Cisco Systems Inc.: 10-K Risk Factor Changes

As a result of a variety of factors discussed in this report, our revenue for a particular quarter is difficult to predict, which can be exacerbated during periods when the global macroenvironment is challenging and inconsistent and can result in market uncertainty. Our revenue may grow at a slower rate than in past periods, or decline as it did in fiscal 2024 and certain prior periods on a year-over-year basis. Our ability to meet financial expectations could also be negatively impacted if the nonlinear sales pattern seen in some of our past quarters recurs in future periods. During the first nine months of fiscal 2024, we experienced a decline in product demand resulting in a decrease of revenue as customers continued to scrutinize spend as they needed additional time to implement elevated levels of product shipments received in prior quarters. We have also experienced periods of time during which shipments have exceeded net bookings or manufacturing issues have delayed shipments, leading to nonlinearity in shipping patterns. In addition to making it difficult to predict revenue for a particular period, nonlinearity in shipping can increase costs, because irregular shipment patterns result in periods of underutilized capacity and periods in which overtime expenses may be incurred, as well as in potential additional inventory management-related costs. In addition, to the extent that manufacturing issues and any related component shortages result in delayed shipments in the future, and particularly in periods in which our contract manufacturers are operating at higher levels of capacity, it is possible that revenue for a quarter could be negatively impacted if such matters occur and are not remediated within the same quarter. The timing of large orders can also have a significant impact on our business and operating results from quarter to quarter. From time to time, we receive large orders that have a significant effect on our operating results in the period in which the order is recognized as revenue. The timing of such orders is difficult to predict, and the timing of revenue recognition from such orders may affect period to period changes in revenue. As a result, our operating results could vary materially from quarter to quarter based on the receipt of such orders and their ultimate recognition as revenue. Longer than normal manufacturing lead times in the past have caused, and in the future could cause, some customers to place the same or a similar order multiple times within our various sales channels and to cancel the duplicative orders upon shipment or receipt of the product, or to also place orders with other vendors with shorter manufacturing lead times. Such multiple ordering (along with other factors) or risk of order cancellation may cause difficulty in predicting our revenue. Further, our efforts to improve manufacturing lead-time performance may result in more variability and less predictability in our revenue and operating results. In addition, when facing component supply-related challenges, we have in the past and may in the future increase our efforts in procuring components in order to meet customer expectations, which in turn contributes to an increase in inventory and purchase commitments. These increases in our inventory and purchase commitments to shorten lead times could also lead to potential material excess and obsolete inventory charges or other negative impacts to our product gross margin in future periods if product demand significantly decreases for a sustained duration, we are unable to generate demand for certain products planned for development, or we are unable to continue to mitigate the remaining supply chain exposures. Product demand conditions for future periods can be difficult to predict or may persist longer than anticipated. We plan our operating expense levels based primarily on forecasted revenue levels. These expenses and the impact of long-term commitments are relatively fixed in the short term. A shortfall in revenue could lead to operating results being below expectations because we may not be able to quickly reduce these fixed expenses in response to short-term business changes. Any of the above factors could materially harm our operations and financial results. For additional information and a further discussion of impacts and risks related to our inventory commitments and our purchase commitments with contract manufacturers and suppliers, see “Results of Operations—Product Gross Margin—Supply Chain Impacts and Risks”, “Liquidity and Capital Resources—Inventory Supply Chain” under Item 7 and Note 14 to the Consolidated Financial Statements of this report. 13 13 13 Table of Contents Table of Contents

