zk1516631.htm


UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
 
FORM 20–F
 
o
REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934
 
OR
 
x
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 for the fiscal year ended December 31, 2014
 
OR
 
o
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
 
OR
 
o
SHELL COMPANY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
 
Date of event requiring this shell company report………….
 
For the transition period from _________________ to ________________
 
Commission file number 000–26495
 
CYREN LTD.
(Exact name of Registrant as specified in its charter and
translation of Registrant’s name into English)
 
Israel
(Jurisdiction of incorporation or organization)
 
1 Sapir Road
5th Floor, Beit Ampa
P.O. Box 4014
Herzliya 46140, Israel
011–972–9–863–6888
(Address of principal executive offices)
 
Sue Lee, Esq., General Counsel, 7925 Jones Branch Drive, Suite 5200, McLean, VA 22102, Fax: 703-842-8227
(Name, Telephone, Email and/or Facsimile number and Address of Company Contact Person)
 
Securities registered or to be registered pursuant to Section 12(b) of the Act:
 
Title of each class
Name of each exchange on which registered
Ordinary Shares, par value NIS 0.15 per share
NASDAQ Capital Market
 
Securities registered or to be registered pursuant to Section 12(g) of the Act: None
 
Securities for which there is a reporting obligation pursuant to Section 15(d) of the Act: None
 
Indicate the number of outstanding shares of each of the issuer’s classes of capital or common stock as of the close of the period covered by the annual report (December 31, 2014).
 
Ordinary Shares, par value NIS 0.15                                                                      31,396,940
 
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
 
Yes o                      No x
 
If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934.
 
Yes o                      No x
 
Note: Checking the above box will not relieve any registrant required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 from their obligations under those Sections.
 
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
 
Yes x                      No o
 
 
 

 
 
Indicate by check mark whether the registrant has submitted electronically and posted on its corporate web site, if any, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files).
 
xYes                                 oNo
 
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer or a non-accelerated filer. See definition of “accelerated filer and large accelerated filer” in Rule 12b-2 of the Exchange Act. Check one:
 
Large accelerated filer o
Accelerated filer o
Non-accelerated filer x
 
Indicate by check mark which basis of accounting the registrant has used to prepare the financial statements included in this filing.
 
U.S. GAAP x
International Financial Reporting Standards as issued by the
International Accounting Standards Board o
Other o
 
If “Other” has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow.
 
Item 17 o                      Item 18 o
 
If this is an annual report, indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).
 
Yes o                      No x
 
(APPLICABLE ONLY TO ISSUERS INVOLVED IN BANKRUPTCY PROCEEDINGS DURING THE PAST FIVE YEARS)
 
Indicate by check mark whether the registrant has filed all documents and reports required to be filed by Sections 12, 13 or 15(d) of the Securities Exchange Act of 1934 subsequent to the distribution of securities under a plan confirmed by a court.
 
Yes o                      No o
 
 
 

 
TABLE OF CONTENTS
 
    Page
 
16 
24 
24 
34 
47 
48 
48 
50 
60 
61 
  61 
61 
61 
61 
62 
62 
62 
62 
63 
63 
63 
 63 
Item 16H. Mine Safety Disclosure 64 
  65 
65 
65 
65 
 
 
 

 
 
FORWARD-LOOKING STATEMENTS
 
Except for the historical information contained in this Annual Report, the statements contained in this Annual Report are “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995, as amended, and other federal securities laws with respect to our business, financial condition and results of operations. Such forward-looking statements reflect our current view with respect to future events and financial results.
 
We urge you to consider that statements which use the terms “anticipate,” “believe,” “expect,” “plan,” “intend,” “estimate” and similar expressions are intended to identify forward-looking statements. We remind readers that forward-looking statements are merely predictions and therefore inherently subject to uncertainties and other factors and involve known and unknown risks that could cause our actual results, performance, levels of activity, or achievements, or industry results, to be materially different from those expressed or implied by such forward-looking statements. Such forward-looking statements appear in “Item 4. Information on the Company” and “Item 5. Operating and Financial Review and Prospects,” as well as elsewhere in this Annual Report. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. Except as required by applicable law, including the securities laws of the United States, we undertake no obligation to update or revise any forward-looking statements to reflect new information, future events or circumstances, or otherwise after the date hereof. We have attempted to identify significant uncertainties and other factors affecting forward-looking statements in the Risk Factors section that appears below.
 
PART I
 
Item 1. Identity of Directors, Senior Management and Advisers.
 
Not applicable.
 
Item 2. Offer Statistics and Expected Timetable.
 
Not applicable.
 
Item 3. Key Information.
 
Unless otherwise indicated, all references in this document to “CYREN”, “the Company,” “we,” “us” or “our” are to CYREN Ltd., formerly known as Commtouch Software Ltd. and its consolidated subsidiaries, namely CYREN Inc., formerly known as Commtouch Inc., CYREN Iceland hf, formerly known as Commtouch Iceland hf, and CYREN Gesellschaft mbH, formerly known as eleven Gesellschaft zur Entwicklung und Vermarktung von Netzwerktechnologien mbH.
 
A.
Selected financial data
 
The selected consolidated statements of income data for the years ended December 31, 2012, 2013 and 2014 and the selected consolidated balance sheet data as of December 31, 2013 and 2014 have been derived from the Consolidated Financial Statements of CYREN included elsewhere in this Annual Report on Form 20-F, or this Annual Report. The selected consolidated statements of income data for the years ended December 31, 2010 and 2011 and the selected consolidated balance sheet data as of December 31, 2010, 2011 and 2012 have been derived from the Consolidated Financial Statements of CYREN not included elsewhere in this Annual Report. Our historical results are not necessarily indicative of results to be expected for any future period. The data set forth below should be read in conjunction with “Item 5. Operating and Financial Review and Prospects” and the Consolidated Financial Statements and the Notes thereto included elsewhere herein:
 
   
Year Ended December 31,
 
   
2010
   
2011
   
2012
   
2013
   
2014
 
   
(USD and share amounts in thousands, except per share data)
 
Selected Data:
                             
Revenues
  $ 18,161     $ 23,016     $ 23,910     $ 32,248     $ 31,925  
Operating income (loss)
  $ 3,360     $ 3,308     $ 780     $ (2,107 )   $ (6,525 )
Net income (loss) attributable to ordinary and equivalently participating shareholders
  $ 4,403     $ 4,598     $ 1,485     $ (9,871 )   $ (7,016 )
Operating income (loss) per share
  $ 0.14     $ 0.14     $ 0.03     $ (0.08 )   $ (0.23 )
Basic net earnings (loss) per share
  $ 0.19     $ 0.19     $ 0.06     $ (0.38 )   $ (0.25 )
Diluted operating income (loss) per share
  $ 0.14     $ 0.13     $ 0.03     $ (0.08 )   $ (0.23 )
Diluted net earnings (loss) per share
  $ 0.18     $ 0.19     $ 0.06     $ (0.38 )   $ (0.25 )
Weighted average number of shares used in computing basic net earnings per share
    23,575       23,620       24,610       26,231       28,598  
Weighted average number of shares used in computing diluted net earnings per share
    24,874       24,654       25,140       26,231       28,598  
Total Assets
  $ 31,982     $ 39,534     $ 59,133     $ 50,933     $ 51,473  
 
 
2

 
B.
Capitalization and indebtedness
 
Not applicable
 
C.
Reason for the offer and use of proceeds
 
Not applicable
 
D.
Risk factors
 
 
3

 
 
RISK FACTORS
 
Our business faces significant risks. You should carefully consider all of the information set forth in this annual report and in our other filings with the SEC, including the following risk factors which we face and which are faced by our industry. Our business, financial condition and results of operations could be materially adversely affected by any of these risks. This report also contains forward-looking statements that involve risks and uncertainties. Our results could materially differ from those anticipated in these forward-looking statements, as a result of certain factors including the risks described below and elsewhere in this report and our other SEC filings. See also “Forward-Looking Statements”.
 
Business Risks
 
If the Internet security market does not accept our cloud-based product offerings, our sales will not grow as quickly as anticipated, or at all, and our business, results of operations and financial condition would be harmed.
 
We are seeking to exploit our cloud-based security platform, CYREN Web Security (“CWS”) to disrupt the Internet security market and our historic business model. Our success will depend to a substantial extent on the willingness of enterprises, large and small, to increase their use of cloud computing services. The market for messaging security and compliance solutions delivered as a service in particular is at an early stage relative to on-premise solutions, and these applications may not achieve and sustain high levels of demand and market acceptance.
 
Historically, companies have used signature-based security products, such as firewalls, intrusion prevention systems, or IPS, anti-virus, or AV, and web and messaging gateways, for their IT security. These enterprises may be hesitant to purchase our cloud-based security offering if they believe that our signature-based products or those of our competitors are more cost-effective, provide substantially the same functionality or otherwise provide a sufficient level of IT security. Many enterprises have invested substantial personnel and financial resources to integrate traditional enterprise software or hardware appliances for these applications into their businesses, and currently, most enterprises have not allocated a fixed portion of their budgets to protect against next-generation advanced cyber attacks. As a result, to expand our customer base, we need to convince potential customers to allocate a portion of their discretionary budgets to purchase our products and services. If we do not succeed in convincing customers that our offerings should be an integral part of their overall approach to IT security, our sales will not grow as quickly as anticipated, or at all, which would have an adverse impact on our business, results of operations and financial condition.
 
In addition, many enterprises may be reluctant or unwilling to use cloud computing services because they have concerns regarding the risks associated with its reliability and security, among other things, of this delivery model, or its ability to help them comply with applicable laws and regulations. If enterprises do not perceive the benefits of this delivery model, then the market for our services and our sales would not grow as quickly as we anticipate or at all and our business, results of operations and financial condition would be harmed.

If the market does not continue to respond favorably to our traditional Internet security solutions, including our cloud-based CYREN EmailSecurity, CYREN WebSecurity, embedded antispam solutions, embedded antivirus, embedded Uniform Resource Locator (URL) filtering solutions or our future solutions do not gain acceptance, we will fail to generate sufficient revenues. 
 
Our success depends on the continued acceptance and use of our traditional Internet security solutions by current and new businesses, Original Equipment Manufacturers (“OEMs”), and service provider customers, plus the interest of such customers in our newest offerings. We have been selling our inbound anti-spam products for over ten years, our Zero-Hour™ virus outbreak detection product for approximately nine years, our GlobalView™ Mail Reputation perimeter defense solution for approximately eight years, our URL filtering solutions for over six years, our outbound spam solution for approximately four years and the CYREN Antivirus solution for over five years.
 
As the markets for messaging, antivirus and web security products continue to mature and consolidate, we are seeing increasing competitive pressures and demands for even higher quality products at lower prices. This increasing demand comes at a time when Internet security threats are more varied and intensive, challenging top end solutions to keep their performance at an industry-acceptable level of accuracy. If our solutions do not continue to evolve to meet market demand, or newer products on the market prove more effective, our business could fail. Also, if growth in the markets for these solutions begins to slow, our business, results of operations and financial condition will suffer dramatically.
 
If we are unable to effectively integrate past and future acquisitions and investments, our business operations and financial results will suffer.
 
Our success will depend, in part, on our ability to expand our service and product offerings and grow our business in response to changing technologies, customer demands and competitive pressures. In some circumstances, we may decide to do so through the acquisition of complementary businesses and technologies rather than through internal development, including, for example, our 2012 acquisition of the antivirus business of the Icelandic company, Frisk Software International (“Frisk”) and the German Internet security company eleven GmbH (“eleven”).
 
 
4

 
 
If we encounter further difficulties or unforeseen expenditures in integrating the business, technologies, products, personnel or operations of these companies or any other company that we acquire, the revenue and operating results of the combined company could be adversely affected. The risks we face in connection with acquisitions include:
 
 
disruption of our ongoing business, diversion of resources, increased expenses and distraction of our management from operating our business to addressing acquisition integration challenges;
 
 
additional legal and regulatory compliance;
 
 
cultural challenges associated with integrating employees from the acquired companies into our organization;
 
 
inability to retain key employees from the acquired companies;
 
 
inability to strengthen our competitive position, achieve our strategic goals, generate sufficient financial return to offset acquisition costs or realize the expected benefits of the acquisition;
 
 
failure to identify significant problems or liabilities, including liabilities resulting from the acquired companies’ pre-acquisition failure to comply with applicable laws, during our pre-acquisition due diligence;
 
 
entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
 
 
difficulties in, or inability to, successfully sell any acquired products or services;
 
 
coordination of research and development, sales and marketing, accounting, human resources and other general and administrative systems;
 
 
changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisitions;
 
 
liability for activities of the acquired companies before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and litigation; and
 
 
unanticipated write-offs or charges.
 
The occurrence of any of these risks could have a material adverse effect on our business operations and financial results.
 
5

 
 
We face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations.
 
The market for security products and services is intensely competitive and characterized by rapid changes in technology, customer requirements, industry standards and frequent new product introductions and improvements. We anticipate continued challenges from current competitors, which in many cases enjoy greater resources than us, as well as by new entrants into the industry. If we are unable to anticipate or effectively react to these competitive challenges, our competitive position could weaken, and we could experience a decline in our revenue that could adversely affect our business and results of operations.
 
Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:
 
 
greater name recognition and larger customer bases;
 
larger sales and marketing budgets and resources;
 
broader distribution and established relationships with channel and distribution partners and customers;
 
greater customer support resources;
 
direct selling to end users;
 
lower labor and research and development costs; and
 
substantially greater financial, technical and other resources.
 
In addition, some of our larger competitors have substantially broader product offerings and may be able to leverage their relationships with distribution partners and customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products, subscriptions and services, including by selling at zero or negative margins, product bundling or offering closed technology platforms. Some of our competitors also sell directly to end users and, therefore, have a larger addressable market.
 
Potential customers may also prefer to purchase from their existing suppliers rather than a new supplier regardless of product performance or features. As a result, even if the features of our offerings are superior, customers may not purchase our services or products. In addition, innovative start-up companies, and larger companies that are making significant investments in research and development, may invent similar or superior products and technologies that compete with our product and services. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. If we are unable to compete successfully, or if competing successfully requires us to take costly actions in response to the actions of our competitors, our business, financial condition and results of operations could be adversely affected.
 
Some of our competitors have acquired businesses that may allow them to offer more directly competitive and comprehensive solutions than they had previously offered. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and end user needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of acquisitions or other opportunities more readily, or develop and expand their product and service offerings more quickly than we can. Due to various reasons, organizations may be more willing to incrementally add solutions to their existing security infrastructure from competitors than to replace it with our solutions. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share. Any failure to meet and address these factors could seriously harm our business and operating results.
 
Also, many of our smaller competitors that specialize in providing protection from a single type of business security threat may deliver these specialized business security products to the market more quickly than we can or may introduce innovative new products or enhancements before we do. Conditions in our markets could change rapidly and significantly as a result of technological advancements.
 
 
6

 
If we are unable to enhance our existing solutions and develop new solutions, our growth will be harmed.
 
Our ability to attract new customers and increase revenue from existing customers will depend in large part on our ability to enhance and improve our existing solutions and to introduce new solutions. The success of any enhancement or new solution depends on several factors, including the timely completion, introduction and market acceptance of the enhancement or solution. Any enhancement or solution we develop or acquire may not be introduced in a timely or cost-effective manner and may not achieve the broad market acceptance necessary to generate significant revenue. If we are unable to successfully develop or acquire new solutions or enhance our existing solutions to meet customer requirements, we may not grow as expected.
 
We cannot be certain that our development activities will be successful or that we will not incur delays or cost overruns. Furthermore, we may not have sufficient financial resources to identify and develop new technologies and bring enhancements or new solutions to market in a timely and cost-effective manner. New technologies and enhancements could be delayed or cost more than we expect, and we cannot ensure that any of these solutions will be commercially successful if and when they are introduced.
 
Adverse conditions in the US, Israeli and global financial markets could have a material adverse effect on our business, operating results and financial condition.
 
Our financial performance depends, in part, on the state of the economy, which deteriorated in the recent broad recession, and which may further deteriorate in the future. Challenging economic conditions worldwide have from time to time contributed, and may continue to contribute, to slowdowns in the information technology industry, resulting in reduced demand for our solutions as a result of continued constraints on IT-related capital spending by our customers and increased price competition for our solutions.
 
If the economies of countries in which our customers and potential customers are located continue to be weak or weaken further, our customers may reduce or postpone their spending significantly. This could result in reductions in sales of our services and longer sales cycles, slower adoption of new technologies and increased price competition. In addition, weakness in the end user market could negatively affect the cash flow of our OEM and service provider partners, distributors and resellers who could, in turn, delay paying their obligations to us. This would increase our credit risk exposure and cause delays in our recognition of revenues on future sales to these customers. Specific economic trends, such as declines in the demand for PCs, servers, and other computing devices, or weakness in corporate information technology spending, could have a more direct impact on our business. Any of these events would likely harm our business, operating results and financial condition.
 
If the perceived general level of advanced cyber attacks declines, demand for our solutions may decrease, our cost of doing business may increase and our business could be harmed.
 
Our business is substantially dependent on enterprises recognizing that advanced cyber attacks are pervasive and are not effectively prevented by legacy security solutions. High visibility attacks on prominent enterprises and governments have increased market awareness of the problem of advanced cyber attacks and help to provide an impetus for enterprises to devote resources to protecting against advanced cyber attacks, such as purchasing our services and products and broadly deploying our services and products within their organizations. If advanced cyber attacks were to decline, or enterprises perceived that the general level of advanced cyber attacks have declined, our ability to attract new customers and expand our offerings within existing customers could be materially and adversely affected. A reduction in the threat landscape could increase our sales cycles and harm our business, results of operations and financial condition.
 
In addition, various state legislatures have enacted laws aimed at regulating the distribution of unsolicited email. These and similar legal measures, both in the United States and worldwide, may have the effect of reducing the amount of unsolicited email and malicious software that is distributed and hence diminish the need for our Internet security solutions. Any such developments would have an adverse impact on our revenues.
 
We depend upon OEM partners, service providers and resellers to sell all of our products, and if our partners fail to perform, our ability to sell and distribute our products and services will be limited, and our operating results will be harmed.
 
We expect to continue to be dependent upon OEM partners and service providers for a significant portion of our revenues, which will be derived from sales of our messaging, antivirus and web security solutions. We also expect resellers to become important in the distribution of our newer cloud-based Internet security solutions such as CYREN WebSecurity.
 
We anticipate that in the future we will derive a substantial portion of the sales of CWS through channel partners. In order to scale our channel program to support growth in our business, it is important that we help our partners enhance their ability to independently sell and deploy our solutions. We may be unable to successfully expand and improve the effectiveness of our channel sales program.
 
Our operating results and financial condition may be materially adversely affected if:
 
 
anticipated orders or payments from these customers fail to materialize;
 
 
our customers cease the promotion of our business or begin to promote additional solutions;
 
 
7

 
 
our customers are acquired by larger companies who may have other relationships or technologies that lead to the displacement or termination of CYREN contracts;
 
 
our customers do not live up to their contractual agreements or fail to pay for services rendered; or
 
 
our customers’ businesses fail.
 
If we are unable to maintain our relationships with these channel partners, or otherwise develop and expand our indirect distribution channel, our business, results of operations, financial condition or cash flows could be adversely affected.
 
Our quarterly operating results may fluctuate, which could adversely affect the value of your investment.
 
Our revenues and operating results could vary significantly from period to period as a result of a variety of factors, many of which are outside of our control. As a result, comparing our revenues and operating results on a period-to-period basis may not be meaningful, and you should not rely on our past results as an indication of our future performance. We may not be able to accurately predict our future revenues or results of operations. We base our current and future expense levels on our operating plans and sales forecasts, and our operating costs are relatively fixed in the short-term. As a result, we may not be able to reduce our costs sufficiently to compensate for an unexpected shortfall in revenues, and even a small shortfall in revenues could disproportionately and adversely affect financial results for that quarter. In addition, we recognize revenues from sales to some customers or resellers when cash is received, which may be delayed because of issues with those customers or resellers. If our revenues or operating results fall below the expectations of investors or any securities analysts that cover our stock, the price of our common stock could decline substantially.
 
A number of factors, many of which are enumerated in this “Risk Factors” section, are likely to cause fluctuations in our operating results or cause our share price to decline. These factors include:
 
 
our ability to successfully market both our traditional messaging, antivirus and web security solutions and our newer cloud-based Internet security solutions in new markets, both domestic and international;
 
 
our ability to successfully develop and market new, modified or upgraded solutions, as may be needed;
 
 
the continued acceptance of our solutions by our current customer base;
 
 
our ability to expand our workforce with qualified personnel, as may be needed;
 
 
unanticipated bugs or other problems affecting the delivery of our solutions to customers;
 
 
the success of our customers’ sales efforts to their customer base;
 
 
the solvency of our customers and their ability to allocate sufficient resources towards the marketing of our solutions;
 
 
our customers’ ability to effectively integrate our solutions into their product offerings;
 
 
the substantial decrease in information technology spending;
 
 
the pricing of our solutions;
 
 
our ability to timely collect fees owed by our customers;
 
 
a renewed global slowdown;
 
 
sudden, dramatic fluctuations in exchange rates of currencies covering the fees we collect from our foreign customers versus the currencies utilized in our business (namely, the New Israeli Shekel, or NIS, the U.S. Dollar and Euro);
 
 
our ability to add cost-effective space and equipment to our current detection centers in a timely and effective manner to match the rate of growth in our business, plus our ability to build new, cost-effective detection centers as worldwide demand for our products may require; and
 
 
the effectiveness of our end user support, whether provided by our customers or directly by CYREN.
 
 
8

 
Our ability to continue to increase our revenues will depend on our ability to successfully execute our sales and business development plan.
 
The complexity of the underlying technological base of messaging, antivirus and web security solutions, and the current landscape of the markets, require highly trained sales and business development personnel to educate prospective resellers, OEM and service provider partners and customers regarding the use and benefits of our solutions. We continue to be substantially dependent on our sales force to obtain new customers and to drive additional use cases and adoption among our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. New hires require significant training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business.
 
Our future success depends on our ability to sell additional solutions to our customers. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our customers purchase additional solutions depends on a number of factors, including the perceived need for additional solutions, growth in the number of end users, and general economic conditions. If our efforts to sell additional solutions to our customers are not successful, our business, financial condition and/or results of operations may suffer.
 
