--- ticker: AKAM company: AKAM filing_type: 10-K year_current: 2024 year_prior: 2023 risks_added: 1 risks_removed: 2 risks_modified: 14 risks_unchanged: 16 source: SEC EDGAR url: https://riskdiff.com/akam/2024-vs-2023/ markdown_url: https://riskdiff.com/akam/2024-vs-2023/index.md generated: 2026-06-01 --- # AKAM: 10-K Risk Factor Changes 2024 vs 2023 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-06-01 > All data extracted directly from official filings. No hallucinated content. ## Summary | Status | Count | |--------|-------| | New risks added | 1 | | Risks removed | 2 | | Risks modified | 14 | | Unchanged | 16 | --- ## New in Current Filing: Provisions of our charter, by-laws and Delaware law may have anti-takeover effects that could prevent a change in control even if the change in control would be beneficial to our stockholders. Provisions of our charter, by-laws and Delaware law could make it more difficult for a third party to control or acquire us, even if doing so would be beneficial to our stockholders. These provisions include: our board of directors having the right to elect directors to fill a vacancy created by the expansion of the board of directors or the resignation, death or removal of a director; stockholders needing to provide advance notice, additional disclosures and representations and warranties to nominate individuals for election to the board of directors or to propose matters that can be acted upon at a stockholders' meeting; and the ability of our board of directors to issue, without stockholder approval, shares of undesignated preferred stock. Further, as a Delaware corporation, we are also subject to certain Delaware anti-takeover provisions. Under Delaware law, a corporation may not engage in a business combination with any holder of 15% or more of its capital stock unless the holder has held the stock for three years or, among other things, the board of directors has approved the transaction. Our board of directors could rely on Delaware law to prevent or delay an acquisition of us. 21 21 21 Table of Contents Table of Contents --- ## No Match in Current: If the accounting estimates we make, and the assumptions on which we rely, in preparing our financial statements prove inaccurate, our actual reported results may be adversely affected. *This section from the 2023 filing does not have a high-confidence textual match in 2024. It may have been removed, merged, or substantially reworded.* Our financial statements have been prepared in accordance with accounting principles generally accepted in the U.S. The preparation of these financial statements requires us to make estimates and judgments about, among other things, taxes, revenue recognition, stock-based compensation, capitalization of internal-use software development costs, investments, contingent obligations, allowance for current expected credit losses, intangible assets and restructuring charges. These estimates and judgments affect, among other things, the reported amounts of our assets, liabilities, revenue and expenses, the amounts of charges accrued by us, and related disclosure of contingent assets and liabilities. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances and at the time they are made. If our estimates or the assumptions underlying them are not correct, actual results may differ materially from our estimates and we may need to, among other things, accrue significant additional charges that could adversely affect our results of operations, which in turn could adversely affect our stock price. Errors in our financial statements have occurred in the past and may occur in the future. For example, see Note 23 for a description of an error identified in January 2023. In addition, new accounting pronouncements and interpretations of accounting pronouncements have occurred and may occur in the future that could adversely affect our reported financial results. --- ## No Match in Current: We may issue additional shares of our common stock or instruments convertible into shares of our common stock and thereby materially and adversely affect the market price of our common stock. *This section from the 2023 filing does not have a high-confidence textual match in 2024. It may have been removed, merged, or substantially reworded.* Our board of directors has the authority to issue additional shares of our common stock or other instruments convertible into, or exchangeable or exercisable for, shares of our common stock. If we issue additional shares of our common stock or instruments convertible into, or exchangeable or exercisable for, shares of our common stock, it may materially and adversely affect the market price of our common stock. --- ## Modified: Defects or disruptions in our products and IT systems could require us to increase spending on upgrading systems, diminish demand for our solutions or subject us to substantial liability. **Key changes:** - Reworded sentence: "We could face the loss of customers from these incidents as they seek alternative or supplemental providers." - Removed sentence: "While we have robust quality control processes in place, there may be additional errors and defects in our hardware, software and open-source components that we leverage that may adversely affect our operations." - Reworded sentence: "If we are unable to efficiently and cost-effectively fix errors or other problems that we identify and improve the quality of our solutions or systems, or if there are unidentified errors that allow persons to improperly access our services or systems, we could experience litigation, the need to issue credits to customers, loss of revenue and market share, damage to our reputation, diversion of management attention, increased expenses, reduced profitability and other negative consequences which could harm our business." - Reworded sentence: "If they are successful, we could experience a serious impact on our reputation and financial condition as a provider of security solutions." - Reworded sentence: "Failure to adequately and rapidly deploy additional points of presence, increased proximity to enterprise data centers and end users and develop competitive offerings 11 11 11 Table of Contents Table of Contents could result in negative publicity, loss of business, diminishing customer appeal and other negative consequences which could harm our business." **Prior (2023):** Our solutions are highly complex and are designed to be deployed in and across numerous large and complex networks that we do not control. From time to time, we have needed to correct errors and defects in the proprietary and open-source software that underlies our platform that have given rise to service incidents, outages and disruptions or otherwise impacted our operations. We could face the loss of customers as a result of recent and any future incidents as they seek alternative or supplemental providers. We have also periodically experienced customer dissatisfaction with the quality of some of our delivery, security, compute and other services, which has led to a loss of business and could lead to a loss of customers in the future. Furthermore, most of our customer agreements contain service level commitments. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service, or face contract termination with refunds of prepaid amounts, which could harm our business. While we have robust quality control processes in place, there may be additional errors and defects in our hardware, software and open-source components that we leverage that may adversely affect our operations. We may not have in place adequate quality assurance procedures to ensure that we detect errors in our hardware, software and open-source components we use in a timely manner, and we may have insufficient resources to efficiently address multiple service incidents happening simultaneously or in rapid succession. We continue to invest in improving our processes and systems. If we are unable to efficiently and cost-effectively fix errors or other problems that we identify and improve the quality of our solutions or systems, or if there are unidentified errors that allow persons to improperly access our services or systems, we could experience litigation, the need to issue credits to customers, loss of revenue and market share, damage to our reputation, diversion of management attention, increased expenses and reduced profitability. An increasing portion of our revenue is derived from sales of security solutions. Defects in our security solutions could lead to negative publicity, loss of business, damages payments to customers and other negative consequences. As our solutions are adopted by an increasing number of enterprises and governments, it is possible that the adversaries behind advanced malicious actions will specifically focus on finding ways to defeat our products and services. If they are successful, we could experience a serious impact on our reputation as a provider of security solutions. An increasing portion of our revenue is also derived from the sales of compute solutions. We are devoting significant resources to develop and deploy our own competing cloud-based and SaaS software and services strategies. While we believe our expertise and infrastructure provides us with a strong foundation to compete, it is uncertain whether our strategies will attract the customers or generate the revenue required to be successful. These costs may reduce the gross and operating margins we have previously achieved. Failure to adequately and rapidly deploy additional points of presence, increased proximity to enterprise data centers and end users and develop competitive offerings could result in negative publicity, loss of business, diminishing customer appeal and other negative consequences which could harm our business. Our business relies on our data systems, traffic measurement systems, billing systems, ordering processes and other operational and financial reporting and control systems. We also rely on third-party software for certain essential operational services and a failure or disruption in these services could materially and adversely affect our ability to manage our business effectively. All of these systems have become increasingly complex due to the complexity of our business, use of third-party software and services, acquisitions of new businesses with different systems, and increased regulation over controls and procedures. As a result, these systems could generate errors that impact traffic measurement or invoicing, revenue recognition and financial forecasting or other parts of our business. We will need to continue to upgrade and improve our data systems, traffic measurement systems, billing systems, ordering processes and other operational and financial systems, procedures and controls. These upgrades and improvements may be difficult and costly. In addition, we could face strains on, or failures of, our internal IT systems if governmental restrictions or vaccine or other mandates due to the emergence of variants in connection 12 12 12 Table of Contents Table of Contents with the ongoing COVID-19 pandemic or other emergencies limit the ability of our command center personnel to work in our physical locations. If we are unable to adapt our systems and organization in a timely, efficient and cost-effective manner to accommodate changing circumstances, our business may be adversely affected. **Current (2024):** Our solutions are highly complex and are designed to be deployed in and across numerous large and complex networks that we do not control. From time to time, we have needed to correct errors and defects in the proprietary and open-source software that underlies our platform that have given rise to service incidents, outages and disruptions or otherwise impacted our operations. We could face the loss of customers from these incidents as they seek alternative or supplemental providers. We have also periodically experienced customer dissatisfaction with the quality of some of our delivery, security, compute and other services, which has led to a loss of business and could lead to a loss of customers in the future. Furthermore, most of our customer agreements contain service level commitments. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service, or face contract termination with refunds of prepaid amounts, which could harm our business. We may not have in place adequate quality assurance procedures to ensure that we detect errors in our hardware, software and open-source components we use in a timely manner, and we may have insufficient resources to efficiently address multiple service incidents happening simultaneously or in rapid succession. If we are unable to efficiently and cost-effectively fix errors or other problems that we identify and improve the quality of our solutions or systems, or if there are unidentified errors that allow persons to improperly access our services or systems, we could experience litigation, the need to issue credits to customers, loss of revenue and market share, damage to our reputation, diversion of management attention, increased expenses, reduced profitability and other negative consequences which could harm our business. Defects in our security solutions could lead to negative publicity, loss of business, damages payments to customers, diminishing customer appeal and other negative consequences which could harm our business. As our solutions are adopted by an increasing number of enterprises and governments, it is possible that the adversaries behind advanced malicious actions will specifically focus on finding ways to defeat our products and services. If they are successful, we could experience a serious impact on our reputation and financial condition as a provider of security solutions. We are devoting significant resources to develop and deploy our own competing cloud computing offering. The rapid development and deployment of new compute infrastructure bears the risk of bugs and unforeseen failures that could affect our reputation and ability to execute our strategies. The risks of such bugs and unforeseen failures introduced to our compute infrastructure by our customers who control many aspects of their use of our compute services and experimental technologies could affect our reputation and ability to execute our strategies. It is also uncertain whether our strategies to develop and deploy our own competing cloud computing offering will attract the customers or generate the revenue required to be successful. These costs may reduce the gross and operating margins we have previously achieved. Failure to adequately and rapidly deploy additional points of presence, increased proximity to enterprise data centers and end users and develop competitive offerings 11 11 11 Table of Contents Table of Contents could result in negative publicity, loss of business, diminishing customer appeal and other negative consequences which could harm our business. Our business relies on our data systems, traffic measurement systems, billing systems, ordering processes and other operational and financial reporting and control systems. We also rely on third-party software for certain essential operational services and a failure or disruption in these services could materially and adversely affect our ability to manage our business effectively. All of these systems have become increasingly complex due to the complexity of our business, use of third-party software and services, acquisitions of new businesses with different systems, and increased regulation over controls and procedures. As a result, these systems have in the past and could in the future generate errors that impact traffic measurement or invoicing, revenue recognition and financial forecasting or other parts of our business. We will need to continue to upgrade and improve our data systems, traffic measurement systems, billing systems, ordering processes and other operational and financial systems, procedures and controls. These upgrades and improvements may be difficult and costly. If we are unable to adapt our systems and organization in a timely, efficient and cost-effective manner to accommodate changing circumstances, our business may be adversely affected. --- ## Modified: If we do not develop or acquire new solutions that are attractive to our customers, our revenue and operating results could be adversely affected. **Key changes:** - Reworded sentence: "In particular, as security and compute solutions have become, and are expected to continue to be, an important part of our business, we must be particularly adept at developing new security solutions that meet the constantly-changing threat landscape and compute and compute-to-edge solutions that meet the needs of professional users and enterprises looking to increase the utility of the internet for their business." - Reworded sentence: "Failure to develop, on a cost-effective basis, innovative or enhanced solutions that are attractive to customers and profitable to us could have a material detrimental effect on our business, results of operations, financial condition and cash flows." **Prior (2023):** Innovation is important to our future success. In particular, as security and compute solutions have become, and are expected to continue to be, an increasingly important part of our business, we must be particularly adept at developing new security and compute services that meet the constantly-changing threat landscape. In addition, we must continue to develop compute and compute-to-edge solutions that meet the needs of professional users and enterprises looking to increase the utility of the internet for their business. The process of developing new solutions and product enhancements is complex, lengthy and uncertain and has become increasingly complex due to the sophistication and the addressing of our customers' needs. The development timetable to commercial release is uncertain and we must commit significant resources to developing new services or features without knowing whether our investments will result in solutions the market will accept, and we may choose to invest in business areas 10 10 10 Table of Contents Table of Contents for which a viable market for our products does not ultimately develop. For example, with the recent acquisition of Linode, we are focused on investing in our suite of cloud computing products. We have invested significant resources toward integrating Linode into our edge platform, including connecting Linode's existing locations into our private backbone, working on expanding the capacity of these facilities and adding additional sites. Success in these efforts is not guaranteed and will largely depend on our ability to create products that are competitive in the enterprise market, source additional co-location facilities and manage an uncertain supply chain for server related hardware. In addition, we have also experienced, and may in the future experience, delays in developing and releasing new products and product enhancements. This could cause our expenses to grow more rapidly than our revenue. Trying to innovate through acquisition can be costly and with uncertain prospects for success; we may find that attractive acquisition targets are too expensive for us to pursue which could cause us to pursue more time-consuming internal development. Failure to develop, on a cost-effective basis, innovative new or enhanced solutions that are attractive to customers and profitable to us could have a material detrimental effect on our business, results of operations, financial condition and cash flows. **Current (2024):** Innovation is important to our future success. In particular, as security and compute solutions have become, and are expected to continue to be, an important part of our business, we must be particularly adept at developing new security solutions that meet the constantly-changing threat landscape and compute and compute-to-edge solutions that meet the needs of professional users and enterprises looking to increase the utility of the internet for their business. The process of developing new solutions and product enhancements is complex, lengthy and uncertain and has become increasingly complex due to the sophistication of our customers' needs. The development timetable is uncertain and we may commit significant resources to developing solutions for which a viable market may not ultimately develop. For example, with the acquisition of Linode, we are investing significant resources in our compute solutions and platform, working on expanding the capacity of these facilities, adding additional sites and developing increased compute features and functionality. Success in these efforts is not guaranteed and will largely depend on our ability to create products that are competitive in the enterprise market, source additional co-location facilities and manage an uncertain supply chain for server related hardware. In addition, we have also experienced, and may in the future experience, delays in developing and releasing new products and product enhancements. This could cause our expenses to grow more rapidly than our revenue. Trying to innovate through acquisition can be costly and with uncertain prospects for success; we may find that attractive acquisition targets are too expensive for us to pursue which could cause us to pursue more time-consuming internal development. Failure to develop, on a cost-effective basis, innovative or enhanced solutions that are attractive to customers and profitable to us could have a material detrimental effect on our business, results of operations, financial condition and cash flows. --- ## Modified: Our failure to maintain our company culture and manage new risks as our business evolves and our work practices change could harm us. **Key changes:** - Reworded sentence: "We believe our culture has been a key contributor to our success to date." - Reworded sentence: "It is also important to our continued success that we hire qualified personnel, properly train them and manage 15 15 15 Table of Contents Table of Contents poorly-performing personnel, all while maintaining our corporate culture and spirit of innovation." - Reworded sentence: "We rolled out our FlexBase program in May 2022, which allows the more than 95% of our workforce designated as flexible to choose to work from an Akamai office, their home office or a combination of both." - Removed sentence: "Allowing members of our workforce to work remotely may create intellectual property risk if employees create intellectual property on our behalf while residing in a jurisdiction with unenforced or uncertain intellectual property laws." - Reworded sentence: "If we are unable to effectively maintain a hybrid workforce, manage the cybersecurity and other risks of remote work and maintain our corporate culture and workforce morale, our business could be harmed or otherwise negatively impacted." **Prior (2023):** Our future operating results will depend on our ability to manage our operations and we believe our culture has been a key contributor to our success to date. As a result of the diversification of our business, personnel growth, increased usage of alternative working arrangements, including the designation of over 95% of roles as flexible and able to work remotely, acquisitions and international expansion in recent years, many of our employees are now based outside of our Cambridge, Massachusetts headquarters; however, most key management decisions are made by a relatively small group of individuals based primarily at our headquarters. If we are unable to appropriately increase management depth, enhance succession planning and decentralize our decision-making at a pace commensurate with our actual or desired growth rates, we may not be able to achieve our financial or operational goals. It is also important to our continued success that we hire qualified personnel, properly train them and manage out poorly-performing personnel, all while maintaining our corporate culture and spirit of innovation. If we are not successful in these efforts, our growth and operations could be adversely affected. We rolled out our FlexBase program in May 2022, which allows the more than 95% of our workforce designated as flexible to choose whether they want to work from an Akamai office, their home office or a combination of both. Although we believe a flexible working policy will help us attract and retain talent, our FlexBase program could, among other things, negatively impact employee morale and productivity, inhibit our ability to hire and train new employees and impede our ability to support customers at the levels they expect. In addition, certain security systems in homes or other remote workplaces may be less secure than those used in our offices, which