Keysight Technologies Inc.: 10-K Risk Factor Changes

We do not currently pay dividends on our common stock. The payment of any dividends in the future, and the timing and amount thereof, to our stockholders fall within the discretion of our board of directors. The board’s decisions regarding the payment of dividends will depend on many factors, such as our financial condition, earnings, capital requirements, debt service obligations, restrictive covenants in our debt, industry practice, legal requirements, regulatory constraints and other factors that our board of directors deem relevant.

We do not currently pay dividends on our common stock. The payment of any dividends in the future, and the timing and amount thereof, to our stockholders fall within the discretion of our board of directors. The board's decisions regarding the payment of dividends will depend on many factors, such as our financial condition, earnings, capital requirements, debt service obligations, restrictive covenants in our debt, industry practice, legal requirements, regulatory constraints and other factors that our board of directors deems relevant. We cannot guarantee that we will pay a dividend in the future or continue to pay any dividends if we commence paying dividends. 29 29 29 Table of Contents Table of Contents

We are a global company with international operations, and we sell our products and solutions in countries throughout the world. Regional conflicts, including the Russian invasion of Ukraine, which resulted in economic sanctions and the decision to discontinue our operations in Russia, the war between Israel and Hamas, and the risk of increased tensions between China and Taiwan, could limit or prohibit our ability to transfer certain technologies, to sell our products and solutions, and could result in additional closure of facilities in sanctioned countries. In addition, international conflict could further result in global or regional market instability; increased energy costs, which could increase the cost of manufacturing, selling and delivering products and solutions; and increased risk of cybersecurity attacks, which could adversely impact our financial results.

We are a global company with international operations, and we sell our products and solutions in countries throughout the world. Regional conflicts, including the Russian invasion of Ukraine, which resulted in economic sanctions and the decision to discontinue our operations in Russia, the war between Israel and Hamas, and the risk of increased tensions between China and Taiwan, could limit or prohibit our ability to transfer certain technologies, to sell our products and solutions, and could result in additional closure of facilities in sanctioned countries. In addition, international conflict has resulted in increased pressure on the supply chain and could further result in increased energy costs, which could increase the cost of manufacturing, selling and delivering products and solutions; inflation, which has resulted in increases in the cost of manufacturing products and solutions, reduced customer purchasing power, increased price pressure, and reduced or cancelled orders; increased risk of cybersecurity attacks; and market instability, which could adversely impact our financial results. 18 18 18 Table of Contents Table of Contents

We rely on several centralized IT systems as well as cloud-based service providers to provide solutions and services, maintain financial records, retain sensitive data such as intellectual property, proprietary business information, and data related to customers, suppliers, and business partners, process orders, manage inventory, process shipments to customers and operate other critical functions. The ongoing maintenance and security of this information is pertinent to the success of our business operations and our strategic goals. Despite the implementation of network security measures by us and our third-party service providers, our network and our data may be vulnerable to cybersecurity attacks, computer viruses, break-ins and similar disruptions. Our network security measures include, but are not limited to, the implementation of firewalls, antivirus protection, patches, log monitors, routine backups, offsite storage, network audits, employee training and routine updates and modifications. Despite our efforts and those of our service providers to create these security barriers, as new threats emerge it is virtually impossible to entirely eliminate this risk. Cybersecurity attacks are evolving and include, but are not limited to, ransomware attacks, malicious software, attempts to gain unauthorized access to data, and other electronic security breaches that could lead to disruptions in systems, unauthorized release of confidential or otherwise protected information and corruption of data. Any such event could have a material adverse effect on our business, reputation, operating results and financial condition, and no assurance can be given that efforts to reduce the risk of such attacks will be successful. Our products may contain vulnerabilities that could be exploited by cybersecurity attackers, allowing them to introduce malicious code into our products to gain access to customer networks. Such attacks could lead to disruptions to our customers’ operations or processes, system downtime, financial loss, loss of their intellectual property, business information and proprietary data, or corruption of data, which could impact Keysight’s reputation, and result in loss of confidence in our products, loss of orders, and loss in revenue, which could materially impact our financial results. We proactively scan for vulnerabilities in our product lines. When vulnerabilities are discovered, we respond with a predefined Product Security Response Process to address the vulnerability, but we cannot eliminate the possibility of a successful cybersecurity attack or exploitation of undiscovered vulnerabilities. In an effort to improve information security, governments may enact rules, regulations, standards and attestation requirements. These requirements may be unclear, onerous, and compliance may be burdensome and costly. Additionally, the requirements may vary from jurisdiction to jurisdiction and may include differing or conflicting requirements. Compliance with the requirements could impact both the order availability of existing products as well as the introduction timing of new products, which could cause customers to stop purchasing our solutions and could impact our revenue and profits. The failure to comply with such requirements, once enacted, may result in lost orders, reduced revenue, fines, penalties and damage to our reputation. In addition, our IT systems and those of our service providers may be susceptible to damage, disruptions, instability, or shutdowns due to power outages, hardware failures, telecommunication failures, user errors, implementation of new operational systems or software or upgrades to existing systems and software, catastrophes, or other unforeseen events. Such events could result in the disruption of business processes, network degradation and system downtime, along with the potential that a third 24 24 24 Table of Contents Table of Contents party will exploit our critical assets, such as intellectual property, proprietary business information and data related to our customers, suppliers and business partners. Further, such events could result in loss of revenue, loss of or reduction in purchase orders, inability to report financial information, litigation, regulatory fines and penalties, and other damage that could have a material impact on our business operations. To the extent that such disruptions occur, our customers and partners may lose confidence in our solutions, and we may lose business or brand reputation, resulting in a material and adverse effect on our business operating results and financial condition.