We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to attract and retain qualified personnel could harm our business.
 
Our success is substantially dependent on our ability to attract, retain and motivate the members of our management team and other key employees throughout our organization. Competition for highly skilled personnel is intense, especially in Israel, Berlin, Reykjavík, Palo Alto, and the Washington D.C. metro area, where we have an office and a need for highly skilled personnel. We may not be successful in attracting qualified personnel to fulfill our current or future needs. Our competitors may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. Also, to the extent we hire employees from mature public companies with significant financial resources, we may be subject to allegations that such employees have been improperly solicited, that they have divulged proprietary or other confidential information or that their former employers own such employees’ inventions or other work product.
 
In addition, we believe that it is important to establish and maintain a corporate culture that facilitates the maintenance and transfer of institutional knowledge within our organization and also fosters innovation, teamwork, a passion for customers and a focus on execution. Our Chief Executive Officer and certain other key members of our management and finance teams have only been working together for a relatively short period of time. If we are not successful in integrating these key employees into our organization, such failure could delay or hinder our product development efforts and the achievement of our strategic objectives, which could adversely affect our business, financial condition and results of operations.
 
The loss of our software developers or senior operations personnel may also adversely affect the continued development and support of both our current messaging, antivirus and web security solutions and future solutions presently included in our roadmap for development, thereby causing our operating results to suffer and the value of your investment to decline.
 
We do not have employment agreements inclusive of set periods of employment with any of our key personnel. We cannot prevent them from leaving at any time. We do not maintain key-person life insurance policies, listing us as a beneficiary, on any of our employees. If one or more of our key employees resigns or otherwise ceases to provide us with their service, our business, financial condition and/or results of operations could be harmed.
 
Our business and operating results could suffer if we do not successfully address potential risks inherent in doing business overseas.
 
We market and sell our products throughout the world and have personnel in many parts of the world. In addition, we have sales offices and research and development facilities outside the United States and we conduct, and expect to continue to conduct, a significant amount of our business with companies that are located outside the United States, particularly in Israel, Asia and Europe. We also enter into strategic distributor and reseller relationships with companies in certain international markets where we do not have a local presence. If we are not able to maintain successful strategic distributor relationships internationally or recruit additional companies to enter into strategic distributor relationships, our future success in these international markets could be limited. Business practices in the international markets that we serve may differ from those in the United States and Israel and may require us in the future to include terms other than our standard terms in customer contracts, although to date we generally have not done so. To the extent that we enter into customer contracts in the future that include non-standard terms related to payment, warranties, or performance obligations, our operating results may be adversely impacted.
 
Additionally, our international sales and operations are subject to a number of risks, including the following:
 
 
greater difficulty in enforcing contracts and accounts receivable collection and longer collection periods;
 
 
9

 
 
the uncertainty of protection for intellectual property rights in some countries;
 
 
greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;
 
 
risks associated with trade restrictions and foreign legal requirements, including the importation, certification, and localization of our products required in foreign countries;
 
 
the potential that our operations in Israel and the U.S. may limit the acceptability of our products to some foreign governments, and vice versa;
 
 
greater risk of a failure of foreign employees, partners, distributors, and resellers to comply with both U.S. and foreign laws, including antitrust regulations, and any trade regulations ensuring fair trade practices;
 
 
heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;
 
 
the potential for acts of terrorism, hostilities or war;
 
 
increased expenses incurred in establishing and maintaining office space and equipment for our multinational operations;
 
 
greater difficulty in recruiting local experienced personnel, and the costs and expenses associated with such activities;
 
 
management communication and integration problems resulting from cultural and geographic dispersion;
 
 
fluctuations in exchange rates between the U.S. dollar, NIS and foreign currencies in markets where we do business; and
 
 
general economic and political conditions and uncertainties in these foreign markets.
 
These factors and other factors could harm our ability to gain future international revenues and, consequently, materially impact our business, operating results, and financial condition. The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources.
 
Our web security solutions may be adversely affected if we are not able to receive sufficient components from third party suppliers.
 
Our web security solution relies in part on certain components supplied by third parties pursuant to contractual relationships. If these third parties breach their agreements with us, we may have difficulty in securing alternative sources for these components in a timely manner and thus our web security solution may not perform at the level we expect. If this were to occur, the effectiveness of this solution would drop, it would become less attractive to customers/potential customers and anticipated revenues could decline.
 
Technology Risks
 
We may not have the resources or skills required to adapt to the changing technological requirements and shifting preferences of our customers and their users.
 
The messaging, antimalware and web security industries are characterized by difficult technological challenges, sophisticated distributors of Internet security threats, multiple-variant viruses, advance persistent threats, unique phishing scams and constantly evolving malevolent software distribution practices and targets that could render our solutions and proprietary technology ineffective. Our success depends, in part, on our ability to continually enhance our existing messaging, antimalware and web security solutions and to develop new solutions, functions and technology that address the potential needs of prospective and current customers and their users.
 
Many of our end users operate in markets characterized by rapidly changing technologies and business plans, which require them to adapt to increasingly complex IT networks, incorporating a variety of hardware, software applications, operating systems and networking protocols. As their technologies and business plans grow more complex, we expect these customers to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our solutions effectively identify and respond to these advanced and evolving attacks without disrupting our customers’ network performance. As a result of the continued rapid innovations in the technology industry, including the rapid growth of smart phones, tablets and other devices and the trend of “bring your own device” in enterprises, we expect the networks of our end users to continue to change rapidly and become more complex.
 
We have identified a number of new products and enhancements to our platform that we believe are important to our continued success in the IT security market. For example, in February 2014, we announced the introduction of CWS, our first service launched through our cloud infrastructure that offers end users secure browsing from any device, anywhere. We may not be successful in developing and marketing, on a timely basis, such new products or enhancements or that our new products or enhancements will adequately address the changing needs of the marketplace. In addition, some of our new products and enhancements may require us to develop new architectures that involve complex, expensive and time-consuming research and development processes. Although the market expects rapid introduction of new products and enhancements to respond to new threats, the development of these products and enhancements is difficult and the timetable for commercial release and availability is uncertain, as there can be significant time lags between initial beta releases and the commercial availability of new products and enhancements. We may experience unanticipated delays in the availability of new products and enhancements to our platform and fail to meet customer expectations with respect to the timing of such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our customers by developing, releasing and making available on a timely basis new products and enhancements to our services and products that can adequately respond to advanced threats and our customers’ needs, our competitive position and business prospects will be harmed. Furthermore, from time to time, we or our competitors may announce new products with capabilities or technologies that could have the potential to replace or shorten the life cycles of our existing services products. Announcements of new products could cause customers to defer purchasing our existing services or products.

 
10

 
Additionally, the process of developing new technology is expensive, complex and uncertain. The success of new products and enhancements depends on several factors, including appropriate component costs, timely completion and introduction, differentiation of new products and services from those of our competitors, and market acceptance. To maintain our competitive position, we must continue to commit significant resources to developing new products or services before knowing whether these investments will be cost-effective or achieve the intended results. We may not be able to successfully identify new product opportunities, develop and bring new products or services to market in a timely manner, or achieve market acceptance of our platform. Products and technologies developed by others may render our offerings obsolete or noncompetitive. If we expend significant resources on researching and developing products or services and such products and services are not successful, our business, financial position and results of operations may be adversely affected. We may not be able to use new technologies effectively or adapt to OEM, service provider, customer or end user requirements or emerging industry standards.
 
Our solutions may be adversely affected by defects or denial of service attacks, which could cause our OEM and service provider partners, customers or end users to stop using our solutions.
 
Our messaging, antimalware and web security solutions are based in part upon new and complex software and highly advanced computer systems. Complex software and computer systems can contain defects, particularly when first introduced or when new versions are released, and are possible targets for denial of service attacks instigated by “hackers”. Although we conduct extensive testing and implement Internet security processes, we may not discover defects or vulnerabilities in our software or systems that affect our new or current solutions or enhancements until after they are delivered. Although we have not experienced any material defects or vulnerabilities to date in our messaging, antimalware and web security offerings, it is possible that, despite testing by us, defects or vulnerabilities may exist in the solutions we provide. These defects or vulnerabilities could cause or lead to interruptions for customers of our solutions, resulting in damage to our reputation, legal risks, loss of revenue, delays in market acceptance and diversion of our development resources, any of which could cause our business, financial condition and/or results of operations to suffer.
 
Real or perceived defects, errors or vulnerabilities in our services or the failure of our services to block malware or prevent a security breach could harm our reputation and adversely impact our business, financial condition and results of operations.
 
Because our products and services are complex, they have contained and may contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our end users. For example, from time to time, certain of our end users have reported defects in our products related to performance, scalability and compatibility that were not detected before offering the service. Additionally, defects may cause our products or services to be vulnerable to security attacks, cause them to fail to help secure networks or temporarily interrupt end users’ networking traffic. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques and provide a solution in time to protect our end users’ networks. Furthermore, as a well-known provider of Internet security solutions, our networks, products, and services could be targeted by attacks specifically designed to disrupt our business and harm our reputation. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing end user base, any of which could temporarily or permanently expose our end users’ networks, leaving their networks unprotected against the latest security threats.
 
Any real or perceived defects, errors or vulnerabilities in our services, or any other failure of our services to detect an advanced threat, could result in:
 
 
a loss of existing or potential customers or channel partners;
 
 
delayed or lost revenue;
 
 
a delay in attaining, or the failure to attain, market acceptance;
 
 
the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects, to address and eliminate vulnerabilities, or to identify and ramp up production with alternative third-party manufacturers;
 
 
an increase in warranty claims, or an increase in the cost of servicing warranty claims, either of which would adversely affect our gross margins;
 
 
11

 
 
• 
harm to our reputation or brand; and
 
 
litigation, regulatory inquiries or investigations that may be costly to address and further harm our reputation.
 
Data thieves are sophisticated, often affiliated with organized crime and operate large scale and complex automated attacks. In addition, their techniques change frequently and generally are not recognized until launched against a target. If we fail to identify and respond to new and complex methods of attack and to update our services to detect or prevent such threats in time to protect our end users’ systems, our business and reputation will suffer.
 
An actual or perceived security breach or theft of the sensitive data of one of our end users, regardless of whether the breach is attributable to the failure of our products or services, could adversely affect the market’s perception of our security offerings. Despite our best efforts, there is no guarantee that our products and services will be free of flaws or vulnerabilities, and even if we discover these weaknesses we may not be able to correct them promptly, if at all. Our end user customers may also misuse our products and services, which could result in a breach or theft of business data.
 
Our messaging, antimalware and web security solutions may be adversely affected if we are not able to receive a sufficient sampling of Internet traffic or our detection centers were to become unavailable.
 
Our messaging, antimalware and web security solutions are dependent, in part, on the ability of our detection centers to analyze, in an automated fashion, live feeds of Internet and web related traffic received through our services to customers and other contractual arrangements. If we were to suffer an unanticipated, substantial decrease in such traffic or our multiple detection centers become unavailable for any significant period, the effectiveness of our technologies would drop, our product offerings would become less attractive to customers/potential customers and revenues could decline.
 
False detection of applications, viruses, malware, spyware, vulnerability exploits, data patterns or URL categories could adversely affect our business.
 
Our classifications of application type, virus, malware, spyware, vulnerability exploits, data, or URL categories may falsely detect applications, content or threats that do not actually exist. This risk is heightened by the inclusion of a “heuristics” feature in our products, which attempts to identify applications and other threats not based on any known signatures but based on characteristics or anomalies which indicate that a particular item may be a threat. These “false positives”, while typical in our industry, may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our services and products. If our services and products restrict important files or applications based on falsely identifying them as malware or some other item that should be restricted, this could adversely affect end users’ systems and cause material system failures. Any such false identification of important files or applications could result in damage to our reputation, negative publicity, loss of end users and sales, increased costs to remedy any problem, and costly litigation.
 
Our cloud-based SecaaS offerings are newer service offerings, so we may not see the customer traction in these offerings that we anticipate.
 
Security-as-a-Service (“SecaaS”) is a model of cloud-based services offerings. In February 2014, we released CWS, our cloud-based security service that provides end users secure browsing from any device, anywhere. CWS is our push into the cloud-based Internet security sector. The solutions we are promoting and will promote to this market will enable Internet security vendors and service providers to offer fully cloud-based, Internet security solutions to their customers, without the need for the integration of an embedded software development kit, or SDK, into their product offerings. Among other things, this cloud-based approach is intended to speed up the process of moving our solutions to market, and ease the integration burden for our customers.
 
In recent years, companies have begun to expect that key security software services, such as URL filtering, be provided through a SecaaS model. In order to provide CWS via a SecaaS deployment, we have made and will continue to make capital investments to implement this alternative business model, which could negatively affect our financial results. Even with these investments, the SecaaS business model for CWS may not be successful. Because of the newness of the technologies involved and the resulting learning curve required of all employees in the sale and support of the new offerings, we cannot be certain that we will convince potential customers of the benefits of these new offerings and sell them at the rate we anticipate. If we fall short of our expectations, and especially given the significant resources invested by us in bringing these new offerings to market, our financial results will suffer and the value of shareholder investments will decline.
 
If we fail to develop or protect our CYREN brand name, our business may be harmed.
 
In January 2014, we announced the Company would change its name from Commtouch to CYREN. We adopted our new name as we completed our transformation into a leading provider of cloud-based information security solutions that are specially designed to be deployed or private labeled by customers and partners alike. Developing and maintaining awareness and integrity of our company and our new brand are important to achieving widespread acceptance of our existing and future offerings and are important elements in attracting new customers. The importance of brand recognition will increase as competition in our market further intensifies. Successful promotion of our brand will depend on the effectiveness of our marketing efforts and on our ability to provide reliable and useful solutions at competitive prices. We plan to continue investing substantial resources to promote our brand, both domestically and internationally, but there is no guarantee that our brand development strategies will enhance the recognition of our brand. Some of our existing and potential competitors have well-established brands with greater recognition than we have. If our efforts to promote and maintain our brand are not successful, our operating results and our ability to attract and retain customers may be adversely affected. In addition, even if our brand recognition and loyalty increases, this may not result in increased use of our solutions or higher revenue.

 
12

 
Investment Risks
 
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new services and products could reduce our ability to compete and could harm our business.
 
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features to enhance our services and products, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. For example, in July 2014, we completed a registered direct offering of 4,771,796 shares and warrants to purchase 1,670,128 Ordinary Shares with certain institutional investors in combinations consisting of one Ordinary Share and one warrant to purchase 0.35 of an Ordinary Share at an offering price per fixed combination of $2.41. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in debt financing, the holders of debt would have priority over the holders of common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness or that otherwise restrict our ability to operate our business. We may also be required to take other actions that would otherwise be in the interests of the debt holders and force us to maintain specified liquidity or other ratios, any of which could harm our business, operating results, and financial condition. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
 
Our directors, executive officers and principal shareholders will be able to exert significant influence over matters requiring shareholder approval and could delay or prevent a change of control.
 
Our CEO, Lior Samuelson, is also Chairman of our Board of Directors. Our directors and affiliates of our directors and our executive officers (together known as “affiliated entities”), beneficially own, in the aggregate, approximately 20.6% of our outstanding Ordinary Shares as of April 1, 2015. Included in the calculation of voting power are options exercisable by the affiliated entities within 60 days thereof (with some having an exercise price greater than the market price of our shares as of April 1, 2015). If they vote together (especially if they were to exercise all vested options into shares entitled to voting rights in the Company), these shareholders will be able to exercise significant influence over many matters requiring shareholder approval, including the election of directors and approval of significant corporate transactions. In this regard, we know of no shareholders or voting agreement between major shareholders or between such shareholders and directors or officers.
 
This concentration of ownership could also delay or prevent a change in control of CYREN. In addition, conflicts of interest may arise as a consequence of the significant shareholders control relationship with us, including:
 
 
conflicts between significant shareholders, and our other shareholders whose interests may differ with respect to, among other things, our strategic direction or significant corporate transactions;
 
 
conflicts related to corporate opportunities that could be pursued by us, on the one hand, or by these shareholders, on the other hand; or
 
 
conflicts related to existing or new contractual relationships between us, on the one hand, and these shareholders, on the other hand.
 
Our Ordinary Shares often trade at different prices on NASDAQ and TASE.
 
Our Ordinary Shares are traded primarily on the NASDAQ Capital Market and also on the Tel Aviv Stock Exchange (“TASE”). Trading in our Ordinary Shares on these markets is made in different currencies (U.S. dollars on the NASDAQ Capital Market, and NIS, on the Tel Aviv Stock Exchange), and at different times (resulting from different time zones, different trading days and different public holidays in the United States and Israel). Consequently, the trading prices of our Ordinary Shares on these two markets often differ. Any decrease in the trading price of our Ordinary Shares on one of these markets could cause a decrease in the trading price of our Ordinary Shares on the other market.
 
 
13

 
Intellectual Property Risks
 
If we fail to adequately protect our intellectual property rights or face a claim of intellectual property infringement by a third party, we could lose our intellectual property rights or be liable for significant damages.
 
We regard our patented and patent pending technology, copyrights, service marks, trademarks, trade secrets and similar intellectual property as critical to our success, and rely on patent, trademark and copyright law, trade secret protection and confidentiality or license agreements with our employees and customers to protect our proprietary rights. See Item 4. Information on the Company, Intellectual Property for information pertaining to our patent activities. We may seek to patent certain additional software or other technology in the future. Any such patent applications might not result in patents issued within the scope of the claims we seek, or at all.
 
Despite our precautions, unauthorized third parties may copy certain portions of our technology, reverse engineer or obtain and use information that we regard as proprietary or otherwise infringe or misappropriate our patent or our patent pending technology, trade secrets, copyrights, trademarks and similar proprietary rights. In addition, the laws of some foreign countries do not protect proprietary rights to the same extent as do the laws of the United States. Thus, our means of protecting our proprietary rights in the United States or abroad, as well as our financial resources, may not be adequate, and competitors may independently develop similar technology.
 
We cannot be certain that our Internet security solutions do not infringe issued patents in certain parts of the world. Therefore, other parties, whether in the United States or elsewhere, may assert infringement claims against us. We may also be subject to legal proceedings and claims from time to time in the ordinary course of our business, including claims of alleged infringement of copyrights, trademarks and other intellectual property rights of third parties by ourselves and our customers. Our customer agreements typically include indemnity provisions, so we may be obligated to defend against third party intellectual property rights infringement claims on behalf of our customers. Such claims, even if not meritorious, could result in the expenditure of significant financial and managerial resources. We may not have the proper resources in order to adequately defend against such claims.
 
Risks Relating to Operations in Israel
 
Conditions in Israel may limit our ability to develop and sell our products, resulting in a decline in revenues.
 
We are incorporated under the laws of the State of Israel. Our principal research and development facilities are located in Israel. Since the establishment of the State of Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring countries, as well as incidents of civil unrest, and a number of state and non-state actors have publicly committed to its destruction. Political, economic and military conditions in Israel could directly affect our operations. We could be adversely affected by any major hostilities involving Israel, including acts of terrorism or any other hostilities involving or threatening Israel, the interruption or curtailment of trade between Israel and its trading partners, a significant increase in inflation or a significant downturn in the economic or financial condition of Israel. Any on-going or future violence between Israel and the Palestinians, armed conflicts, terrorist activities, tension along the Israeli borders or with other countries in the region, including Iran, or political instability in the region could disrupt international trading activities in Israel and may materially and negatively affect our business and could harm our results of operations.
 
Certain countries, as well as certain companies and organizations, continue to participate in a boycott of Israeli firms, firms with large Israeli operations and others doing business with Israel and Israeli companies. In addition, such boycott, restrictive laws, policies or practices may change over time in unpredictable ways, and could, individually or in the aggregate, have a material adverse effect on our business in the future.
 
Some of our employees in Israel, including some of our executive officers, are obligated to perform annual military reserve duty in the Israel Defense Forces, depending on their age and position in the armed forces. Furthermore, they may be called to active reserve duty at any time under emergency circumstances for extended periods of time. For example, in 2014, six of our employees in Israel were called for active reserve duty, each serving for an average of approximately two weeks. Our operations could be disrupted by the absence, for a significant period, of one or more of our executive officers or key employees due to military service, and any significant disruption in our operations could harm our business.
 
Because a substantial portion of our revenues historically have been generated in U.S. dollars and the Euro, and a significant portion of our expenses have been incurred in NIS, our results of operations may be adversely affected by currency fluctuations.
 
We have generated a substantial portion of our revenues in U.S. dollars and Euros, and incurred a portion of our expenses, principally salaries and related personnel expenses in Israel in NIS. We anticipate that a significant portion of our expenses will continue to be denominated in NIS. As a result, we are exposed to risk to the extent that the value of the U.S. dollar decreases against the NIS and the Euro. In that event, the U.S. dollar cost of our operations will increase and our U.S. dollar-measured results of operations will be adversely affected.  During 2014, the U.S. dollar value of operating costs denominated in NIS declined due to the appreciation of the U.S. dollar vs the NIS, and the U.S. dollar value of revenues denominated in Euro declined due to the appreciation of the U.S. dollar vs the Euro. During 2012 and 2013, the U.S. dollar value of operating costs denominated in NIS increased due to the depreciation of the U.S. dollar vs the NIS, and the U.S. dollar value of revenues denominated in Euro increased due to the depreciation of the U.S. dollar vs the Euro.
 
 
14

 
We cannot predict the trend for future years. Our operations also could be adversely affected if we are unable to guard against currency fluctuations in the future. To date, we have not engaged in any significant hedging transactions. In the future, we may enter into currency hedging transactions to decrease the risk of financial exposure from fluctuations in the exchange rate of the dollar against the NIS. Foreign currency fluctuations, and our attempts to mitigate the risks caused by such fluctuations, could have a material and adverse effect on our results of operations and financial condition.

The government programs and benefits which we previously received require us to meet several conditions and may be terminated or reduced in the future.
 
Through a program with the Office of the Chief Scientist of the Israeli Ministry of Industry, Trade & Labor, or OCS, we received grants from the Government of Israel, to finance a significant portion of our research and development expenditures in Israel. In 2013 and 2014, we received $0.4 million and $0.4 million, respectively.
 
