment Agreement in which Mr. Kosinski receives an annual base salary of $200,000 per year and is eligible to receive bonus compensation of up to $150,000 per year. In addition, Mr. Kosinski was issued options to purchase 1,200,000 shares of the Company's Common Stock, at an exercise price of $1.65 per share, which vest over a four (4) year period. The Company's software products have not yet achieved market acceptance. The future success of the Company is largely dependent upon market acceptance of its CyberwallPLUS family of software products. While the Company believes that its family of software products offer advantages over competing products for network security, license revenue from network security software products since the introduction of FireWall/Plus (June 1995), a predecessor product line, through December 31, 2001 has only been $4,709,000, including a non-refundable pre-paid royalty of $500,000 in 1997. From January 1999 through December 31, 2001, license revenue from CyberwallPLUS has only been $1,977,000. CyberwallPLUS may not achieve significant market acceptance. Revenue from such commercial products depends on a number of factors, including the influence of market competition, technological changes in the network security market, the Company's ability to design, develop and introduce enhancements on a timely basis, and the ability of the Company to successfully establish and maintain distribution channels. The failure of CyberwallPLUS to achieve significant market acceptance as a result of competition, technological change or other factors, would have a material adverse effect on the Company's business, operating results and financial condition. The Company has committed significant product and development resources to its CyberwallPLUS family of products. The Company's anticipated levels of expenditures for product development are based on its plans for product enhancements and new product development. The Company capitalizes and amortizes software development costs in accordance with Statement of Financial Accounting Standards No. 86. These costs consist of salaries, consulting fees and applicable overhead. RESULTS OF OPERATIONS YEAR ENDED DECEMBER 31, 2001 COMPARED TO YEAR ENDED DECEMBER 31, 2000. Revenues decreased by $101,000 or 9%, from $1,147,000 for the year ended December 31, 2000 ("2000") to $1,046,000 for the year ended December 31, 2001 ("2001"). License revenues decreased by $169,000 or 17%, from $978,000 for 2000 to $809,000 for 2001, primarily due to the reduction in sales and marketing expenditures as a result of the overhead reduction effectuated to preserve capital pending the Company securing financing in October 2001, the overall industry business decline as well as from the tragic events of September 11, 2001 which disrupted the normal business environment during the fourth quarter of 2001. Service revenues from maintenance and training increased by $68,000 or 40% from $169,000 in 2000 to $237,000 in 2001. The Company's revenues from customers in the United States represented 89% of its revenues in 2000 and 79% of its revenues in 2001. 25 Cost of revenues increased $127,000 or 26%, from $480,000 for 2000 to $607,000 for 2001, representing 42% and 58% of revenues, respectively. The increase in cost of revenues was primarily due to increased amortization of software development costs in 2001. Cost of licenses decreased $38,000 or 56%, from $68,000 for 2000 to $30,000 for 2001, representing 7% and 4% of license revenues, respectively. The decrease in the cost of licenses resulted primarily from lower media and documentation costs. Amortization of software development costs increased by $130,000 or 53%, from $247,000 for 2000 to $377,000 for 2001, representing 25% and 47% of license revenues, respectively. The increase in amortization of software development costs in 2001 was due to a higher average asset base in 2001. Cost of services increased by $35,000 or 21%, from $165,000 for 2000 to $200,000 for 2001, representing 98% and 84% of service revenues, respectively. The decrease in cost of services as a percentage of service revenues was due primarily to additional service revenues. The gross profit decreased by $228,000 or 34%, from $667,000 for 2000 to $439,000 for 2001, representing 58% and 42% of revenues, respectively. The decrease in gross profit was primarily due to decreased revenue of $101,000 and a $130,000 increase in amortization of capitalized software development costs. Product development expenses increased by $773,000 or 54%, from $1,436,000 for 2000 to $2,209,000 for 2001, representing 125% and 211% of revenues, respectively. The increase in product development costs was due primarily to increased use of outside consultants. The use of outside consultants was reinstituted during 2001 to accelerate product development schedules. During 2000 and 2001, the Company capitalized $372,000 and $313,000, respectively, of additional software development costs associated with the development and enhancement of its CyberwallPLUS family of products. Sales and marketing expenses decreased by $169,000 or 6%, from $2,820,000 for 2000 to $2,651,000 for 2001, representing 246% and 253% of revenues, respectively. The Company had been expanding its sales and marketing departments but in order to preserve capital pending completion of the October 2001 financing and due to the overall general business decline, the Company materially reduced its headcount between April 