We rely on several centralized IT systems to provide solutions and services, maintain financial records, retain sensitive data such as intellectual property, proprietary business information, and data related to customers, suppliers, and business partners, process orders, manage inventory, process shipments to customers and operate other critical functions. The ongoing maintenance and security of this information is pertinent to the success of our business operations and our strategic goals. Despite our implementation of network security measures, our network may be vulnerable to cybersecurity attacks, computer viruses, break-ins and similar disruptions. Our network security measures include, but are not limited to, the implementation of firewalls, antivirus protection, patches, log monitors, routine backups, offsite storage, network audits, employee training and routine updates and modifications. Despite our efforts to create these security barriers, we may not be able to keep pace as new threats emerge, and it is virtually impossible for us to entirely eliminate this risk. Cybersecurity attacks are evolving and include, but are not limited to, malicious software, attempts to gain unauthorized access to data, and other electronic security breaches that could lead to disruptions in systems, unauthorized release of confidential or otherwise protected information and corruption of data. Any such event could have a material adverse effect on our business, reputation, operating results and financial condition, and no assurance can be given that our efforts to reduce the risk of such attacks will be successful. Our software products may contain vulnerabilities that could be exploited by cybersecurity attackers, allowing them to introduce malicious code into our products to gain access to customer networks. Such attacks could lead to disruptions to our customers’ operations or processes, system downtime, financial loss, loss of their intellectual property, business information and proprietary data, or corruption of data, which could impact Keysight’s reputation, and result in loss of confidence in our products, loss of orders, and loss in revenue, which could materially impact our financial results. We proactively scan for vulnerabilities in our product lines. When vulnerabilities are discovered, we respond with a predefined Product Security Response Process to address the vulnerability, but we cannot eliminate the possibility of a successful cybersecurity attack or exploitation of undiscovered vulnerabilities. In addition, our IT systems may be susceptible to damage, disruptions, instability, or shutdowns due to power outages, hardware failures, telecommunication failures, user errors, implementation of new operational systems or software or upgrades to existing systems and software, catastrophes, or other unforeseen events. Such events could result in the disruption of business processes, network degradation and system downtime, along with the potential that a third party will exploit our critical assets, such as intellectual property, proprietary business information and data related to our customers, suppliers and business partners. Further, such events could result in loss of revenue, loss of or reduction in purchase orders, inability to report financial information, litigation, regulatory fines and penalties, and other damage that could have a material impact on our business operations. To the extent that such disruptions occur, our customers and partners may lose confidence in our solutions, and we may lose business or brand reputation, resulting in a material and adverse effect on our business operating results and financial condition.