may subject us to increased security risks, including cybersecurity-related 16 16 16 Table of Contents Table of Contents events, and expose us to risks of data or financial loss and associated disruptions to our business operations. Members of our workforce who access company data and systems remotely may not have access to technology that is as robust as that in our offices, which could cause the networks, information systems, applications and other tools available to those remote workers to be more limited or less reliable than in our offices. We may also be exposed to risks associated with the locations of remote workers, including compliance with local laws and regulations or exposure to compromised internet infrastructure. Allowing members of our workforce to work remotely may create intellectual property risk if employees create intellectual property on our behalf while residing in a jurisdiction with unenforced or uncertain intellectual property laws. Further, if employees fail to inform us of changes in their work location, we may be exposed to additional risks without our knowledge. If we are unable to effectively transition to a hybrid workforce, manage the cybersecurity and other risks of remote work, and maintain our corporate culture and workforce morale, our business could be harmed or otherwise negatively impacted. **Current (2024):** We believe our culture has been a key contributor to our success to date. As a result of the diversification of our business, personnel growth, the deployment of our FlexBase program, acquisitions and international expansion in recent years, many of our employees are now based outside of our Cambridge, Massachusetts headquarters. If we are unable to appropriately increase management depth, enhance succession planning and decentralize our decision-making at a pace commensurate with our actual or desired growth rates, we may not be able to achieve our financial or operational goals. It is also important to our continued success that we hire qualified personnel, properly train them and manage 15 15 15 Table of Contents Table of Contents poorly-performing personnel, all while maintaining our corporate culture and spirit of innovation. If we are not successful in these efforts, our growth and operations could be adversely affected. We rolled out our FlexBase program in May 2022, which allows the more than 95% of our workforce designated as flexible to choose to work from an Akamai office, their home office or a combination of both. This program could, among other things, negatively impact employee morale and productivity, inhibit our ability to effectively train new employees and impede our ability to support customers at the levels they expect. In addition, certain security systems in homes or other remote workplaces may be less secure than those used in our offices, which may subject us to increased security risks, including cybersecurity-related events, and expose us to risks of data or financial loss and associated disruptions to our business operations. Members of our workforce who access company data and systems remotely may not have access to technology that is as robust as that in our offices, which could cause the networks, information systems, applications and other tools available to those remote workers to be more limited or less reliable than in our offices. We may also be exposed to risks associated with the locations of remote workers, including compliance with local laws and regulations or exposure to compromised internet infrastructure. Further, if employees fail to inform us of changes in their work location, we may be exposed to additional risks without our knowledge. If we are unable to effectively maintain a hybrid workforce, manage the cybersecurity and other risks of remote work and maintain our corporate culture and workforce morale, our business could be harmed or otherwise negatively impacted. --- ## Modified: If current and potential large customers shift to hardware-based or other DIY internal solutions for content and application delivery or security protection, our business will be negatively impacted. **Key changes:** - Reworded sentence: "We are reliant on some of our larger customers to direct traffic to our network for a significant part of our revenues." - Reworded sentence: "While the number of customers implementing a DIY strategy has decreased in recent years, if multiple large customers shift to this model, traffic on our network and our contracted revenue commitments would decrease, which would negatively impact our business, profitability, financial condition, results of operations and cash flows." **Prior (2023):** We are reliant on large media and other customers to direct traffic to our network for a significant part of our revenues. In the past, some of those customers have determined that it is better for them to employ a "do-it-yourself" or "DIY" strategy by putting in place equipment, software and other technology solutions for content and application delivery and security protection within their internal systems instead of using our solutions for some or all of their needs. Essentially, this is another form of competition for us. As the amount of money a customer spends with us increases, the risk that they will seek alternative solutions such as DIY or a multi-vendor policy likewise increases. If additional large customers shift to this model, traffic on our network and our contracted revenue commitments would decrease, which would negatively impact our business, profitability, financial condition, results of operations and cash flows. **Current (2024):** We are reliant on some of our larger customers to direct traffic to our network for a significant part of our revenues. In the past, some of our customers have determined that it is better for them to employ a "do-it-yourself" or "DIY" strategy by putting in place equipment, software and other technology solutions for content and application delivery and security protection within their internal systems instead of using our solutions for some or all of their needs. As the amount of money a customer spends with us increases, the risk that they will seek alternative solutions such as DIY or a multi-vendor policy likewise increases. While the number of customers implementing a DIY strategy has decreased in recent years, if multiple large customers shift to this model, traffic on our network and our contracted revenue commitments would decrease, which would negatively impact our business, profitability, financial condition, results of operations and cash flows. --- ## Modified: Cybersecurity breaches and attacks on us, our contractors or our third-party vendors, as well as steps we need to take in an effort to prevent them, can lead to significant costs and disruptions that would harm our business, financial results and reputation. **Key changes:** - Reworded sentence: "We regularly face attempts to gain unauthorized access or deliver malicious software to Akamai Connected Cloud and our internal IT systems, with the goal of stealing proprietary information related to our business, products, employees and customers; disrupting our systems and services or those of our customers or others; or demanding ransom to return control of such systems and services." - Reworded sentence: "Furthermore, nation state and hacktivist attacks against us or our customers may intensify during periods of heightened geopolitical tensions or armed conflict, such as the ongoing war in Ukraine and the Israel-Hamas War." - Reworded sentence: "Vulnerabilities, resident in either software or configurations, may require significant operational efforts to mitigate and may persist for extended periods of time and the effects of any such vulnerability could be exacerbated." - Reworded sentence: "To protect our corporate and deployed networks, we aim to continuously engineer more secure solutions, enhance security and reliability features, improve the deployment of software updates to address security vulnerabilities, develop mitigation technologies that help to secure customers from attacks and maintain the digital security infrastructure that protects the integrity of our network and services." **Prior (2023):** We regularly face attempts to gain unauthorized access or deliver malicious software to the Akamai Connected Cloud and our internal IT systems, with the goal of stealing proprietary information related to our business, products, employees and customers; disrupting our systems and services or those of our customers or others; or demanding ransom to return control of such systems and services. These attempts take a variety of forms, including Distributed Denial of Service attacks, infrastructure attacks, botnets, malicious file uploads, application abuse, credential abuse, ransomware, bugs, viruses, worms and malicious software programs. There could be attempts to infiltrate our systems through our supply chain and contractors. Malicious actors are known to attempt to fraudulently induce employees and suppliers to disclose sensitive information through illegal electronic spamming, phishing or other tactics. Other parties may attempt to gain unauthorized physical access to our facilities in order to infiltrate our internal-use information systems. Furthermore, nation state attacks against us or our customers may intensify during periods of heightened geopolitical tensions or armed conflict, such as the ongoing war in Ukraine. While we have taken and continue to take actions to mitigate against attacks by state actors and others, we may not be able to anticipate the techniques used in such attacks, as they change frequently and may not be recognized until launched. To date, cyber threats and other attacks have not resulted in any material adverse impact to our business or operations, but such threats are constantly evolving, increasing the difficulty of detecting and successfully defending against them. The complexities in managing the security profile of a distributed network with vast scale and geographic reach that evolves to incorporate new capabilities expose us to both known and unknown vulnerabilities. We have discovered vulnerabilities in software used in our technology, such as the vulnerability in Apache Log4j 2 referred to as "Log4Shell" identified in late 2021 that impacted a large portion of the internet ecosystem, and may have other undiscovered vulnerabilities. While the impact to date of Log4Shell on our systems was relatively modest, these vulnerabilities, resident in either software or configurations, may require significant operational efforts to mitigate and may persist for extended periods of time and the effects of any such vulnerability could be exacerbated. Similar security risks exist with respect to acquired companies, our business partners and the third-party vendors that we rely on for aspects of our information technology support services and administrative functions. As a result, we are subject to risks that the activities of our business partners and third-party vendors may adversely affect our business even if an attack or breach does not directly target our systems. See also the risk factor captioned "We utilize third-party technology in our business, and failures or vulnerabilities, and/or litigation, related to these technologies may adversely affect our business" below. To protect our corporate and deployed networks, we must continuously engineer more secure solutions, enhance security and reliability features, improve the deployment of software updates to address security vulnerabilities, develop mitigation technologies that help to secure customers from attacks and maintain the digital security infrastructure that protects the integrity of our network and services. This is frequently costly, with a negative impact on near-term profitability. We may need to increase our related spending in the future, which could reduce our operating margin. Any actual, alleged or perceived breach of network security in our systems or networks, or any other actual, alleged or perceived data security incident we, our customers or our third-party suppliers suffer, can result in damage to our reputation; negative publicity; loss of channel partners, customers and sales; loss of competitive advantages; increased costs to remedy any problems and otherwise respond to any incident; regulatory investigations and enforcement actions; costly litigation; and other liabilities. With the recent acquisition of Linode, we are adapting procedures for mitigating harms that may arise from abuse of our compute products. If we fail to mitigate these or if there is a significant cybersecurity event using our compute products or our compute products are perceived to be less reliable than our competitors, it could result in loss of customers and reputational damage. In addition, we may incur significant costs and operational consequences of investigating, remediating, eliminating and putting in place additional tools and devices designed to prevent actual or perceived security breaches and other security incidents, as well as the costs to comply with any notification obligations resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our solutions and customer and investor confidence in our company and otherwise seriously harm our business and operating results. 