2001 and July 2001. The decrease in sales and marketing expenses were due primarily to decreases of $223,000 in advertising expense and $103,000 in marketing collateral printing which was offset by increases of $158,000 in total marketing and sales personnel costs incurred prior to the personnel reductions. The increase in sales and marketing expenses as a percentage of sales was due to the decrease in the Company's revenues. General and administrative expenses increased by $441,000 or 24%, from $1,827,000 for 2000 to $2,268,000 for 2001, representing 159% and 217% of revenues for 2000 and 2001, respectively. The increase in general and administrative expenses in dollar amount was due primarily to an increase of $436,000 related to recognition of compensation expense related to warrants issued to the Company's Chairman of the Board of Directors for services rendered after the Company's President and Chief Executive Officer resigned in June 2001 26 and an increase of $108,000 in professional services which was partially offset by decreases in investor relations expenses of $81,000. The increase in general and administrative expense as a percent of revenue was due primarily to the increase in general and administrative expenses and the decrease in the Company's revenues. Interest expense (net of interest income of $324,000) for 2000 was $1,258,000, compared with net interest income of $103,000 for 2001. The decrease in interest expense was due primarily to the fact that the Company completed a Series D Preferred Stock, warrant and note financing on December 22, 1999 which resulted in interest charges in 2000 of $1,582,000 including an interest charge of $1,500,000 upon shareholder approval in April 2000 related to the excess of the market value of the common stock (on the closing date of the December 1999 financing) issuable upon conversion of the preferred stock and exercise of the warrants issuable upon conversion of the notes. Gain from discontinued operations was $1,885,000 in 2000 compared with a gain on the sale of discontinued operations of $714,000 in 2001. The discontinued operations was sold on February 9, 2000 to Exodus Communications. The gain from discontinued operations in 2001 was attributed to the contingent payments and related contingent expenses pertaining to the sale received or paid in 2001. No provision for or benefit from federal, state or foreign income taxes was recorded for 2000 or 2001 because the Company incurred net operating losses for each year and fully reserved its deferred tax assets as their future realization could not be determined. As a result of the foregoing, the net loss increased by $1,083,000 or 23%, from $4,789,000 for 2000 to $5,872,000 for 2001. LIQUIDITY AND CAPITAL RESOURCES The Company's capital requirements have been and will continue to be significant and its cash requirements continue to exceed its cash flow from operations. At December 31, 2001, the Company had $7,121,000 of cash and cash equivalents and working capital of $5,971,000. In October 2001, the Company completed a private offering of $6,765,000 of securities (see description below). The Company has financed its operations primarily through sales of equity and debt securities, as well as the sale of its professional services group. Net cash used in operating activities was $4,343,000 during 2000 and $4,947,000 during 2001, respectively. Net cash used in operating activities for 2001 was primarily attributable to a net loss from continuing operations of $6,586,000 which was partially offset by non-cash expenses including a charge related to the issuance of options and warrants for services rendered of $545,000 and depreciation and amortization of $525,000. Cash provided by investing activities was $733,000 resulting primarily from $1,003,000 of net proceeds received in 2001 related to the sale of the Company's professional services group in February 2000, less capitalized software costs of $313,000. The Company does not currently have a line of credit from a commercial bank or other institution. 27 On October 2, 2001, the Company completed a $6.765 million private offering of Series E Preferred Stock and warrants pursuant to a Securities Purchase Agreement with investors (the "Financing"). In accordance with the Securities Purchase Agreement, an aggregate of 3,191,037 shares of Series E Preferred Stock were sold to investors at a price of $2.12 per share together with warrants to purchase 6,882,074 shares of Common Stock at an exercise price of $1.27 per share. Each share of Series E Preferred Stock is convertible into two (2) shares of Common Stock, subject to adjustment. Simultaneously with the closing of the Financing, the Company and FalconStor entered into a ten year License and Distribution Agreement pursuant to which FalconStor has the right to distribute the Company's product offerings in its indirect and OEM channels. As part of the Agreement, FalconStor paid the Company a non-refundable advance of $500,000 against future royalty payments of which, in accordance with accounting principles generally accepted in the United States of America, $350,000 has been accounted for as the purchase price of the additional warrant to purchase 500,000 shares of Common Stock issued to FalconStor as the largest investor in the Financing. This resulted in total proceeds allocated to the private offering of $7,115,000. The Company anticipates, based on currently proposed plans and assumptions (including