In order to meet specified conditions in connection with grants and programs of the OCS, we have made representations to the Israel government about our Israeli operations. The grant requires a minimum commitment of three years and we are required to share information with other companies and academics. In addition, under the terms of Israeli Government participation, a royalty of 3% or up to 5% of the net sales of products developed from some of our projects that were funded by the OCS must be paid, beginning with the commencement of sales of products developed with grant funds and ending when a dollar-linked amount equal to 100% of such grants plus interest at LIBOR is repaid. The terms of Israeli Government participation also impose significant restrictions on manufacturing outside Israel of products developed with government grants. The transfer to third parties of technologies or know how developed through such projects is subject to approval of the OCS, as well as making additional payment to the OCS, with the amounts depending upon the value of the transferred technology or know-how, our R&D expenses, the amount of OCS support, the time of completion of the OCS-supported research project and other factors. From time to time, the conduct of our Israeli operations has deviated from our forecasts. If we fail to meet the conditions of the grants, including the maintenance of a material presence in Israel, or if there is any material deviation from the representations made by us to the Israeli government, we could be required to refund the grants previously received (together with an adjustment based on the Israeli consumer price index and an interest factor) and would likely be ineligible to receive OCS grants in the future‬.
 
You may have difficulties enforcing a U.S. judgment against us and our executive officers and directors or asserting U.S. securities laws claims in Israel.
 
CYREN Ltd. is organized under the laws of Israel, and we maintain significant operations in Israel. In addition, a significant portion of our assets are located outside the United States. Service of process upon our non-U.S. resident directors and enforcement of judgments obtained in the United States against them and CYREN Ltd. may be difficult to obtain within the United States. It may be difficult to enforce civil causes of actions under U.S. securities law in original actions instituted in Israel. Israeli courts may refuse to hear a claim based on a violation of U.S. securities laws because Israel is not the most appropriate forum in which to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable to the claim. If U.S. law is found to be applicable, the substance of the applicable U.S. law must be proved as a fact, which can be a time-consuming and costly process. Certain matters of procedure will also be governed by Israeli law. Furthermore, there is little binding case law in Israel addressing these matters.
 
Israeli courts might not enforce judgments rendered outside Israel which may make it difficult to collect on judgments rendered against us. Subject to certain time limitations, an Israeli court may declare a foreign civil judgment enforceable only if it finds that (a) the judgment was rendered by a court which was, according to the laws of the state of the court, competent to render the judgment; (b) the judgment may no longer be appealed; (c) the obligation imposed by the judgment is enforceable according to the rules relating to the enforceability of judgments in Israel and the substance of the judgment is not contrary to public policy; and (d) the judgment is executory in the state in which it was given.
 
Even if these conditions are satisfied, an Israeli court will not enforce a foreign judgment if it was given in a state whose laws do not provide for the enforcement of judgments of Israeli courts (subject to exceptional cases) or if its enforcement is likely to prejudice the sovereignty or security of the State of Israel. An Israeli court also will not declare a foreign judgment enforceable if (i) the judgment was obtained by fraud; (ii) there is a finding of lack of due process; (iii) the judgment was rendered by a court not competent to render it according to the laws of private international law in Israel; (iv) the judgment is at variance with another judgment that was given in the same matter between the same parties and that is still valid; or (v) at the time the action was brought in the foreign court, a suit in the same matter and between the same parties was pending before a court or tribunal in Israel.
 
 
15

 
Provisions of Israeli law may delay, prevent or make difficult an acquisition of CYREN Ltd., which could prevent a change of control and therefore depress the price of our shares.
 
Israeli corporate law regulates mergers and acquisitions of shares through tender offers, requires special approvals for transactions involving officers, directors or significant shareholders and regulates other matters that may be relevant to these types of transactions. Furthermore, Israeli tax considerations may make potential transactions unappealing to us or to our shareholders whose country of residence does not have a tax treaty with Israel exempting such shareholders from Israeli tax. For example, Israeli tax law does not recognize tax-free share exchanges to the same extent as U.S. tax law. With respect to mergers, Israeli tax law allows for tax deferral in certain circumstances but makes the deferral contingent on the fulfillment of a number of conditions, including a holding period of two years from the date of the transaction during which sales and dispositions of shares of the participating companies are subject to certain restrictions. Moreover, with respect to certain share swap transactions, the tax deferral is limited in time, and when such time expires, the tax becomes payable even if no disposition of the shares has occurred.

These and other similar provisions could delay, prevent or impede an acquisition of our company or our merger with another company, even if such an acquisition or merger would be beneficial to us or to our shareholders
 
Your rights and responsibilities as a shareholder will be governed by Israeli law which differs in some respects from the rights and responsibilities of shareholders of U.S. companies.
 
We are incorporated under Israeli law. The rights and responsibilities of the holders of our Ordinary Shares are governed by our Articles of Association and Israeli law. These rights and responsibilities differ in some respects from the rights and responsibilities of shareholders in typical U.S.-based corporations. In particular, a shareholder of an Israeli company has a duty to act in good faith toward the company and other shareholders and to refrain from abusing its power in the company, including, among other things, in voting at the general meeting of shareholders on matters such as amendments to a company’s articles of association, increases in a company’s authorized share capital, mergers and acquisitions and interested party transactions requiring shareholder approval. In addition, a shareholder who knows that it possesses the power to determine the outcome of a shareholder vote or to appoint or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company. There is limited case law available to assist us in understanding the implications of these provisions that govern shareholders’ actions. These provisions may be interpreted to impose additional obligations and liabilities on holders of our Ordinary Shares that are not typically imposed on shareholders of U.S. corporations.
 
As a foreign private issuer whose shares are listed on the NASDAQ Capital Market, we may follow certain home country corporate governance practices instead of certain NASDAQ requirements.
 
As a foreign private issuer whose shares are listed on the NASDAQ Capital Market, we are permitted to follow certain home country corporate governance practices instead of certain requirements of the NASDAQ Listing Rules.
 
Among other things, we may follow home country practice with regard to composition of our Board of Directors, or Board, and quorum requirements at shareholders’ meetings. In addition, we may follow our home country law, instead of the NASDAQ Listing Rules, which require that we obtain shareholder approval for certain dilutive events, such as for the establishment or amendment of certain equity-based compensation plans, an issuance that will result in a change of control of the Company, certain transactions other than a public offering involving issuances of a 20% or more interest in the Company and certain acquisitions of the stock or assets of another company.
 
A foreign private issuer that elects to follow a home country practice instead of NASDAQ requirements must submit to NASDAQ, in advance, a written statement from an independent counsel in such issuer’s home country certifying that the issuer’s practices are not prohibited by the home country’s laws. In addition, a foreign private issuer must disclose in its annual reports filed with the Securities and Exchange Commission or on its website each such requirement that it does not follow and describe the home country practice followed by the issuer instead of any such requirement (see Item 16G. “Corporate Governance” for a list of those home country practices followed by us). Accordingly, our shareholders may not be afforded the same protection as provided under NASDAQ’s corporate governance rules.
 
Item 4. Information on the Company.
 
A.
History and development of the Company
 
We were incorporated as a private company under the laws of the State of Israel on February 10, 1991 and our legal form is a company limited by shares. We became a public company on July 15, 1999 under the name Commtouch Software Ltd. In January 2014, we changed our legal name to CYREN Ltd.
 
From 2003 through 2008, the sole focus of our business had been the development and selling, through reseller and OEM distribution channels, of anti-spam, Zero-Hour virus outbreak detection and IP reputation solutions to a wide array of customers. During late 2008, we expanded our focus by way of the release of our first URL filtering solutions for the web security market. In September 2010, we acquired certain assets comprising the Command Antivirus business unit of Authentium, Inc. On October 1, 2012, the Company completed the acquisition of the antivirus business of Frisk. The acquisition has enabled the Company to provide antivirus technology utilizing the combined resources of both organizations. It has also helped support the launch of CYREN WebSecurity and also enhancing the Company’s advanced malware and cyber security capabilities. On November 16, 2012, the Company completed the acquisition of eleven. The acquisition of eleven has enabled CYREN to accelerate delivery of private label cloud–based security solutions, including CYREN WebSecurity, specifically designed for the OEM and service provider markets.
 
 
16

 
Our principal executive offices are located at 1 Sapir Rd., 5th Floor, Beit Ampa, P.O. Box 4014, Herzliya, 46140 Israel, where our telephone number is 972–9–863–6888. Our Amended and Restated Articles of Association, or Articles of Association, are on file in Israel with the office of the Israeli Registrar of Companies and available for public inspection at that office.
 
Our authorized agent in the United States is our subsidiary, CYREN Inc. located at 7925 Jones Branch Drive, Suite 5200, McLean, Virginia 22102.
 
PROPERTY AND EQUIPMENT, NET

   
Year Ended December 31,
 
   
2012
   
2013
   
2014
 
   
(in thousands)
 
Cost:
                 
Computers and peripheral equipment
  $ 5,848     $ 7,350     $ 8,160  
Office furniture and equipment
    848       1,112       1,151  
Motor vehicles
    10       10       -  
Leasehold improvements
    1,225       1,581       1,587  
                         
      7,931       10,053       10,898  
                         
Less accumulated depreciation
    (6,323 )     (7,379 )     (8,497 )
                         
Property and equipment, net
  $ 1,608     $ 2,674     $ 2,401  
 
The Company finances the capital expenditures from operations. The Company continues to invest in capital expenditures that support the growth of the Company’s business and support the rollout of new products and services. 
 
B. 
Business Overview
 
CYREN is a global leader in information security solutions for protecting web, email and mobile transactions. We are a pioneering Security-as-a-Service provider of integrated cloud-based security technology, with cost-effective, easily deployed solutions that mitigate modern cyber-threats, advanced malware attacks, information leaks, legal liability and productivity loss through the application of cyber intelligence.
 
Organizations rely on the Internet and email to conduct business, and frequently send critical or confidential information outside their network perimeter as part of established business processes. At the same time, a fundamental shift in the sources of cyber crime, from hackers to organized crime and nation-states, combined with the emergence of international data trafficking and sophisticated advanced persistent threats (“APTs”), is powering an unprecedented wave of targeted, malicious attacks – all designed to steal valuable information.  The growth of business-to-business Internet-based collaboration, in conjunction with the consumerization of Information Technology (“IT’) and the associated adoption of mobile devices and unmanaged Internet-based applications, has proliferated sensitive data and reduced the effectiveness of many existing security products. These factors all contribute to an increasing number of severe data breaches and expanding regulatory mandates, all of which accelerate demand for an effective security solutions. The confluence of these trends drives the need for unified, organization-wide web and email security solutions that address the dynamic nature of web content and cyber-threats.
 
As a leading provider of cloud-based security solutions that deliver powerful protection through the application of global cyber intelligence, CYREN’s easily deployed web, email, and antimalware products deliver uncompromising protection in both embedded and security-as-a-service models. Organizations rely on CYREN cloud-based cyber threat detection and proactive security analytics to provide up-to-date spam classifications, URL categorization and malware detection services. The CYREN cyber intelligence platform applies unique analysis and detection technologies to protect more than 600 million users in 200 countries.

As a trusted technology partner, CYREN delivers security services to a wide array of customers and OEM and service provider distribution partners including; network and security vendors offering content security gateways, unified threat management  (“UTM”) solutions, network appliances, antivirus solutions and to service providers such as Software-as-a-Service (“SaaS”) vendors, web hosting providers and Internet service providers. CYREN partners with customers to ensure success at both the technical and sales levels.
 
 
17

 
CYREN provides a purpose-built, global cloud-based security service that delivers real-time protection to enterprises facing the next generation of cyber attacks. Our technology approach represents a paradigm shift versus how IT security has been conducted since the earliest days of the information technology industry.
 
The core of our purpose-built, cloud-based cyber security platform are the CYREN GlobalViewTM Cloud and patented Recurrent Pattern Detection™ (“RPD™”) technologies, which identify and protect against known and unknown threats that traditional signature-based technologies are unable to detect.
 
The GlobalView Cloud infrastructure has operated for over 16 years and is built from multiple high-availability data centers deployed worldwide. Global points of presence ensure low latency for queries, as well as local data handling where required by country-specific legislation. End user traffic may be routed to the cloud for protection using a variety of options. For example, all organizational traffic may be directed using proxy-chaining, port forwarding, or GRE tunneling. Alternatively, for roaming users, PAC (Proxy Auto Config) files may be used. CYREN also supports smartphones and tablets with a range of solutions for Android and iOS operating systems, with mobile users’ traffic routed through the closest secure VPN tunnel.
 
Our Offerings
   
   
The CYREN portfolio of services are grouped into solution suites:
 
    Web – user-oriented protection, wherever they are
    Email – guards email inboxes from outbound and incoming attacks
    Antimalware – proactive security to combat new and emerging threats
 
Our services are deployed through various models, including (i) through the integration of an embedded software module, which, upon integration, is then able to communicate with our worldwide cloud detection centers that provide our customers and users with the most up to date cyber intelligence against the latest Internet threats; and (ii) through our cloud-based applied cyber intelligence platform.
 
CYREN WebSecurity (“CWS”)
   
The web Security-as-a-Service market offers a tremendous growth opportunity. There are several factors driving the fast adoption of the SecaaS cloud model including: the increased cost and complexity of managing security appliances – potentially across multiple remote offices; an increasingly mobile workforce; the bring-your-own-device (“BYOD”) trend; business and user applications that have moved to the cloud. These factors have shifted the way businesses and enterprises are looking to consume web security. There is also a growing need for compliance – ensuring that inappropriate or illegal sites are not visited from company infrastructure - and employee productivity – ensuring that company time and bandwidth is not wasted on unnecessary web usage.
 
 
 
18

 
CYREN developed a proprietary solution, CYREN WebSecurity that delivers cloud-based protection of users and their devices against web-borne threats. CWS includes URL filtering and antimalware protection. CWS was been designed from the ground up to offer a private-label service, enabling CYREN partners to quickly enter this high-growth market. In a resale model, CWS can be deployed through multiple channels, as the ability to define flexible multi-tenant partner, reseller, distributor, and customer relationships supports any channel, licensing, or sales ecosystem. CWS has an intuitive user interface that streamlines the performance of provisioning and configuration tasks for all partner tiers and all organizational resources, including mobile. CWS builds on our GlobalView cyber intelligence network, extensive experience in operating security services, and complementary security technologies such as antivirus to provide the highest levels of protection for end users.
 
GlobalView URL Embedded Filtering Solutions
 
CYREN offers embedded URL filtering services, which can be deployed within partners’ hardware or software via an embedded software module. By embedding CYREN URL filtering (“URLF”), partners can build solutions to combat emerging web threats with a URL categorization service designed for maximum security, low-latency, and support for local browsing behaviors.
 
The scale of today’s Internet, coupled with the unique browsing habits of regional users dictates that to be effective, the traditional URL database must be “in the cloud”, thereby overcoming local storage limitations and allowing CYREN partners to tailor the information held to meet their specific needs.
 
Embedded URL Filtering works in this way:

1.
The embedded URLF software is installed on the partner device or platform (e.g. Web Security Gateway).
 
   
2.
The partner device receives an http/s browsing request from a connected user.
   
3.
The device uses the embedded software to establish the URL classification. The URLF Engine first checks its local cache for URL values; typically more than 99% of queries are resolved by the local cache.
   
4.
If necessary, the URLF Engine queries the CYREN GlobalView Cloud for the relevant data.
     
5.
One classification is obtained, the partner applies policy to block, allow, or strip content according to the rules defined for the URL classification.
 
 
The GlobalView Cloud provides broad, up-to-date coverage of URLs. CYREN is able to provide high categorization accuracy with our powerful cloud analysis engines and global data sources. Each copy of the embedded software that is installed can include a local cache that automatically customizes itself depending on usage patterns, enabling CYREN to deliver the most relevant data at high speed.
 
URL Filtering requests between the embedded software and the CYREN cloud infrastructure are satisfied in a few milliseconds or less, so latency is never an issue. We employ a combination of deep coverage and highly accurate categorization to ensure the best possible browsing experience for end users.
 
CYREN Embedded Antimalware
 
CYREN Embedded Antimalware represents over 20 years of history, experience, and adaptive development by some of the industry’s most capable and well-known engineers. CYREN Antimalware technologies protect hundreds of millions of users, scan billions of emails per week, and are trusted by many of the world’s largest software, hardware and Internet services companies.
 
CYREN Embedded Antimalware provides broad protection against new and zero-hour threats. A modular design gives partners industry-leading detection performance with extremely low processing, memory, storage, and bandwidth consumption. Embedded Antimalware offers superior, efficient detection with a small footprint, appropriate for integration into a wide variety of products or services. This award-winning engine blocks malware of all types, including worms, Trojans and spyware.

 
19

 
With the embedded Antimalware integrated into a vendor device or application, objects (files, web scripts, emails, etc.) are scanned and classified by our antimalware engine. This enables partners to delete, block, or quarantine malicious objects before they can impact end users. CYREN Antimalware SDK can be deployed within software applications and hardware platforms as diverse as UTMs, Network Attached Storage, Network Routers, and Mobile platforms.
 
 
The CYREN embedded Antimalware engine uses a modular framework. Each Threat Protection Module within the framework scans specific objects, for example PDF files, or searches for specific virus types such as polymorphic viruses. This architecture is more flexible than the monolithic approach of competitors - new modules can be added quickly to combat new threats without having to change existing ones – delivering rapid response to evolving threats.
 
The modular architecture also means faster deployment for partners. Quality Assurance testing of the engine is can be completed rapidly after module updates or additions since existing modules are left untouched. We use a minimal number of function calls for integration of the engine, speeding integration time. Also, new features are exposed by adding parameters without changing the basic function call set; ensuring backward compatibility and easier management of deployed product.
 
CYREN EmailSecurity
 
Research shows that 80% of all business data is unstructured, with email being by far the largest repository. As a result, the ability to effectively secure email inboxes from unwanted spam and threats like malware and phishing is critical. Today’s preferred delivery model for this protection is “as-a-service”. CYREN EmailSecurity is a Security-as-a-Service platform that delivers inbound and outbound antispam, anti-malware, and malware attack detection components in a seamless, easy end user experience. CYREN EmailSecurity uses the GlobalView™ Cloud, which collects and analyzes billions of transactions per day, to deliver unmatched insight into, and protection against emerging security threats. Our patented Recurrent Pattern Detection (“RPD”) automatically analyzes traffic to provide accurate spam and phishing classifications based on a unique global viewpoint on threats

CYREN EmailSecurity frees inboxes of spam, malware, and phishing threats without blocking important business messages — protecting email users whenever, wherever, and on whatever device they use. CYREN EmailSecurity processes each email message before it enters the end-user’s system. When spam or malware is detected, CYREN EmailSecurity handles the message according to the policy defined by the system administrator. All email categorization and reporting details can be viewed in the CYREN EmailSecurity dashboard.
 
 
To protect customer privacy, emails are ‘fingerprinted’ and then only fingerprints are analyzed against the RPD database. In this way, no sensitive customer data is ever sent to the cloud. If the email is spam, or contains malware, it is processed according to the customer’s business rules, with options such as reject, tag and deliver, reroute, or send to quarantine.
 
Outbound Anti-Spam
One of the biggest challenges service providers face originates inside their own infrastructure. Spam attacks emanating from within can cause significant damage to business and network reputation and customer confidence. Unlike other solutions, CYREN Outbound AntiSpam (“OAS”) neutralizes this challenge at the source.
 
 
 
20

 
CYREN patented Recurrent Pattern Detection technology analyzes and then compares email traffic to established local and global patterns, detecting outbound spam within seconds. All malware, spam, or phishing emails found are immediately deleted and a full report detailing their source, along with samples of malicious emails is sent to the administrator for remediation.
 
Sales and Marketing
 
For the embedded services business our goal is to gain new customers, and increase renewals, upgrades and other incremental business to existing customers, by expanding our offerings and increasing the number and productivity of the OEMs who sell our products to end user customers worldwide.
 
Previously, we have sold products and services internationally in approximately 200 countries primarily through third party distribution channels comprised of distributors and value-added resellers with substantial support from our internal sales team and sales engineers. The SDK products are provided to OEM and service provider customers, who in turn integrate these into their product or service offerings for sale or provision to their customers. We are then paid service fees under a variety of fee structures, including fixed fee and fee sharing arrangements.
 
Our legacy enterprise anti-spam and Zero-Hour virus outbreak detection gateway, CSAM antivirus and F-PROT antivirus services, are sold through resellers, who pay us pre-negotiated fees when a sale is closed with an end customer.
 
During 2014 we established new distributor and reseller channels in order to sell our CYREN WebSecurity platform to enterprise and SMB customers.  These distributors and resellers sell CWS either under their own brand name, under the CYREN brand name, or as a co-branded web security product “powered by CYREN”.
 
As part of our strategy to expand our business, we are now offering our CYREN WebSecurity product direct to enterprise customers. As we build success in this new selling model, we plan to increase sales headcount in 2015.
 
The CYREN global sales team is managed by the Senior Vice President, Worldwide Sales, who is based in our Virginia office and who works closely with our sales teams in the Americas, Europe, Middle East and Africa (EMEA) and Asia Pacific (APAC).
 
Our marketing efforts are designed to increase awareness of CYREN as a leading provider of enterprise security solutions that deliver powerful protection through unmatched cyber intelligence. Branding and messaging for CYREN emphasizes how our unique cloud-based threat detection and cyber intelligence can be applied to provide up-to-date spam classifications, URL categorization and malware detection services.
 
For direct sales of CWS marketing activities are focused on security decision-makers within enterprises.  For our legacy embedded products, we focus on business executives, including product and business development security professionals and, upper level management. We actively manage our public relations programs, communicating directly with security professionals, industry analysts and the media in executing our strategy to promote greater awareness of the growing problems caused by advanced malware attacks, viruses, spam, phishing and ransomware.
 
Our marketing initiatives include:
 
digital advertising promoting CYREN solutions, technologies, partnerships and benefits in security trade magazines and other business-oriented periodicals and online properties;
participating in and sponsoring trade shows and industry events;
providing access to a dashboard showing detections made by the CYREN Security Lab, which informs visitors of real-time security threats;
conducting webinars and training sessions for our sales organization, resellers and partners; and
utilizing our website and social media to provide product and company information to our customers and interested parties.
 
The Marketing team defines and directs the marketing strategy and initiatives from our Virginia office with regionalization accomplished through marketing personnel in our international offices.
 