13 13 13 Table of Contents Table of Contents **Current (2024):** We regularly face attempts to gain unauthorized access or deliver malicious software to Akamai Connected Cloud and our internal IT systems, with the goal of stealing proprietary information related to our business, products, employees and customers; disrupting our systems and services or those of our customers or others; or demanding ransom to return control of such systems and services. These attempts take a variety of forms, including Distributed Denial of Service (DDoS) attacks, infrastructure attacks, botnets, malicious file uploads, application abuse, credential abuse, social engineering, ransomware, bugs, viruses, worms and malicious software programs. Additionally, the use of artificial intelligence by bad actors has heightened the sophistication and effectiveness of these types of attacks. There have in the past and could in the future be attempts to infiltrate our systems through our supply chain and contractors. Malicious actors are known to attempt to fraudulently induce employees and suppliers to disclose sensitive information through illegal electronic spamming, phishing or other tactics. Other parties may attempt to gain unauthorized physical access to our facilities in order to infiltrate our internal-use information systems. Furthermore, nation state and hacktivist attacks against us or our customers may intensify during periods of heightened geopolitical tensions or armed conflict, such as the ongoing war in Ukraine and the Israel-Hamas War. We may not be able to anticipate the techniques used in such attacks, as they change frequently and may not be recognized until launched. While we have, from time to time, experienced threats to and breaches of our and our third-party vendors' data and systems, to date, to our knowledge, cyber threats and other attacks have not resulted in any material adverse effect to our business or operations, but such threats are constantly evolving, increasing the difficulty of detecting and successfully defending against them. The complexities in managing the security profile of a distributed network with vast scale and geographic reach that evolves to incorporate new capabilities expose us to both known and unknown vulnerabilities. We have discovered vulnerabilities in software used in our technology, such as the vulnerability in Apache Log4j 2 referred to as "Log4Shell" identified in late 2021 that impacted a large portion of the internet ecosystem, and may have other undiscovered vulnerabilities. Vulnerabilities, resident in either software or configurations, may require significant operational efforts to mitigate and may persist for extended periods of time and the effects of any such vulnerability could be exacerbated. Similar security risks exist with respect to acquired companies, our business partners and the third-party vendors that we rely on for aspects of our information technology support services and administrative functions. As a result, we are subject to risks that the activities of our business partners and third-party vendors may adversely affect our business even if an attack or breach does not directly target our systems. To protect our corporate and deployed networks, we aim to continuously engineer more secure solutions, enhance security and reliability features, improve the deployment of software updates to address security vulnerabilities, develop mitigation technologies that help to secure customers from attacks and maintain the digital security infrastructure that protects the integrity of our network and services. For example, our ongoing efforts to continually enhance the security and reliability of Akamai Connected Cloud, customer applications and corporate systems comprise various initiatives and mitigation efforts, including, but not limited to, upgrading access and configuration controls; improving security instrumentation, monitoring, detection and prevention tools; enhancing software inventory and tracking and patching systems; upgrading encryption processes and protections; enhancing authorization methods in applications; enhancing data loss prevention and endpoint security management capabilities; upgrading vulnerability identification, assessment and remediation processes and technologies; and enhancing the security of passwords and other credentials, as applicable and appropriate. Our efforts to engineer more secure 12 12 12 Table of Contents Table of Contents solutions are frequently costly, with a negative impact on near-term profitability, and may be unsuccessful in preventing security incidents that may have an adverse effect on our business and reputation. For example, with the acquisition of Linode, we are adapting procedures for mitigating risks that have in the past or may in the future materialize, including any harms that may arise from abuse of our compute products. If we fail to mitigate these harms or if there is a significant cybersecurity event using our compute products or our compute products are perceived to be less reliable than our competitors, it could result in loss of customers and reputational damage. Any actual, alleged or perceived breach of network security in our systems or networks, or any other actual, alleged or perceived compromise or data security incident we, our customers or our third-party suppliers suffer, can result in damage to our reputation; negative publicity; loss of channel partners, customers and sales; loss of revenue; loss of competitive advantages; increased costs to remedy any problems and otherwise respond to any incident; regulatory investigations and enforcement actions and fines; costly litigation; and other liabilities. --- ## Modified: Litigation may adversely impact our business. **Key changes:** - Reworded sentence: "From time to time, we are or may become involved in various legal proceedings relating to matters incidental to the ordinary course of our business, including patent, commercial, product liability, breach of contract, employment, class action, whistleblower and other litigation and claims and governmental and other regulatory investigations and proceedings." - Removed sentence: "20 20 20 Table of Contents Table of Contents In addition, from time to time, we use various contractual, technical and expert resources to reduce the likelihood of end user activity that is illegal, fraudulent or harmful to third parties." - Removed sentence: "There can be no assurance that any of these initiatives will be successful or reduce such illegal, fraudulent or harmful content on our platform." - Removed sentence: "Furthermore, such initiatives may also result in negative interactions with end users, negative perceptions of our policies or increased onboarding time for new customers." **Prior (2023):** From time to time, we are or may become involved in various legal proceedings relating to matters incidental to the ordinary course of our business, including patent, commercial, product liability, breach of contract, employment, class action, whistleblower and other litigation and claims, and governmental and other regulatory investigations and proceedings. In addition, under our charter, we could be required to indemnify and advance expenses to our directors and officers in connection with their involvement in certain actions, suits, investigations and other proceedings. Such matters can be time-consuming, divert management's attention and resources and cause us to incur significant expenses. Furthermore, because litigation is inherently unpredictable and may not be covered by insurance, there can be no assurance that the results of any litigation matters will not have an adverse impact on our business, results of operations, financial condition or cash flows. 20 20 20 Table of Contents Table of Contents In addition, from time to time, we use various contractual, technical and expert resources to reduce the likelihood of end user activity that is illegal, fraudulent or harmful to third parties. There can be no assurance that any of these initiatives will be successful or reduce such illegal, fraudulent or harmful content on our platform. Furthermore, such initiatives may also result in negative interactions with end users, negative perceptions of our policies or increased onboarding time for new customers. **Current (2024):** From time to time, we are or may become involved in various legal proceedings relating to matters incidental to the ordinary course of our business, including patent, commercial, product liability, breach of contract, employment, class action, whistleblower and other litigation and claims and governmental and other regulatory investigations and proceedings. In addition, under our charter, we could be required to indemnify and advance expenses to our directors and officers in connection with their involvement in certain actions, suits, investigations and other proceedings. Such matters can be time-consuming, divert management's attention and resources and cause us to incur significant expenses. Furthermore, because litigation is inherently unpredictable and may not be covered by insurance, there can be no assurance that the results of any litigation matters will not have an adverse impact on our business, results of operations, financial condition or cash flows. --- ## Modified: We face risks associated with global operations that could harm our business. **Key changes:** - Reworded sentence: "A significant portion of our hiring, new customers and revenue growth in recent quarters has been attributable to our business outside the U.S." - Reworded sentence: "Although we have policies, controls and procedures designed to help ensure compliance with applicable laws, there can be no assurance that our employees, contractors, suppliers, customers or agents will not violate such laws or our policies." **Prior (2023):** A significant portion of our employee increases, customer additions and revenue growth in recent quarters has been attributable to our business outside the U.S. Our operations in foreign countries subject us to risks that may increase our costs, impact our financial results, disrupt our operations or make our operations less efficient and require significant management attention. These risks include: •foreign exchange rate risks, including the recent strengthening of the U.S. dollar which has led to a decrease in our revenue from certain customers and corresponding pressure on our earnings; •uncertainty regarding liability for content or services, including uncertainty as a result of local laws and lack of legal precedent; •loss of revenues if the U.S. or foreign governments impose limitations on doing business with significant current or potential customers; •adjusting to different employee/employer relationships and different regulations governing such relationships; •becoming subject to regulatory oversight; •corporate and personal liability for alleged or actual violations of laws and regulations; •difficulty in staffing, training, developing and managing foreign operations as a result of distance, language, cultural differences or regulations; •theft of intellectual property in high-risk countries where we operate; •difficulties in enforcing contracts, collecting accounts and longer payment cycles in certain countries; •difficulties in transferring funds from, or converting currencies in, certain countries; •managing the costs and processes necessary to comply with export control, sanctions, such