the timetable of, costs and expenses associated with, and success of, its marketing efforts), that its current cash balance of approximately $6,053,000 as of February 28, 2002 together with certain revenue assumptions from operations, will be sufficient to satisfy the Company's operations and capital requirements through at least December 31, 2002. There can be no assurance, however, that such funds will not be expended prior thereto. In the event the Company's plans change, or its assumptions change, or prove to be inaccurate (due to unanticipated expenses, difficulties, delays or otherwise) or projected revenues otherwise prove to be insufficient to fund the Company's working capital requirements, the Company may have insufficient funds to support its operations prior to December 31, 2002 and will be required to seek additional financing sooner than currently anticipated. The Company does not have any current arrangements with respect to any additional financing. Consequently, there can be no assurance that any additional financing will be available to the Company when needed, on commercially reasonable terms or at all. The inability of the Company to obtain additional financing would have a material adverse effect on the Company, requiring it to curtail and possibly cease its operations. In addition, any additional equity financing may involve substantial dilution to the interests of the Company's then existing stockholders. FLUCTUATIONS IN OPERATING RESULTS The Company anticipates significant quarterly fluctuations in its operating results in the future. The Company generally ships orders for commercial products as they are received and, as a result, does not have any material backlog. As a result, quarterly revenue and operating results depend on the volume and timing of orders received during the quarter, which are difficult to forecast. Operating results may fluctuate on a quarterly basis due to factors such as the demand for the Company's products, purchasing patterns and budgeting cycles of customers, the introduction of new products and product enhancements by the Company or its competitors, market acceptance of new products introduced by the Company or its competitors and the size, timing, cancellation or delay of customer orders, including cancellation or delay in anticipation of new product introduction or enhancement. Therefore, comparisons of quarterly operating results may not be 28 meaningful and should not be relied upon, nor will they necessarily reflect the Company's future performance. Because of the foregoing factors, it is likely that in some future quarters the Company's operating results will be below the expectations of public market analysts and investors. In such event, the price of the Common Stock would likely be materially adversely affected. The sales cycle for the Company's products can be lengthy and generally commences at the time a prospective customer demonstrates an interest in licensing a CyberwallPLUS solution, typically includes a 28-day free evaluation period and ends upon execution of a purchase order by the customer. The length of the sales cycle varies depending on the type and sophistication of the customer and the complexity of the operating system. ITEM 7. FINANCIAL STATEMENTS The financial statements required hereby are located on pages F-1 through F-20 which follow Part III. ITEM 8. CHANGES IN AND DISAGREEMENTS WITH ACCOUNTANTS ON ACCOUNTING AND FINANCIAL DISCLOSURE. None. ITEM 9. DIRECTORS, EXECUTIVE OFFICERS, PROMOTERS, AND CONTROL PERSONS; COMPLIANCE WITH SECTION 16(A) OF THE EXCHANGE ACT. The information required by this item is incorporated by reference from the Company's definitive proxy statement to be filed not later than April 30, 2002 pursuant to Regulation 14A of the General Rules and Regulations under the Securities Exchange Act of 1934 ("Regulation 14A"). ITEM 10. EXECUTIVE COMPENSATION The information required by this item is incorporated by reference from the Company's definitive proxy statement to be filed not later than April 30, 2002 pursuant to Regulation 14A. ITEM 11. SECURITY OWNERSHIP OF CERTAIN BENEFICIAL OWNERS AND MANAGEMENT The information required by this item is incorporated by reference from the Company's definitive proxy statement to be filed not later than April 30, 2002 pursuant to Regulation 14A. 29 ITEM 12. CERTAIN RELATIONSHIPS AND RELATED TRANSACTIONS The information required by this item is incorporated by reference from the Company's definitive proxy statement to be filed not later than April 30, 2002 pursuant to Regulation 14A. ITEM 13. EXHIBITS AND REPORTS ON FORM 8-K (a) Exhibits NO. DESCRIPTION 3.1 Certificate of Incorporation, as amended. Previously filed as Exhibit 3.1 to the Company's Registration Statement on Form SB-2 (Registration No. 333-59617), declared effective by the SEC on November 12,1998 (the "1998 Registration Statement"), and incorporated herein by reference. 3.1.1 Certificate of Amendment to the Certificate of Incorporation dated November 27, 2001. Previously filed as Exhibit 3.1.1 to the Company's Registration Statement on Form S-3 (Registration No. 333-81344) declared effective by the SEC on February 12, 2002, and incorporated herein by reference (the "February 2002 Form S-3") 3.2 Certificate of Designations of Series D Preferred Stock. Previously filed as Exhibit 3.1 to the Company's current report on Form 8-K filed January 5, 2000 and incorporated herein by reference. 