As a result of a variety of factors discussed in this report, our revenue for a particular quarter is difficult to predict, especially in light of a challenging and inconsistent global macroeconomic environment (including as a result of the on-going Russia and Ukraine war), and related market uncertainty. Our revenue may grow at a slower rate than in past periods, or decline as it did in certain prior periods. Our ability to meet financial expectations could also be adversely affected if the nonlinear sales pattern seen in some of our past quarters recurs in future periods. We have experienced periods of time during which shipments have exceeded net bookings or manufacturing issues have delayed shipments, leading to nonlinearity in shipping patterns. In addition to making it difficult to predict revenue for a particular period, nonlinearity in shipping can increase costs, because irregular shipment patterns result in periods of underutilized capacity and periods in which overtime expenses may be incurred, as well as in potential additional inventory management-related costs. In addition, to the extent that manufacturing issues and any related component shortages result in delayed shipments in the future, and particularly in periods in which our contract manufacturers are operating at higher levels of capacity, it is possible that revenue for a quarter could be adversely affected if such matters occur and are not remediated within the same quarter. The timing of large orders can also have a significant effect on our business and operating results from quarter to quarter. From time to time, we receive large orders that have a significant effect on our operating results in the period in which the order is recognized as revenue. The timing of such orders is difficult to predict, and the timing of revenue recognition from such orders may affect period to period changes in revenue. As a result, our operating results could vary materially from quarter to quarter based on the receipt of such orders and their ultimate recognition as revenue. Longer than normal manufacturing lead times in the past have caused, and in the future could cause, some customers to place the same or a similar order multiple times within our various sales channels and to cancel the duplicative orders upon shipment or receipt of the product, or to also place orders with other vendors with shorter manufacturing lead times. Such multiple ordering (along with other factors) or risk of order cancellation may cause difficulty in predicting our revenue. Further, our efforts to improve manufacturing lead-time performance may result in more variability and less predictability in our revenue and operating results. In addition, when facing component supply-related challenges, we have increased our efforts in procuring components in order to meet customer expectations, which in turn contribute to an increase in inventory and purchase commitments. In prior periods, we increased our inventory and purchase commitments in light of the significant supply constraints seen industry-wide due to component shortages. These increases in our inventory and purchase commitments to shorten lead times could also lead to material excess and obsolete inventory charges or other negative impacts to our product gross margin in future periods if product demand significantly weakens for a sustained duration. We plan our operating expense levels based primarily on forecasted revenue levels. These expenses and the impact of long-term commitments are relatively fixed in the short term. A shortfall in revenue could lead to operating results being below expectations because we may not be able to quickly reduce these fixed expenses in response to short-term business changes. Any of the above factors could have a material adverse impact on our operations and financial results. For additional information and a further discussion of impacts and risks related to our supply constraints, inventory commitments and our purchase commitments with contract manufacturers and suppliers, see Results of Operations—Product Gross Margin—Supply Constraints Impacts and Risks, Liquidity and Capital Resources—Inventory Supply Chain and Note 14 to the Consolidated Financial Statements. 15 15 15 Table of Contents Table of Contents

As of the end of fiscal 2024, we have senior unsecured notes outstanding in an aggregate principal amount of $20.3 billion that mature at specific dates from calendar year 2025 through 2064. We have also established a commercial paper program under which we may issue short-term, unsecured commercial paper notes on a private placement basis up to a maximum aggregate amount outstanding at any time of $15.0 billion. We had $10.9 billion in commercial paper notes outstanding under this program as of July 27, 2024. There can be no assurance that our incurrence of this debt or any future debt, including any additional debt to refinance maturing debt, will be a better means of providing liquidity to us than would our use of our existing cash resources. Further, we cannot be assured that our maintenance of this indebtedness or incurrence of future indebtedness will not negatively impact our operating results or financial condition. In addition, changes by any rating agency to our credit rating can negatively impact the value and liquidity of both our debt and equity securities, as well as the terms upon which we may borrow under our commercial paper program or future debt issuances.

As of the end of fiscal 2023, we have senior unsecured notes outstanding in an aggregate principal amount of $8.5 billion that mature at specific dates from calendar year 2023 through 2040. We have also established a commercial paper program under which we may issue short-term, unsecured commercial paper notes on a private placement basis up to a maximum aggregate amount outstanding at any time of $10.0 billion. We had no commercial paper notes outstanding under this program as of July 29, 2023. There can be no assurance that our incurrence of this debt or any future debt will be a better means of providing liquidity to us than would our use of our existing cash resources. Further, we cannot be assured that our maintenance of this indebtedness or incurrence of future indebtedness will not adversely affect our operating results or financial condition. In addition, changes by any rating agency to our credit rating can negatively impact the value and liquidity of both our debt and equity securities, as well as the terms upon which we may borrow under our commercial paper program or future debt issuances.

