Keysight Technologies Inc.: 10-K Risk Factor Changes

We are subject to federal, state, and local taxes in the United States and numerous foreign jurisdictions. We devote significant resources to evaluating our tax positions and our worldwide provision for taxes. Any changes to the positions we have taken could result in an impact to our financial statements. Our financial results and tax treatment are susceptible to changes in tax, accounting, and other laws, including the Inflation Reduction Act and The Tax Cuts and Jobs Act in the U.S, regulations, principles, and interpretations in the United States and in other jurisdictions where we do business. With the existence of economic and political policies that favor domestic interests, it is possible that more countries will enact tax laws that either increase the tax rates, or reduce or change the tax incentives available to multinational companies like ours. Upon a change in tax laws in any territory where we do significant business, we may not be able to maintain our current tax rate or qualify for or maintain the benefits of any tax incentives offered, to the extent such incentives are offered. Keysight benefits from tax incentives in several jurisdictions, most significantly in Singapore and Malaysia, that will expire or require renewal at various times in the future. The tax incentives provide lower rates of taxation on certain classes of income and require thresholds of investments and employment in those jurisdictions. If we cannot or do not wish to satisfy all or portions of the tax incentives conditions, we may lose the related tax incentives and could be required to refund the benefits that the tax incentives previously provided. We believe that we will satisfy such conditions, but cannot guarantee that the tax environment will not change or that such conditions will be satisfied. The Singapore tax incentive expires July 31, 2024, and the Malaysia incentive expires October 31,2025. Our taxes could increase if the existing Singapore or Malaysia incentives are revoked or are not renewed upon expiration. We cannot guarantee that we will qualify for any new incentive regime that may exist going forward. As a result, our effective 23 23 23 Table of Contents Table of Contents tax rate could be higher than it would have been had we renewed the tax incentives and could harm our operating results after tax.

We are subject to federal, state, and local taxes in the United States and numerous foreign jurisdictions. We devote significant resources to evaluating our tax positions and our worldwide provision for taxes. Our financial results and tax treatment are susceptible to changes in tax, accounting, and other laws, regulations, principles, and interpretations in the United States and in other jurisdictions where we do business. With the existence of economic and political policies that favor domestic interests, it is possible that more countries will enact tax laws that either increase the tax rates, or reduce or change the tax incentives available to multinational companies like ours. Upon a change in tax laws in any territory where we do significant business, we may not be able to maintain our current tax rate or qualify for or maintain the benefits of any tax incentives offered, to the extent such incentives are offered. Keysight benefits from tax incentives in several jurisdictions, most significantly in Singapore and Malaysia, that will expire or require renewal at various times in the future. The tax incentives provide lower rates of taxation on certain classes of income and require thresholds of investments and employment in those jurisdictions. Based on the current tax environment, we believe that we will satisfy such conditions in the future as needed, but cannot guarantee that the tax environment will not change or that such conditions will be satisfied. If we cannot or do not wish to satisfy all or portions of the tax incentives conditions, we may lose the related tax incentives and could be required to refund the benefits that the tax incentives previously provided. The Singapore tax incentive is due for renewal in 2024, and the Malaysia incentive is due for renewal in 2025. Based on the current tax environment, we believe that we will satisfy such conditions in the future as needed, but cannot guarantee that the tax environment will not change or that such conditions will be satisfied. We cannot guarantee that we will qualify or wish to qualify for any future incentive regime that may exist in the future. As a result, our effective tax rate could be higher than it would have been had we maintained the benefits of the tax incentives and could harm our operating results. Our taxes could increase if the existing Singapore or Malaysia incentives are revoked or are not renewed upon expiration. We cannot guarantee that we will qualify for any new incentive regime that may exist in fiscal years 2024 or 2025, respectively. If we cannot or do not wish to satisfy all or portions of the tax incentives conditions, we may lose the related tax incentives and could be required to refund the benefits that the tax incentives previously provided. As a result, our effective tax rate could be higher than it would have been had we maintained the benefits of the tax incentives and could harm our operating results after tax.