as the sanctions imposed in connection with the Russian invasion of Ukraine, anti-corruption, data protection and competition laws and regulations or other regulatory or contractual limitations on our ability to sell or develop our products and services in certain foreign markets; •macroeconomic developments and changes in the labor markets in which we operate; •geopolitical developments, including any that impact our or our customers' ability to operate or deliver content to a country; •other circumstances outside of our control such as trade disputes, political unrest, the imposition of sanctions, export controls, warfare, military or armed conflict, such as the Russian invasion of Ukraine, terrorist attacks, public health emergencies such as the ongoing COVID-19 pandemic, energy crises and natural disasters that could disrupt our ability to provide services or limit customer purchases of them; •reliance on one or more channel partners over which we have limited control or influence on a day-to-day basis; and •potentially adverse tax consequences. We are subject to laws and regulations worldwide that differ among jurisdictions, affecting our operations in areas such as intellectual property ownership and infringement; tax; anti-corruption; internet and technology regulations; so-called "fair share" or internet content taxes; foreign exchange controls and cash repatriation; data privacy; cyber security; competition; consumer protection; and employment. Compliance with such requirements can be onerous and expensive and may otherwise impact our business operations negatively. Although we have policies, controls and procedures designed to help ensure compliance with applicable laws, there can be no assurance that our employees, contractors, suppliers or agents will not violate such laws or our policies. Violations of these laws and regulations can result in fines; criminal sanctions against us, our officers or our employees; prohibitions on the conduct of our business; and damage to our reputation. See also the risk factor captioned Other regulatory developments could negatively impact our business below. 14 14 14 Table of Contents Table of Contents **Current (2024):** A significant portion of our hiring, new customers and revenue growth in recent quarters has been attributable to our business outside the U.S. Our operations in international countries subject us to risks that may increase our costs, impact our financial results, disrupt our operations or make our operations less efficient and require significant management attention. These risks include: foreign exchange rate risks; uncertainty regarding liability for content or services, including uncertainty as a result of local laws and lack of legal precedent; loss of revenues if the U.S. or international governments impose limitations on doing business with significant current or potential customers; difficulty in staffing, training, developing and managing international operations as a result of distance, language, cultural differences, differences in employee/employer relationships or regulations; theft of intellectual property in high-risk countries where we operate; difficulties in enforcing contracts, collecting accounts and longer payment cycles in certain countries; difficulties in transferring funds from, or converting currencies in, certain countries; managing the costs and processes necessary to comply with export control, sanctions, such as the sanctions imposed in connection with the Russian invasion of Ukraine, anti-corruption, data protection, cybersecurity and competition laws and regulations or other regulatory or contractual limitations on our ability to sell or develop our products and services in certain international markets; macroeconomic developments and changes in the labor markets in which we operate; geopolitical developments, including any that impact our or our customers' ability to operate in or deliver content to a country; other circumstances outside of our control such as trade disputes, political unrest, warfare, military or armed conflict, such as the Russian invasion of Ukraine and the ongoing Israel-Hamas War, terrorist attacks, public health emergencies, energy crises and natural disasters that could disrupt our ability to provide services or limit customer purchases of them. For example, approximately five percent of our global employees are located in Tel Aviv, Israel and have been and may continue to be impacted by the Israel-Hamas War. A number of our employees have been, and more may be, required to report for military duty which could impact our ability to operate and successfully complete ongoing initiatives particularly with respect to our security offerings and our efforts to move our internal applications from third-party clouds to Akamai Connected Cloud. In addition, further attacks by Hamas or other groups on Israel could further impact our workforce, our operations and our offices located in Tel Aviv. Furthermore, a widening of the conflict in the Middle East or further escalation could lead to broader geopolitical destabilization and macro-economic impacts. In addition, we are subject to laws and regulations worldwide that differ among jurisdictions, affecting our operations in areas such as intellectual property ownership and infringement; tax; anti-corruption; internet and technology regulations; so- 13 13 13 Table of Contents Table of Contents called "fair share" or internet content taxes; foreign exchange controls and cash repatriation; data privacy; cyber security; competition; consumer protection; and employment. Compliance with such requirements can be onerous and expensive and may otherwise impact our business operations negatively. Although we have policies, controls and procedures designed to help ensure compliance with applicable laws, there can be no assurance that our employees, contractors, suppliers, customers or agents will not violate such laws or our policies. Violations of these laws and regulations can result in fines; additional costs related to governmental investigations; criminal sanctions against us, our officers or our employees; prohibitions on the conduct of our business; and damage to our reputation. --- ## Modified: Failure to control expenses could reduce our profitability, which would negatively impact our stock price. **Key changes:** - Reworded sentence: "Maintaining or improving our profitability depends both on our ability to increase our revenue and limit our expenses." **Prior (2023):** Maintaining or improving our profitability depends both on our ability to increase our revenue, even with the potential challenges discussed above, and limit our expenses. We base our decisions about expense levels and investments on estimates of our future revenue and future anticipated rates of growth; however, many of our expenses are fixed costs for a certain amount of time so it may not be possible to reduce costs in a timely manner or without incurring fees to exit certain obligations early. In addition, we have seen our costs increase and our costs may continue to increase due to rising inflation, increasing cost of labor, interest rates, supply chain disruptions or other market conditions. For example, we have experienced rising energy costs in areas in which we operate, particularly in Europe. If we are unable to increase revenue through traffic growth, growth of sales of our products and services or otherwise and limit expenses, our results of operations will suffer. We may take certain steps to reduce expenses, but there are no assurances that we will be able to effectively reduce our expenses. If we are required to further reduce expenses to maintain or improve profitability, such actions may negatively affect our ability to invest in our business for innovation, systems improvements and other initiatives. **Current (2024):** Maintaining or improving our profitability depends both on our ability to increase our revenue and limit our expenses. We base our decisions about expense levels and investments on estimates of our future revenue and future anticipated rates of growth and may incur varying levels of expense based on strategic initiatives, including acquisitions and the build out of our network to support our compute solutions. In addition, many of our expenses are fixed costs for a certain amount of time which may impact our ability to reduce costs in a timely manner or without incurring additional costs. If we are unable to increase revenue and limit expenses, our results of operations will suffer. We have in the past and may in the future take certain steps to reduce expenses, however, there are no assurances that we will be able to effectively reduce our expenses and such actions may negatively affect our ability to invest in our business for innovation, systems improvements and other initiatives. --- ## Modified: We may have exposure to greater-than-anticipated tax liabilities. **Key changes:** - Reworded sentence: "In particular, the Organisation for Economic Co-operation and Development ("OECD") and participating OECD member countries continue to work toward the enactment of a 15% global minimum corporate tax rate for companies with revenue above €750 million, calculated on a country-by-country basis." - Reworded sentence: "16 16 16 Table of Contents Table of Contents The Inflation Reduction Act of 2022 ("IRA") includes a 15% corporate alternative minimum tax for companies with modified GAAP net income in excess of $1 billion, a 1% excise tax on certain stock repurchases, and numerous environmental and green energy tax credits." - Reworded sentence: "The impact of the excise tax on our stock repurchase program was immaterial for the year ended December 31, 2023." **Prior (2023):** Our future income taxes could be adversely affected by earnings being lower than anticipated in jurisdictions that have lower statutory tax rates and higher than anticipated in jurisdictions that have higher statutory tax rates, or changes in tax laws, regulations or accounting principles, as well as certain discrete items such as equity-related compensation. In particular, in October 2021, a global consortium of countries agreed to establish a new framework for international tax reform, including the general rules for redefined jurisdictional taxation rights and a global minimum tax of 15% (Pillar 2). In December 2022, the European Union member states voted unanimously to adopt a Directive implementing the Pillar 2 (global minimum tax) rules giving member states until December 31, 2023 to implement the Directive into national legislation. Further details regarding implementation of these rules are expected and if implemented, such reform may increase our tax liabilities and compliance costs and reduce our profitability. We have recorded certain tax reserves to address potential exposures involving our income tax and sales and use tax positions. These potential tax liabilities result from the varying application of statutes, rules, regulations and interpretations by different jurisdictions. We are currently subject to tax audits in various jurisdictions. If the ultimate outcome of any tax audits are adverse to us, our reserves may not be adequate to cover our total actual liability, and we would need to take a financial charge. Although we believe our estimates, our reserves and the positions we have taken in all jurisdictions are reasonable, the ultimate tax outcome may differ from the amounts recorded in our financial statements and may materially affect our financial results in the period or periods for which such determination is made. On August 16, 2022, President Joseph R. Biden signed into law the Inflation Reduction Act of 2022 ("IRA"). The IRA includes a 15% corporate alternative minimum tax for companies with modified GAAP net income in excess of $1 billion, a 1% excise tax on certain stock repurchases, and numerous environmental and green energy tax credits. Currently, we are not subject to the corporate alternative minimum tax. We are currently evaluating the impacts of the excise tax on our stock repurchase program; however, we do not currently expect the new law to have a material impact on our results of operations. **Current (2024):** Our future income taxes could be adversely affected by earnings being lower than anticipated in jurisdictions that have lower statutory tax rates and higher than anticipated in