The continued threat of terrorism and heightened security and military action in response thereto, or any other current or future acts of terrorism, war (such as the on-going Russia-Ukraine war and the Israel-Hamas war), and other events (such as economic sanctions, trade restrictions and reactions of the governments, markets and the general public, including the sanctions and restrictions related to the on-going Russia-Ukraine war) may cause further disruptions to the economies of the United States and other countries and create further uncertainties or could otherwise negatively impact our business, operating results, and financial condition. Likewise, events such as loss of infrastructure and utilities services such as energy, transportation, or telecommunications could have similar negative impacts. To the extent that such disruptions or uncertainties result in delays or cancellations of customer orders or the manufacture or shipment of our products, our business, operating results, and financial condition could be materially harmed.

The continued threat of terrorism and heightened security and military action in response thereto, or any other current or future acts of terrorism, war (such as the on-going Russia and Ukraine war), and other events (such as economic sanctions and trade restrictions, including those related to the on-going Russia and Ukraine war) may cause further disruptions to the economies of the United States and other countries and create further uncertainties or could otherwise negatively impact our business, operating results, and financial condition. Likewise, events such as loss of infrastructure and utilities services such as energy, 24 24 24 Table of Contents Table of Contents transportation, or telecommunications could have similar negative impacts. To the extent that such disruptions or uncertainties result in delays or cancellations of customer orders or the manufacture or shipment of our products, our business, operating results, and financial condition could be materially and adversely affected.

We currently incorporate AI technology in certain of our products and services and in our business operations. Our research and development of such technology remains ongoing. AI presents risks and challenges and may result in unintended consequences that could affect its further development or our and our customers’ adoption and use of this technology. AI algorithms and training methodologies may be flawed. Additionally, AI technologies are complex and rapidly evolving, and we face significant competition in the market and from other companies regarding such technologies. Leveraging AI capabilities to potentially improve our internal functions and operations also presents further risks, costs, and challenges. While we aim to develop and use AI responsibly and attempt to identify and mitigate ethical and legal issues presented by its use, we may be unsuccessful in identifying or resolving issues before they arise. The AI-related legal and regulatory landscape remains uncertain and may be inconsistent from jurisdiction to jurisdiction. Our obligations to comply with the evolving legal and regulatory landscape could entail significant costs or limit our ability to incorporate certain AI capabilities into our offerings. AI-related issues, deficiencies and/or failures could also give rise to legal and/or regulatory action, including with respect to proposed legislation regulating AI in jurisdictions such as the European Union and others, and as a result of new applications of existing data protection, privacy, intellectual property, and other laws; damage our reputation; or otherwise materially harm our business.

We currently incorporate AI technology in certain of our products and services and in our business operations. Our research and development of such technology remains ongoing. AI presents risks, challenges, and unintended consequences that could affect our and our customers’ adoption and use of this technology. AI algorithms and training methodologies may be flawed. Additionally, AI technologies are complex and rapidly evolving, and we face significant competition in the market and from other companies regarding such technologies. While we aim to develop and use AI responsibly and attempt to identify and mitigate ethical and legal issues presented by its use, we may be unsuccessful in identifying or resolving issues before they arise. AI-related issues, deficiencies and/or failures could (i) give rise to legal and/or regulatory action, including with respect to proposed legislation regulating AI in jurisdictions such as the European Union and others, and as a result of new applications of 22 22 22 Table of Contents Table of Contents existing data protection, privacy, intellectual property, and other laws; (ii) damage our reputation; or (iii) otherwise materially harm our business.

Changes in regulatory requirements applicable to the industries and sectors in which we operate, in the United States and in other countries, could materially affect the sales and use of our products and services. In particular, economic sanctions and changes to export and import control requirements have impacted and may continue to impact our ability to sell and support our products and services in certain jurisdictions. In addition, changes in telecommunications regulations could impact our service provider customers’ purchase of our products and services, and they could also impact sales of our own regulated offerings. Government procurement policies, priorities, regulations, technology initiatives and/or other obligations often give rise to evolving privacy, cybersecurity, operational resilience, or other requirements, and the failure or delay to meet and maintain such requirements could negatively impact our business, including by limiting our ability to sell products and services, directly or indirectly, to public sector, critical infrastructure and other customers. Additional areas of uncertainty that could impact sales of our products and services include laws, regulations, or customer procurement requirements related to encryption technology, data, artificial intelligence, privacy, cybersecurity, operational resilience, environmental sustainability (including climate change), human rights, product certification, product accessibility, country of origin, and national security controls applicable to our supply chain. Changes in regulatory requirements or our actual or perceived failure to comply with applicable laws and regulations or other obligations could materially harm our business, operating results, and financial condition.