We rely on several centralized IT systems to provide solutions and services, maintain financial records, retain sensitive data such as intellectual property, proprietary business information, and data related to customers, suppliers, and business partners, process orders, manage inventory, process shipments to customers and operate other critical functions. The ongoing maintenance and security of this information is pertinent to the success of our business operations and our strategic goals. Despite our implementation of network security measures, our network may be vulnerable to cybersecurity attacks, computer viruses, break-ins and similar disruptions. Our network security measures include, but are not limited to, the implementation of firewalls, antivirus protection, patches, log monitors, routine backups, offsite storage, network audits, employee training and routine updates and modifications. Despite our efforts to create these security barriers, we may not be able to keep pace as new threats emerge, and it is virtually impossible for us to entirely eliminate this risk. Cybersecurity attacks are evolving and include, but are not limited to, malicious software, attempts to gain unauthorized access to data, and other electronic security breaches that could lead to disruptions in systems, unauthorized release of confidential or otherwise protected information and corruption of data. Any such event could have a material adverse effect on our business, reputation, operating results and financial condition, and no assurance can be given that our efforts to reduce the risk of such attacks will be successful. Our software products may contain vulnerabilities that could be exploited by cybersecurity attackers, allowing them to introduce malicious code into our products to gain access to customer networks. Such attacks could lead to disruptions to our customers’ operations or processes, system downtime, financial loss, loss of their intellectual property, business information and proprietary data, or corruption of data, which could impact Keysight’s reputation, and result in loss of confidence in our products, loss of orders, and loss in revenue, which could materially impact our financial results. We proactively scan for vulnerabilities in our product lines. When vulnerabilities are discovered, we respond with a predefined Product Security Response Process to address the vulnerability, but we cannot eliminate the possibility of a successful cybersecurity attack or exploitation of undiscovered vulnerabilities. In addition, our IT systems may be susceptible to damage, disruptions, instability, or shutdowns due to power outages, hardware failures, telecommunication failures, user errors, implementation of new operational systems or software or upgrades to existing systems and software, catastrophes, or other unforeseen events. Such events could result in the disruption of business processes, network degradation and system downtime, along with the potential that a third party will exploit our critical assets, such as intellectual property, proprietary business information and data related to our customers, suppliers and business partners. Further, such events could result in loss of revenue, loss of or reduction in purchase orders, inability to report financial information, litigation, regulatory fines and penalties, and other damage that could have a material impact on our business operations. To the extent that such disruptions occur, our customers and partners may lose confidence in our solutions, and we may lose business or brand reputation, resulting in a material and adverse effect on our business operating results and financial condition.

We rely on several centralized IT systems to provide solutions and services, maintain financial records, retain sensitive data such as intellectual property, proprietary business information, and data related to customers, suppliers, and business partners, process orders, manage inventory, process shipments to customers and operate other critical functions. The ongoing maintenance and security of this information is pertinent to the success of our business operations and our strategic goals. Despite our implementation of network security measures, our network may be vulnerable to cybersecurity attacks, computer viruses, break-ins and similar disruptions. Our network security measures include, but are not limited to, the implementation of firewalls, antivirus protection, patches, log monitors, routine backups, offsite storage, network audits, employee training and routine updates and modifications. Despite our efforts to create these security barriers, we may not be able to keep pace as new threats emerge and it is virtually impossible for us to entirely eliminate this risk. Cybersecurity attacks are evolving and include, but are not limited to, malicious software, attempts to gain unauthorized access to data, and other electronic security breaches that could lead to disruptions in systems, unauthorized release of confidential or otherwise protected information and corruption of data. Any such event could have a material adverse effect on our business, reputation, operating results and financial condition, and no assurance can be given that our efforts to reduce the risk of such attacks will be successful. In addition, our IT systems may be susceptible to damage, disruptions, instability, or shutdowns due to power outages, hardware failures, telecommunication failures, user errors, implementation of new operational systems or software or upgrades to existing systems and software, catastrophes, or other unforeseen events. Such events could result in the disruption of business processes, network degradation and system downtime, along with the potential that a third party will exploit our critical assets such as intellectual property, proprietary business information and data related to our customers, suppliers and business partners. Further, such events could result in loss of revenue, loss of or reduction in purchase orders, inability to report financial information, litigation, regulatory fines and penalties, and other damage that could have a material impact on our business operations. To the extent that such disruptions occur, our customers and partners may lose confidence in our solutions and we may lose business or brand reputation, resulting in a material and adverse effect on our business operating results and financial condition.

A substantial amount of our solutions are priced and paid for in U.S. Dollars, although many of our solutions are priced in local currencies and a significant amount of certain types of expenses, such as payroll, utilities, tax and marketing expenses, are paid in local currencies and could be impacted by significant currency exchange rate fluctuations. Our hedging programs are designed to reduce, but not entirely eliminate, within any given 12-month period, the impact of currency exchange rate movements, including those caused by currency controls, which could impact our business, operating results and financial condition by resulting in lower revenue or increased expenses. However, for expenses beyond a 12-month period, our hedging strategy will not mitigate our exchange rate risk. In addition, our currency hedging programs involve third-party financial institutions as counterparties. The weakening or failure of these counterparties may adversely affect our hedging programs and our financial condition through, among other things, a reduction in the number of available counterparties, increasingly unfavorable terms or the failure of counterparties to perform under hedging contracts.

A substantial amount of our solutions are priced and paid for in U.S. Dollars, although many of our solutions are priced in local currencies and a significant amount of certain types of expenses, such as payroll, utilities, tax and marketing expenses, are paid in local currencies. Our hedging programs are designed to reduce, but not entirely eliminate, within any given 12-month period, the impact of currency exchange rate movements, including those caused by currency controls, which could impact our business, operating results and financial condition by resulting in lower revenue or increased expenses. However, for expenses beyond a 12-month period, our hedging strategy will not mitigate our exchange rate risk. In addition, our currency hedging programs involve third-party financial institutions as counterparties. The weakening or failure of these counterparties may adversely affect our hedging programs and our financial condition through, among other things, a reduction in the number of available counterparties, increasingly unfavorable terms or the failure of counterparties to perform under hedging contracts.