Intellectual Property
 
We regard our patented and patent pending anti-spam and antivirus technology, copyrights, service marks, trademarks, trade secrets and similar intellectual property as critical to our success, and rely on patent, trademark and copyright law, trade secret protection and confidentiality and/or license agreements with our employees, customers, partners and others to protect our proprietary rights.
 
 
21

 
In 2004, we purchased a United States patent, U.S. Patent No. 6,330,590. During 2005, we filed an anti-spam related patent application in the United States, claiming priority based on the filing of U.S. Provisional Patent Application. This application remains pending. During 2006, we filed in the United States a provisional patent application relating to the prevention of spam in streaming systems or, in other words, unwanted conversational media sessions (i.e. voice and video related). This provisional application was converted to a formal patent application and that application was then divided into three pending applications. The United States Patent and Trademark Office issued us a new patent under the original application – United States Patent No. 7,849,186. In 2011, a divisional patent was issued in connection with one of those split applications – United States Patent No. 7,991,919, which will have a term concurrent with US Patent No. 7,849,186. On May 29, 2012 and on June 5, 2012, two additional divisional patents were issued in connection with the final two split applications – United States Patent No. 8,190,737 and United States Patent No. 8,195,795, respectively, both of which also will have a term concurrent with U.S. Patent 7,849,186. In 2013, we filed a new application in the United States for a patent regarding a unified platform that leverages the various proprietary Internet security tools we employ to resolve security threats. We may seek to patent certain additional software or other technology in the future.
 
We filed trademark applications for “CYREN”. We are actively maintaining our registered trademark for “Commtouch”, which is registered in the U.S., Canada, Israel, European Union and China. Through acquisition, we also acquired registered trademarks in “FRISK”, “F-PROT”, “eleven”, “Expurgate”, “Command Antimalware” and “Galileo”. We are allowing the registration of Command Interceptor to lapse, and may allow others of these trademarks to lapse over time. A previous registration of “PRONTO” in Canada is still in force, but we are not maintaining this registration and it lapsed in 2014. Since at least September 2003, we have claimed common law trademark rights in “RPD” and “Recurrent Pattern Detection”, as applicable to our messaging security solutions. We have also been claiming common law trademark rights in “Zero-Hour” in relation to our virus outbreak detection product (and more recently one of our web security products) and “GlobalView” in relation to our Internet Protocol, or IP, reputation and web security products, as well as our “cloud computing” network infrastructure.
 
It may be possible for unauthorized third parties to copy or reverse engineer certain portions of our products or obtain and use information that we regard as proprietary. In addition, the laws of some foreign countries do not protect proprietary rights to the same extent as do the laws of the United States. There can be no assurance that our means of protecting our proprietary rights in the United States or abroad will be adequate or that competing companies will not independently develop similar technology.
 
Other parties may assert infringement claims against us. We may also be subject to legal proceedings and claims from time to time in the ordinary course of our business, including claims of alleged infringement by us and/or our customers of the trademarks and other intellectual property rights of third parties. Our customer agreements typically include indemnity provisions so we may be obligated to defend against third party intellectual property rights infringement claims on behalf of our customers. Such claims, even if not meritorious, could result in the expenditure of significant financial and managerial resources.
 
Government Regulation
 
Laws aimed at curtailing the spread of spam have been adopted by the United States federal government, i.e. CAN-SPAM Act, and some individual U.S. states, with the CAN-SPAM Act superseding some state laws or certain elements thereof.
 
The propagation of email viruses, whether through email or websites, which are aimed at destroying or stealing third party data, is illegal under standard state and federal law outlawing theft, misappropriation, conversion, etc., without the need for special legislation prohibiting such activities on the Internet. Despite the existence of these laws, sources for Internet viruses continue to spread multi-variant viruses seemingly without much fear of recrimination. New laws providing for more stringent penalties could be adopted in various jurisdictions, but it is unclear what, if any, affect these would have on the antivirus industry in general and our Command Antivirus, F-PROT antivirus, Zero-Hour Virus Outbreak Detection and GlobalView URL filtering solutions in particular.
 
Geographic Information
 
The Company conducts its business on the basis of one reportable segment.
 
 
22

 
Revenues for Last Three Financial Years
 
See Item 5. Operating and Financial Review and Prospects – “Revenue Sources” and the financial statements included elsewhere in this Annual Report. Below is a breakdown of our revenues by location (in thousands):
                   
   
Year Ended December 31,
 
   
2012
   
2013
   
2014
 
                   
USA
  $ 11,847     $ 12,726     $ 11,712  
Germany
    2,147       10,321       9,191  
Europe (other than Germany)
    3,590       4,086       4,635  
Asia
    3,484       2,717       3,600  
Israel
    2,541       1,602       1,985  
Other
    301       796       802  
                         
    $ 23,910     $ 32,248     $ 31,925  
 
Competitive Landscape
 
The markets in which CYREN competes are intensely competitive and rapidly changing. However, we believe there are very few competitors that offer the complete package of anti-spam, antivirus (both traditional and complementary real-time offerings), IP reputation and web security protections that CYREN provides.
 
The principal competitive factors in our industry include price, product functionality, product integration, platform coverage and ability to scale, worldwide sales infrastructure and global technical support. Some of our competitors have greater financial, technical, sales, marketing and other resources than we do, as well as greater name recognition and a larger installed customer base. Additionally, some of these competitors have research and development capabilities that may allow them to develop new or improved products that may compete with product lines and services we market and distribute, possibly at a lower cost. Our success will depend on our ability to adapt to these competing forces, to develop more advanced products more rapidly and less expensively than our competitors and/or to purchase new products by way of strategic acquisitions, and to educate potential customers as to the benefits of using our products rather than developing their own products.
 
In the market for messaging security solutions, there are sophisticated offerings that compete with our solutions. Email defense security providers offering forms of Software-as-a-Service packaged software (gateway), multi-functional appliances and managed service solutions and which may be viewed as both competitors and potential customers to CYREN include Google (Postini), Symantec (Brightmail), TrendMicro, Intel (McAfee) and Cisco (IronPort), Proofpoint, and Mimecast. Messaging security providers offering solutions on an OEM basis similar to CYREN’s business model, and which may be viewed as direct competitors, include Cloudmark, Mailshell and Vade Retro.
 
The market for real-time virus protection products is also constantly evolving, as those designing and proliferating viruses and other malware seek new vulnerabilities and distribution techniques, and also continue to leverage email distribution as a cost-effective medium for accurately targeting broad, numerous potential victims. CYREN’s real-time offering differs from traditional antivirus solutions (such as our Command Antimalware solution) by leveraging our global footprint and patented RPD technology to rapidly detect outbreaks, often hours or days before traditional antimalware solutions; it thereby offers a complementary solution to signature and heuristic-based antivirus engines. For this reason, our malware attack detection engine has been deployed by several security companies and service providers.
 
In the market for antimalware solutions, there are vendors offering fairly effective solutions using various technologies based on signatures, emulation and heuristics. CYREN has an exclusive OEM/service provider focus, plus an increasing focus on heuristics and zero day effectiveness. Most companies in this space provide end user products and in some cases make software development kits available on an OEM basis. Competitors to CYREN include Sophos, Bitdefender, Kaspersky, McAfee, Symantec and open source software such as Clam-AV. 
 
In the market for web security solutions, there are advanced offerings that compete with our GlobalView URL filtering solution and CWS. Web security providers offering forms of software (gateway), multi-functional appliances and managed service solutions and which may be viewed as both competitors and potential customers to CYREN include Intel (McAfee), Websense, BlueCoat, Zscaler, Barracuda, and Cisco. Web security providers offering solutions on an OEM basis similar to CYREN’s business model, and which may be viewed as direct competitors, include Webroot (BrightCloud) and Symantec (RuleSpace). 
 
We expect that the markets for Internet security solutions will continue to become more consolidated, with companies increasing their presence in this market or entering ancillary markets by acquiring or forming strategic alliances with our competitors or business partners, such as Proofpoint’s acquisitions of Armorize, Sendmail, NetCitadel, Nexgate and Emerging Threats, IBM’s acquisition of Trusteer, Blue Coat’s acquisition of Solera, FireEye’s acquisitions of Mandiant and nPulse, and Palo Alto’s acquisition of Cyvera, and Check Point’s acquisition of Hyperwise. See also disclosure under “Item 3. Key Information– Risk Factors—Business Risks— we face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations.”
 
 
23

 
C. 
Organizational Structure
 
The Company wholly owns the following main subsidiary companies, either directly or through holding companies:
 
 
a.
CYREN Inc., a Delaware corporation and a wholly owned subsidiary of the Company, which has its principal office located at 7925 Jones Branch Drive, Suite 5200, McLean, VA, 22102, tel: (703) 760-3320 where certain members of management and related personnel are located, plus one supporting office located at 1731 Embarcadero Road, Suite 230, Palo Alto, CA 94303, tel: (650) 864-2000.
 
 
b.
CYREN Iceland hf, a limited liability company organized and existing under the laws of Iceland and wholly owned by the Company, with an office at Thverholti 18, IS-105, Reykjavik, Iceland, tel: 354-540-7400.
 
 
c.
CYREN Gesellschaft mbH, a German limited liability company owned by the Company through a holding company structure, with an office at Hardenbergplatz 2, 10623, Berlin, Germany, tel: 49 (0)30/52 0056–0.
 
D. 
Property, plants and equipment
 
Property and equipment costs recorded on our consolidated balance sheet as of December 31, 2012, 2013 and 2014 consisted of the following:

PROPERTY AND EQUIPMENT, NET

   
Year Ended December 31,
 
   
2012
   
2013
   
2014
 
   
(in thousands)
 
Cost:
                 
Computers and peripheral equipment
  $ 5,848     $ 7,350     $ 8,160  
Office furniture and equipment
    848       1,112       1,151  
Motor vehicles
    10       10       -  
Leasehold improvements
    1,225       1,581       1,587  
                         
      7,931       10,053       10,898  
                         
Less accumulated depreciation
    (6,323 )     (7,379 )     (8,497 )
                         
Property and equipment, net
  $ 1,608     $ 2,674     $ 2,401  
 
All of our facilities are leased.
 
Our office in Herzilya, Israel, is approximately 12,217 square feet and houses research and development, sales, marketing, support and administrative personnel. Our U.S. subsidiary CYREN Inc. is headquartered in McLean, Virginia in an office of approximately 7,022 square feet and it houses senior management, marketing, sales, and administrative personnel; and its office in Palo Alto, California (approximately 3,332 square feet), is staffed by hosting (operations), sales and administrative personnel. Our subsidiary CYREN Iceland hf is located in Reykjavik, Iceland in an office of approximately 11,906 square feet, which houses antivirus operations, sales and some administrative personnel. Our subsidiary CYREN GmbH is based in Berlin, Germany, in an office of approximately 10,333 square feet, which houses research and development, operations, sales, marketing and administrative personnel.
 
Item 4A. Unresolved Staff Comments.
 
Not applicable.
 
Item 5. Operating and Financial Review and Prospects.
 
Overview
 
From 2003 through 2008, the sole focus of our business had been the development and selling, through reseller and OEM distribution channels, of anti-spam, Zero-Hour virus outbreak detection and IP reputation solutions to a wide array of customers. During late 2008, we expanded our focus by way of the release of our first URL filtering solutions for the web security market. In September 2010, we acquired certain assets comprising the Command Antivirus business unit of Authentium, Inc. On October 1, 2012, the Company completed the acquisition of the antivirus business of Frisk. The acquisition has enabled the Company to provide antivirus technology utilizing the combined resources of both organizations. It has also helped support the launch of CYREN WebSecurity and also enhancing the Company’s advanced malware and cyber security capabilities. On November 16, 2012, the Company completed the acquisition of eleven. The acquisition of eleven has enabled CYREN to accelerate delivery of private label cloud–based security solutions, including CYREN WebSecurity, specifically designed for the OEM and service provider markets.
 
 
24

 
Critical Accounting Policies and Estimates
 
This “Item 5. Operating and Financial Review and Prospects” section is based upon the Company’s consolidated financial statements, which have been prepared in accordance with accounting principles generally accepted in the United States (U.S. GAAP). The preparation of these financial statements requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. Actual results could differ from those estimates. On an ongoing basis, the Company’s management evaluates estimates. Such estimates are based on historical experience and on various other assumptions that are believed to be reasonable, the results of which form the basis for making judgments about the carrying values of assets and liabilities.
 
Accounting for Stock–Based Compensation
 
ASC 718 - “Compensation-Stock Compensation” ASC 718, requires companies to estimate the fair value of equity-based payment awards on the date of grant using an option-pricing model. The value of the portion of the award that is ultimately expected to vest is recognized as an expense over the requisite service periods in the Company’s consolidated statements of income (loss).
 
The Company recognizes compensation expense for the value of its awards on a straight line basis over the requisite service period of each of the awards, net of estimated forfeitures. Estimated forfeitures are based on actual historical pre-vesting forfeitures. ASC 718 requires forfeitures to be estimated at the time of grant and revised, if necessary, in subsequent periods if actual forfeitures differ from those estimates.
 
The Company estimates the fair value of stock options granted using the Black-Scholes option-pricing model. The option-pricing model requires a number of assumptions, of which the most significant are the expected stock price volatility and the expected option term. Expected volatility was calculated based upon actual historical stock price movements. The expected term of options granted represents the period of time that options granted are expected to be outstanding, based on historical experience.  The risk-free interest rate is based on the yield from U.S. treasury bonds with an equivalent term. The Company has historically not paid dividends and has no foreseeable plans to pay dividends.
 
The Company applies ASC 718, and ASC 505-50, “Equity Based Payments to Non Employees”, or ASC 505-50, with respect to options issued to non-employees.
 
The fair value for options granted in 2012, 2013 and 2014 is estimated at the date of grant using a Black-Scholes options pricing model with the following assumptions:
                       
   
Year ended
December 31,
 
Stock options
 
2012
   
2013
   
2014
 
                       
Volatility
   
38%-51
 
37%-47
   
38%-42
%
Risk-free interest rate
   
0.5%-0.9
%  
0.5%-1.5
%    
1.0%-1.7
%
Dividend yield
   
0
%  
0
%    
0
%
Expected life (years)
   
3.8-4.9
   
3.5-4.9
     
3.3-4.9
 
 
Revenue Recognition
 
The Company derives its revenues from the delivery of real-time cloud-based services for each of the email security, web security, and antimalware offerings.
 
Revenue is recognized when there is a persuasive evidence of an arrangement, the service has been rendered, the collection of the fee is probable and the amount of fees to be paid by the customer is fixed or determinable.
 
Revenues from such services are recognized ratably over the contractual service term, which generally includes a term period of one to three years.
 
Deferred revenues include unearned amounts received from customers, but not yet recognized as revenues.
 
 
25

 
Accounting for Income Tax
 
We account for income taxes in accordance with ASC 740, “Income Taxes.” ASC 740 prescribes the use of the liability method whereby deferred tax assets and liability account balances are determined based on differences between financial reporting and tax bases of assets and liabilities and are measured using the enacted tax rates and laws that will be in effect when the differences are expected to reverse. We record a valuation allowance to reduce deferred tax assets to the amount that we believe is more likely than not to be realized.
 
Deferred tax assets are classified as current or non-current based on the classification of the related asset or liability for financial reporting, or according to the expected reversal dates of the specific temporary differences if not related to an asset or liability for financial reporting.
 
ASC 740 contains a two-step approach to recognizing and measuring a liability for uncertain tax positions. The first step is to evaluate the tax position taken or expected to be taken in a tax return by determining if the weight of available evidence indicates that it is more likely than not that, on an evaluation of the technical merits, the tax position will be sustained on audit, including resolution of any related appeals or litigation processes. The second step is to measure the tax benefit as the largest amount that is more than 50% likely to be realized upon ultimate settlement.
 
Intangible Assets
 
Intangible assets that are not considered to have an indefinite useful life are amortized over their estimated useful lives, which range from 7 to 14 years. Acquired customer contracts and relationships are amortized over their estimated useful lives in proportion to the economic benefits realized. This accounting policy results in accelerated amortization of such customer contracts and relationships arrangements as compared to the straight-line method. Technology, Intellectual Property and Trademark are amortized over their estimated useful lives on a straight-line basis.
 
Acquired in-process research and development (“IPR&D”) is not amortized during the development period after the acquisition, instead, it is subject to the impairment review for indefinite-lived intangibles. Upon completion of the development process for the acquired research and development ("R&D"), the Company determines the useful life of the asset resulting from R&D activities and begins amortizing over the estimated useful life. However, prior to changing its life from indefinite to finite, the asset is tested for impairment as if it was still indefinite-lived.

Impairment of long-lived assets
 
The Company's long-lived assets and identifiable intangibles are reviewed for impairment in accordance with ASC 360 "Property, Plant and Equipment", whenever events or changes in circumstances indicate that the carrying amount of an asset may not be recoverable.
 
Recoverability of these assets is measured by comparison of the carrying amount of each asset group to the future undiscounted cash flows the asset group is expected to generate. If the asset is considered to be impaired, the amount of any impairment is measured as the difference between the carrying value and the fair value of the impaired asset.
 
The Company operates as one asset group. During the year ended December 31, 2014 the Company identified the decrease in the fair value of the earn-out consideration as an indicator that the carrying value of the asset group may not be recoverable. The Company performed a recoverability test as of September 30 and December 31, 2014 and the test in both cases resulted with no impairment.
 
During 2012 through 2014, no impairment losses had been identified.

Goodwill
 
Goodwill represents the excess of the purchase price in a business combination over the fair value of net tangible and intangible assets acquired. Goodwill is not amortized, but rather is subject to an impairment test.
 
The Company performs an annual impairment test at December 31, of each fiscal year, or more frequently if impairment indicators are present. The Company operates in one operating segment, and this segment comprises its only reporting unit.
 
ASC 350 prescribes a two-phase process for impairment testing of goodwill. The first phase screens for impairment, while the second phase (if necessary) measures impairment. Goodwill impairment is deemed to exist if the net book value of a reporting unit exceeds its estimated fair value determined using market capitalization. In such case, the second phase is then performed, and the Company measures impairment by comparing the carrying amount of the reporting unit's goodwill to the implied fair value of that goodwill. An impairment loss is recognized in an amount equal to the excess. ASC 350 allows an entity to first assess qualitative factors to determine whether it is necessary to perform the two-step quantitative goodwill impairment test. An entity is not required to calculate the fair value of a reporting unit unless the entity determines, based on a qualitative assessment, that it is more likely than not that its fair value is less than its carrying amount.
 
 
26

 
Alternatively, ASC 350 permits an entity to bypass the qualitative assessment for any reporting unit and proceed directly to performing the first step of the goodwill impairment test. Accordingly, the Company chose to proceed directly to the first step of the goodwill impairment test.
 
For each of the three years in the period ended December 31, 2014, no impairment losses have been identified.
 
Fair Value Measurements
 
The carrying amounts of cash and cash equivalents, trade receivables, prepaid expenses, other receivables and trade payables, approximate their fair values due to the short-term maturities of such financial instruments.
 
The Company measures its earn-out consideration at fair value. Fair value is an exit price, representing the amount that would be received to sell an asset or paid to transfer a liability in an orderly transaction between market participants. As such, fair value is a market-based measurement that should be determined based on assumptions that market participants would use in pricing an asset or a liability. A three-tier fair value hierarchy is established as a basis for considering such assumptions and for inputs used in the valuation methodologies in measuring fair value:
 
 
Level 1 - Quoted prices (unadjusted) in active markets for identical assets or liabilities that the Company can access at the measurement date.
 
 
Level 2 - Inputs other than quoted prices included within Level 1 that are observable for the asset or liability, either directly or indirectly.
 
 
Level 3 - Unobservable inputs for the asset or liability.
 
The availability of observable inputs can vary from instrument to instrument and is affected by a wide variety of factors, including, for example, the type of instrument, the liquidity of markets and other characteristics particular to the transaction. To the extent that valuation is based on models or inputs that are less observable or unobservable in the market, the determination of fair value requires more judgment and the instruments are categorized as Level 3.
 
The fair value hierarchy also requires an entity to maximize the use of observable inputs and minimize the use of unobservable inputs when measuring fair value.

The Company’s earn-out considerations are classified within Level 3. The valuation methodology used by the Company to calculate the fair value of the earn-out considerations is the discounted cash-flow method. The assumptions used in the valuation of the earn-out considerations as of December 31, 2014 included forecasted future revenues and a weighted average cost of capital of 14.32% - 16.63%.
 
Reclassifications
 
Certain reclassifications of previously reported amounts have been made to conform to the current year presentation. Certain overhead expenses and salaries that were previously reported as sales and marketing (“S&M’) in the amount of $294 thousand and $608 thousand have been reclassified to cost of revenues in the consolidated statements of income (loss) for the year ended December 31, 2012 and 2013, respectively. Certain outside services expenses that were previously reported as cost of revenues in the amount of $247 thousand and $114 thousand have been reclassified to R&D in the consolidated statements of income (loss) for the year ended December 31, 2012 and 2013, respectively. The Company reviewed the impact of these reclassifications and determined that the reclassifications were not material on the prior year’s consolidated financial statements.
 
A. 
Operating results
 
Results of Operations
 
The following table sets forth financial data for the years ended December 31, 2012, 2013 and 2014 (in thousands):
                   
   
Year ended
December 31,
 
   
2012
   
2013
   
2014
 
Revenues
  $ 23,910     $ 32,248     $ 31,925  
Cost of revenues
    4,397       7,695       8,123  
Gross profit
    19,513       24,553       23,802  
Operating expenses:
                       
Research and development, net
    6,528       9,270       11,222  
Sales and marketing
    5,566       10,278       11,802  
General and administrative
    6,639       10,388       8,047  
Adjustment to earn-out consideration
    -       (3,276 )     (744 )
Total operating expenses
    18,733       26,660       30,327  
Operating income (loss)
    780       (2,107 )     (6,525 )
Loss from sale of investment in affiliate
    -       (1,289 )     -  
Other income
    -       -       187  
Financial income (expense), net
    80       (1,255 )     (874 )
                         
Income (loss) before taxes on income
    860       (4,651 )     (7,212 )
Tax benefit (expense)
    625       (5,220 )     196  
                         
Net income (loss)
  $ 1,485     $ (9,871 )   $ (7,016 )
 
 
27

 
Comparison of Years Ended December 31, 2014 and 2013
 
Revenues. Revenues for 2014 decreased by $0.3 million from $32.2 million in 2013 to $31.9 million in 2014, which represents a 1% decrease. The decrease was mainly driven by currency exchange rate fluctuations, particularly the 11% decline of euro during the second half of 2014. Approximately 40% of CYREN revenues are generated in Euros.
 