Changes in regulatory requirements applicable to the industries and sectors in which we operate, in the United States and in other countries, could materially affect the sales of our products and services. In particular, economic sanctions and changes to export and import control requirements have impacted and may continue to impact our ability to sell and support our products and services in certain jurisdictions. In addition, changes in telecommunications regulations could impact our service provider customers’ purchase of our products and services, and they could also impact sales of our own regulated offerings. Additional areas of uncertainty that could impact sales of our products and services include laws, regulations, or customer procurement requirements related to encryption technology, data, artificial intelligence, privacy, cybersecurity, environmental sustainability (including climate change), human rights, product certification, product accessibility, country of origin, and national security controls applicable to our supply chain. Changes in regulatory requirements in any of these areas or our actual or perceived failure to comply with applicable laws and regulations or other obligations relating to these areas could have a material adverse effect on our business, operating results, and financial condition.

The products and services (together, our “solutions”) we sell to customers, and the cloud-based services operated or enabled by us, or by third parties upon which we rely, inevitably contain vulnerabilities or security defects (despite our efforts to prevent and detect them through secure development lifecycle practices, testing, and other means), which have not been remedied or cannot be disclosed without compromising security. We also make prioritization decisions in determining which vulnerabilities or security defects to fix and the timing of these fixes. Even when we prioritize a vulnerability or security defect, in certain instances it has taken, and in the future could take, time for us to develop a remedy and the remedy may ultimately be insufficient to fully fix the issue. In addition, workarounds or other mitigation efforts in certain instances have not been, and in the future may not be, available or sufficient to protect customers prior to a security update being made available. Vulnerabilities can persist even after we have issued security updates if we have not identified and addressed the root cause of a particular vulnerability, if customers have not installed the most recent updates, if the attackers exploited the vulnerabilities before a security update is applied to install additional malware to further compromise customers’ systems, or if a previously patched vulnerability is inadvertently reintroduced due to a security regression during future development. Additionally, customers may also need to test security updates before they can be deployed which can delay implementation. When customers do not deploy security updates in a timely manner, use solutions that are end of life and no longer receive security updates, or decide not to upgrade to the latest versions of our solutions containing the security update, they are left vulnerable. In addition, we rely on third-party providers of software and cloud-based services on which our and third-party data is stored or processed, and we cannot control the timing at which third-party providers remedy vulnerabilities, which could leave us vulnerable. Failure to comply with internal security policies and standards, including secure development lifecycle practices, failure to prevent or promptly mitigate vulnerabilities and security defects, prioritization errors in remedying vulnerabilities or security defects, failure of third-party providers to remedy vulnerabilities or security defects, or customers not deploying 25 25 25 Table of Contents Table of Contents security updates in a timely manner or deciding not to upgrade solutions could, in each case, result in claims of legal and/or regulatory action against us, damage our reputation, or otherwise materially harm our business.

The products and services we sell to customers, and our cloud-based solutions, inevitably contain vulnerabilities or security defects which have not been remedied and cannot be disclosed without compromising security. We also make prioritization decisions in determining which vulnerabilities or security defects to fix and the timing of these fixes. Customers may also need to test security updates before they can be deployed which can delay implementation. When customers do not deploy security updates in a timely manner, or decide not to upgrade to the latest versions of our products, services or cloud-based solutions containing the security update, they may be left vulnerable. In addition, we rely on third-party providers of software and cloud-based services on which our and third-party data is stored or processed, and we cannot control the timing at which third-party providers remedy vulnerabilities, which could leave us vulnerable. Vulnerabilities and security defects, prioritization errors in remedying vulnerabilities or security defects, failure of third-party providers to remedy vulnerabilities or security defects, or customers not deploying security updates in a timely manner or deciding not to upgrade products, services or solutions could result in claims of liability against us, damage our reputation or otherwise materially harm our business.