jurisdictions that have higher statutory tax rates, or changes in tax laws, regulations or accounting principles, as well as certain discrete items such as equity-related compensation. In particular, the Organisation for Economic Co-operation and Development ("OECD") and participating OECD member countries continue to work toward the enactment of a 15% global minimum corporate tax rate for companies with revenue above €750 million, calculated on a country-by-country basis. European Union member states have begun to enact global minimum tax rate rules into domestic law. In particular, on December 16, 2022, the Swiss parliament approved a constitutional amendment to implement the global minimum tax rate rules and the amendment was approved by public vote on June 18, 2023. On December 22, 2023, the Swiss Federal Council declared some of the rules to be in effect beginning in 2024. The global minimum tax is a significant structural change to the international tax framework, which is expected to affect the tax position of multinational or large scale domestic enterprise groups that fall under its scope, including us, beginning in 2024. Although enactment of the global minimum tax has begun, the OECD and participating OECD member countries continue to work towards defining the underlying rules and administrative procedures. We will continue to monitor these developments and evaluate the impact of the global minimum tax, which we anticipate will increase our liability for corporate taxes and our effective income tax rate. We have recorded certain tax reserves to address potential exposures involving our income tax and indirect tax positions. These potential tax liabilities result from the varying application of statutes, rules, regulations and interpretations by different jurisdictions. We are currently subject to tax audits in various jurisdictions. If the ultimate outcome of any tax audits are adverse to us, our reserves may not be adequate to cover our total actual liability, and we would need to take a financial charge. Although we believe our estimates, our reserves and the positions we have taken in all jurisdictions are reasonable, the ultimate tax outcome may differ from the amounts recorded in our financial statements and may materially affect our financial results in the period or periods for which such determination is made. 16 16 16 Table of Contents Table of Contents The Inflation Reduction Act of 2022 ("IRA") includes a 15% corporate alternative minimum tax for companies with modified GAAP net income in excess of $1 billion, a 1% excise tax on certain stock repurchases, and numerous environmental and green energy tax credits. Currently, we are not subject to the corporate alternative minimum tax. The impact of the excise tax on our stock repurchase program was immaterial for the year ended December 31, 2023. --- ## Modified: Fluctuations in foreign currency exchange rates affect our reported operating results in U.S. dollar terms. **Key changes:** - Reworded sentence: "Because we conduct a substantial portion of our business outside the United States, we face exposure to adverse movements in foreign currency exchange rates, which could have a material adverse impact on our financial results and cash flows." - Added sentence: "For example, in 2023, the strength of the U.S." - Added sentence: "dollar had a negative impact on our revenue and a positive impact on our operating expenses." - Reworded sentence: "In addition, we have recently experienced increased volatility in foreign currency exchange rates, due to a number of factors, including geopolitical and economic developments." **Prior (2023):** Revenue generated and expenses incurred by our international subsidiaries are often denominated in the currencies of the local countries. As a result, our consolidated U.S. dollar financial statements are subject to fluctuations due to changes in exchange rates as the financial results of our international subsidiaries are translated from local currencies into U.S. dollars. In addition, our financial results are subject to changes in exchange rates that impact the settlement of transactions in non-functional currencies. While we have implemented a foreign currency hedging program to mitigate transactional exposures, there is no guarantee that such program will be effective. 17 17 17 Table of Contents Table of Contents **Current (2024):** Because we conduct a substantial portion of our business outside the United States, we face exposure to adverse movements in foreign currency exchange rates, which could have a material adverse impact on our financial results and cash flows. These exposures may change over time as business practices evolve and economic conditions change. The fluctuations of currencies in which we conduct business can both increase and decrease our overall revenue and expenses for any given period. This exposure is the result of selling in multiple currencies, headcount in foreign locations and operating in countries where the functional currency is the local currency. Revenue generated and expenses incurred by our international subsidiaries are often denominated in their local currencies, but many of our expenses related to our operations in foreign jurisdictions are denominated in U.S. dollars. As a result, our consolidated U.S. dollar financial statements are subject to fluctuations due to changes in exchange rates as the financial results of our international subsidiaries are translated from local currencies into U.S. dollars. For example, in 2023, the strength of the U.S. dollar had a negative impact on our revenue and a positive impact on our operating expenses. In addition, our financial results are subject to changes in exchange rates that impact the settlement of transactions in non-functional currencies. In addition, we have recently experienced increased volatility in foreign currency exchange rates, due to a number of factors, including geopolitical and economic developments. We may not be able to effectively manage such volatility, and our financial results have in the past and could in the future be adversely impacted as a result of such volatility. In addition, such volatility, even when it increases our revenues or decreases our expenses, impacts our ability to accurately predict our future results and earnings. --- ## Modified: If we fail to maintain an effective system of internal controls, we may not be able to accurately report our financial results or prevent fraud. As a result, our stockholders could lose confidence in our financial reporting, which could harm our business and the trading price of our common stock. **Key changes:** - Removed sentence: "Provisions of our charter, by-laws and Delaware law could make it more difficult for a third party to control or acquire us, even if doing so would be beneficial to our stockholders." - Removed sentence: "These provisions include: •our board of directors having the right to elect directors to fill a vacancy created by the expansion of the board of directors or the resignation, death or removal of a director; 22 22 22 Table of Contents Table of Contents •stockholders needing to provide advance notice, additional disclosures and representations and warranties to nominate individuals for election to the board of directors or to propose matters that can be acted upon at a stockholders' meeting; and •the ability of our board of directors to issue, without stockholder approval, shares of undesignated preferred stock." - Removed sentence: "Further, as a Delaware corporation, we are also subject to certain Delaware anti-takeover provisions." - Removed sentence: "Under Delaware law, a corporation may not engage in a business combination with any holder of 15% or more of its capital stock unless the holder has held the stock for three years or, among other things, the board of directors has approved the transaction." - Removed sentence: "Our board of directors could rely on Delaware law to prevent or delay an acquisition of us." **Prior (2023):** Provisions of our charter, by-laws and Delaware law could make it more difficult for a third party to control or acquire us, even if doing so would be beneficial to our stockholders. These provisions include: •our board of directors having the right to elect directors to fill a vacancy created by the expansion of the board of directors or the resignation, death or removal of a director; 22 22 22 Table of Contents Table of Contents •stockholders needing to provide advance notice, additional disclosures and representations and warranties to nominate individuals for election to the board of directors or to propose matters that can be acted upon at a stockholders' meeting; and •the ability of our board of directors to issue, without stockholder approval, shares of undesignated preferred stock. Further, as a Delaware corporation, we are also subject to certain Delaware anti-takeover provisions. Under Delaware law, a corporation may not engage in a business combination with any holder of 15% or more of its capital stock unless the holder has held the stock for three years or, among other things, the board of directors has approved the transaction. Our board of directors could rely on Delaware law to prevent or delay an acquisition of us. We have identified a material weakness in our internal control over financial reporting, and our management has concluded that our disclosure controls and procedures are not effective. While we are working to remediate the identified material weakness, we cannot assure you that additional material weaknesses or significant deficiencies will not occur in the future. If we fail to maintain an effective system of internal controls, we may not be able to accurately report our financial results or prevent fraud. As a result, our stockholders could lose confidence in our financial reporting, which could harm our business and the trading price of our common stock. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. As disclosed in this Form 10-K, in the course of our audit for fiscal 2022, we identified a material weakness in the Company's internal control over financial reporting as of December 31, 2022 related to income taxes. The material weakness was caused by an inadequate control over the adoption and application of new accounting standards related to income taxes and resulted in immaterial errors to net deferred tax assets and provision for income taxes for the interim periods ended March 31, 2022, June 30, 2022 and September 30, 2022. We are in the process of designing and implementing changes in processes and controls to remediate the material weakness. We cannot assure you that the measures we may take in the future will be sufficient to remediate the control deficiencies that led to a material weakness in our internal controls over financial reporting or that they will prevent or avoid potential future material weaknesses. The material weakness in the Company's internal control over financial reporting will not be considered remediated until the controls operate for a sufficient period of time and management has concluded, through testing that these controls operate effectively. If we do not successfully remediate the material weakness, or if other material weaknesses or other deficiencies arise in the future, we may be unable to accurately report our financial results, which could cause our financial results to be materially misstated and require restatement. We need to continue to enhance and maintain our processes and systems and adapt them to changes as our business evolves and we rearrange management responsibilities and reorganize our business. This continuous process of maintaining and adapting our internal controls and complying with Section 404 is expensive and time-consuming and requires significant management attention. We cannot be certain that our internal control measures will provide in the future adequate control over our financial processes and reporting and ensure compliance with Section 404. Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our operating results, may result in a restatement of our financial statements for prior periods, cause us to fail to meet our reporting obligations, and could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in the periodic reports we will file with the Securities and Exchange Commission. Furthermore, as our business changes, including by expanding our operations in different markets, increasing reliance on channel partners and completing acquisitions, our internal controls may become more complex and we may be required to expend significantly more resources to ensure our internal controls remain effective. Failure to implement required new or improved controls, or difficulties encountered in their implementation, could harm our operating results or cause us to fail to meet our reporting obligations. If we or our independent registered public accounting firm identify additional material weaknesses, the disclosure of that fact, even if quickly remediated, could reduce the market's confidence in our financial statements and harm our stock price. **Current (2024):** The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. As previously disclosed for the year ended December 31, 2022, we identified a material weakness in the Company's internal control over financial reporting as of December 31, 2022 related to income taxes. Although this material weakness has been remediated, there can be no assurance that we will not identify additional material weaknesses in internal controls in the future or that the measures we may take to remediate any such future control deficiencies will be effective. We need to continue to enhance and maintain our processes and systems and adapt them to changes as our business evolves and we rearrange management responsibilities and reorganize our business. This continuous process of maintaining and adapting our internal controls and complying with Section 404 is expensive and time-consuming and requires significant management attention. Furthermore, as our business changes, including by expanding our operations in different markets, increasing reliance on channel partners and completing acquisitions, our internal controls may become more complex and we may be required to expend significantly more resources to ensure our internal controls remain effective. Failure to implement required new or improved controls, or difficulties encountered in their implementation, could harm our operating results or cause us to fail to meet our reporting obligations. If we or our independent registered public accounting firm identify additional material weaknesses, the disclosure of that fact, even if quickly remediated, could reduce the market's confidence in our financial statements and harm our stock price. We cannot be certain that our internal control measures will provide adequate control over our financial processes and reporting and ensure compliance with Section 404. Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our operating results, may result in a restatement of our financial statements for prior periods, cause us to fail to meet our reporting obligations, and could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in the periodic reports we will file with the Securities and Exchange Commission. --- ## Modified: Acquisitions and other strategic transactions could result in operating difficulties, dilution, diversion of management attention and other harmful consequences that may adversely impact our business and results of operations. **Key changes:** - Reworded sentence: "Acquisitions and other complex transactions are accompanied by a number of risks, including the following: difficulty integrating technologies, operations and personnel while maintaining the quality standards that are consistent with our reputation; potential disruptions of our ongoing business and distraction of management attention; diversion of financial and business resources from core operations or other attractive investments; financial consequences, such as increased operating expenses, incurrence of material post-closing liabilities, incurrence of additional debt and other dilutive effects on our earnings, particularly in the current environment where we have seen relatively high valuations of, and valuation expectations for, many technology companies and increasing allocation of risk to acquirors; failure to realize synergies or other expected benefits; lawsuits resulting from an acquisition or disposition; the inability to retain the acquired company's key talent; exposure to cybersecurity risks and the cost associated with remediating those risks in connection with the acquisition of IT systems; increased accounting charges such as impairment of goodwill or intangible assets, amortization of intangible assets acquired and a reduction in the useful lives of intangible assets acquired; the need to use substantial portions of available cash or dilutive issuances of securities to finance large transactions; and potential unknown liabilities and regulatory requirements associated with an acquired business." - Removed sentence: "If we use a significant portion of our available cash to pay for acquisitions that are not successful, it could harm our balance sheet and limit our flexibility to pursue other opportunities without having enjoyed the intended benefits of the acquisition." - Removed sentence: "As we complete any future acquisitions, we may encounter difficulty in incorporating acquired technologies into our offerings while maintaining the quality standards that are consistent with our brand and reputation." - Removed sentence: "If we are not successful in completing acquisitions or other strategic transactions that we may pursue in the future, we may incur substantial expenses and devote significant management time and resources without a successful result." - Removed sentence: "Future acquisitions could require use of substantial portions of our available cash or result in dilutive issuances of securities." **Prior (2023):** We expect to continue to pursue acquisitions and other types of strategic relationships that involve technology sharing or close cooperation with other companies. Acquisitions and other complex transactions are accompanied by a number of risks, including the following: •difficulty integrating the technologies, operations and personnel of acquired businesses; •potential disruptions of our ongoing business; •potential distraction of management; •diversion of business resources from core operations; •financial consequences, such as increased operating expenses, incurrence of material post-closing liabilities, incurrence of additional debt and other dilutive effects on our earnings, particularly in the current environment where we have generally seen escalating valuations of many technology companies and increasing allocation of risk to acquirors; •assumption of legal risks related to compliance with laws, including privacy and anti-corruption regulations; •failure to realize synergies or other expected benefits; •lawsuits resulting from an acquisition or disposition; •retention of the acquired company's key talent; •there may be unexpected regulatory changes resulting in operating difficulties and expenditures; •acquisition of IT systems that expose us to cybersecurity risks and additional costs to remedy such risks; •increased accounting charges such as impairment of goodwill or intangible assets, amortization of intangible assets acquired and a reduction in the useful lives of intangible assets acquired; and •potential unknown liabilities associated with acquired businesses. Any inability to integrate completed acquisitions or combinations in an efficient and timely manner could have an adverse impact on our results of operations. If we use a significant portion of our available cash to pay for acquisitions that are not successful, it could harm our balance sheet and limit our flexibility to pursue other opportunities without having enjoyed the intended benefits of the acquisition. As we complete any future acquisitions, we may encounter difficulty in incorporating acquired technologies into our offerings while maintaining the quality standards that are consistent with our brand and reputation. If we are not successful in completing acquisitions or other strategic transactions that we may pursue in the future, we may incur substantial expenses and devote significant management time and resources without a successful result. Future acquisitions could require use of substantial portions of our available cash or result in dilutive issuances of securities. 15 15 15 Table of Contents Table of Contents **Current (2024):** We expect to continue to pursue acquisitions and other types of strategic relationships that involve technology sharing or close cooperation with other companies. Acquisitions and other complex transactions are accompanied by a number of risks, including the following: difficulty integrating technologies, operations and personnel while maintaining the quality standards that are consistent with our reputation; potential disruptions of our ongoing business and distraction of management attention; diversion of financial and business resources from core operations or other attractive investments; financial consequences, such as increased operating expenses, incurrence of material post-closing liabilities, incurrence of additional debt and other dilutive effects on our earnings, particularly in the current environment where we have seen relatively high valuations of, and valuation expectations for, many technology companies and increasing allocation of risk to acquirors; failure to realize synergies or other expected benefits; lawsuits resulting from an acquisition or disposition; the inability to retain the acquired company's key talent; exposure to cybersecurity risks and the cost associated with remediating those risks in connection with the acquisition of IT systems; increased accounting charges such as impairment of goodwill or intangible assets, amortization of intangible assets acquired and a reduction in the useful lives of intangible assets acquired; the need to use substantial portions of available cash or dilutive issuances of securities to finance large transactions; and potential unknown liabilities and regulatory requirements associated with an acquired business. The data practices and technology systems of businesses that we have acquired, or may acquire, and our efforts to integrate our acquisitions with our existing technologies have in the past and may in the future pose risks, such as cybersecurity vulnerabilities or past cybersecurity or privacy incidents. Following an acquisition, we work to enhance the security and reliability of our systems. As such, there is a period of increased cybersecurity risk during the period between closing an acquisition and the completion of our security upgrades and integration. For example, as part of the integration of the Linode compute platform into Akamai Connected Cloud and the migration of certain applications and products from third party cloud providers onto Akamai Connected Cloud, we have been working to enhance the security and reliability of the integrated systems. While we continue to make progress on these efforts, the mitigation of a number of risks is ongoing and thus certain 14 14 14 Table of Contents Table of Contents underlying vulnerabilities remain that, if exploited, could negatively impact Akamai Connected Cloud and our customers. Despite our efforts to enhance the security and reliability of our systems, our information technology systems and those of third parties with whom we do business or communicate may be damaged, disrupted, or shut down due to attacks by unauthorized access, malicious software, computer viruses, undetected intrusion, hardware failures, or other events. In addition, our disaster recovery plans may be ineffective or inadequate. Any inability to integrate completed acquisitions or combinations in an efficient and timely manner could have an adverse impact on our results of operations. --- ## Modified: Global conditions have in the past and may in the future harm our industry, business and results of operations. **Key changes:** - Reworded sentence: "The success of our activities is affected by general economic and market conditions, including, among others, inflation, interest rates, tax rates, economic uncertainty, political instability, warfare, changes in laws, trade barriers, the actual or perceived failure or financial difficulties of financial institutions, reduced consumer confidence and spending and economic and trade sanctions." - Reworded sentence: "Such economic volatility has in the past and could in the future adversely affect our business, financial