Cost of Revenues. Cost of revenues increased by $0.4 million from $7.7 million in 2013 to $8.1 million in 2014, which represents a 5% increase. The increase in 2014 is mainly due to the increased data center expenses to support the growth and expansion of the Company’s new product and service offerings.
 
Research and Development, Net. Research and development expenses increased by $1.9 million and amounted to $11.2 million in 2014 compared to $9.3 million in 2013. The increase in 2014 is mainly due to the increased payroll and related expenses, primarily due to the manpower investment required as the Company continued to expand its service offerings and develop its new advanced threat protection cybersecurity offering.
 
Sales and Marketing. Sales and marketing expenses increased by $1.5 million and amounted to $11.8 million in 2014, compared to $10.3 million in 2013. The increase in 2014 is mainly due to increased payroll and related expenses, primarily due to the manpower investment required as the Company continued to market and sell its new CYREN Websecurity product, and due to an increase in commission expenses.
 
General and Administrative. General and administrative expenses decreased by $2.4 million, from $10.4 million in 2013 to $8.0 million in 2014. The decrease in 2014 is mainly due to decrease in payroll and related expenses, primarily due to termination of two executive management positions (President and Chief Financial Officer (“CFO”)) and several administrative positions. The President’s position was not filled and the CFO position was filled internally and merged with an existing position. The decrease is also due to a decrease in stock-based compensation expenses of $0.2 million, a decrease in director’s compensation of $0.2 million and a decrease of $0.8 million in bad debt expense (a benefit of $0.1 million in 2014 compared to bad debt expenses of $0.7 million in 2013), in addition to the effect of the exchange rate on expenses denominated in currencies other than the USD (mainly EURO and NIS).
 
Adjustment to earn-out consideration. Adjustment to the earn-out consideration decreased from an income of $3.3 million in 2013 to an income of $0.7 million in 2014. The income in 2013 and 2014 results from a decrease in revenue forecasts that are the basis for determining the fair value of the earn-out consideration. The decrease in the 2014 income compared to the 2013 income is mainly due to the shorter forecast period required for the fair value measurement of the earn-out considerations, which resulted in a less significant change in the revenue forecast.  In addition, the majority of the effect of the delay in revenue buildup from new relevant products was incorporated within the fair value measurement performed as of December 31, 2013.
 
Financial Income (Expense), Net. Financial income (expenses), net, decreased by $0.4 million and amounted to $0.9 million in 2014 compared to $1.3 million in 2013. The decrease is mainly due to the decrease in the accretion of discount of the earn-out consideration.
 
Tax Benefit (Expense). Tax benefit increased by $5.4 million from $5.2 million expense in 2013 to a tax benefit of $0.2 million in 2014. In 2013, a full valuation allowance was provided to reduce the deferred tax assets to their realizable value based on management’s estimation that it is more likely than not that the deferred tax assets regarding the loss carryforwards will not be utilized in the foreseeable future. As a result, the Company recorded a deferred tax expense of $5.0 million along with $0.2 million of current taxes on account of the Company’s German subsidiary. In 2014 the Company maintained a full valuation allowance on the deferred tax assets regarding the loss carryforwards. The tax benefit is mainly due to net accretion of deferred tax liabilities on account of the Company’s German and Icelandic subsidiaries, offset by current tax expenses due to uncertain tax positions.
 
 
28

 
 
Comparison of Years Ended December 31, 2013 and 2012
 
Revenues. Revenues for 2013 increased by $8.3 million from $23.9 million in 2012 to $32.2 million in 2013, which represents a 35% increase. The increase is mainly due to a full year of revenue from the 2012 fourth quarter acquisition and the consolidation of eleven and Frisk.
 
Cost of Revenues. Cost of revenues increased by $3.3 million from $4.4 million in 2012 to $7.7 million in 2013, which represents a 75% increase. The increase in 2013 is mainly due to the full year consolidation of eleven and Frisk into the Company. These increases include higher facility costs and hosting expenses aimed to serve the increasing number of our customers, intangible amortization, certain fees, and payroll costs.
 
Research and Development, Net. Research and development expenses increased by $2.8 million and amounted to $9.3 million in 2013 compared to $6.5 million in 2012. The increase was mainly due to the full year consolidation of eleven and Frisk. Payroll and related expenses increased primarily due to the manpower investment related to two significant product development launches, CYREN WebSecurity and new advanced threat protection cybersecurity offering.
 
Sales and Marketing. Sales and marketing expenses increased by $4.7 million and amounted to $10.3 million in 2013, compared to $5.6 million in 2012. The increase is due in part to the full year consolidation of eleven and Frisk compared to a partial fourth quarter of expenses in 2012. The increase includes intangible amortization, payroll costs due to the Company’s focus on growth, and corporate rebranding.
 
General and Administrative. General and administrative expenses increased by $3.8 million, from $6.6 million in 2012 to $10.4 million in 2013. $1.7 million of the total increase is due to the full year consolidation of eleven and Frisk. Payroll and related costs increased over 2012 partially due to the migration of some of the management functions to the U.S. headquarters and the investment in senior management, including related recruiting expenses, to support the future growth of the Company. Rent and occupancy costs also increased due to office relocation in Israel, Virginia and California, and improvements to the facilities. In 2012 there were $0.8 million of acquisition related costs of eleven and Frisk.
 
Loss from Sale of Investment in Affiliate. In 2013, the Company sold its investment in its affiliate for a consideration of $0.2 million and recognized a loss from sale of investment of $1.3 million as of December 31, 2013.
 
Financial Income (Expense), Net. Financial income (expenses), net, resulted in net expenses in the amount of $1.3 million compared to income of $0.1 million in 2012. In 2013, $0.9 million is related to the earn-out accretion for eleven and Frisk compared to $0.2 million in 2012.
 
Tax Benefit (Expense). Tax benefit decreased by $5.8 million from $0.6 million in 2012 to a tax expense of $5.2 million in 2013. Based upon management’s estimations for future taxable income, it was more likely than not that the deferred tax assets regarding the loss carryforwards will not be utilized in the foreseeable future. Thus, a valuation allowance was provided to reduce deferred tax assets to their realizable value. As a result, in 2013, the Company recorded an adjustment to the deferred tax assets and liabilities of $5.0 million. In addition, current taxes of $0.2 million were recorded on account of the Company’s German subsidiary.
 
Quarterly Results of Operations (Unaudited).
 
The following table sets forth certain unaudited quarterly statements of operations data for the eight quarters ended December 31, 2013. This information has been derived from the Company’s consolidated unaudited financial statements, which, in management’s opinion, have been prepared on the same basis as the audited consolidated financial statements, and include all adjustments, consisting only of normal recurring adjustments, necessary for a fair presentation of the information for the quarters presented. This information should be read in conjunction with our audited consolidated financial statements and the notes thereto included elsewhere in this Annual Report. The operating results for any quarter are not necessarily indicative of the operating results for any future period.

   
Three Months Ended
 
   
Mar 31
   
Jun 30
   
Sep 30
   
Dec 31
   
Mar 31
   
Jun 30
   
Sep 30
   
Dec 31
 
   
2013
   
2013
   
2013
   
2013
   
2014
   
2014
   
2014
   
2014
 
(in thousands of U.S. dollars)
                                               
(unaudited)
                                               
                                                 
Revenues
  $ 7,925     $ 8,055     $ 8,019     $ 8,249     $ 8,090     $ 8,262     $ 7,731     $ 7,842  
Cost of revenues
    1,904       1,885       1,894       2,012       2,022       2,065       2,037       1,999  
                                                                 
Gross profit
    6,021       6,170       6,125       6,237       6,068       6,197       5,694       5,843  
                                                                 
Operating expenses:
                                                               
Research and development, net
    2,291       2,211       2,105       2,663       2,900       3,081       2,417       2,824  
Sales and marketing
    2,612       2,379       2,361       2,926       2,992       3,137       2,821       2,852  
General and administrative
    2,216       2,263       2,112       3,797       2,267       1,882       1,624       2,274  
Adjustment to earn-out consideration
    -       -       -       (3,276 )     -       -       (701 )     (43 )
                                                                 
Total operating expenses
    7,119       6,853       6,578       6,110       8,159       8,100       6,161       7,907  
                                                                 
Operating income (loss)
    (1,098 )     (683 )     (453 )     127       (2,091 )     (1,903 )     (467 )     (2,064 )
                                                                 
Loss from sale of investment in affiliate
    -       -       -       (1,289 )     -       -       -       -  
                                                                 
Other income (expense)
    -       -       -       -       200       -       -       (13 )
                                                                 
Financial income (expense), net
    (184 )     (358 )     (323 )     (390 )     (296 )     (167 )     (249 )     (162 )
                                                                 
Income (loss) before taxes on income
    (1,282 )     (1,041 )     (776 )     (1,552 )     (2,187 )     (2,070 )     (716 )     (2,239 )
                                                                 
Tax benefit (expense)
    23       296       (138 )     (5,401 )     45       75       (7 )     83  
                                                                 
Net income (loss)
  $ (1,259 )   $ (745 )   $ (914 )   $ (6,953 )   $ (2,142 )   $ (1,995 )   $ (723 )   $ (2,156 )
                                                                 
Basic
                                                               
Net income (loss) per share
  $ (0.05 )   $ (0.03 )   $ (0.03 )   $ (0.26 )   $ (0.08 )   $ (0.08 )   $ (0.02 )   $ (0.07 )
                                                                 
Diluted net income (loss) per share
  $ (0.05 )   $ (0.03 )   $ (0.03 )   $ (0.26 )   $ (0.08 )   $ (0.08 )   $ (0.02 )   $ (0.07 )
 
 
29

 

Effective Corporate Tax Rates
 
The Israeli corporate tax rate was 25.0% in 2012 and 2013, and 26.5% in 2014.
 
Non-Israeli subsidiaries are taxed according to the tax laws in their respective countries of residence.
 
The Company does not provide deferred tax liabilities when it intends to reinvest earnings of foreign subsidiaries indefinitely. Undistributed earnings of foreign subsidiaries that are considered to be permanently reinvested amounted to $1,775 thousand and unrecognized deferred tax liability related to such earnings amounted to $532 thousand as of December 31, 2014.
 
The Company may currently qualify as an “industrial company” within the definition of the Law for the Encouragement of Industry (Taxation). As such, it may be eligible for certain tax benefits, including, inter alia, special depreciation rates for machinery, equipment and buildings, amortization of patents, certain other intangible property rights and deduction of share issuance expenses.
 
Net operating loss carry-forwards
 
As of December 31, 2014, CYREN's net operating loss carryforwards for tax purposes amounted to $54,794 thousand and capital loss carryforwards of $15,658 thousand which may be carried forward and offset against taxable income in the future, for an indefinite period.
 
As of December 31, 2014, for federal income tax purposes, the U.S. subsidiary had net operating loss carryforward of $96,424 thousand. These losses may offset any future U.S. taxable income of the U.S. subsidiary and will expire in the years 2018 through 2034.
 
Utilization of U.S. net operating losses may be subject to substantial annual limitation due to the "change in ownership" provisions of the Internal Revenue Code of 1986 and similar state provisions. The annual limitations may result in the expiration of net operating losses before utilization.
 
Management currently believes that based upon its estimations for future taxable income, it is more likely than not that the deferred tax assets regarding the loss carryforwards will not be utilized in the foreseeable future. Thus, a valuation allowance was provided to reduce deferred tax assets to their realizable value.
 
Tax assessments
 
The Company’s tax assessments in Israel, U.S. and Germany are deemed final up to and including 2010.

 
30

 
Impact of Inflation and Currency Fluctuations
 
CYREN's revenues, and certain of its subsidiary's revenues, are generated mainly in U.S. dollars. In addition, most of the Company’s costs are incurred in U.S. dollars. The Company's management believes that the U.S. dollar is the primary currency of the economic environment in which CYREN and certain of its subsidiaries operate. Thus, the functional and reporting currency of CYREN and certain of its subsidiaries is the U.S. dollar.
 
CYREN and certain subsidiaries’ transactions and balances denominated in dollars are presented at their original amounts. Non-dollar transactions and balances have been re-measured to dollars in accordance with ASC 830, “Foreign Currency Matters”. All transaction gains and losses from re-measurement of monetary balance sheet items denominated in non-dollar currencies are reflected in the statements of income as financial income or expenses, as appropriate.
 
For those subsidiaries whose functional currency has been determined to be their local currency, assets and liabilities are translated at year-end exchange rates and statement of income items are translated at average exchange rates prevailing during the year. Such translation adjustments are recorded as a separate component of accumulated other comprehensive income (loss) in shareholders’ equity.
 
The vast majority of CYREN’s revenues in Israel are denominated in U.S. dollars and in Euros. However, a substantial portion of CYREN’s operating expenses in Israel, primarily its research and development expenses, are denominated in NIS. Costs and revenues not denominated in U.S. dollars are re-measured to U.S. dollars, when recorded, at prevailing rates of exchange. This is done for the purposes of the Company’s financial statements and reporting. As a result, we are exposed to risk to the extent that the value of the U.S. dollar decreases against the NIS or to the extent that the value of the U.S. dollar appreciates against the Euro. In those events, the U.S. dollar cost of CYREN’s operations will increase and the U.S. dollar value of CYREN’s revenues will decrease, respectively. In such events, the Company’s U.S. dollar-measured results of operations will be adversely affected. Consequently, we are and will be affected by changes in the prevailing NIS/U.S. dollar and Euro/ U.S. dollar exchange rates and exchange rate fluctuations will have an impact on the period–to–period comparisons of the Company’s results.
 
The table below presents the change in the NIS/U.S. dollar and Euro/ U.S. dollar exchange rates over the last three years:
 
Equivalent to 1 U.S. dollar
 
As of December 31, 2012
   
Change during 2012 (*)
   
As of December 31, 2013
   
Change during 2013 (*)
   
As of December 31, 2014
   
Change during 2014 (*)
 
NIS/U.S. Dollar
    3.733       (2.3 )%     3.471       (7.0 )%     3.889       12.0 %
Euro/U.S. Dollar
    0.759       (1.9 )%     0.726       (4.3 )%     0.823       18.4 %
 
(*) Positive change represents appreciation of the U.S. dollar vs the opposing currency and a negative percentage represents depreciation of the U.S. dollar vs the opposing currency.
 
During 2014, the U.S. dollar value of operating costs denominated in NIS declined due to the appreciation of the U.S. dollar vs the NIS, and the U.S. dollar value of revenues denominated in Euro declined due to the appreciation of the U.S. dollar vs the Euro. During 2012 and 2013, the U.S. dollar value of operating costs denominated in NIS increased due to the depreciation of the U.S. dollar vs the NIS, and the U.S. dollar value of revenues denominated in Euro increased due to the depreciation of the U.S. dollar vs the Euro.
 
The inflation/deflation in the general price indexes in Israel and in the countries in which the Company’s subsidiaries are located, during 2014 and 2013, had an immaterial effect on the Company’s results and operations.
 
B. 
Liquidity and capital resources
 
As of December 31, 2013 and December 31, 2014, we had approximately $3.8 million and $11.1 million of cash and cash equivalents, respectively.
 
In 2014, net cash used in operating activities in the amount of $3.7 million consisted of a net loss of $7.0 million adjusted for non-cash activity of $1.7 million amortization of intangible assets, $1.3 million depreciation of property and equipment, and $1.2 million stock-based compensation expenses, along with a decrease in deferred revenues of $1.0 million.  In 2013, we generated cash from operations of $0.1 million. Net cash from operations in 2013 consisted primarily of net loss of $9.9 million adjusted for non-cash activity of $5.0 million of deferred tax expense, $1.8 million amortization of intangible assets, $1.3 million stock-based compensation expenses, $1.3 million loss from sale of investment in affiliate, $1.2 million increase in deferred revenues, $1.1 million depreciation of property and equipment and offset by a $2.4 million change in earn-out liabilities. In 2012, we generated a negative cash flow from our operations of $0.3 million. Net cash used in operations in 2012 consisted primarily of net income of $1.5 million adjusted for non-cash activity of $1.3 million stock-based compensation expenses, offset by $0.8 million deferred tax income, an increase in trade receivables of $2.2 million and a decrease in employees and other liabilities of $1.1 million.
 
 
31

 
In 2014, net cash used in investing activities primarily consisted of $0.8 million purchase of property and equipment. In 2013, net cash used in investing activities consisted primarily of $2.0 million purchase of property and equipment. Our capital expenditures consisted primarily of purchases of property and equipment to expand our data centers to support new business and investment in the infrastructure and growth of the Company. In 2012, net cash used in investing activities consisted primarily of acquisitions of Frisk and eleven for a total cash consideration of $10.2 million and $0.8 million purchase of property and equipment.
 
Net cash provided by financing activities was $11.8 million for 2014 and consisted of $10.2 million proceeds from a public offering, $6.8 million proceeds from credit line offset by repayment of credit line in the amount of $5.3 million. Net cash provided by financing activities was $0.4 million in 2013 and consisted primarily of $6.2 million proceeds from bank loans and credit line and $1.2 million proceeds from exercise of shares which were offset by the $3.0 million repayment of the bank loans and the $4.0 million payment of the earn-out considerations resulting from the acquisitions of Frisk and eleven. Net cash used in financing activities was $4.2 million in 2012 and consisted primarily of $3.4 million payment of earn-out considerations and $1.7 million of purchase of treasury shares which were offset by $0.9 million proceeds received from exercise of options.
 
On July 30, 2014, the Company completed a public offering of 4,771,796 Ordinary Shares, nominal value NIS 0.15 per share, and warrants to purchase an aggregate of 1,670,128 Ordinary Shares in combinations consisting of one Ordinary Share and one warrant to purchase 0.35 of an Ordinary Share, at an offering price per fixed combination of $2.41. Each warrant has an exercise price of $3.08 per share, will be exercisable following the six-month anniversary of the date of its issuance and will expire ninety months following the date of its issuance. The Company received total proceeds of $10,239 thousand, which is net of $1,261 thousand issuance expenses.
 
On October 21, 2013, the Company entered into a credit line agreement with a U.S. bank, under which the bank provides the Company with a credit line of $7.5 million for a period of one year. As of December 31, 2013, the Company had drawn down an amount of approximately $3.2 million from the credit line, which is subject to interest equal to the Prime Rate in effect from time to time, plus 2.75% per annum, provided that the interest rate in effect on any day shall not be less than 6.0% per annum. As of December 31, 2014, the Company had drawn down approximately $4.8 million from the credit line.   In relation to this credit line, the Company is obliged by the bank to comply with certain financial covenants, as defined in the agreement. As of December 31, 2013 and 2014, the Company was in full compliance with the financial covenants. 
 
The Company incurred negative cash flow in 2013 and due to its continued investment in research and development and marketing in line with its strategy to achieve future growth which was implemented throughout 2013. In 2014, the Company had positive cash flow due to the proceeds from the public offering in July, 2014.  In March 2015, the Company extended its line of credit through March 20, 2016. The extension was performed in order to serve the Company’s funding requirements. According to the extension agreement with the bank, the credit limit has been revised to $6.0 million at the Company’s request and the interest rate decreased to the Prime Rate in effect from time to time, plus 2.75% per annum, provided that the interest rate in effect on any day shall not be less than 5.5% per annum. The Company is required to pay a minimum aggregate amount of interest of no less than $18 thousand per month.  During 2014, the Company satisfied its line of credit covenant requirement to raise an additional $5.0 million of growth capital.  There is no similar covenant or requirement in 2015.
 
As of December 31, 2014, we had positive working capital in the amount of $0.8 million primarily due to the increase in cash in the amount of $7.3 million due to the net proceeds from the public offering, offset partially by a decrease in trade receivables, net in the amount of $0.7 million, a decrease in prepaid expenses and other receivables in the amount of approximately $1.0 million, an increase in our credit line of $1.7 million and an increase in our current earn-out consideration of $0.8 million. As of December 31, 2013, we had negative working capital of $3.5 million, with the change mainly due to the reversal of the deferred tax assets in the amount of approximately $2.2 million and the borrowings on a line of credit in the amount of $3.2 million.
 
Based on the cash balance at December 31, 2014, current projections of revenues and related expenses, and credit facilities in place, the Company believes it has sufficient cash to continue operations into 2016. The Company is also exploring additional sources of growth capital to strengthen its cash position and accelerate investment in product, sales and marketing.  The Company has in excess of $38.0 million capacity remaining on its F-3 universal shelf registration filed in June 2014.
 
The Company financed its acquisitions of Frisk and eleven from its cash reserves, share capital and future contingent payments (“earn-outs”) based on the success of the acquired subsidiary within the combined entity, which may be adjusted upward or downward. In connection with the contingent earn-out consideration which is related to the Frisk acquisition, the Company recorded an estimated amount of $1.0 million as of the acquisition date. As of December 31, 2013 and December 31, 2014, the fair value of the contingent consideration of $0.4 million and $0.5 million respectively is presented in short term liabilities, and the fair value of the contingent consideration of $0.4 million and $0 million respectively is presented in long term liabilities.
 
In connection with the contingent earn-out consideration which is related to the eleven acquisition, the Company recorded an estimated amount of $8.9 million as of the acquisition date. As of December 31, 2013 and December 31, 2014, the fair value of the contingent consideration of $1.1 million and $1.8 million respectively is presented in short term liabilities, and the fair value of the contingent consideration of $2.5 million and $0.8 million respectively is presented in long term liabilities.
 
 
32

 
In 2014, the Company and former shareholders of eleven are involved in arbitral proceedings regarding the earn-out consideration related to the eleven acquisition. See also item 8(A)(7) for further information regarding this legal proceeding.
 
C. 
Research and development, patents and licenses, etc.
 
We invest substantial resources in research and development to enhance our products and services, build add-on functionality and improve our core technology. We believe that both hardware and software are critical to expanding our leadership in the security industry. Therefore, we invest heavily in our cloud infrastructure and our new offerings such as CWS. Our engineering team has deep security expertise and works closely with customers to identify their current and future needs. In addition to our focus on hardware and software, our research and development team is focused on research into next-generation threats, which is required to respond to the rapidly changing threat landscape.
 