Our operating results have been in the past, and will continue to be, subject to quarterly and annual fluctuations as a result of numerous factors, some of which may contribute to more pronounced fluctuations in an uncertain global economic environment. These factors include: •Fluctuations in demand for our products and services, especially with respect to service providers and internet businesses, in part due to changes in the global economic environment •Changes in sales and implementation cycles for our products and reduced visibility into our customers’ spending plans and associated revenue •Our ability to maintain appropriate inventory levels and purchase commitments •Price and product competition in the communications and networking industries, which can change rapidly due to technological innovation and different business models from various geographic regions •The overall movement toward industry consolidation among both our competitors and our customers •The introduction and market acceptance of new technologies and products, and our success in new and evolving markets, and in emerging technologies, as well as the adoption of new standards •Variations in sales channels, product costs, mix of products sold, or mix of direct sales and indirect sales •The timing, size, and mix of orders from customers •Manufacturing and customer lead times •Fluctuations in our gross margins, and the factors that contribute to such fluctuations •The ability of our customers, channel partners, contract manufacturers and suppliers to obtain financing or to fund capital expenditures, especially during a period of global credit market disruption or in the event of customer, channel partner, contract manufacturer or supplier financial problems •Actual events, circumstances, outcomes, and amounts differing from judgments, assumptions, and estimates used in determining the values of certain assets (including the amounts of related valuation allowances), liabilities, and other items reflected in our Consolidated Financial Statements •How well we execute on our strategy and operating plans and the impact of changes in our business model that could result in significant restructuring charges •Our ability to achieve targeted cost reductions •Benefits anticipated from our investments •Changes in tax laws or accounting rules, or interpretations thereof As a consequence, operating results for a particular future period are difficult to predict, and, therefore, prior results are not necessarily indicative of results to be expected in future periods. Any of the foregoing factors, or any other factors discussed elsewhere herein, could materially harm our business, results of operations, and financial condition.

Our operating results have been in the past, and will continue to be, subject to quarterly and annual fluctuations as a result of numerous factors, some of which may contribute to more pronounced fluctuations in an uncertain global economic environment. These factors include: •Fluctuations in demand for our products and services, especially with respect to service providers and Internet businesses, in part due to changes in the global economic environment •Changes in sales and implementation cycles for our products and reduced visibility into our customers’ spending plans and associated revenue •Our ability to maintain appropriate inventory levels and purchase commitments •Price and product competition in the communications and networking industries, which can change rapidly due to technological innovation and different business models from various geographic regions •The overall movement toward industry consolidation among both our competitors and our customers •The introduction and market acceptance of new technologies and products, and our success in new and evolving markets, and in emerging technologies, as well as the adoption of new standards •The transformation of our business to deliver more software and subscription offerings where revenue is recognized over time •Variations in sales channels, product costs, mix of products sold, or mix of direct sales and indirect sales •The timing, size, and mix of orders from customers •Manufacturing and customer lead times •Fluctuations in our gross margins, and the factors that contribute to such fluctuations •The ability of our customers, channel partners, contract manufacturers and suppliers to obtain financing or to fund capital expenditures, especially during a period of global credit market disruption or in the event of customer, channel partner, contract manufacturer or supplier financial problems •Actual events, circumstances, outcomes, and amounts differing from judgments, assumptions, and estimates used in determining the values of certain assets (including the amounts of related valuation allowances), liabilities, and other items reflected in our Consolidated Financial Statements •How well we execute on our strategy and operating plans and the impact of changes in our business model that could result in significant restructuring charges •Our ability to achieve targeted cost reductions •Benefits anticipated from our investments •Changes in tax laws or accounting rules, or interpretations thereof As a consequence, operating results for a particular future period are difficult to predict, and, therefore, prior results are not necessarily indicative of results to be expected in future periods. Any of the foregoing factors, or any other factors discussed elsewhere herein, could have a material adverse effect on our business, results of operations, and financial condition that could adversely affect our stock price.