condition, results of operations and cash flows and future market disruptions could negatively impact us." **Prior (2023):** We operate globally and as a result, our business, revenues and profitability are impacted by global macroeconomic conditions. The success of our activities is affected by general economic and market conditions, including, among others, inflation, interest rates, tax rates, economic uncertainty, political instability, warfare, changes in laws, trade barriers, reduced consumer confidence and spending and economic and trade sanctions. The U.S. capital markets experienced and continue to experience extreme volatility and disruption following the global outbreak of COVID-19 in 2020 and the Russian invasion of Ukraine in 2022. Furthermore, inflation rates in the U.S. have recently increased to levels not seen in decades. Such economic volatility could adversely affect our business, financial condition, results of operations and cash flows, and future market disruptions could negatively impact us. These unfavorable economic conditions could increase our operating costs, which could negatively impact our profitability. Geopolitical destabilization and warfare have impacted and could continue to impact global currency exchange rates, resources from our suppliers, and ability to operate or grow our business. For example, as a result of the recent uncertain macroeconomic environment, we have experienced elongated sales cycles with our customers and prospects and customers are delaying purchases of our solutions. Additionally, we have offices and employees located in regions that historically have and may experience periods of political instability, warfare, changes in laws, trade barriers, and economic and trade sanctions. Adverse conditions in these countries directly affect our operations. As a result, our operations and employees could be disrupted and may not be able to function at full capacity, which could adversely affect our business, results of operations, financial condition, and cash flows. **Current (2024):** We operate globally and as a result, our business, revenues and profitability are impacted by global macroeconomic conditions. The success of our activities is affected by general economic and market conditions, including, among others, inflation, interest rates, tax rates, economic uncertainty, political instability, warfare, changes in laws, trade barriers, the actual or perceived failure or financial difficulties of financial institutions, reduced consumer confidence and spending and economic and trade sanctions. For example, approximately 1% of our 2021 revenue had been generated from traffic into Russia, Belarus and Ukraine, and we experienced a decline in revenue in 2022 and 2023 related to the war in Ukraine due to a decrease in traffic in these countries. In addition, due to changes in international tax laws, we expect our effective income tax rate will increase in 2024. The U.S. capital markets have experienced and may continue to experience extreme volatility and disruption in the recent past. Furthermore, inflation rates in the U.S. have recently increased to levels not seen in decades. Such economic volatility has in the past and could in the future adversely affect our business, financial condition, results of operations and cash flows and future market disruptions could negatively impact us. For example, these unfavorable economic conditions could increase our operating costs, which could negatively impact our profitability. Geopolitical destabilization and warfare have impacted and could continue to impact global currency exchange rates, resources from our suppliers, and our ability to operate or grow our business. In addition, we have recently experienced rising energy costs in areas in which we operate, particularly in Europe. Additionally, we have offices and employees located in regions that historically have and may again experience periods of political instability, warfare, changes in laws, trade barriers and economic and trade sanctions. Adverse conditions in these countries have in the past and may in the future affect our operations, including disruptions to our workforce, supply chains, networks, financial systems and other critical infrastructure, which could adversely affect our business, results of operations, financial condition and cash flows. For example, approximately five percent of our global employees are located in Tel Aviv, 9 9 9 Table of Contents Table of Contents Israel and some of our employees have been mobilized as members of the Israeli military reserves. The ongoing war could cause harm to our employees or otherwise impair their ability to work for extended periods of time. --- ## Modified: Slowing revenue growth has in the past and may continue to negatively impact our profitability and stock price. **Key changes:** - Reworded sentence: "The overall revenue growth we have enjoyed in recent years may not continue in future periods and could decline, which could negatively impact our profitability and stock price." - Added sentence: "See the risk factor titled, "Global conditions have in the past and may in the future harm our industry, business and results of operations" below." **Prior (2023):** The revenue growth we have enjoyed in recent years may not continue in future periods and could decline, which could negatively impact our profitability and stock price. Our revenue depends on the amount of services we deliver, continued growth in demand for our delivery, compute and security solutions and our ability to maintain the prices we charge for them. In particular, varying levels of the amount of traffic on our network can have a significant impact on our short-term revenue growth rate. We experienced a significant increase in revenue from our delivery solutions in 2020 due in large part to greater consumption of online media and games during the onset of the COVID-19 pandemic and associated stay-at-home orders across the globe. In 2021 and 2022, our revenue growth from delivery solutions declined as stay-at-home orders were lifted. Numerous factors impact our revenue, traffic and sales growth including: •our ability to build on recurring revenue commitments for our security, compute and delivery offerings; •our ability to develop new products; •the pace of introduction of over-the-top video delivery initiatives by our customers; •the popularity of our customers' streaming offerings as compared to those offered by other companies; •factors that impact the pricing and unit pricing we can obtain for our offerings; •variation in the popularity of online gaming; •customers utilizing their own data centers and implementing solutions that limit or eliminate reliance on third-party providers like us; •the adoption of permanent hybrid or work from home policies by employees; and •general macroeconomic, regulatory and geopolitical conditions, including the war in Ukraine, and industry pressures. We have experienced significant growth in revenue from our security and compute solutions in recent years. If we do not increase our industry recognition as a security and compute solutions provider, develop or acquire new solutions in a rapidly-changing environment where security threats are constantly evolving or ensure that our solutions operate effectively and are competitive with products offered by others, our security or compute revenue, or both, may decline. We are dependent upon the overall economic health of our current and prospective customers and the continued growth and evolution of information technology. We have experienced revenue declines in recent quarters for portions of our business that include our delivery-based solutions and expect this trend to continue because of continued pricing pressure due to competition and fluctuations in traffic growth rates. For example, approximately 1% of our 2021 revenue had been generated from traffic into Russia, Belarus and Ukraine, and we experienced a decline in revenue in 2022 related to the war in Ukraine due to a decrease in traffic in these countries. In addition, in 2021 and 2022, some of our customers continued to experience disruptions to their businesses following the emergence of COVID-19 variants. These disruptions or changes in international, national, regional and local economic conditions could adversely affect our business. Any of these circumstances would negatively impact our revenues. Our ability to increase our overall revenue also depends on many other factors including how well we can: •retain existing customers, including by maintaining the levels of existing services they buy and by delivering consistent and quality performance levels; •upsell new solutions to existing customers; •expand our customer base; •develop and sell innovative and appealing new solutions; •continue to expand our sales internationally; •successfully integrate our recent acquisitions into our business; •address potential commoditization of certain of our solutions, which can lead to lower prices and loss of customers to competitors; •maintain pricing and make decisions on pricing strategy; 9 9 9 Table of Contents Table of Contents •successfully manage the sales cycle, including improving the ability of or pace at which our customers or prospects purchase new services and solutions; •counteract multi-vendor policies that could cause customers to reduce their reliance on us; •handle other competitive threats to our business; •adapt to changes in our customer contracting models from a committed revenue structure to a "pay-as-you-go" approach, which would make it easier for customers to stop doing business with us, or from traditional overage billing models to ones that do not incorporate surcharges for usage above committed levels; and •manage the impact of changes in general economic conditions, geopolitical conditions, industry pressures, public health issues, natural disasters and public unrest on our ability to sell, market and provide our solutions. If we are unable to increase revenues, our profitability and stock price could suffer. **Current (2024):** The overall revenue growth we have enjoyed in recent years may not continue in future periods and could decline, which could negatively impact our profitability and stock price. Our ability to generate revenue depends on the amount of services we deliver, continued growth in demand for our security, delivery and compute solutions and our ability to maintain the prices we charge for them. Revenue we generate from our delivery solutions is impacted by pricing pressure due to competition and fluctuations in content traffic as a result of, among other factors, changes in the popularity of our customers' content including video delivery and gaming. For example, revenue from our delivery solutions increased significantly in 2020 due in large part to greater consumption of online media and games during the onset of the COVID-19 pandemic and the associated stay-at-home orders across the globe. However, as these orders were lifted and more return-to-work policies were adopted, our revenue from delivery solutions declined. We have continued to experience revenue declines in our delivery solutions and expect this trend to continue in the near future. Our security solutions currently generate the largest portion of our revenue. Our ability to generate revenue in our security business depends on our ability to increase our industry recognition as a provider of security solutions, develop or acquire new solutions in a rapidly-changing environment where security threats are constantly evolving and ensure that our solutions operate effectively and are competitive with products offered by others. In addition, an increasing proportion of our revenue has been generated by our compute solutions. Our ability to generate revenue in our compute business is dependent on our ability to successfully continue building our compute infrastructure, attract a customer base that has traditionally partnered with more established companies in the compute industry and develop effective, price competitive and attractive solutions. If we are unable to increase revenues, our profitability and stock price could suffer. See the risk factor titled, "Global conditions have in the past and may in the future harm our industry, business and results of operations" below. --- *Data sourced from SEC EDGAR. Last updated 2026-06-01.*