Research and development expenses, net, totaled $6.5 million, $9.3 million and $11.2 million for the years ended December 31, 2012, 2013 and 2014, respectively. We plan to continue to significantly invest in resources to conduct our research and development effort.
 
Regarding Company patents and patents pending, please refer to item 4B section “Intellectual Property” in this document. The Company may seek to patent certain additional software or other technologies in the future.

D. 
Trend Information
 
Several key factors and trends affect the information security market and impact how CYREN conducts business.
 
Evolving Information Security Threats. These threats, against consumers and organizations of all sizes, drive demand for security offerings from service providers and hardware and software vendors. Examples include the well-publicized attacks on Target, Home Depot and Sony.
 
Mobility. Mobile computing, using devices such as smartphones and tablets along with hundreds of thousands of Internet-connected mobile applications, is rapidly overtaking traditional personal computing paradigms. The “bring-your-own-device” (“BYOD”) trend in which organizations allow or encourage employees to access organizational resources and process and store organizational data using their personally-owned devices has become prominent across many geographies and market segments. Meanwhile, CYREN and other security vendors witnessed a dramatic rise in malware on the Android mobile platform, with a 61% increase in mobile malware and over 3.3 million new mobile malware samples discovered during 2014.
 
Cloud-Based Computing. Cloud-based computing, in which consumers or organizations remotely access and leverage computing infrastructure or complete information services via the Internet, continues to grow rapidly in today’s environment thanks to increased connectivity, mobility and the efficiencies offered by cloud based services. Cloud-based Security-as-a-Service includes many of the most rapidly growing sub-segments in the information security market.
 
E. 
Off-Balance Sheet Arrangements
 
Not applicable.
 
F. 
Tabular disclosure of contractual obligations
 
The following table summarizes our outstanding contractual obligations as of December 31, 2014 (in thousands):
 
Contractual Obligations
 
Payments due by period
(USD in thousands)
 
   
Total
   
Less than 1
year
   
1-3 years
   
3-5 years
   
More than
5 years
 
Operating lease obligation
  $ 3,255     $ 1,135     $ 1,853     $ 267     $ -  
Other long-term liabilities reflected on the Company’s Balance Sheet - accrued severance pay
    666       -       -       -       -  
Other long-term asset reflected on the Company’s Balance Sheet - severance pay fund
    (594 )     -       -       -       -  
Net - severance pay liability
    72       -       -       -       -  
Earn-out obligation
    3,106       2,269       837       -       -  
Credit line
    4,900       4,900       -       -       -  
Total
  $ 11,333     $ 8,304     $ 2,690     $ 267     $ -  

 
33

 
Item 6. Directors, Senior Management and Employees
 
A. 
Directors and senior management
 
The following table presents information with respect to our directors’ beneficial ownership of our Ordinary Shares as of April 1, 2015. Beneficial ownership is determined in accordance with the rules of the SEC and includes voting or investment power, with respect to shares. To our knowledge, except under applicable community property laws or as otherwise indicated, the persons named in the table have sole voting and sole investment control and rights to receive economic benefits with respect to all shares beneficially owned. The applicable percentage of ownership for each director is based on 32,740,251 Ordinary Shares outstanding as of April 1, 2015. Ordinary Shares issuable upon the exercise of options and other rights, which are exercisable on or within sixty days of April 1, 2015, are deemed outstanding for the purpose of computing the percentage ownership of the director holding those options and other rights.
 
Name and Position
 
Age
 
Percentage of
Ordinary
Shares
Beneficially
Owned
 
Number of Ordinary Shares
Beneficially Owned
 
Number of Options included in Beneficial
Ownership
Lior Samuelson, CEO, Director and Chairman of the Board
 
66
 
1.6%
   
510,514
 
347,914 options, at exercise prices ranging from $2.72 to $3.47 per Ordinary Share. Expiration dates range from 8/2/16 to 2/18/21.
Aviv Raiz, Director (3)
 
56
 
15.9%
   
5,208,490
 
75,823 options, at exercise prices ranging from $1.56 to $3.47 per Ordinary Share. Expiration dates range from 10/26/15 to 12/18/20.
Hila Karah, Director (1)(3)
 
46
 
<1%
   
132,744
 
75,823 options, at exercise prices ranging from $1.56 to $3.47 per Ordinary Share. Expiration dates range from 10/26/15 to 12/18/20.
Yair Bar-Touv, Director (Outside Director) (1)(2)
 
54
 
<1%
   
75,823
 
75,823 options, at exercise prices ranging from $1.56 to $3.47 per Ordinary Share. Expiration dates range from 10/26/15 to 12/18/20.
Todd Thomson (Director) (2)
 
54
 
<1%
   
59,365
 
59,365 options, at exercise prices ranging from $1.56 to $3.48 per Ordinary Share. Expiration dates range from 11/7/17 to 12/18/20.
James Hamilton (Director) (1)(2)(3)
 
51
 
<1%
   
56,240
 
56,240 options, at exercise prices ranging from $1.56 to $3.18 per Ordinary Share. Expiration dates range from 2/16/18 to 12/18/20.
David Earhart (Outside Director) (1)(2)(3)
 
53
 
<1%
   
28,117
 
28,117 options, at exercise prices ranging from $1.56 to $3.01 per Ordinary Share. Expiration dates range from 8/1/19 to 12/18/20.
 
(1) 
Member of the Compensation Committee
 
(2) 
Member of the Audit Committee
 
(3) 
Member of the Nominating Committee
 
 
34

 
 
Other Senior Management Employees:
 
 
The following table sets forth the names and positions of our senior management employees, with ownership data being as of April 1, 2015.  These employees, along with Lior Samuelson, are included for purposes of the aggregation of compensation and share ownership of major shareholders, directors and executive officers, and appear elsewhere in this Annual Report.
             
Name
 
Age
 
Ownership
 
Position
             
Einat Glik
 
35
 
<1%
 
Vice President & General Manager, Email Security
             
Eva Edwards Markowitz
 
40
 
<1%
 
Vice President, Human Resources
             
Lior Kohavi
 
44
 
<1%
 
Chief Technology Officer
             
Sue Lee
 
38
 
<1%
 
Vice President, General Counsel and Corporate Secretary
             
Amit Monovich
 
39
 
<1%
 
Vice President, SaaS Platform Research and Development
             
J. Michael Myshrall
 
45
 
<1%
 
Chief Financial Officer
             
Kyung Ro
 
38
 
<1%
 
Senior Vice President, Cloud Infrastructure and Client Services
             
Pete Shah
 
46
 
<1%
 
Senior Vice President, Worldwide Sales
             
Sigurdur Stefnisson
 
39
 
<1%
 
Vice President & General Manager, Malware
             
Brett Wilson
 
46
 
<1%
 
Senior Vice President & General Manager, SaaS Platform and Marketing

Lior Samuelson has been a member of the Board since August 2010 and has held the position of Chairman of the Board since December 2010. Mr. Samuelson became Chief Executive Officer at CYREN in 2013. During his extensive career, Mr. Samuelson has served as chairman, CEO and board member of companies in technology, telecommunications, financial services and management consulting, such as Deltathree (DDDC), PricewaterhouseCoopers Securities and The Barents Group. Mr. Samuelson was previously a managing partner with KPMG and a senior manager at Booz Allen Hamilton. Mr. Samuelson holds both a B.A. and a M.A. in economics from Virginia Tech.
 
Aviv Raiz has served as a Director since December 2005. Mr. Raiz has over 20 years of foreign exchange market and private equity investing experience. He founded and is the president of Eurotrust Ltd. and has been a private equity investor in several high-tech, bio-tech, and Internet companies over the last ten years. Mr. Raiz received his B.A. in Economics and Political Science as well as an MBA in Finance, from Tel Aviv University.
 
Hila Karah joined the Board of Directors in March 2008. Ms. Karah is the former CIO of Eurotrust Ltd. and is an investor in several high-tech, bio-tech and Internet companies. Prior to Eurotrust, she served as a partner financial analyst at Perceptive Life Sciences Ltd., a New York-based hedge fund, and was a research analyst at Oracle Partners Ltd., a health care-focused hedge fund based in Connecticut. Ms. Karah holds a B.A. in Molecular and Cell Biology from the University of California, Berkeley, and has studied at the UCB-UCSF JMP.
 
Yair Bar-Touv joined the Board of Directors as an Outside Director under the Companies Law in March 2008. Mr. Bar-Touv is an expert on business strategy and technology in the cyber security and intelligence sectors. Mr. Bar-Touv brings over 25 years of experience in the field of Information Technology, Information and Cyber Security. Mr. Bar-Touv held multiple executive roles, including Co-CEO of NCC, CIO and Director of Information Technology of a government organization and executive positions in the Information Systems Business Unit at Elbit Systems and at Elbit ElectroOptics Elop. Mr. Bar-Touv holds B.A. and M.A. degrees in Computer Engineering.
 
Todd Thomson joined the Board of Directors in November 2011. Mr. Thomson is currently the chairman of Dynasty Financial Partners, a firm dedicated to providing investment and technology platforms to independent advisors. Mr. Thomson is also the founder & CEO of Headwaters Capital, a proprietary investment business and strategic consulting firm. From 1998 through 2007, Mr. Thomson served in top management positions at Citigroup, including as CFO of Citigroup and as CEO of the Global Wealth Management division of Citigroup. Prior to joining Citigroup, Mr. Thomson held senior positions at GE Capital, Barents Group and Bain & Co. Mr. Thomson is also a member of the board of directors of Cordia Bancorp, Bank of Virginia and the World Resources Institute. Mr. Thomson is also a chairman of the Wharton Leadership Advisory Board and was formerly a member of the Board of Trustees of Davidson College. Mr. Thomson received his MBA, with distinction, from the Wharton School of Business and his B.A. in Economics from Davidson College.
 
James Hamilton joined the Board of Directors in February 2012. Mr. Hamilton oversees Cyan’s worldwide sales and field operations. Over his 26-year career, he held leadership roles in security-focused companies including president and CEO of TippingPoint, Inc. (3Com acquired), president of Click Security, principal partner and board member with CPSG Partners. Previously, Mr. Hamilton was EVP at SafeNet, president of Efficient Networks (Siemens acquired), as well as serving in executive positions with Picazo Communications (Intel acquired), Compaq, Networth (Compaq acquired) and Grid Systems. Mr. Hamilton holds a B.A. from Lawrence Technical University. 
 
David Earhart joined the Board of Directors in July 2013. Mr. Earhart recently joined Damballa to lead their worldwide field operations. He is also a board member of CoreBlox. Previously, Mr. Earhart was a senior vice president at CA Technologies responsible for the North American security business. He brings an extensive security, networking, storage, and systems management background having spent seven years at BMC Software, as well as holding executive positions with two venture-backed firms and a professional services organization. Mr. Earhart received a B.B.A. in Finance from Texas Tech University.

 
35

 
Einat Glik joined CYREN in April 2012 and during 2014 became Vice President and General Manager, Email Security.  Ms. Glik oversees activities related to CYREN's EmailSecurity business unit with particular attention to product development and go-to-market strategies. Upon joining CYREN in 2012, she has managed the product development of our WebSecurity and Anti-Malware services. Prior to joining CYREN, she oversaw product management and authentication with SafeNet and research and development activities with SanDisk. She holds a degree in Computer Science from the Academic College of Tel-Aviv-Yaffo.
 
Eva Edwards Markowitz, SPHR, SWP, joined CYREN as Vice President Human Resources in October 2013. With her 14 years of Human Resource leadership, Ms. Markowitz orchestrates the management and development of CYREN’s most valuable asset: its employees. She previously worked as Human Resources Director for the Analysis Research Planning Corporation (ARPC). She has also held positions with Thomas & Herbert Consulting, LLC, and SteelCloud. Ms. Markowitz received her B.A. from the University of Maryland.

Lior Kohavi joined CYREN in June 2013 as Chief Technology Officer. Mr. Kohavi brings over 25 years of vast experience as an engineer, product and technology executive. Previously, Mr. Kohavi held multiple leadership roles, including business strategy architect and partner group manager at Microsoft, VP and GM at Websense, VP Engineering and EVP product management and strategy at Whale Communications (Microsoft acquired). Mr. Kohavi also served as a GM at Cylink VPN Labs and led the development of cryptographic network security products at Algorithmic Research (Cylink acquired) and served as head of the Israel Air Force’s Network and Operations Systems Department. Mr. Kohavi holds a B.A. degree in computer science from Bar-Ilan University and an Executive MBA from Tel Aviv University.
 
Sue Lee joined CYREN in October 2013 as Vice President, General Counsel and Corporate Secretary. Ms. Lee is responsible for all legal, regulatory, compliance and corporate governance functions for the Company. Prior to CYREN, Ms. Lee served as General Counsel for Harmonix Music Systems, Inc., Vice President Business & Legal Affairs for MTV Networks, worked at Genzyme Corporation as securities and corporate counsel, and counseled clients as an attorney at the law firm Cleary Gottlieb Steen & Hamilton LLP in New York City. Ms. Lee received her B.A. in East Asian Studies from Harvard University and her J.D. from Harvard Law School.
 
Amit Monovich’s joined CYREN in November 2014.  Mr. Monovich’s 16+ years of experience as a technology leader for global companies across a diverse set of enterprise and consumer products uniquely qualify Mr. Monovich to drive CYREN’s innovation in cybersecurity solutions. He brings with him 8 years of experience at RSA where he lead the Israeli Research & Development Center with focus on identity authentication and fraud prevention systems leveraging machine learning technology. Prior to RSA, Mr. Monovich worked in the U.S. for Amdocs and AT&T Labs. He holds a degree in Computer Science and Logistics from Bar-Ilan University.
 
J. Michael Myshrall joined CYREN in January 2011 serving as Vice President of Corporate Development and subsequently served as Vice President of Financial Planning & Analysis. In March 2014, Mr. Myshrall was appointed Interim Chief Financial Officer and Chief Financial Officer in August 2014. Mr. Myshrall brings two decades of investment banking, business development and technology experience. Prior to joining CYREN, he focused on technology strategy, financial advisory and mergers and acquisitions, first with Mercator Capital and more recently with Trilos Ventures. Mr. Myshrall previously held various roles with Nortel, Newbridge Networks, Corvis, and Civcom. He holds a degree in electrical engineering from the University of New Brunswick and an MBA from Harvard Business School.
 
Kyung Ro joined CYREN in October 2014 as Senior Vice President Cloud Infrastructure and Client Services, and leads global operations activities. He is responsible for the private cloud platform supporting all of CYREN's industry-leading security solutions with particular focus on continual service improvement and delivery. Prior to joining CYREN, Mr. Ro led the Cloud Operations team at Blackboard, a leading educational software company. His background also includes engineering experience at Brocade Communications Systems and Hewlett-Packard. He holds a degree in Electrical Engineering from Cornell University.
 
Pete Shah joined CYREN in June 2012 as Senior Vice President, Worldwide Sales. He is responsible for leading CYREN’s global field organization in exceeding customer expectations and driving business in both new and existing markets. In addition, Mr. Shah serves as an advisor to Acceleprise, an enterprise technology accelerator focused on helping early stage technology companies. Before joining CYREN, Mr. Shah held senior executive leadership positions with InfoVista, as senior vice president of worldwide field operations and at Telarix, as vice president of worldwide sales. In years prior, he held various sales management positions with Portal Software/Oracle, Lawson Software/Infor and Automatic Data Processing (ADP). Mr. Shah holds a B.Sc degree in International Marketing from Penn State University.
 
Sigurdur Stefnisson joined CYREN in October 2012 through the acquisition of FRISK, and serves as CYREN’s Vice President & General Manager, Malware .  Mr. Stefnisson joined FRISK in 1996 and contributed to the development of numerous state-of-the cybersecurity innovations and has become an authority in the field of advanced threat protection. Mr. Stefnisson oversees all the Advanced Threat Lab and malware research, which is integral in our development of next-generation cybersecurity solutions. He is active in the global security community as a reporter for the Wildlist Organization and as a member of CARO (Computer Antivirus Research Organization) whose mission is to research and study malware.
 
 
36

 
Brett Wilson joined CYREN in April 2012 as Vice President, Products. Mr. Wilson has more than 20 years of technology and communications experience, including more than 10 years of experience in the information security industry. Before joining CYREN, Mr. Wilson led portfolio management across product lines and drove multiple technology and service initiatives as vice president of product strategy for Trustwave. He subsequently restructured Trustwave’s strategic and tactical partnering approaches as vice president of global channels and business development. Mr. Wilson also led product management, global business development and EMEA sales and marketing for Breach Security. He has also held business development, product management, strategy, and operations roles at Symantec. Prior to joining the information security industry, Brett was a technology policy lobbyist for Rockwell International and a market strategy consultant serving Bell Operating Companies. Mr. Wilson has a B.A. from Cornell University and an MBA from the University of Maryland.
 
To the best of our knowledge, there no arrangements or understandings with major shareholders, customers, suppliers or others pursuant to which any person referred to above was selected as a director or member of senior management. There are no family relationships among any of the directors, officers or key employees of CYREN.
 
B. 
Compensation
 
Compensation of Directors and Executive Officers
 
Under Amendment 20 of the Companies Law, the directors of CYREN can be remunerated by CYREN for their services as directors to the extent such remuneration is in accordance with the compensation policy to be adopted by the Company after approval by CYREN’s compensation committee, Board and shareholders.
 
The cash compensation paid to non-employee directors in 2014 (other than the CEO and Chairman) was $7,500 per quarter.
 
Directors also are reimbursed for their expenses for each Board of Directors meeting attended. See “—Amended and Restated 1999 Non-employee Directors Stock Option Plan” for a discussion of director compensation in the form of option grants.
 
During 2014, options to purchase 608,502 Ordinary Shares were granted to directors and executive officers (referred to in Item 6) under the Company’s stock option plans at a weighted average exercise price of $2.37 per share. The aggregate direct remuneration paid by CYREN to these directors and executive officers (17 persons) in 2014 was approximately $2.6 million, including amounts expended by us for automobiles made available to our executive officers, expenses reimbursed to officers (including professional and business association dues and expenses) and other fringe benefits commonly reimbursed or paid by companies in Israel, but excluding amounts set aside or accrued to provide pension, retirement or similar benefits, which amounted to  approximately $0.2 million for the same group. As of April 1, 2015, these directors and executive officers of CYREN (17 persons) had 3,309 thousand stock options to purchase a like number of Ordinary Shares, with 1,316 thousand of those options being vested and exercisable within sixty days of said date. Generally, unless exercised previously, options terminate within six years of their issuance. Additional information as of April 1, 2015 can be found in Item 6A “Directors and Senior Management”.
 
Options to Purchase Securities from Registrant
 
As of December 31, 2014, options to purchase 4,915 thousand Ordinary Shares were outstanding and held by 186 persons made up of then existing employees, consultants, executive officers, non–employee directors and ex-options holders within their post-termination period for exercise under the Company’s stock option plans. Of the number of options outstanding, 2,066 thousand were vested and exercisable. Additionally, these outstanding options had exercise prices ranging from $1.56 to $3.94 per share, a weighted average per share exercise price of $2.92 and expiration dates ranging from July 13, 2015 to December 18, 2020.

Employee Stock Option Plans
 
Employees, including executive officers and other management employees, participate in the Company’s employee option plans. The CYREN Ltd. 2006 U.S. Stock Option Plan, primarily covering option grants to employees and consultants based in the United States, was adopted on December 15, 2006 and has a term of ten years. The CYREN Ltd. Amended and Restated Israeli Share Options Plan, primarily covering option grants to employees, consultants and directors based in Israel, was adopted on June 22, 2003 and renewed on April 18, 2014 for an additional term of ten years. While Israeli based directors receive their grants under the Israeli-based plan, the principal terms of their grants are identical to those of non-Israeli based directors receiving their grants under the non-employee director plan (discussed below).
 
All employee stock option plans are administered by the compensation committee. Subject to the provisions of the employee stock plans and applicable law, the compensation committee has the authority to determine, among other things, to whom options may be granted; the number of Ordinary Shares to which an option may relate; the exercise price for each share; the vesting period of the option and the terms, conditions and restrictions thereof, including accelerated vesting on change of control provisions; to amend provisions relating to such plans; and to make all other determinations deemed necessary or advisable for the administration of such plans.
 
 
37

 
Amended and Restated 1999 Non–Employee Directors Stock Option Plan
 
New non-employee directors are currently entitled to an initial grant of 50,000 options pursuant to the Amended and Restated 1999 Non-Employee Directors Stock Option Plan, or the Non-Employee Directors Plan. Non-employee directors who are re-elected at the annual meeting of shareholders are entitled to additional grants of 16,667 options, though at the annual meeting held October 26, 2009 shareholders approved a one-time increase in the grants to re-elected directors to 30,000 options.
 
The Non–Employee Directors Plan was extended by an additional ten years at the annual meeting of shareholders held on December 15, 2008. Under this plan, each option becomes exercisable at a rate of 1/16th of the option shares every three months, and has an exercise price equal to the fair market value of our Ordinary Shares on the grant date of such option. Options granted through 2004 had a maximum term of ten years, but would terminate earlier if the option holder ceased to be a member of the Board of Directors. Options granted to directors since 2006 generally have a maximum term of six years. At the annual meeting of shareholders of December 30, 2005, shareholders approved an amendment to the Non-Employee Directors Plan to allow for the acceleration of unvested options for any director who has served the Company for at least three years, unless the director resigned voluntarily or was removed from the Board of Directors due to a failure to perform any of his/her duties to the Company.
 
C. 
Board practices
 
Election of Directors
 
Directors (other than outside directors, as explained below) are elected by shareholders at the annual general meeting of the shareholders and hold office until the next annual general meeting following the general meeting at which such director is elected and until a successor is elected, or until the director is removed. An annual general meeting must be held at least once in every calendar year, but not more than 15 months after the preceding annual general meeting. Directors may be removed and other directors may be elected in their place or to fill vacancies in the Board of Directors at any time by the holders of a majority of the voting power at a general meeting of the shareholders. Until a vacancy is filled by the shareholders, the Board may appoint new directors temporarily to fill vacancies on the Board. The Articles of Association of CYREN authorize the shareholders to determine, from time to time, the number of directors. The maximum number of directors is currently fixed at ten directors, though only seven directors are currently serving on the Board.
 