We experience cyber attacks and other attempts to gain unauthorized access on a regular basis to (i) our products and services (together, our “solutions”) and (ii) the servers, data centers, networks, systems, and cloud-based services operated or enabled by us, or by third parties upon which we rely, on or through which our and third-party data are stored, processed, or can be accessed (collectively, our “IT environment”). We anticipate continuing to be increasingly subject to such attempts as cyber attacks become more sophisticated and difficult to predict and protect against. Despite our active implementation of security and other measures, our solutions and IT environment have been, and continue to be, vulnerable to cyber attacks, incidents, data breaches, malware, inadvertent error, disruptions, failures, physical security breaches, tampering or other theft or misuse, including by employees, contingent workers, and malicious actors. Additionally, nation-state actors or their agents have in the past successfully attacked our IT environment and have also exploited vulnerabilities in our solutions to carry out attacks, and we anticipate that these attacks and the exploitation of vulnerabilities in our solutions will continue and may intensify during periods of diplomatic or armed conflict. Further, a cyber attack or other incident could go undetected and persist in our environments for extended periods. Cyber-related events have caused, and in the future could result in, compromise to, the disruption of access to, or the operation of our solutions and IT environment or those of our customers or third-party providers upon which we rely, or result in confidential information stored on our systems or our customers’ or other third-party systems being improperly accessed, processed, disclosed now (or in the future), or be lost or stolen. Efforts to limit the ability of malicious actors to disrupt the operations of the Internet or undermine our security efforts are costly to implement and may not be successful. Breaches of security in our IT environment, our customers’ or third-party providers’ networks, or in third-party products we use, regardless of whether the breach is attributable to a vulnerability in our solutions, a failure by us to timely mitigate or apply a security fix for products we use that are found vulnerable, or a failure to maintain the digital security infrastructure or security tools that protect the integrity of our solutions and IT environment, could, in each case, result in claims of legal and/or regulatory action against us, damage our reputation or otherwise materially harm our business. The occurrence of a cyber attack, data breach or other incident could subject us to liability to our customers, data subjects, suppliers, business partners, employees, and others, give rise to legal and/or regulatory action, could damage our reputation or could otherwise negatively impact our business, any of which could materially harm our business, operating results, and financial condition.

We experience cyber attacks and other attempts to gain unauthorized access to our products, services, and IT environment on a regular basis, and we anticipate continuing to be subject to such attempts as cyber attacks become increasingly sophisticated and more difficult to predict and protect against. Despite our implementation of security measures, (i) our products and services, and (ii) the servers, data centers, and cloud-based solutions on which our and third-party data is stored or processed (including servers, data centers and cloud-based solutions operated by third parties on which we rely) (collectively, our “IT environment”), are vulnerable to cyber attacks, data breaches, malware, inadvertent error, disruptions, tampering or other theft or misuse, including by employees, contingent workers, malicious actors, or nation-states or their agents (which cyber attack or related activity may intensify during periods of diplomatic or armed conflict). Further, a cyber attack or other incident could go undetected and persist in our environments for extended periods. Cyber-related events have caused, and in the future could result in, compromise to, or the disruption of access to, the operation of our products, services, and IT environment or those of our customers or third-party providers we rely on, or result in confidential information stored on our systems, our customers’ systems, or other third-party systems being improperly accessed, processed, disclosed now or in the future, or be lost or stolen. For example, in December 2021, multiple vulnerabilities were reported for the widely used Java logging library, Apache Log4j. We reviewed the use of this library within our products and services, its use in our enterprise IT environment, and its use by our third-party providers, and have taken steps to mitigate these vulnerabilities, including by providing security updates for affected products to our customers. We have not to date experienced a material event related to a cybersecurity matter; however, the occurrence of any such event in the future could subject us to liability to our customers, data subjects, suppliers, business partners, employees, and others, give rise to legal and/or regulatory action, could damage our reputation or could otherwise materially harm our business, any of which could have a material adverse effect on our business, operating results, and financial condition. Efforts to limit the ability of malicious actors to disrupt the operations of the Internet or undermine our own security efforts are costly to implement and may not be successful. Breaches of security in our customers’ or third-party providers’ networks, in third-party products we use, or in cloud-based services provided to, by, or enabled by us, regardless of whether the breach is attributable to a vulnerability in our products or services, or a failure to maintain the digital security infrastructure or security tools that protect the integrity of our products, services, and IT environment, could, in each case, result in claims of liability against us, damage our reputation or otherwise materially harm our business. 26 26 26 Table of Contents Table of Contents