We are subject to legal proceedings, lawsuits and other claims in the normal course of business and could become subject to additional claims in the future, some of which could be material. On January 1, 2022, Centripetal Networks filed a lawsuit in Federal District Court in Virginia, alleging that certain Keysight products infringe certain of Centripetal’s patents. In addition, in February 2022, Centripetal filed complaints in Germany alleging infringement of certain of Centripetal’s German patents, and in April 2022, Centripetal filed a complaint with the International Trade Commission (“ITC”) requesting that they investigate whether Keysight violated Section 377 of the Tariff Act and should be enjoined from importing certain products that are manufactured outside of the U.S. and alleged to infringe Centripetal patents. On December 5, 2023, the ITC issued its Notice of Determination that Keysight did not unfairly import products in violation of Section 337 and the investigation was terminated. Centripetal has appealed this determination. On August 21, 2024, Keysight was served in Germany with a complaint filed in the Unified Patent Court alleging that certain Keysight products sold in Germany, France, Italy and the Netherlands infringe a European Centripetal patent. Although we deny the allegations and are aggressively defending each case, the outcome of existing proceedings, lawsuits and claims may differ from our expectations because the outcomes of litigation are often difficult to reliably predict. Various factors or developments can lead us to change current estimates of liabilities and related insurance receivables where applicable, or permit us to make such estimates for matters previously not susceptible to reasonable estimates, such as a significant judicial ruling or judgment, a significant settlement, significant regulatory developments or changes in applicable law. A future adverse ruling, settlement or unfavorable development could result in charges that could adversely affect our business, operating results or financial condition.

We are subject to legal proceedings, lawsuits and other claims in the normal course of business and could become subject to additional claims in the future, some of which could be material. On January 1, 2022, Centripetal Networks filed a lawsuit in Federal District Court in Virginia, alleging that certain Keysight products infringe certain of Centripetal’s patents. In addition, in February 2022, Centripetal filed complaints in Germany alleging infringement of certain of Centripetal’s German patents, and in April 2022, Centripetal filed a complaint with the International Trade Commission (“ITC”) requesting that they investigate whether Keysight should be enjoined from importing certain products that are manufactured outside of the U.S. and alleged to infringe Centripetal patents. Although we deny the allegations and are aggressively defending each case, the outcome of existing proceedings, lawsuits and claims may differ from our expectations because the outcomes of litigation are often difficult to reliably predict. Various factors or developments can lead us to change current estimates of liabilities and related insurance receivables where applicable, or permit us to make such estimates for matters previously not susceptible to reasonable estimates, such as a significant judicial ruling or judgment, a significant settlement, significant regulatory developments or changes in applicable law. A future adverse ruling, settlement or unfavorable development could result in charges that could adversely affect our business, operating results or financial condition. 27 27 27 Table of Contents Table of Contents

Our factories, facilities and distribution system are vulnerable to catastrophic loss due to natural or man-made disasters. Volatile changes in weather conditions, including extreme heat or cold, could increase the risk of wildfires, floods, blizzards, hurricanes and other weather-related disasters, which can cause power outages and network disruptions that may impact operations and our ability to manufacture and ship products, which may negatively impact revenue. In addition, several of our facilities could be subject to a catastrophic loss caused by earthquake or other natural disasters due to their locations. For example, our production facilities, headquarters and laboratories in California and our production facilities in Japan are all located in areas with above-average seismic activity. If any of these facilities were to experience a catastrophic loss, it could disrupt our operations, delay production, shipments and revenue and result in large expenses to repair or replace the facility. Since we have consolidated our manufacturing facilities, we are more likely to experience an interruption to our operations in 22 22 22 Table of Contents Table of Contents the event of a catastrophe in any one location. Although we carry insurance for property damage and business interruption, we do not carry insurance or financial reserves for interruptions or potential losses arising from earthquakes or terrorism. Even where insured, there is a risk that an insurer may deny or limit coverage or may become financially incapable of covering claims. Also, our third-party insurance coverage will vary from time to time in both type and amount depending on availability, cost and our decisions with respect to risk retention. Economic conditions and uncertainties in global markets may adversely affect the cost and other terms upon which we are able to obtain third-party insurance. If our third-party insurance coverage is adversely affected, or to the extent we have elected to self-insure, we may be at a greater risk that our operations will be harmed by a catastrophic loss.