Alternate Directors
 
The Articles of Association of CYREN provide that any director may appoint another person to serve as an alternate director and may remove such alternate. Any alternate director possesses all the rights and obligations of the director who appointed him, except that the alternate has no standing at any meeting while the appointing director is present, the alternate may not in turn appoint an alternate for himself (unless the instrument appointing him otherwise expressly provides) and the alternate is not entitled to remuneration. A person who is not qualified to be appointed as a director may not be appointed as an alternate director, and a person who is not qualified to be appointed as an outside or independent director may not be appointed as an alternate director for an outside or independent director, respectively. Unless the appointing director limits the time or scope of the appointment, the appointment is effective for all purposes until the appointing director ceases to be a director or terminates the appointment. The appointment of an alternate director does not in itself diminish the responsibility of the appointing director as a director. No director has appointed, and, to our knowledge, no director currently intends to appoint, any other person as an alternate director.

Chairman of the Board
 
Under the Companies Law, the general manager of a company (or a relative of the general manager) may not serve as the chairman of the board of directors, and the chairman of the board of directors (or a relative of the chairman of the board of directors) may not serve as the general manager, unless approved by the shareholders by a special majority vote prescribed by the Companies Law. In any event, the shareholder vote cannot authorize the appointment for a period longer than three years, which period may be extended from time to time by the shareholders with a similar special majority vote. The chairman of the board of directors shall not hold any other position with the company (except as general manager if approved in accordance with the above procedure) or in any entity controlled by the company, other than as chairman of the board of directors of a controlled entity, and the company shall not delegate to the chairman duties that, directly or indirectly, make him or her subordinate to the general manager.
 
 
38

 
Independent and Outside Directors
 
Israeli Companies Law: The Israel Companies Law requires Israeli companies with shares that have been offered to the public in or outside of Israel to appoint at least two outside directors (also referred to as “external directors”). No person may be appointed as an outside director if the person or the person’s relative, partner, employer or any entity under the person’s control has or had, on or within the two years preceding the date of the person’s appointment to serve as outside director, any affiliation with the company or any entity controlling, controlled by or under common control with the company. The term affiliation includes:
 
•      an employment relationship;
 
•      a business or professional relationship maintained on a regular basis;
 
•      control; and
 
•      service as an office holder.
 
The Israeli Minister of Justice, in consultation with the Israeli Securities Authority, may determine that certain matters will not constitute an affiliation, and has issued certain regulations with respect thereof.
 
If the company does not have a controlling shareholder or a shareholder who holds company shares entitling him to vote at least 25% of the votes in a shareholders meeting, then the company may not appoint as an outside director any person or such person’s relative, partner, employer or any entity under the person’s control, who has or had, on or within the two years preceding the date of the person’s appointment to serve as outside director, any affiliation with the Chairman of the Board, Chief Executive Officer, a substantial shareholder who holds at least 5% of the issued and outstanding shares of the company or voting rights which entitle him to vote at least 5% of the votes in a shareholders meeting, or the Chief Financial Officer.
 
No person may serve as an outside director if the person’s position or other business activities create, or may create, a conflict of interest with the person’s responsibilities as an outside director or may otherwise interfere with the person’s ability to serve as an outside director. Additionally, no person may serve as an outside director if the person, the person’s relative, spouse, employer or any entity controlling or controlled by the person, has a business or professional relationship with someone with whom affiliation is prohibited, even if such relationship is not maintained on a regular basis, excepting negligible relationships, or if such person received from the company any compensation as an outside director in excess of what is permitted by the Companies Law. If, at the time outside directors are to be appointed, all current members of the Board of Directors who are not controlling shareholders or relatives of such shareholders are of the same gender, then at least one outside director must be of the other gender. Under the Companies law, at least one of the outside directors is required to have “financial and accounting expertise,”, and the other outside director or directors are required to have either “professional expertise,” or “financial and accounting expertise”, all as defined under the Companies Law. However, if at least one of our other directors (i) meets the independence requirements under the Securities Exchange Act of 1934, as amended, or (ii) meets the standards of the NASDAQ Listing Rules for membership on the audit committee, and (iii) has accounting and financial expertise as defined under Israeli law, then neither of our outside directors is required to possess accounting and financial expertise as long as both possess other requisite “professional expertise”.
 
A director can satisfy the requirements of having “financial and accounting expertise” if due to his or her education, experience and qualifications he or she has acquired expertise and understanding in business and accounting matters and financial statements, in a manner that allows him or her to understand, in depth, the company’s financial statements and to spur a discussion regarding the manner in which the financial data is presented.
 
A public company’s board of directors must evaluate the proposed outside director’s expertise in finance and accounting, by considering, among other things, such candidate’s education, experience and knowledge in the following: (i) accounting and auditing issues typical to the field in which the company operates and to companies of a size and complexity similar to such company; (ii) the company’s independent public accountant’s duties and obligations; (iii) preparation of the company’s consolidated financial statements and their approval in accordance with the Companies Law and the Israeli Securities Law - 1961.

A director is deemed to have “professional expertise” if he or she meets any of the following criteria: (i) has an academic degree in any of the following professions: economics, business administration, accounting, law or public administration; (ii) has a different academic degree or has completed higher education in a field that is the company’s main field of operations, or a field relevant to his or her position; or (iii) has at least five years experience in any of the following, or has at least a cumulative total of at least five years experience in any two of the following: (A) a senior position in the business management of a corporation with a significant extent of business, (B) a senior public position or a senior position in public service, or (C) a senior position in the company’s main field of operations. As with a candidate’s expertise in finance and accounting, the board of directors here too must evaluate the proposed outside director’s “professional qualification” in accordance with the criteria set forth above.
 
The declaration required by law to be signed by a candidate to serve as outside director must include a statement by such candidate concerning his or her education and experience, if relevant, in order that the board of directors may properly evaluate whether such candidate meets the requirements of having “financial and accounting expertise” or having “professional expertise” as set forth in the regulations. Additionally, the candidate should submit documents and certificates that support the statements set forth in the declaration.
 
 
39

 
Outside directors are to be elected by a majority vote at a shareholders’ meeting, provided that either:
 
 
such majority includes a majority of the shares held by non–controlling shareholders and shareholders who have no personal interest in the election of the outside directors (excluding a personal interest that is not related to a relationship with the controlling shareholders) who are present and voting at the meeting; or
 
 
the total number of shares held by non–controlling shareholders and disinterested shareholders voting against the election of the director at the meeting does not exceed two percent of the aggregate voting rights in the company.
 
The initial term of an outside director is three years and may be extended for up to two additional periods of three years each. However, under regulations promulgated pursuant to the Companies law, companies whose shares are listed for trading on specified exchanges outside of Israel, including the NASDAQ Global Select, Global and Capital markets, may propose that an outside director to be reelected by the shareholders for such additional periods, beyond the initial three terms, of up to three years each only if (1) the audit committee and the Board of Directors, in nominating the outside director, confirms that, in light of the outside director’s expertise and special contribution to the work of the board of directors and its committees, the reelection for such additional period(s) is beneficial to the company, and the election was approved by the majority of shareholders required to appoint outside directors for their initial term with the term during which the nominee has served as an external director and the reasons given by the audit committee and board of directors for extending his or her term of office having been presented to the shareholders prior to their approval.
 
External directors may be re-elected for additional terms of three years each as set forth above, provided that with respect to the appointment for each such additional three-year term, one of the following has occurred: (i) the reappointment of the external director has been proposed by one or more shareholders holding together 1% or more of the aggregate voting rights in the company and the appointment was approved at the general meeting of the shareholders by a simple majority, provided that: (1)(x) in calculating the majority, votes of controlling shareholders or shareholders having a personal interest in the appointment as a result of an affiliation with a controlling shareholder and abstentions are disregarded and (y) the total number of shares of shareholders who do not have a personal interest in the appointment as a result of an affiliation with a controlling shareholder and/or who are not controlling shareholders, present and voting in favor of the appointment exceed 2% of the aggregate voting rights in the company, and (2) pursuant to Amendment 22 to the Companies Law (“Amendment 22”), effective as of January 10, 2014, the external director who has been nominated in such fashion is not a linked or competing shareholder, and does not have or has not had, on or within the two years preceding the date of such person’s appointment to serve as another term as external director, any affiliation with a linked or competing shareholder. The term “linked or competing shareholder” means the shareholder(s) who nominated the external director for reappointment or a material shareholder of the company holding more than 5% of the shares in the company, provided that at the time of the reappointment, such shareholder(s) of the company, the controlling shareholder of such shareholder(s) of the company, or a company under such shareholder(s) of the company’s control, has a business relationship with the company or are competitors of the company; the Israeli Minister of Justice, in consultation with the Israeli Securities Authority, may determine that certain matters will not constitute a business relationship or competition with the company; (ii) the reappointment of the external director has been proposed by the board of directors and the appointment was approved by the majority of shareholders required for the initial appointment of an external director; or (iii) pursuant to a recently enacted amendment to the Companies Law (“Amendment 26”), effective as of November 25, 2014, the external director has proposed himself for reappointment and the appointment was approved by the majority of shareholders required under Section (i) above.
 
Outside directors may be removed only by the same percentage of shareholders as is required for their election, or by a court, and then only if the outside director ceases to meet the statutory qualifications for their appointment or if they violate their fiduciary duty to the company. Each committee of a company’s Board of Directors which has been granted any authority normally reserved for the board of directors must include at least one outside director provided, however that each of the audit committee and the compensation committee, which are statutorily required under the Companies Law, must include all outside directors.

An outside director is entitled to compensation as provided in the regulations adopted under the Israel Companies Law and is otherwise prohibited from receiving any other compensation, directly or indirectly, in connection with service provided as an outside director.
 
CYREN’s outside directors are Yair Bar-Touv and David Earhart. At the 2013 Annual General Meeting held on December 24, 2013, Mr. Bar-Touv was re-elected to a three-year term expiring March 2016. At an extraordinary shareholder meeting held on August 1, 2013, Mr. Earhart was elected to a three-year term expiring July 2016.
 
Nasdaq and SEC Rules and Regulations:
 
U.S. companies listed on the NASDAQ Capital Market are required to have a majority of directors qualify as independent under NASDAQ Listing Rule 5605. Pursuant to the Companies Law, an Israeli company, whose shares are publicly traded, may elect to adopt a provision in its articles of association pursuant to which a majority of its board of directors (or a third of its Board of Directors in case the company has a controlling shareholder) will constitute individuals complying with certain independence criteria prescribed by the Companies Law, as well as certain other recommended corporate governance provisions. We have not included such a provision in our Articles of Association. Our Board presently complies with the independence requirements of the NASDAQ and SEC regulations described above.
 
 
40

 
The Company has identified the following Board members as “independent directors” pursuant to NASDAQ Listing Rule 5605(a)(2):
 
 
a. 
Yair Bar-Touv
 
b. 
Aviv Raiz
 
c. 
Hila Karah
 
d. 
Todd Thomson
 
e. 
James Hamilton
 
f. 
David Earhart
 
In addition, the NASDAQ Listing Rules currently require CYREN to have at least a majority of independent directors, as defined under Listing Rule 5605(a)(2), on the Board to maintain an audit committee of at least three members, each of whom must:
 
 
(i)
be independent as defined under Listing Rule 5605(a)(2);
 
 
(ii)
meet the criteria for independence set forth in Rule 10A-3(b)(1) under the Exchange Act as set forth below (subject to the exemptions provided in Exchange Act Rule 10A-3(c));
 
 
(iii)
not have participated in the preparation of the financial statements of the Company or any current subsidiary of the Company at any time during the past three years; and
 
 
(iv)
be able to read and understand fundamental financial statements, including a company’s balance sheet, income statement and cash flow statement.
 
Under limited circumstances, the Company may have one audit committee member not independent in accordance with the above, but such a member would only be able to serve for a maximum of two years.
 
Exchange Act Rule 10A-3(b)(1) requires that members of the audit committee meet that rule’s definition of independence, which requires that an audit committee member may not, except in his or her capacity as a director or committee member, (i) accept directly or indirectly any consulting, advisory, or other compensatory fee from the Company or any of its subsidiaries (except for fixed amounts of compensation under a retirement plan for prior service with the Company, provided that such compensation is not contingent in any way on continued service), or (ii) be an “affiliated person” of the Company or any of its subsidiaries.
 
NASDAQ rules also require that the Company certify that it has, and will continue to have, at least one member of the audit committee who has past employment experience in finance or accounting, requisite professional certification in accounting, or any other comparable experience or background which results in the individual’s financial sophistication, including being or having been a chief executive officer, chief financial officer or other senior officer with financial oversight responsibilities. Also, the Company is required to disclose whether or not it has an “audit committee financial expert” on its audit committee, as defined under Item 16A to Form 20-F.
 
The four directors who serve on our audit committee, Mr. Bar-Touv, Mr. Thomson, Mr. Hamilton, and Mr. Earhart, qualify as independent directors under NASDAQ Listing Rules (including Exchange Act Rule 10A-3) and further qualify to act as members of our audit committee under the Israel Companies Law.

Audit Committee
 
As noted above in the discussion under “Independent and Outside Directors”, the Companies Law requires public companies to appoint an audit committee. The audit committee’s duties include providing assistance to the Board in fulfilling its legal and fiduciary obligations in matters involving our accounting, auditing, financial reporting, internal control and legal compliance functions. In this respect the audit committee approves the services performed by our independent registered public accounting firm and reviews their reports regarding our accounting practices and systems of internal accounting controls. The audit committee also oversees the audits conducted by our independent registered public accounting firm and takes those actions as it deems necessary to confirm that the accountants are independent of management. Under the Companies Law, the responsibilities of the audit committee include identifying irregularities in the management of our business and approving related party transactions as required by law, classifying company transactions as extraordinary transactions or non-extraordinary transactions and as material or non-material transactions in which an officer has an interest (which will have the effect of determining the kind of corporate approvals required for such transaction), assessing the proper function of the company’s internal audit regime and determining whether its internal auditor has the requisite tools and resources required to perform his role and to regulate the company’s rules on employee complaints, reviewing the scope of work of the company’s independent accountants and their fees, and implementing a whistleblower protection plan with respect to employee complaints of business irregularities. Pursuant to Amendment 22, the responsibilities of the audit committee under the Companies Law also include the following matters: (i) to establish procedures to be followed in respect of related party transactions with a controlling shareholder (where such are not extraordinary transactions), which may include, where applicable, the establishment of a competitive process for such transaction, under the supervision of the audit committee, or individual, or other committee or body selected by the audit committee, in accordance with criteria determined by the audit committee; and (ii) to determine procedures for approving certain related party transactions with a controlling shareholder, which were determined by the audit committee not to be extraordinary transactions, but which were also determined by the audit committee not to be negligible transactions.
 
 
41

 
Under the NASDAQ Listing Rules, an audit committee must consist of at least three directors meeting the independence standards under NASDAQ Listing Rules.
 
Under the Companies Law, all outside directors must serve on the audit committee, and in any case it must include a majority of independent directors. The Companies Law defines independent directors as either external directors or directors who: (1) meet the requirements of an external director, other than the requirement to possess accounting and financial expertise or professional qualifications, with audit committee confirmation of such; (2) have been directors in the company for an uninterrupted duration of less than nine years (and any interim period during which such person was not a director which is less than two years shall not be deemed to interrupt the duration); and, (3) were classified as such by the company. One of the outside directors must serve as the chair of the audit committee. Furthermore, under the Companies Law, the audit committee may not include the chairman of the board, or any director employed by the Company, by a controlling shareholder or by any entity controlled by a controlling shareholder, or any director providing services to us, to a controlling shareholder or to any entity controlled by a controlling shareholder on a regular basis, or any director whose income is primarily dependent on a controlling shareholder, and may not include a controlling shareholder or any relatives of a controlling shareholder. Under the Companies Law, a meeting of the audit committee is properly convened if a majority of the committee members attend the meeting, and of which the majority of members present must be independent and external directors. Individuals who are not permitted to be audit committee members may not participate in the committee’s meetings other than to make a presentation regarding a particular issue if the chairman of the audit committee determines that such person’s presence is necessary in order to present such matter. However, pursuant to a recently enacted amendment to the Companies Law (“Amendment 25”), effective as of February 6, 2015, an employee who is not a controlling shareholder or a relative of such shareholder may  be present in the committee's meeting during discussions if such presence is requested by the committee, and an  executive officer may be present in a meeting, if requested by the audit committee, to present his position with regard to a matter under his responsibility where substantial defects in the company's business administration are discussed, but may not vote. Additionally, the company’s legal counsel and corporate secretary may participate in the committee’s discussions and votes if requested by the committee.
 
The audit committee consists of David Earhart, chairman, Todd Thomson, audit committee financial expert, Yair Bar-Touv and James Hamilton.
 
Compensation Committee
 
On December 12, 2012, Amendment 20 to the Companies Law, or “Amendment 20”, came into force, and its provisions are summarized below:
 
All public companies and bond companies are required to establish a compensation committee, with one outside director serving as chairman of the committee. The committee is to be made up of at least three directors, with a majority of outside directors. The remaining directors shall be directors who do not receive direct or indirect compensation for their role as directors (other than compensation paid or given in accordance with Companies Law regulations applicable to the compensation of external directors, or amounts paid pursuant to indemnification and/or exculpation contracts or commitments and insurance coverage). The compensation committee may not include the chairman of the board, any director employed by or otherwise providing services on a regular basis to the Company, to a controlling shareholder or to any entity controlled by a controlling shareholder, any director whose main livelihood is dependent on a controlling shareholder, or a controlling shareholder or a relative thereof. The committee is responsible for (i) proposing an office holder compensation policy to the Board of Directors, (ii) proposing necessary revisions to the compensation policy and examining its implementation, (iii) determining whether to approve transactions with respect to compensation of office holders, and (iv) determining, in accordance with our office holder compensation policy, whether to exempt the compensation terms with an unaffiliated nominee for the position of chief executive officer from requiring shareholders’ approval, provided such terms meet with the company’s compensation policy.

“Say before pay” rules: The compensation policy recommended by the compensation committee is to be approved by the Board and then, before it takes effect, by shareholders in a vote by the affirmative vote of a majority of the shares voting on the matter, provided that (i) such majority includes at least a majority of the shares of shareholders who are non-controlling shareholders and do not have a personal interest in the said resolution; or (ii) the total number of shares of shareholders specified in clause (i) who voted against this resolution does not exceed 2% of the voting rights in the Company. If the shareholders do not approve the policy, the policy may be returned for further deliberation by the Board, taking into account the rejection of the policy by the minority shareholders. The Board may ultimately approve the policy despite the minority’s disapproval, if it finds that the policy is in the company’s best interest. The compensation policy must be approved at least every three years. The Board is required to reevaluate the policy from time to time and if a material change occurs.
 
Under Section 267B(a) and Parts A and B of Annex 1A of the Companies Law, which were legislated as part of Amendment 20, a company’s compensation policy shall be determined based on, and take into account, the following parameters:
 
 
a.
advancement of the goals of the Company, its working plan and its long term policy;
 
 
42

 
 
b.
the creation of proper incentives for the office holders while taking into consideration, inter alia, the Company’s risk management policies;
 
c.
the Company’s size and nature of its operations;
 
d.
the contributions of the relevant office holders in achieving the goals of the Company and profit in the long term in light of their positions;
 
e.
the education, skills, expertise and achievements of the relevant office holders;
 
f.
the role of the office holders, areas of their responsibilities and previous agreements with them;
 
g.
the correlation of the proposed compensation with the compensation of other employees of the Company, and the effect of such differences in compensation on the employment relations in the company; and
 
h.
the long term performance of the office holder.
 
In addition, the compensation policy should take into account that if the compensation paid to office holders includes variable components, the policy should address the ability of the board of directors to reduce the value of the variable component from time to time or to set a cap on the exercise value of convertible securities components that are not paid out in cash. Additionally, in the event that the terms of office and employment include grants or payments made upon termination – such grants should take into consideration the length of the term of office or period of employment, the terms of employment of the office holder during such period, the company’s success during said period and the office holder’s contribution to obtaining the company’s goals and maximizing its profits as well as the circumstances and context of the termination.
 
The compensation policy must set forth standards and rules on the following issues: (a) with respect to variable components of compensation - basing the compensation on long term performance and measurable criteria (though a non-material portion of the variable components can be discretionary awards taking into account the contribution of the officer holder to the company); (b) establishing the appropriate ratio between variable components and fixed components and placing a cap on such variable components (including a cap on the grant date value of convertible securities components that are not paid out in cash); (c) setting forth a rule requiring an office holder to return amounts paid, in the event that it is later revealed that such amounts were paid on the basis of data which prove to be erroneous and resulted in an amendment and restatement of the company’s financial statements; (d) determining minimum holding or vesting periods for equity based variable components of compensation, while taking into consideration appropriate long term incentives; and (e) setting a cap on grants or benefits paid upon termination
 
The compensation committee is also responsible for administering the Company’s various stock option plans, including the issuance of option grants to employees of the Company and its subsidiaries.
 
The compensation committee consists of Yair Bar-Touv, chair, Hila Karah, James Hamilton and David Earhart.
 
Executive Compensation Policy

On July 25, 2013, an Extraordinary General Meeting of the shareholders of the Company took place, approving the Executive Compensation Policy (the “Policy”), which had been recommended by the Compensation Committee and approved by the Board of Directors, for the Company’s directors and office holders, in accordance with the requirements of the Companies Law.

The Policy includes, among other issues prescribed by the Companies Law, a framework for establishing the terms of office and employment of the directors and office holders and guidelines with respect to the structure of the variable pay of office holders.

Our recoupment policy relating to office holder compensation allows for the recovery of any portion of the annual bonus paid based on financial measures that may in the future prove to be based on a mistake which will require a restatement of the financial reports occurring during the 8 quarterly reporting periods (2 years) following the mistaken report.

Our CEO and all of our office holders may be incentivized through cash bonuses and all of our office holders and directors may also be incentivized through long-term equity-based incentives to provide them with a stake in our success – thus linking their long-term financial interests with the interests of our shareholders. In accordance with the Policy, the cash bonuses incentives are developed through a program that sets performance targets based on each office holder’s role and scope. Actual payments are driven by the business and individual performance vis-à-vis the performance targets set at the beginning of the year. The cash bonuses will not exceed 60% of the actual annual base salary for the CEO, 30% of the actual annual base salary for office holders (other than VP Sales) and 90% of the actual annual base salary for the VP Sales. In years the Company does not meet at least 60% of the annual Company’s measures target (as defined by the board of directors), no cash bonuses will be paid.
 