Sales to the service provider and cloud market have been characterized by large and sporadic purchases, especially relating to our router sales and sales of certain other Networking and Collaboration products, in addition to longer sales cycles. Service provider and cloud product orders significantly decreased during fiscal 2024 and we have experienced similar declines in certain prior periods. Product orders from the service provider and cloud market could continue to decline and, as has been the case in the past, such weakness could persist over extended periods of time given fluctuating market conditions. Products in the service provider and cloud market could also face a high degree of customer concentration, with bespoke product designs and features that would be difficult to sell to alternate customers should the primary customer reduce its product orders with Cisco. Sales activity in this industry depends upon the stage of completion of expanding network infrastructures; the availability of 15 15 15 Table of Contents Table of Contents funding; and the extent to which service provider and cloud customers are affected by regulatory, economic, and business conditions in the country of operations. Weakness in orders from this industry, including as a result of any slowdown in capital expenditures by service providers (which may be more prevalent during a global economic downturn, or periods of economic, political or regulatory uncertainty), could materially harm our business, operating results, and financial condition. Such slowdowns may continue or recur in future periods. Orders from this industry could decline for many reasons other than the competitiveness of our products and services within their respective markets. For example, in the past, many of our service provider and cloud customers have been negatively impacted by slowdowns in the general economy, by overcapacity, by changes in the service provider and cloud market, by regulatory developments, and by constraints on capital availability, resulting in business failures and substantial reductions in spending and expansion plans. These conditions have negatively impacted our business and operating results in the past, and could materially harm our business and operating results in any future period. Finally, service provider and cloud customers typically have longer implementation cycles; require a broader range of services, including design services; demand that vendors take on a larger share of risks; often require acceptance provisions, which can lead to a delay in revenue recognition; and expect financing from vendors. All these factors can add further risk to business conducted with service providers.

Sales to the service provider market have been characterized by large and sporadic purchases, especially relating to our router sales and sales of certain other Secure, Agile Networks and Collaboration products, in addition to longer sales cycles. Service provider product orders significantly decreased during fiscal 2023 and we have experienced similar weakness in certain prior periods. Product orders from the service provider market could continue to decline and, as has been the case in the past, such weakness could persist over extended periods of time given fluctuating market conditions. Sales activity in this industry 17 17 17 Table of Contents Table of Contents depends upon the stage of completion of expanding network infrastructures; the availability of funding; and the extent to which service providers are affected by regulatory, economic, and business conditions in the country of operations. Weakness in orders from this industry, including as a result of any slowdown in capital expenditures by service providers (which may be more prevalent during a global economic downturn, or periods of economic, political or regulatory uncertainty), could have a material adverse effect on our business, operating results, and financial condition. Such slowdowns may continue or recur in future periods. Orders from this industry could decline for many reasons other than the competitiveness of our products and services within their respective markets. For example, in the past, many of our service provider customers have been materially and adversely affected by slowdowns in the general economy, by overcapacity, by changes in the service provider market, by regulatory developments, and by constraints on capital availability, resulting in business failures and substantial reductions in spending and expansion plans. These conditions have materially harmed our business and operating results in the past, and could affect our business and operating results in any future period. Finally, service provider customers typically have longer implementation cycles; require a broader range of services, including design services; demand that vendors take on a larger share of risks; often require acceptance provisions, which can lead to a delay in revenue recognition; and expect financing from vendors. All these factors can add further risk to business conducted with service providers.

We are a party to lawsuits in the normal course of our business. Any litigation can be costly, lengthy, and disruptive to normal business operations. Moreover, the results of complex legal proceedings are difficult to predict. An unfavorable resolution of lawsuits or governmental investigations could materially harm our business, operating results, or financial condition. For additional information regarding certain of the matters in which we are involved, see Note 14 to the Consolidated Financial Statements, subsection (f) “Legal Proceedings.”

We are a party to lawsuits in the normal course of our business. Additionally, in connection with the Russia and Ukraine war and our decision to stop business operations and orderly wind down our business in Russia, there are existing claims and lawsuits in Russia, and the potential for future claims and lawsuits in Russia and/or Belarus, related to such decision and related 23 23 23 Table of Contents Table of Contents trade restrictions and sanctions. In the event of an unfavorable resolution of any of these lawsuits, the potential outcome could include the seizure of our assets in Russia and/or Belarus, which, collectively, represents less than 0.1% of our total assets at the end of fiscal 2023. Litigation can be costly, lengthy, and disruptive to normal business operations. Moreover, the results of complex legal proceedings are difficult to predict. An unfavorable resolution of lawsuits or governmental investigations could have a material adverse effect on our business, operating results, or financial condition. For additional information regarding certain of the matters in which we are involved, see Note 14 to the Consolidated Financial Statements, subsection (f) “Legal Proceedings.”