Our factories, facilities and distribution system are vulnerable to catastrophic loss due to natural or man-made disasters. Several of our facilities could be subject to a catastrophic loss caused by earthquake or other natural disasters due to their locations. For example, our production facilities, headquarters and laboratories in California and our production facilities in Japan are all located in areas with above-average seismic activity. If any of these facilities were to experience a catastrophic loss, it could disrupt our operations, delay production, shipments and revenue and result in large expenses to repair or replace the facility. In addition, since we have consolidated our manufacturing facilities, we are more likely to experience an interruption to our operations in the event of a catastrophe in any one location. Although we carry insurance for property damage and business interruption, we do not carry insurance or financial reserves for interruptions or potential losses arising from earthquakes or terrorism. Also, our third-party insurance coverage will vary from time to time in both type and amount depending on availability, cost and our decisions with respect to risk retention. Economic conditions and uncertainties in global markets may adversely affect the cost and other terms upon which we are able to obtain third-party insurance. If our third-party insurance coverage is adversely affected, or to the extent we have elected to self-insure, we may be at a greater risk that our operations will be harmed by a catastrophic loss.

Our future success depends partly on the continued service of our key research, engineering, sales, marketing, manufacturing, executive and administrative personnel, including personnel joining our company through acquisitions. The markets in which we operate are dynamic, and from time to time we may need to respond with reorganizations, reductions in workforce, salary freezes or reductions, or site closings. We believe our compensation packages are competitive within the regions in which we operate. If we fail to retain key personnel and are unable to hire highly qualified replacements, we may not be able to meet key objectives, such as launching effective product innovations, meeting financial goals and maintaining or expanding our business.

Our future success depends partly on the continued service of our key research, engineering, sales, marketing, manufacturing, executive and administrative personnel, including personnel joining our company through acquisitions. The markets in which we operate are dynamic, and we may need to respond with reorganizations, workforce reductions and site closures from time to time. We believe our pay levels are competitive within the regions in which we operate. However, global labor shortages, inflationary pressure on wages, and increased global attrition have intensified competition for talent in most fields across the geographic areas in which we operate, and it may become more difficult to retain key employees. If we fail to retain key personnel and are unable to hire highly qualified replacements, we may not be able to meet key objectives, such as launching effective product innovations and meeting financial goals, and maintain or expand our business.

Our effective tax rate may be adversely impacted by, among other things, changes in the mix of our earnings among countries with differing statutory tax rates, changes in the valuation allowance of deferred tax assets, and changes in tax laws. We cannot give any assurance as to what our effective tax rate will be in the future because, among other things, there is uncertainty regarding the tax policies of the jurisdictions where we operate. Changes in tax laws, such as tax reform in the United States or changes in tax laws resulting from the Organization for Economic Co-operation and Development’s (“OECD”) multi-jurisdictional plan of action to address “base erosion and profit shifting” and the taxation of the “Digital Economy,” could impact our effective tax rate. On June 14, 2019, the U.S. Department of the Treasury (“Treasury”) issued final regulations relating to Global Intangible Low Taxed Income (“GILTI”) under IRC § 951A (the “tax regulations”). The tax regulations contained language which disallowed GILTI tax deductions for intangible asset amortization resulting from the Singapore restructuring completed in 2018. During the third quarter of fiscal year 2024, the company concluded, in response to recent U.S. Supreme Court decisions on a number of relevant cases, the evolving global tax landscape and other changes in circumstances, that Treasury exceeded regulatory authority and the intangible asset amortization should be deductible. The company amended its U.S. federal income tax returns for the open tax years to claim the deduction and recognized the discrete benefit in the consolidated financial statements. The GILTI tax benefit for the fiscal year 2024 amortization is included in the annual effective tax rate, and the Singapore intangible assets will continue to be amortized for GILTI tax purposes until 2033. The company believes the position meets the more likely than not recognition threshold. The company intends to vigorously defend its position. The outcome cannot be predicted with certainty. If we are ultimately unsuccessful in defending our position, we may be required to reverse the benefit previously recorded, which may impact our financial statements and our profitability in the quarter in which such a reversal is required.

Our effective tax rate may be adversely impacted by, among other things, changes in the mix of our earnings among countries with differing statutory tax rates, changes in the valuation allowance of deferred tax assets, and changes in tax laws. We cannot give any assurance as to what our effective tax rate will be in the future because, among other things, there is uncertainty regarding the tax policies of the jurisdictions where we operate. Changes in tax laws, such as tax reform in the United States or changes in tax laws resulting from the Organization for Economic Co-operation and Development’s (“OECD”) multi-jurisdictional plan of action to address “base erosion and profit shifting” and the taxation of the “Digital Economy,” could impact our effective tax rate.