Equity based compensation may be granted in any form permitted under our equity incentive plans, as in effect from time to time (collectively, the "Equity Incentive Plans"), including stock options and restricted share units. Equity grants to office holders and shall be made in accordance with the terms of the Equity Incentive Plans. All equity-based incentives granted to our directors and office holders shall be subject to vesting periods in order to promote long-term retention of the awarded office holders. Grants to our directors and office holders shall vest gradually over a period of not less than three years. The value of the equity based compensation (at the time of grant) per year, for each director and executive officer, shall not exceed the approved ratio between fixed pay and variable pay.
 
 
43

 
Our Compensation Committee will periodically review the Policy and monitor its implementation, and recommend to our Board of Directors and shareholders to amend the Policy as it deems necessary from time to time. The term of the Policy shall be three years as of the date of its adoption, during which, the Board of Directors is required to examine the Policy and revise it from time to time, if the circumstances under which it had been adopted have materially changed. Following such three year term, the Policy, including any revisions recommended by our Compensation Committee and approved by our Board of Directors, as applicable, will be brought once again to the shareholders for approval.
 
On December 18, 2014, the Annual General Meeting of the shareholders of the Company approved an amendment to the Policy, changing the ranges for fixed base salary and variable pay, in order to better reflect the Company's characters, financial position, needs, prospects and strategic goals.
 
Nominating Committee
 
The committee’s responsibilities include identifying individuals qualified to become board members and recommending director nominees to the board.
 
The nominating committee consists of Hila Karah, chair, Aviv Raiz, David Earhart and James Hamilton.

Internal Auditor
 
Under the Israel Companies Law, the Board of Directors must appoint an internal auditor, nominated by the audit committee. The role of the internal auditor is to examine, among other matters, whether a company’s actions comply with relevant law and orderly business procedure. Under the Israel Companies Law, the internal auditor must be an individual and may be an employee of the company but not an affiliate or office holder, or a relative of an affiliate or office holder, and he or she may not be the company’s independent accountant or its representative. The Company routinely engages EWC Audit, an internal auditor who is an independent third party.
 
Approval of Certain Transactions; Obligations of Directors, Officers and Shareholders
 
The Companies Law codifies the fiduciary duties that office holders, including directors and executive officers, owe to a company. An office holder’s fiduciary duties consist of a duty of care and a duty of loyalty. Each person listed in the first table that appears above at the beginning of this Item 6 is an office holder.
 
The duty of loyalty requires an office holder to act in good faith and for the benefit of the company, including to avoid any conflict of interest between the office holder’s position in the company and such person’s personal affairs, avoiding any competition with the company, avoiding exploiting any corporate opportunity of the company in order to receive personal advantage for such person or others, and revealing to the company any information or documents relating to the company’s affairs which the office holder has received due to his or her position as an office holder. A company may approve any of the acts mentioned above provided that all the following conditions apply: the office holder acted in good faith and neither the act nor the approval of the act prejudices the good of the company, and the office holder disclosed the essence of his personal interest in the act, including any substantial fact or document, a reasonable time before the date for discussion of the approval. A director is required to exercise independent discretion in fulfilling his or her duties and may not be party to a voting agreement with respect to his or her vote as a director. A violation of these requirements is deemed a breach of the director’s duty of loyalty.
 
The duty of care requires an office holder to act with a level of care that a reasonable office holder in the same position would employ under the same circumstances. This includes the duty to use reasonable means to obtain information regarding the advisability of a given action submitted for his or her approval or performed by virtue of his or her position and all other relevant information material to these actions.
 
The Companies Law requires that an office holder promptly disclose any personal interest that he or she may have and all related material information known to him or her, in connection with any existing or proposed transaction by the company. “Personal interest,” as defined by the Companies Law, includes a personal interest of any person in an act or transaction of the company, including a personal interest of his relative or of a corporation in which that person or a relative of that person is a 5% or greater shareholder, a holder of 5% or more of the voting rights, a director or general manager, or in which he or she has the right to appoint at least one director or the general manager, and includes shares for which the person has the right to vote pursuant to a power-of-attorney. “Personal interest” does not apply to a personal interest stemming merely from holding shares in the company.
 
The office holder must make the disclosure of his personal interest no later than the first meeting of the company’s board of directors that discusses the particular transaction. This duty does not apply to the personal interest of a relative of the office holder in a transaction unless it is an “extraordinary transaction.” An “extraordinary transaction” is defined as a transaction not in the ordinary course of business, a transaction that is not on market terms, or a transaction that is likely to have a material impact on the company’s profitability, assets or liabilities, and a “relative” as a spouse, sibling, parent, grandparent or descendant, and the sibling, parent or descendant of a spouse, as well as the spouse of any of the foregoing.
 
 
44

 
In the case of a transaction that is not an extraordinary transaction and that does not relate to compensation or terms of employment, after the office holder complies with the above disclosure requirement, only Board approval is required unless the Articles of Association of the company provide otherwise. Our Articles of Association do not provide otherwise. Such approval must determine that the transaction is in the company’s interest. If the transaction is an extraordinary transaction, then in addition to any approval required by the Articles of Association, it also must be approved by the audit committee and by the Board and, under specified circumstances, by a meeting of the shareholders. An individual who has a personal interest in a matter that is considered at a meeting of the Board or the audit committee generally may not be present at this meeting or vote on this matter unless a majority of the board of directors or the audit committee has a personal interest in the matter, or if such person is invited by the Chairman of the Board or audit committee, as applicable, to present the matter being considered. If a majority of the board of directors or the audit committee has a personal interest in the transaction, shareholder approval also would be required.

The Companies Law applies the same disclosure requirements set forth above to a controlling shareholder of a public company The term “controlling shareholder” is defined as a shareholder who has the ability to direct the activities of a company, other than if this power derives solely from the shareholder’s position on the board of directors or any other position with the company, and the definition of “controlling shareholder” in connection with matters governing: (i) extraordinary transactions with a controlling shareholder or in which a controlling shareholder has a personal interest, (ii) certain private placements in which the controlling shareholder has a personal interest, (iii) certain transactions with a controlling shareholder or relative with respect to services provided to or employment by the company, (iv) the terms of employment and compensation of the general manager, and (v) the terms of employment and compensation of office holders of the company when such terms deviate from the compensation policy previously approved by the company’s shareholders, also includes shareholders that hold 25% or more of the voting rights if no other shareholder owns more than 50% of the voting rights in the company (and the holdings of two or more shareholders which each have a personal interest in such matter will be aggregated for the purposes of determining such threshold). Extraordinary transactions, including a private placement with a controlling shareholder or in which a controlling shareholder has a personal interest (including for the provision of services to the company through a company controlled by a controlling shareholder, but not including transactions covering the terms of compensation of a controlling shareholder who is an office holder), require the approval of the audit committee, the Board and the shareholders of the company. Extraordinary transactions covering the terms of compensation of a controlling shareholder who is an office holder, require the approval of the compensation committee, the Board and the shareholders of the company. The shareholder approval must either include a majority of the non-controlling and disinterested shareholders who are present, in person or by proxy, at the meeting or, alternatively, the total shareholdings of the non-controlling and disinterested shareholders who vote against the transaction must not represent more than two percent of the voting rights in the company. Generally, the approval of such a transaction may not extend for more than three years, except that in the case of an extraordinary transaction with a controlling shareholder or in which a controlling shareholder has a personal interest that does not concern terms of compensation for service as an office holder, or as a service provider to the company, the transaction may be approved for a longer period if the audit committee determines that the approval of the transaction for a period longer than three years is reasonable under the circumstances.
 
Under the Companies Law, a shareholder has a duty to act in good faith towards the company and other shareholders and refrain from abusing his or her power in the company, including, among other things, in respect to his or her voting at the general meeting of shareholders on the following matters:
 
 
• 
any amendment to the Articles of Association;
 
• 
an increase of the company’s authorized share capital;
 
• 
a merger; or
 
• 
approval of interested party transactions that require shareholder approval.
 
In addition, any controlling shareholder, any shareholder who can determine the outcome of a shareholder vote and any shareholder who, under the company’s Articles of Association, can appoint or prevent the appointment of an office holder, are under a duty to act with fairness towards the company. The Companies Law provides that a breach of the duty of fairness will be governed by the laws governing breach of contract. The Companies Law does not describe the substance of this duty.
 
Insurance, Indemnification and Exculpation of Directors and Officers; Limitations on Liability
 
The Companies Law permits a company to insure an office holder in respect of liabilities incurred by him or her as a result of the breach of his or her duty of care to the company or to another person, or as a result of the breach of his or her duty of loyalty to the company, to the extent that he or she acted in good faith and had reasonable cause to believe that the act would not prejudice the company. A company can also insure an office holder for monetary liabilities as a result of an act or omission that he or she committed in connection with his or her serving as an office holder. Moreover, in accordance with the Companies Law and the Israeli Securities Law, a company can indemnify an office holder for (a) any monetary liability imposed upon such an office holder for the benefit of a third party pursuant to a court judgment, including a settlement or an arbitrator’s decision, confirmed by a court, (b) reasonable legal costs, including attorney’s fees, expended by an office holder as a result of an investigation or proceeding instituted against the office holder by a competent authority, provided that such investigation or proceeding concludes without the filing of an indictment against the office holder and either i) no financial liability was imposed on the office holder in lieu of criminal proceedings or ii) financial liability was imposed on the office holder in lieu of criminal proceedings but the alleged criminal offense does not require proof of criminal intent, (c) legal expenses (including attorneys’ fees) incurred by an office holder in an administrative enforcement proceeding and certain compensation payable to injured parties for damages suffered by them as determined in the proceeding and (d) reasonable litigation expenses, including legal fees, actually incurred by such an office holder or imposed upon the office holder by a court order, in a proceeding brought against the office holder by or on behalf of the company or by others, or in a criminal action in which he was acquitted, or in a criminal action which does not require proof of criminal intent in which he was convicted. The Companies Law further provides that the indemnification provision in a company’s articles of association (i) may be an obligation to indemnify in advance, provided that, other than litigation expenses, it is limited to events the board of directors can foresee in light of the company’s actual activities when providing the obligation and that it is limited to a sum or standards the board of directors determines is reasonable in the circumstances, and (ii) may permit the company to indemnify an officer or a director after the fact.

 
45

 
Furthermore, a company can, with one limited exception, exculpate an office holder in advance, in whole or in part, from liability for damages sustained by a breach of duty of care to the company.
 
All of these provisions are specifically limited in their scope by the Companies Law, which provides that a company may not indemnify or exculpate an officer or director nor enter into an insurance contract that would provide coverage for any monetary liability incurred as a result of (i) a breach by the officer or director of the duty of loyalty, unless the officer or director acted in good faith and had a reasonable basis to believe that the act would not prejudice the company, in which case the company is permitted to indemnify and provide insurance to but not to exculpate; (ii) an intentional or reckless breach by the officer or director of the duty of care, other than if solely done in negligence; (iii) any act or omission done with the intent to derive an illegal personal benefit; or (iv) any fine levied or forfeit against the director or officer.
 
Under the Companies Law and the Israeli Securities Law, the aforesaid provisions to indemnify or exculpate an office holder, or entering into an insurance contract with respect to the provision of coverage for such matters is subject to the inclusion of provisions in the company’s articles of association permitting the company to do so. Our Articles of Association allow us to insure, exculpate and indemnify office holders to the fullest extent permitted by law provided such insurance, exculpation or indemnification is approved in accordance with the Companies Law and Israeli Securities Law. We have acquired directors’ and officers’ liability insurance covering the officers and directors of CYREN and its subsidiary for certain claims. At the annual meeting of shareholders held on November 18, 2002, the shareholders approved a form of indemnification, exculpation and insurance agreement that is applicable to all our directors. The form of this agreement, as well as related provisions in our Articles of Association, were last amended at the annual meeting of shareholders held on December 15, 2011, and provisions with respect to such indemnification and office holder liability insurance were included in our Compensation Policy.
 
D. 
Employees
 
As of December 31, 2012, 2013 and 2014, we had 198, 192, and 189 employees, respectively, with such employees being located in our offices in the Israel, United States, Iceland and Germany. As of December 31, 2014, our employees were categorized as follows:

LOCATION
 
General &
Administrative
 
Sales &
Marketing
 
Research &
Development
 
Hosting & Support
(Operations)
 
TOTAL:
 
ISRAEL OFFICE
   
6
 
4
   
49
 
4
   
63
 
U.S. OFFICE:
                           
California
   
-
 
5
   
-
 
11
   
16
 
Virginia
   
14
 
12
   
5
 
2
   
33
 
ICELAND OFFICE
   
4
 
2
   
14
 
2
   
22
 
GERMANY OFFICE
   
5
 
12
   
28
 
10
   
55
 
TOTALS
   
29
 
35
   
96
 
29
   
189
 
 
While employment-related issues occasionally arise in the normal course, we believe that, on the whole, relations with our employees are good.
 
None of our U.S. employees are covered by a collective bargaining agreement, rather they sign individual offer letters of employment that, along with relevant Company policies and an employee handbook, formalize employees’ relationship with our U.S. subsidiary.
 
In Israel we are subject to certain labor statutes and national labor court precedent rulings, as well as to certain provisions of the collective bargaining agreements between the Histadrut (General Federation of Labor in Israel) and the Coordination Bureau of Economic Organizations including the Industrialists’ Associations. These provisions of collective bargaining agreements are applicable to our Israeli employees by virtue of expansion orders issued in accordance with relevant labor laws by the Israeli Ministry of Labor and Welfare, and which apply such agreement provisions to our employees even though they are not directly part of a union that has signed a collective bargaining agreement. The laws and labor court rulings that apply to our employees principally concern the minimum wage laws, procedures for dismissing employees, determination of severance pay, leaves of absence (such as annual vacation or maternity leave), sick pay and other conditions for employment. The expansion orders which apply to our employees principally concern the requirement for length of the work day and workweek, mandatory contributions to a pension fund, annual recreation allowance, travel expenses payment and other conditions of employment. Furthermore, the wages of most of CYREN’s Israeli employees are subject to cost of living adjustments, based on changes in the Israeli Consumer Price Index. The amounts and frequency of such adjustments are modified from time to time. Also, all Israeli employees employed for at least a year commencing in 2009 are entitled to the funding of pension benefits by preset monthly contributions of the employee and the employer. Israeli law generally requires the payment of severance pay upon the retirement or death of an employee or upon termination of employment by the employer or, in certain circumstances, by the employee. We currently fund our ongoing severance obligations by making monthly payments for insurance policies and by an accrual. A general practice in Israel followed by CYREN, although not legally required, is the contribution of funds on behalf of certain employees to an individual insurance policy known as “Managers’ Insurance.” This policy provides a combination of savings plan, insurance and severance pay benefits to the insured employee. It provides for payments to the employee upon retirement or death and secures a substantial portion of the severance pay, if any, to which the employee is legally entitled upon termination of employment. Each participating employee contributes an amount equal to 5% of such employee’s base salary, and the employer contributes between 13.3% and 15.8% of the employee’s base salary. We also provide certain Israeli employees with an Education Fund, to which each participating employee contributes an amount equal to 2.5% of such employee’s base salary, and the employer contributes an amount equal to 7.5% of the employee’s base salary, up to a certain maximum base salary set by law.

 
46

 
E. 
Share ownership
 
Employees, including executive officers and other management employees, participate in the Company’s employee option plan.
 
The table in Item 6, Section A above sets forth the directors’ beneficial ownership of our Ordinary Shares as of April 1, 2015. Other than our CEO, Lior Samuelson, no executive officer beneficially owns more than 1% of our Ordinary Shares as of April 1, 2015.
 
Item 7. Major Shareholders and Related Party Transactions.
 
A. 
Major shareholders
 
The following table presents information with respect to beneficial ownership of our Ordinary Shares as of April 1, 2015, including:
 
 
each person or entity known to CYREN to own beneficially 5% or more of CYREN’s Ordinary Shares, and
 
all executive officers and directors as a group.
 
Beneficial ownership is determined in accordance with the rules of the SEC and includes voting or investment power, with respect to Ordinary Shares. To our knowledge, except under applicable community property laws or as otherwise indicated, the persons named in the table have sole voting and sole investment control and rights to receive economic benefits with respect to all shares beneficially owned. The applicable percentage of ownership for each shareholder is based on 33,103,320 Ordinary Shares issuable upon exercise of options and warrants, which are exercisable on or within sixty days of April 1, 2015, are deemed outstanding for the purpose of computing the percentage ownership of the person holding those options or warrants and for all directors and executive officers as a group, but are not deemed outstanding for computing the percentage ownership of any other person. Major shareholders in the Company have the same voting rights as all other shareholders.
               
MAJOR SHAREHOLDERS OF ORDINARY SHARES
 
 
Amount
Owned
 
Percent of
Class
 
Aviv Raiz (1)(2)
   
5,208,490
   
15.7
%
Diker GP, LLC (3)
   
2,335,490
   
7.1
%
All other directors and executive officers as a group (16 persons) (4)
   
1,538,688
   
4.6
%
 
(1) This shareholder of record resides in Israel.
(2) Includes 75,823 options, exercisable into a like number of Ordinary Shares.
(3) Includes 363,069 warrants, exercisable into a like number of Ordinary Shares.
(4) Includes 1,240,134 options exercisable into a like number of Ordinary Shares.
 
Based on a review of the information provided to us by third parties, including our transfer agent, as of April 1, 2015, there were 35 holders of record of our Ordinary Shares. One of such holders is the nominee company known as CEDE & Co., which held 27,107,925 Ordinary Shares on behalf of approximately 78 brokers and banks, or approximately 86.26% of the aggregate 31,424,294 Ordinary Shares outstanding as of such date.
 
Out of the 27,107,925 Ordinary Shares held through CEDE, approximately 24.1 million are managed by Broadridge Financial Solutions, Inc. on behalf of certain banks and brokers, and Broadridge recently provided to us reports on the geographical location of shareholders holding through such banks and brokers. According to these reports, plus our transfer agent reports, we were able to identify at least 6.6 million Ordinary Shares held by Israeli shareholders, approximately 13.7 million shares held by U.S. based shareholders and 8.0 million held by non-Israeli and non-U.S. shareholders.
 
 
47

 
Significant Changes in Percentage Ownership of Major Shareholders During the Past Three Years
 
On February 17, 2015 Diker GP, LLC filed a schedule 13G indicating that it had accumulated 1,625,073 shares of representing 5.18% of the outstanding shares of CYREN as of December 31, 2014.  Their holdings as of April 1, 2015 include 1,972,421 shares and 363,069 warrants.
 
On June 23, 2014 Catalyst Investments II LP filed a schedule 13D indicating that it had disposed of its shares of CYREN as of January 28, 2014.  Catalyst had previously been a 5.2% shareholder with 1,372,555 shares of CYREN.
 
As a result of the capital raise conducted in July 2014, total outstanding shares increased from 26.5 million to 31.4 million resulting in a decrease in ownership percentage for all previous shareholders.
 
Control
 
To the knowledge of the Company, the Company is not directly or indirectly owned or controlled by another corporation, by any foreign government or by any other natural or legal persons severally or jointly and the Company is not aware of any arrangements that may at a subsequent date result in a change in control of the Company.
 
B. 
Related party transactions
 
There were no related party transactions, as such term is defined in Item 7.B to Form 20-F, during 2013 or through the date of filing of this Annual Report.
 
Item 8. Financial Information.
 
A. 
Consolidated Statements and Other Financial Information
 
See Item 18 and pages F-1 through F-34 for our consolidated financial statements.
 
Legal Proceedings
 
The Company's German subsidiary is currently involved in one lawsuit that was initiated prior to the acquisition of eleven GmbH: a claim by a former employee regarding payment of a commission. This case was settled during 2014 and the Company recorded a provision of €275 thousand under accrued expenses and other liabilities as of December 31, 2014.
 
In 2014, the Company entered into arbitral proceedings with the former shareholders of eleven regarding an escrow agreement. CYREN and the former eleven shareholders are disputing an amount of €740 thousand in the escrow account. In addition to the escrow dispute, CYREN has initiated claims for €1,466 thousand against the former eleven shareholders relating to the earn-out liability of the eleven acquisition while the former shareholders claim payment of €781 thousand from CYREN with regards to the same liability. Considering the preliminary stage of these arbitral proceedings, the Company has determined it is currently unable to predict the outcome of these disputes. The Company intends to defend vigorously against the claims raised by the former eleven shareholders.
 
Other than the above, the Company is not a direct party to any litigation, and it is not aware of any threatened litigation which, in the aggregate, would be material to the business of the Company.
 
Dividend Policy
 
If the Company decides to distribute a cash dividend out of income that has been tax exempt due to an “approved enterprise” status under the Law for the Encouragement of Capital Investments, 5719-1959, the amount of cash dividend will be subject to corporate tax at the rate then in effect under Israeli law. The Company has never declared or paid cash dividends on its Ordinary Shares. However, the Company has not adopted a policy not to pay cash dividends and therefore may declare a dividend in the future. The Company’s current plans are to retain future earnings primarily to finance the development of its business and for other corporate purposes.

B. 
Significant changes
 
Except as otherwise disclosed in this Annual Report, there are no other significant changes since December 31, 2014.
 
Item 9. The Offer and Listing.
 
The Company’s Ordinary Shares have been traded publicly on NASDAQ as follows:
 
From July 13, 1999 through June 29, 2004, under the symbol “CTCH” (up to June 7, 2002 on the National Market, and subsequently on the Small Cap Market, which during 2005 was renamed the “Capital Market”);
 
From June 30, 2004 through June 26, 2005, under the symbol “CTCHC”;
 
 
48

 
 
From June 27, 2005 through January 1, 2008, under the symbol “CTCH”;
 
From January 2, 2008 through January 29, 2008, under the symbol “CTCHD”;
 
From January 30, 2008 through February 23, 2014, under the symbol “CTCH”; and.
 
From February 24, 2014, under the symbol “CYRN”.
 
Since December 16, 2009, the Company’s Ordinary Shares have also been traded on the Tel Aviv Stock Exchange, or TASE, under the symbol “CTCH” until February 24, 2014, and under the symbol “CYRN” since that date.
 
The following table lists the high and low closing sales prices for the Company’s Ordinary Shares on the NASDAQ Capital Market for the periods indicated:
             
   
High
   
Low
 
2010:                               &