3.3 Certificate of Designations of Series E Preferred Stock. Previously filed as Exhibit 3.1 to the Company's current report on Form 8-K filed October 12, 2001 (the "October 2001 Form 8-K") and incorporated herein by reference. 3.4 By-laws, as amended. Previously filed as Exhibit 3.2 to the 1998 Registration Statement and incorporated herein by reference. 4.1 Form of Common Stock certificate. Previously filed as Exhibit 4.1 to the 1998 Registration Statement and incorporated herein by reference. 10.1 Securities Purchase Agreement, dated as of October 2, 2001, between the Company and the investors listed therein. Previously filed as Exhibit 10.21 to the October 2001 Form 8-K and incorporated herein by reference. 10.2 Form of Warrant, dated October 2, 2001, issued by the Company to the holder listed thereon. Previously filed as Exhibit B to Exhibit 10.21 to the October 2001 Form 8-K and incorporated herein by reference. 10.3 Financial Advisory and Investment Banking Agreement, dated December 1, 2001, by and between EarlyBirdCapital, Inc. and the Company. Previously filed as Exhibit 10.3 to the October 2002 Form S-3 and incorporated by reference herein. 30 10.4 Agreement dated, January 29, 2002, between the Company and CMH Capital Management Corp. relating to extension of the consulting agreement. Previously filed as Exhibit 10.4 to the October 2002 Form S-3 and incorporated by reference herein. 10.5 Employment Agreement, dated June 29, 2001, between the Company and Murray P. Fish. Previously filed as Exhibit 10.19 to the Company's 10-QSB for the quarterly period ended June 30, 2002. 10.6 Employment Agreement, dated March 4, 2002, between the Company and Richard Kosinski. Previously filed as Exhibit 10.6 to the Company's current report on Form 8-K filed March 25, 2002 and incorporated herein by reference. 10.7** License and Distribution Agreement between the Company and FalconStor Software, Inc. Previously filed as Exhibit 10.21 to October 2001 Form 8-K and incorporated herein by reference. 23.1* Consent of Richard A. Eisner & Company, LLP, independent certified public accountants. * Filed herewith. ** Confidentiality treatment has been granted for certain provisions. (b) Reports on Form 8-K On October 12, 2001, the Company filed a current report on Form 8-K with respect to the completion of its $6.765 million private offering of Series E Preferred Stock and Warrants. 31 SIGNATURES In accordance with the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant caused this report to be signed on its behalf by the undersigned, thereunto duly authorized, in the City of Waltham, Commonwealth of Massachusetts, on the 1st day of April 2002. NETWORK-1 SECURITY SOLUTIONS, INC. By /s/ Richard Kosinski ------------------------------------- Richard Kosinski President and Chief Executive Officer In accordance with the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant caused this report to be signed on its behalf by the following persons in the capacities and on the dates indicated: NAME TITLE DATE - ---- ----- ---- /s/ Richard Kosinski President, Chief Executive April 1, 2002 - ------------------------------ Officer and Director Richard Kosinski (principal executive officer) /s/ Murray P. Fish Chief Financial Officer, April 1, 2002 - ------------------------------ Secretary and Director Murray P. Fish (principal financial officer and principal accounting officer) /s/ Corey M. Horowitz Chairman of the Board of April 1, 2002 - ------------------------------ Directors Corey M. Horowitz /s/ Jonathan Mark Director April 1, 2002 - ------------------------------ Jonathan Mark /s/ Harry Schessel Director April 1, 2002 - ------------------------------ Harry Schessel 32 NETWORK-1 SECURITY SOLUTIONS, INC. CONTENTS PAGE INDEX TO FINANCIAL STATEMENTS Independent auditors' report F-2 Balance sheets as of December 31, 2001 and 2000 F-3 Statements of operations for the years ended December 31, 2001 and 2000 F-4 Statements of stockholders' equity for the years ended December 31, 2001 and 2000 F-5 Statements of cash flows for the years ended December 31, 2001 and 2000 F-6 Notes to financial statements F-7 F-1 INDEPENDENT AUDITORS' REPORT Board of Directors and Stockholders Network-1 Security Solutions, Inc. Waltham, Massachusetts We have audited the accompanying balance sheets of Network-1 Security Solutions, Inc. (the "Company") as of December 31, 2001 and 2000 and the related statements of operations, stockholders' equity and cash flows for each of the years then ended. These financial statements are the responsibility of the Company's management. Our responsibility is to express an opinion on these financial statements based on our audits. We conducted our audits in accordance with auditing standards generally accepted in the United States of America. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion. In our opinion, the financial statements enumerated above present fairly, in all material respects, the financial position of Network-1 Security Solutions, Inc. as of December 31, 2001 and 2000 and the results of its operations and its cash flows for each of the years then ended in conformity with accounting principles generally accepted in the United States of America. /s/ Richard A. Eisner & Company, LLP - ------------------------------------------- New York, New York February 22, 2002 (except for Note L[1] as to which the date is March 4, 2002 and Note L[2] as to which date is March 25, 2002) F-2 NETWORK-1 SECURITY SOLUTIONS, INC. BALANCE SHEETS